Installing configuration containers

The IBM® Business Automation Configuration Container helm chart can be configured with a set of parameters to modify the default settings, name the release, and select the namespace.

Before you begin

Make sure that you complete the preparation steps that are listed in Preparing to install IBM Business Automation Configuration Container.

Before you install Business Automation Configuration Container, use the following checks to make sure that you have everything in place:

  1. Check the health of the IBM Cloud Private cluster by looking at the dashboard.
  2. Check that the IBM Digital Business Automation for Multicloud images are in the IBM Cloud Private registry. The ibacc-master container image is used to install Business Automation Configuration Container. The following container images are used by the configuration container to install the products and run initialization and verification jobs.
    • bai-ibacc-job
    • baw-cam
    • ibacc-icp
    • ibacc-initialize
    • ibacc-verify
    • odm-ibacc-job
    •  New in 18.0.1  ibacc-navigator
  3. Check that the ibm-dba-multicloud-prod tile (helm chart) is in the catalog.
  4. Log in to your IBM Cloud Private cluster from the command line.
    cloudctl login -a https://cluster_CA_domain:8443 --skip-ssl-validation

    Where cluster_CA_domain is the certificate authority (CA) domain name. If you did not specify a CA domain, the default value is mycluster.icp. The skip-ssl-validation parameter disables the SSL validation process. SSL validation is omitted in the example to do without a trusted certificate in development environments. The self-signed SSL certificate causes an error when using the cloudctl CLI.

    If you want to install into a specified namespace, you need to run the command with the -n parameter. The following example specifies the name of the namespace as my-icp-space.

    cloudctl login -a https://cluster_CA_domain:8443 --skip-ssl-validation \
-u admin -p admin -c id-mycluster-account -n my-icp-space
  5. Optional: Create an image pulling secret, if one does not exist.

    The following command provides an example:

    kubectl create secret docker-registry admin.registrykey --docker-server=mycluster.icp:8500 --docker-username=admin --docker-password=admin --docker-email=<user-email>

    If you deploy to a non-default namespace, follow the instructions here Creating imagePullSecrets for a specific namespace.

  6. Optional: If you want to use the container images in all namespaces or limit the images to a specific namespace, you can set an image scope. For more information, see Changing image scope.
  7. Optional: If the container images are in a different namespace to the target deployment, open the cluster image policy by running the kubectl edit command on the default policy file. Then, add the registries that can deploy in the namespace (my-icp-space) to the list of repositories, and save the .yaml file.
    kubectl edit ClusterImagePolicy ibmcloud-default-cluster-image-policy
    apiVersion: securityenforcement.admission.cloud.ibm.com/v1beta1
kind: ClusterImagePolicy
metadata:
  ...
spec:
  repositories:
  - name: mycluster.icp:8500/my-icp-space/*
  - name: quay.io/kubernetes_incubator/* 
  - name: mycluster.icp:8500/ibmcom/*

    The default policy includes certain repositories that you must leave in place so that your cluster is configured correctly. The policy allows all images from the specified container registries to be deployed into my-icp-space without enforcement.

    If you do not want to use the IBM Cloud Private catalog Helm tile in the Admin console, you can install Business Automation Configuration Container from the command line with the helm install command. In this case:
    1. Add the IBM Cloud Private local-charts repository to your Helm client, as follows.
      sudo helm repo add local-charts https://mycluster.icp:8443/helm-repo/charts --ca-file $HELM_HOME/ca.pem --cert-file $HELM_HOME/cert.pem --key-file $HELM_HOME/key.pem

      The repository local-charts contains the deployable Helm charts. It can now be used as the source from which to install Helm charts into the cluster.

    2. Use the helm install command to deploy the chart with release name my-dbamc-release, as follows.

       New in 18.0.2 

      helm install --name my-dbamc-release local-charts/ibm-dba-multicloud-prod --tls --version 2.1.0

       For 18.0.1 

      helm install --name my-dbamc-release local-charts/ibm-dba-multicloud-prod --tls --version 2.0.0

       For 18.0.0 

      helm install --name my-dbamc-release local-charts/ibm-dba-multicloud-prod --tls --version 1.0.0

About this task

Business Automation Configuration Container is used to configure and install a combination of IBM Digital Business Automation for Multicloud products and components on IBM Cloud Private. Any deployed product or individual container that you want to modify must be done by using the IBM Cloud Private user interface or command line interface (CLI). For example, to change the number of replicas of an automation container use the IBM Cloud Private user interface or the cloudctl CLI.

Procedure

  1. Open the IBM Cloud Private Admin console and enter the administrator user name and password (admin/admin by default). 
    https://<IP_address>:8443
    Where <IP_address> is the URL in the cfc-master: POST DEPLOY MESSAGE String. By default, the host name is mycluster.icp. The Welcome page opens and provides menus to manage your private cloud environment.
  2. Click Catalog on the menu bar, select the ibm-dba-multicloud-prod entry, and click Configure.

    The helm chart displays a page of documentation, which describes the purpose of the chart and lists the configuration parameters that can be used to modify the default settings.

  3. Enter a release name and accept the license agreement. An example release name is my-dba-prod-release.
  4. Optional: Modify the parameter values to change the defaults.

    For more information, see IBM Business Automation Configuration Container parameters.

    Warning: The chart claims a persistent volume (PV), so a PV must be available before you try to install it.

    If you plan to share a configured persistent volume for multiple Business Automation Configuration Container instances, use different deployment folders in the PVC to store the files for each deployment.

  5. Click Install. When the package is deployed, an installation complete message is displayed.

Results

When the installation is complete, click View Helm Release to see the details of the release. The release name shows a status of DEPLOYED. The release is an instance of the ibm-dba-multicloud-prod chart, which is now running in a Kubernetes cluster.

The helm list function shows a list of all the deployed releases. To uninstall a release, use the helm delete command. Helm can track releases even after they are deleted. You can audit the history of a cluster, and even undelete a release by using helm rollback.

What to do next

To view the new service.

  1. Click Menu > Workloads > Helm Releases, and then search for the name you entered for the release: my-dba-prod-release.
  2. Click Launch to open the service.
  3. Configure the IBM Digital Business Automation for Multicloud automation containers with the user interface or command line interface.
  4. Configure the shared services for the IBM Digital Business Automation for Multicloud products, such as an LDAP and a database.
Remember: Ensure that all your containers are secure. For more information, see Enforcing container image security.
Previous topic: Loading your purchased container images
Next topic: Installing automation containers from the user interface
Parent topic: Installing products on IBM Cloud Private
Related tasks:
Installing automation containers from the command line