Fix Readme
Abstract
The following document is the documentation for IBM Cloud Pak for Business Automation 21.0.2 IF001.
Including download and installation information and the list of APARs that are resolved in this interim fix.
Content
| Readme file for: | IBM Cloud Pak® Automation |
|---|---|
| Product Release: | 21.0.2 |
| Update Name: | 21.0.2 IF001 |
| Fix ID: | 21.0.2-WS-CP4BA-IF001 |
| Publication Date: | 21 Oct 2021 |
| Last modified date: | 16 Jul 2021 |
Contents
Download location
Prerequisites
Components impacted
Prior to installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Prerequisites
Components impacted
Prior to installation
Installing
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history
Prerequisites
- Upgrading the dependencies. If upgrading from an earlier version 20.0.3.x to 21.0.2-IF001, follow the steps described here in Knowledge Center to upgrade the dependencies: https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=containers-upgrading-dependencies
Components impacted
- Automation Decision Services
- Automation Document Processing
- Business Automation Insights
- Business Automation Navigator
- Business Automation Workflow
- User Management Service
Prior to installation
If you installed any of the Cloud Pak components on a Kubernetes cluster, you can update them with the 21.0.2 IF001 by using the updated operator and the relevant container interim fixes. Details like the image: tag of the interim fix image can be found in the pattern templates of the Container Application Software for Enterprises (CASE) package.
To deploy this interim fix as an update to a 21.0.2 deployment, follow the instructions in the Installing section. If you want to use the interim fix as a part of a new deployment or you want to upgrade a release before 21.0.2, refer to IBM Knowledge Center. For more information, see IBM Cloud Pak for Business Automation 21.0.x.
Installing
Step 1: Get access to the interim fix container images
You can access the container images in the IBM image registry with your IBMid.
You can access the container images in the IBM image registry with your IBMid.
Create a pull secret for the IBM Cloud Entitled Registry
- Log in to MyIBM Container Software Library with the IBMid and password that is associated with the entitled software.
- In the Container software library tile, click "View library" and then click "Copy key" to copy the entitlement key to the clipboard.
- Log in to your Kubernetes cluster and set the context to the project/namespace for your existing deployment.
- Create a pull secret by running a kubectl create secret command.
$ kubectl create secret docker-registry admin.registrykey --docker-server=cp.icr.io --docker-username=cp --docker-password="<API_KEY_GENERATED>" --docker-email=<USER_EMAIL>
Note: The "cp.icr.io" value for the docker-server parameter is the only registry domain name that contains the images. Use "cp" for the docker-username. The docker-email must be a valid email address (associated to your IBM ID). Make sure you are copying the Entitlement Key in the docker-password field within double quotation marks. - Take a note of the secret and the server values so that you can set them to the "pullSecrets" and "repository" parameters when you update the operator for your containers.
Step 2: Update the installed operator
- Log in to your Kubernetes cluster and set the context to the project for your existing deployment.
$ oc login https://<CLUSTERIP>:<port> -u <ADMINISTRATOR>
$ oc project <project_name> - Optional: If you have static storage on OCP, provide group write permission to the persistent volume (PV) of the operator according to the PV hostPath.path definition (/root/operator).
$ chmod -R g=u /root/operator
$ chmod g+rw /root/operator
Note: If you are using dynamic provisioning, this step is not needed as the PV is created automatically as per the Storage Class definition.
Remove the .OPERATOR_TYPE file in case it exists from a previous deployment.
$ rm -f /<hostPath>/.OPERATOR_TYPE
where hostPath is the value in your PV (root/operator). -
Starting from 21.0.1-IF001, you can no longer get the cert-kubernetes files from GitHub. To download the files, go to the Container Application Software for Enterprises (CASE) package URL, extract the package, and then extract the contents from the .tar file in the ibm-cp-automation/inventory/cp4aOperatorSDK/files/deploy/crs folder. Use the tar -xvzf command to extract the archives.
$ cd cert-kubernetesUpgrade the operator in your project by running the following command.$ ./scripts/upgradeOperator.sh -i <registry_url>/icp4a-operator:21.0.2-IF001 -p '<my_secret_name>' -a acceptWhere registry_url is the value for your internal registry or cp.icr.io/cp/cp4a for the IBM Cloud Entitled Registry. The my_secret_name is the secret that is created to access the registry, and accept means that you accept the license.Note: If you installed the operator via Operator Lifecycle Manager then the command should take the following form:
$ ./scripts/upgradeOperator.sh -n <project_name> -a acceptNote: If you plan to use a non-admin user to install the operator, you must add the user to the "ibm-cp4a-operator" role.$ oc adm policy add-role-to-user ibm-cp4a-operator <user_name> -
Monitor the pod until it shows a STATUS of Running:
$ oc get pods -w
Note: When started, you can monitor the operator logs with the following command:
$ oc logs -f deployment/ibm-cp4a-operator -c operator
Step 3: Update the custom resource YAML file for your deployment
Get the custom resource YAML file that you previously deployed (for example, scripts/generated-cr/ibm_cp4a_cr_final.yaml) and update the appVersion to "21.0.1.1". The operator will pull the corresponding 21.0.1.1 container images based on the value of appVersion.
Note: If you are using a new CR from the "cert-kubernetes" GitHub repository that you download from the prerequisites step above, then the appVersion is already set to "21.0.1.1".
Tip: If you use image tags in your CR in your current deployment, then the correct values of the tags can be found in the fully customizable (FC) CR pattern templates provided with the interim fix under ../cert-kubernetes/descriptors/patterns (for example, ibm_cp4a_cr_enterprise_FC_content.yaml has the corresponding image tags for the iFix along with all the parameters that can be customized for the deployment). Verify that the secret named in the CR YAML file as the imagePullSecrets is valid. Note that the secret might be expired, in which case you must re-create the secret.
Step 4: Update the custom resource YAML file for your deployment
If Business Automation Insights 21.0.1 is deployed, and only in this case, prune the Business Automation Insights deployment and jobs before you apply the updated custom resource YAML file.
$ oc delete Deployment,Job -l 'app.kubernetes.io/name=ibm-business-automation-insights'Tip: For Flink event processing to resume from its previous state, make sure that savepoints are created before the upgrade and specified in the updated CR. For more information see, https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=tolerance-restarting-from-checkpoint-savepoint#task_bht_l5r_52b
Step 5: Apply the updated custom resource YAML file
- Check that all the components that you want to upgrade are configured with interim fix image tag values.
$ cat scripts/generated-cr/ibm_cp4a_cr_final.yaml -
Update the configured components by applying the custom resource.$ kubectl apply -f scripts/generated-cr/ibm_cp4a_cr_final.yaml
Step 6: Verify the updated automation containers
The operator reconciliation loop might take several minutes. When all of the pods are Running, you can access the status of your containers by running the following commands:
$ oc status
$ oc get pods -w
$ oc logs <operatorPodName> -f -c operator
$ oc get pods -w
$ oc logs <operatorPodName> -f -c operator
Performing the necessary tasks after installation
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
Uninstalling
For more information, see IBM Cloud Pak for Business Automation 21.0.x.
List of Fixes
APARs are listed in tables, columns are defined as follow:
| Column title | Column description |
| APAR | The defect number |
| Title | A short description of the defect |
| Sec. | A mark indicates a defect related to security |
| Cont. | A mark indicates a defect specific to the cloud pak integration of the component |
| B.I. | A mark indicates the fix has a business impact. Details is found in the title column or the APAR document |
- Automation Decision Services
- Automation Document Processing
- Business Automation Insights
- Business Automation Navigator
- Business Automation Workflow
- User Management Service
Automation Decision Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63916 | Cannot migrate projects using Machine learning providers from 20.0.3 & 21.0.1 to 21.0.2 | X | ||
| JR63917 | Cannot execute projects that have multiple predictive model using the same machine learning provider | X | ||
| JR63918 | BAS does not show the Branches tab for ADS, which is used to manage branches in decision services | X | X |
Automation Document Processing
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63923 | KEY ALIASES MAY GET MISSED DURING KVP EXTRACTION | X | X | |
| JR63924 | DEEP LEARNING TRUNCATES KEYS AND VALUES | X | X |
Business Automation Insights
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63912 | BPC-BAN integration is broken when configuring BAI BPC with a navigator base url that contains multiple URLs | X | X | |
| JR63913 | New "BPC Admins" team has no owner by default |
Business Automation Navigator
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63912 |
BPC-BAN integration is broken when configuring BAI BPC with a navigator base url that contains multiple URLs
|
x
|
x |
Business Automation Workflow including Automation Workstream Services
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63865 | SECURITY APAR - CVE-2021-23017 - SECURITY ISSUE IN NGINX RESOLVER | X | X | |
| JR63841 | PROCESS FEDERATION SERVER FAILS TO CONNECT TO A POSTGRESQL DATABASE REFERENCED BY JDBC_URL IN CLOUD PAK FOR BUSINESS AUTOMATION CR | X | ||
| JR63859 | YOU DON'T SEE ANY MENU OPTIONS FOR NAVIGATION WHEN YOU CLICK THE HAMBURGER NAVIGATION ICON IN CASE BUILDER | X | ||
| JR63884 | THE CONTENT MANAGEMENT TOOLKIT DOCUMENT UPLOAD FUNCTION DOES NOT WORK DURING COACH AUTHORING AND TEST | X | ||
| JR65041 | OPENING A CASE SOLUTION OR TEMPLATE FROM BUSINESS AUTOMATION STUDIO FAILS FOR THE FIRST TIME |
User Management Service
| APAR | Title | Sec. | Cont. | B.I. |
|---|---|---|---|---|
| JR63701 | DOC - USER MANAGEMENT SERVICE ADMIN USER SETTINGS MISSING FROM UMS CR TEMPLATE AND INSTALL INSTRUCTION |
Known Limitations
For additional information, see the support page Cloud Pak for Business Automation Known Limitations
Document change history
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS2JQC","label":"IBM Cloud Pak for Automation"},"ARM Category":[{"code":"a8m0z0000001gWWAAY","label":"CloudPak4Automation Platform"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"21.0.1"}]
Was this topic helpful?
Document Information
Modified date:
30 June 2022
UID
ibm16468575