Deploying ICD Services and Deployment to Kubernetes Cluster
This topic describes how to deploy container images in the Kubernetes cluster.
Procedure
- Make sure you have access to the Product liberty docker images and Docker private repository.
- Run the following command on the Kubernetes cluster Master Node:
- Create the ICD namespace for the application, create a directory Namespace, and create a yaml file icd-namespace inside the directory.
- Namespace for all Kubernetes components is defined using Namespace Type. Below is the code for reference:
apiVersion: v1 kind: Namespace metadata: name: icd
- Run the below command to create the namespace.
kubectl apply -f Namespace/icd-namespace.yaml
- To create config map in the ICD namespace.
- Config maps are customizable, you can add or update any data.
- Create a directory Config and create config maps as mentioned below inside the directory.
- ICD Config map data:
- DB_PORT: "50005"
- run command to create namespace.
-
kubectl apply -f Config/icd-map.yaml
-
- Create secrets in the ICD namespace.
- Secrets are also customizable, you can use your own TLS certificate and key.
- ICD-TLS-Secret: This is the default certificate for SSL service for your
Ingress. If you want to change the TLS certificate and key, update the below field in the
icd-tls-secret.yaml
file:- tls.crt: //encoded certificate string
- DB-Secret: This contains the master password for your database.
- Update the master password the same as in your work station.
- Update the below field inside the db-secret.yaml file.
- password: //base64 encoded password
- To get the encoded string for your password, run
echo -n "your_password"|base64
- Run the following command:
kubectl apply -f Secrets/db-secret.yaml
kubectl apply -f Secrets/icd-tls-secret.yaml
- Create the services in the ICD namespace for the deployments. Services are required to
access the Kubernetes pods and provide static access to the pods. Two types of services offered by
Kubernetes are:
- ClusterIP: This is used to expose your applications within the cluster. All applications are exposed to clusters and can be accessed from outside via ingress controller.
- NodePort: This is used to expose your application to the outside world via the cluster-admin host. A single NodePort Service is there and is only for the database in case you need to access your database from outside directly.
For IBM® Control Desk workloads, services must be created to access the different workload pods. For example icd-uiservice. Create a directory Services and create a yaml file ui-service.yaml for icd-ui service. Refer below code for icd-ui service:kind: Service apiVersion: v1 metadata: labels: app: icd-ui name: icd-ui namespace: icd spec: type: ClusterIP ports: - name: "http-port" port: 9080 targetPort: 9080 - name: "https-port" port: 9443 targetPort: 9443 selector: app: icd-ui
This service exposes all pods connected through the selector icd-ui on ports 9443 and 9080 using ClusterIP.- Create the service by executing the command mentioned below:
kubectl apply -f Services/ui-service.yaml
- Similarly, create the services for other workloads:
- icd-cron
- icd-report
- icd-jms
- icd-sp
- icd-api
- icd-mea
- After services creation, deployments for all IBM
Control Desk components need to be created.
Deployments are used to create Kubernetes pods. Each pod can have one or more containers that run
application code. Each pod will have only one container in the case of IBM
Control Desk. Docker images created earlier will
be used by the Kubernetes Deployment files to create pods. Let us create the
icd-ui deployment in the ICD namespace. Below is the code snippet:
kind: Deployment apiVersion: apps/v1 metadata: labels: app: icd-ui name: icd-ui namespace: icd spec: replicas: 1 selector: matchLabels: app: icd-ui template: metadata: labels: app: icd-ui spec: hostname: icd-ui containers: - env: - name: DB_HOST value: <DB IP Address> - name: JMS_SERVER value: $(ICD_JMS_SERVICE_HOST) - name: JVM_ARGS value: -Dmxe.name=MAXIMO_UI image: icdlocalgsa.icdlab.com:5000/admin/icd/ui:7612 name: ui resources: limits: memory: 5Gi requests: memory: 2Gi ports: - containerPort: 9443 - containerPort: 9080 envFrom: - configMapRef: name: icd-map restartPolicy: Always
The deployment icd-ui created in namespace icd is connected to icd-ui service which is specified by spec.selector.- Mandatory Fields:
- image: <icdlocalgsa.icdlab.com:5000>/admin/icd/ui:<7612> //must be updated with your private repo icd-ui image path.
- Env: DB_HOST environment variable would be admin workstation IP Address as our database is hosted on admin workstation.
- Optional Fields:
- replicas: 1 //can be updated
- limits:
memory: 5Gi
// Max main memory allowed to use by the POD. - requests:
memory: 2Gi
// Initial request memory for the POD.
- Additional configuration: Refer Logging in IBM Control Desk Containers and Scaling IBM Control Desk Workloads Pods to configure the logging and Scaling respectively for the IBM Control Desk worker pods.
- Do the deployment by executing the command mentioned below:
kubectl apply -f ui-deployment.yaml
- Similarly, deployment for other workloads needs to be created with their respective
images:
- icd-cron
- icd-report
- icd-jms
- icd-sp
- icd-api
- icd-mea
- Mandatory Fields: