To install the Cloud Pak capabilities with the Cloud Pak operators, a cluster
administrator user can run a script to set up the cluster. They can also run the script in silent mode if set of environment variables are created before the
script is run. The administrator must also provide
information that they get from the script to a non-administrator user so they can run the deployment
script.
About this task
The cluster setup script is one of four core scripts (cluster setup, prerequisites, deployment,
and post-install) that are provided to help you install the Cloud Pak capabilities. You must be a
cluster administrator to run the setup script. For more information, see Targeted
role-based user archetypes.
The cluster setup script identifies or creates a namespace and applies the custom resource
definitions (CRD). It then adds the specified user to the ibm-cp4a-operator
role,
binds the role to the service account, and applies a security context constraint (SCC) for the Cloud
Pak.
The script also prompts the administrator to take note of the cluster hostname and a dynamic
storage class on the cluster. These names must be provided to the user who runs the deployment
script.
Note: You can run the scripts on an amd64/x86 machine that connects to a Linux on Z or a Linux on
Power based cluster where the client is running Red Hat (RHEL), or a client to a Linux-based machine
or virtual machine that can run Podman. The setup script does not set any parameters in the custom
resource (CR). The cluster administrator might be running the script on a different host than the
user who later runs the deployment script.
A new installation of Cloud Pak for Business Automation always includes a
namespace-scoped instance of foundational services when you use the scripts.
Use the following steps to complete the setup.
Procedure
-
Download the appropriate repository to a Linux® based
machine (RHEL) or a client to a linux-based machine or VM that runs podman natively.
- Optional: If you want to run the script in silent mode, create the
environment variables that are needed for your installation. For more information, see Environment variables
for installation in silent mode.
-
Log in to the target cluster as the
<cluster-admin>
user.
Using the OpenShift CLI:
oc login https://<cluster-ip>:<port> -u <cluster-admin> -p <password>
On ROKS, if you are not already logged in:
oc login --token=<token> --server=https://<cluster-ip>:<port>
- A script must be run to install IBM License Service and IBM Certificate Manager.
- For 23.0.1
GA Clone the
ibm-common-service-operator
scripts from Git to a client of your target
cluster.git clone -b scripts https://github.com/IBM/ibm-common-service-operator.git
Go
to the ibm-common-service-operator/cp3pt0-deployment directory.
From 23.0.1-IF001 Go to your downloaded
cert-kubernetes
folder.
cd cert-kubernetes/scripts/cpfs/installer_scripts/cp3pt0-deployment
- Log in to the target cluster from a
client.
oc login https://<CLUSTERIP>:<port> -u <ADMINISTRATOR>
- Run the following
command:
./setup_singleton.sh --enable-licensing --license-accept
- Change directory to the extracted cert-kubernetes/scripts
folder.
cd ${PATH_TO_EXTRACTED_FILES}/cert-kubernetes/scripts
-
Run the cluster setup script and follow the prompts in the command window.
./cp4a-clusteradmin-setup.sh
- Select the platform type: ROKS (1) or OCP (2).
- Select the deployment type production.
- Select
Yes
if you want to install the CP4BA operator in 'All Namespaces'. The
default is No
.
- Enter the name for a new project or an existing project (cp4ba-project) for
the target deployment namespace. For more information, see Preparing a namespace for the Cloud Pak operator.
If an existing CP4BA operator is found in another project on your cluster, confirm that you want
to deploy another CP4BA operator in the new project by entering Yes
. You must
install a CP4BA operator in each namespace where you want to install a CP4BA instance.
- Enter Yes or No to confirm whether you want to use
the images in the IBM Entitlement Registry.
- If you replied Yes, enter your IBM Entitled Registry key and login
credentials (user and password).
If you want to load the container images to a local registry,
then set up the cluster by mirroring the images instead of running the
cp4a-clusteradmin-setup.sh script. For more information, see Setting up the cluster and use a local image registry.
Tip: If you ran the
cp4a-clusteradmin-setup.sh script and you see one or more of the following
messages, then make sure that you start Docker or Podman and run the script
again.
Error saving credentials: error storing credentials
Error: unable to connect
The Entitlement Registry key failed
The following message is displayed:
[INFO] Checking the IBM Cert-manager Operator ready or not
...
[INFO] Applying the latest IBM CP4BA Operator catalog source...
[✔] IBM CP4BA Operator catalog source Updated!
-
Monitor the operator pods until they show a STATUS of "Running".
oc get pod -w
Tip: If
ibm-cp4a-operator is inactive for some time, you can delete
the operator pod and let it reconcile.
To confirm that the operator is stuck, check to see
whether the log is providing an output.
oc project <namespace of Cloud Pak for Business Automation operator>
NAMESPACE=$(oc project -q)
podname=$(oc get pod -n $NAMESPACE | grep ibm-cp4a-operator | awk '{print $1}')
oc logs $podname -f
You can also list the ClusterServiceVersion
(CSV) to verify the version of the
running operators on your cluster.
oc get csv -n $NAMESPACE
Note: The version number (23.1.0) of the installed operators corresponds to the channel for Cloud Pak for Business Automation
23.0.1.
If you set any subscriptions to manual
, then you must approve any pending
operator updates. It is not recommended to set subscriptions to manual
because it
can make the installation error prone when some of the dependency operators are not approved. By
default, all subscriptions are set to automatic
.
Tip: Subscriptions for the
IBM Cloud Pak foundational
services operators are
created when they are "needed". Some subscriptions are created during the installation of the
operators. If other subscriptions are needed, they are created during the installation of the CP4BA
deployment. Business Teams Service, for example, is installed only "if it is needed". To check for
subscriptions that are waiting for approval, get the install plans by running the following
command.
oc get installPlan
Results
When the script is finished, all of the available storage class names are displayed along with
the infrastructure node name. Take a note of the following information and provide it to the Cloud
Pak admin user as they are needed for the deployment script:
- Project name or namespace.
- Username to log in to the cluster.
What to do next
You can see the list of operators that are installed in your cluster on the page. For more information about foundational services, see IBM Cloud Pak foundational services.
To verify the foundational services installation, check whether all the pods in the target CP4BA
deployment namespace are running. Use the following command:
oc get pods -n $NAMESPACE
Continue to prepare everything that you need for each capability that you want to install in
Preparing your chosen capabilities.