IBM Support

IBM Financial Crimes Insight for IBM Cloud Pak for Data (Platform) 6.5.1 Interim Fix | APAR PH30796 (October 30, 2020)

Fix Readme


Abstract

This readme file provides installation instructions for IBM Financial Crimes Insight for IBM Cloud Pak for Data (Platform) 6.5.1 for cloud and on premise deployment environments. It directs the reader to the download site and provides information about prerequisites, installation considerations, and any known issues for this release.

Content

Download this interim fix

  • PH30796 : IBM Financial Crimes Insight for IBM Cloud Pak for Data (Platform) 6.5.1 Interim Fix

System requirements

The official statements for hardware and software support are provided for  IBM Financial Crimes Insight for IBM Cloud Pak for Data V6.5.1. Ensure that you review new requirements for supported software, including required base product fix packs.

Review the product license to ensure that you have the necessary authorizations to support a particular topology and that you understand the usage restrictions for all software components that are included with the product.

Prerequisites

IBM Financial Crimes Insight for IBM Cloud Pak for Data (Platform) V6.5.1

Supersedes

None

Known issues

Known problems, restrictions, and solutions are documented in the form of individual technotes. As problems are discovered and resolved, the IBM Financial Crimes Insight team updates the knowledge base. By searching the knowledge base, you can quickly find workarounds or solutions to problems. To view known issues and related support information, see the  IBM Financial Crimes Insight Support Portal.

Upgrading the platform from IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1

Prerequisites

To upgrade the platform from IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1, you must meet the following requirements:

  • Cloud Pak for Data 3.0.1 with IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1 Installed on an Red Hat OpenShift cluster
  • An installation server set up as described in the IBM Docs topic Setting up an installation server.

You can reuse the installation server you used for installing IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1. Ensure that the repo.yaml file is updated as described in the setup.

Upgrading in a cluster with internet connectivity

  1. Change to the directory where your repo.yaml file resides.
  2. If you have cpd-linux-workspace from your previous install in that directory, rename it as shown in the following command: 
    mv cpd-linux-workspace cpd-linux-workspace-bk
  3. Apply the administrative changes to the cluster using the following command where <project> is the same Red Hat OpenShift project name you used when installing the first time. 
    ./cpd-linux adm --upgrade -a fci -r repo.yaml -n <project> --apply --verbose --monochrome -v 6.5.5
  4. When it finishes successfully output similar to the following should be returned: 
    [INFO] [2020-03-16 20:13:20-0359] Finished executing requests

*** Executing add Cluster Role to SA requests ***

[INFO] [2020-03-16 20:13:20-0361] Finished executing requests

[INFO] [2020-03-16 20:13:20-0361] Admin setup executed successfully
  5. Update the assembly_upgrade.yaml file by following the instructions in the IBM Docs topic Configuring the assembly_install.yaml file.

    Important: The instructions in the link show how to update assembly_install.yaml, but because this is an upgrade, you have to update assembly_upgrade.yaml. The upgrade will fail if you do not update the assembly_upgrade.yaml. The assembly_upgrade.yaml is in the ~/fci/cpd-linux-workspace/assembly/fci/x86_64/6.5.5/ directory.

    Most of the information you update might already be available in the assembly_install.yaml you had updated while installing FCI the first time, so you can just copy the values from the directory you backed up.

  6. Update the following value in the assembly_upgrade.yaml to reuse the old passwords. 
    generateInternalPasswords: false
  7. Run the following commands to add passwords for new Mongo users: 
    oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-outcome-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-workflow-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
  8. Run the following upgrade command: 
    ./cpd-linux upgrade -a fci -r repo.yaml -n <project> -c <storage-class> --verbose --monochrome -v 6.5.5
    where <project> is the same Red Hat OpenShift project name that was previously used in the ./cpd-linux adm command, and <storage-class> is the Red Hat OpenShift storage class you used while installing FCI initially.

Upgrading in an air-gapped cluster

You can use Red Hat OpenShift 3.11, 4.3, or 4.5 for your Red Hat OpenShift cluster. However, IBM strongly recommends that you use Red Hat OpenShift 4.5.

  1. Download the FCI assembly and images to the server with internet connectivity.

    You can reuse the installation server you used for installing IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1.

    If you are using the same server you used for installing FCI initially, back up the offline directory and run the following commands:

    mv ./offline ./offline-bk
./cpd-linux preloadImages --action=download -a fci -r repo.yaml --download-path=./offline --monochrome -v 6.5.5
./cpd-linux adm -a fci -r repo.yaml --download-path=./offline --monochrome -v 6.5.5

    These commands will download the required files into the offline directory. Copy this directory, the repo.yaml file, and the cpd-linux executable to the air-gapped installation server.

    Important: Ensure that you back up the offline directory in the air-gapped installation server before proceeding to next steps.

  2. If you are using Red Hat OpenShift 4.3 or Red Hat OpenShift 4.5, run the following commands:
    1. Export the project you used when installing FCI. 
      export PROJECT=fci
    2. Export the version. 
      export VERSION=6.5.5

      Note that the release is 6.5.1 but the image tag is 6.5.5

    3. Run the following commands on the Red Hat OpenShift cluster: 
      oc login
oc project openshift-image-registry
    4. If you are performing the installation from one of the nodes of the Red Hat OpenShift cluster, such as the control plane, run the following command: 
      export EXT_REG="image-registry.openshift-image-registry.svc:5000"
    5. If you are performing the installation from a node outside of the Red Hat OpenShift cluster, such as a standalone installation server, run the following commands: 
      oc patch configs.imageregistry.operator.openshift.io/cluster --type merge -p '{"spec":{"defaultRoute":true}}'
export EXT_REG="$(oc get route -n openshift-image-registry '-o=jsonpath={.items[*].spec.host}')"
    6. Run the following commands: 
      ./cpd-linux preloadImages --action=push -a fci --load-from=./offline --insecure-skip-tls-verify --transfer-image-to=$EXT_REG/$PROJECT --target-registry-username=$(oc whoami) --target-registry-password=$(oc whoami -t) -v $VERSION
./cpd-linux adm --upgrade --apply -a fci -n $PROJECT --load-from=./offline -v $VERSION
    7. Edit the offline/modules/fci/x86_64/6.5.5/assembly_upgrade.yaml file by following the instructions in the IBM Docs topic Configuring the assembly_install.yaml file.

      Important: The instructions in the link show how to update assembly_install.yaml, but because this is an upgrade, you have to update assembly_upgrade.yaml. The upgrade will fail if you do not update the assembly_upgrade.yaml.

      Most of the information you update might already be available in the assembly_install.yaml you had updated while installing FCI the first time, so you can just copy the values from the directory you backed up.

    8. Update the following value in the assembly_upgrade.yaml to reuse the old passwords. 
      generateInternalPasswords: false
    9. Run the following commands to add passwords for new Mongo users: 
      oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-outcome-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-workflow-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
    10. Run the following upgrade command: 
      ./cpd-linux upgrade -a fci -n $PROJECT --load-from=./offline --cluster-pull-prefix image-registry.openshift-image-registry.svc:5000/$PROJECT -c <storage-class> -v $VERSION

      where <storage-class> is the Red Hat OpenShift storage class you used while installing FCI initially.

  3. If you are using Red Hat OpenShift 3.11, run the following commands:
    1. Export the project you used when installing FCI. 
      export PROJECT=fci
    2. Export the image tag. 
      export VERSION=6.5.5

      Note that the release is 6.5.1 but the image tag is 6.5.5

    3. Run the following command on the Red Hat OpenShift cluster: 
      oc login
    4. If you are performing the installation from one of the nodes of the Red Hat OpenShift cluster, such as the control plane, run the following command: 
      export EXT_REG="docker-registry.default.svc:5000"
    5. If you are performing the installation from a node outside of the Red Hat OpenShift cluster,such as a standalone installation server, run the following command: 
      export EXT_REG="$(oc get route -n default '-o=jsonpath={.items[*].spec.host}')"
    6. Run the following commands: 
      ./cpd-linux preloadImages --action=push -a fci --load-from=./offline --insecure-skip-tls-verify --transfer-image-to=$EXT_REG/$PROJECT --target-registry-username=$(oc whoami) --target-registry-password=$(oc whoami -t) -v $VERSION
./cpd-linux adm --upgrade --apply -a fci -n $PROJECT --load-from=./offline -v $VERSION
    7. Edit the offline/modules/fci/x86_64/6.5.5/assembly_upgrade.yaml file by following the instructions in the IBM Docs topic Configuring the assembly_install.yaml file.

      Important: The instructions in the link show how to update assembly_install.yaml, but because this is an upgrade, you have to update assembly_upgrade.yaml. The upgrade will fail if you do not update the assembly_upgrade.yaml.

      Most of the information you update might already be available in the assembly_install.yaml you had updated while installing FCI the first time, so you can just copy the values from the directory you backed up.

    8. Update the following value in the assembly_upgrade.yaml to reuse the old passwords. 
      generateInternalPasswords: false
    9. Run the following commands to add passwords for new Mongo users: 
      oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-outcome-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
oc patch secret -n $PROJECT fci-mongo-secrets-env -p '{"data":{"mongodb-eraas-workflow-password":"'"$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 | base64)"'"}}'
    10. Run the following upgrade command: 
      ./cpd-linux upgrade -a fci -n $PROJECT --load-from=./offline --cluster-pull-prefix docker-registry.default.svc:5000/$PROJECT -c <storage-class> -v $VERSION

      where <storage-class> is the name of the storage class you used while installing FCI initially.

Troubleshooting

If the MQ pod fails to start after you upgrade, follow the instructions here to resolve this issue.

Upgrading the data platform from IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1

Prerequisites

To upgrade the data platform from IBM Financial Crimes Insight for IBM Cloud Pak for Data 6.5.1, you must meet the following requirements:

Upgrading the data platform

  1. Log in to a root shell on the Ambari server host. You can use sudo -i.
  2. Change directories. 
    cd /opt/ibm/fci/install/media
  3. Download and extract packages CC8S4EN.tar and CC8S6EN.tar.
    • CC8S4EN.tar contains self-extracting installer package fci-data-platform.bin.
    • CC8S6EN.tar contains the updated Python 3.5.6 stack.
  4. Execute the self-extracting installer package. 
    sh
chmod u+x fci-data-platform.bin
./fci-data-platform.bin
  5. Log in to Red Hat OpenShift. 
    oc login

    This is required for the installer to get the new fci-odm route value.

  6. Execute the upgrade. 
    ../fci-hdp3.upgrade.sh --password <Ambari admin password>

    The upgrade script will issue Ambari requests to port 8081 using user name admin by default. You can pass arguments --port and --user to override the default values.

List of changes

Review the updated product license to ensure that you have the necessary authorizations to support a particular topology and that you understand the usage restrictions for all software components that are included with the product.

This release of IBM Financial Crimes Insight for IBM Cloud Pak for Data (Platform) includes the following changes:

  • Updated Global Name Management component to iFix 10
  • Improvements to Watchlist matching
  • Updates for Graph Processing
  • Investigative UI Improvements:
    • Improved search results
    • Added note type in attachment view
    • Added ability to see more or less text
    • Added Policy number to header
    • Renamed Notification column to Override
    • Updated filters to be drop down vs type in (Line of Business, Referral Source, Override)
    • Added Assignee to in basket view
    • Added note type in attachment view
  • Configurability enhancements:
    • Ability to specify field validation rule
    • Ability to specify mandatory fields
    • Ability to define field validation for business objects

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSCKRH","label":"IBM Financial Crimes Insight Cartridge for IBM Cloud Pak for Data"},"ARM Category":[{"code":"a8m0z000000boAAAAY","label":"APAR"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"6.5.1","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
03 January 2022

UID

ibm16351591

Page Feedback