Setting up the cluster by running a script

Edit online

To install the Cloud Pak capabilities with the Cloud Pak operators, a cluster administrator user can run a script to set up the cluster. They can also run the script in silent mode if set of environment variables are created before the script is run. The administrator must also provide information that they get from the script to a non-administrator user so they can run the deployment script.

Before you begin

Make sure that you prepared your cluster with the necessary infrastructure and software. For more information, see Option 1: Preparing your cluster for an online deployment.

About this task

The cluster setup script is one of four core scripts (cluster setup, prerequisites, deployment, and post-install) that are provided to help you install the Cloud Pak capabilities. You must be a cluster administrator to run the setup script. For more information, see Targeted role-based user archetypes.

The cluster setup script identifies or creates a namespace and applies the custom resource definitions (CRD). It then adds the specified user to the ibm-cp4a-operator role, binds the role to the service account, and applies a security context constraint (SCC) for the Cloud Pak.

The script also prompts the administrator to take note of the cluster hostname and a dynamic storage class on the cluster. These names must be provided to the user who runs the deployment script.

Note: You can run the scripts on an amd64/x86 machine that connects to a Linux on Z or a Linux on Power based cluster where the client is running Red Hat (RHEL), or a client to a Linux-based machine or virtual machine that can run Podman. The setup script does not set any parameters in the custom resource (CR). The cluster administrator might be running the script on a different host than the user who later runs the deployment script.

A new installation of Cloud Pak for Business Automation always includes a namespace-scoped instance of foundational services when you use the scripts.

Use the following steps to complete the setup.

Procedure

  1. Download the appropriate repository to a Linux® based machine (RHEL) or a client to a linux-based machine or VM that runs podman natively.

    For more information about downloading cert-kubernetes, see Option 1: Preparing your cluster for an online deployment.

  2. Optional: If you want to run the script in silent mode, create the environment variables that are needed for your installation. For more information, see Environment variables for installation in silent mode.
  3. Log in to the target cluster as the <cluster-admin> user.

    Using the OpenShift CLI:

    oc login https://<cluster-ip>:<port> -u <cluster-admin> -p <password>

    On ROKS, if you are not already logged in:

    oc login --token=<token> --server=https://<cluster-ip>:<port>
  4. A script must be run to install IBM License Service and IBM Certificate Manager.
    1. For 23.0.1 GA Clone the ibm-common-service-operator scripts from Git to a client of your target cluster.
      git clone -b scripts https://github.com/IBM/ibm-common-service-operator.git

      Go to the ibm-common-service-operator/cp3pt0-deployment directory.

      From 23.0.1-IF001 Go to your downloaded cert-kubernetes folder.

      cd cert-kubernetes/scripts/cpfs/installer_scripts/cp3pt0-deployment
    2. Log in to the target cluster from a client.
      oc login https://<CLUSTERIP>:<port> -u <ADMINISTRATOR>
    3. Run the following command:
      ./setup_singleton.sh --enable-licensing --license-accept
  5. Change directory to the extracted cert-kubernetes/scripts folder. 
    cd ${PATH_TO_EXTRACTED_FILES}/cert-kubernetes/scripts
  6. Run the cluster setup script and follow the prompts in the command window. 
    ./cp4a-clusteradmin-setup.sh
    1. Select the platform type: ROKS (1) or OCP (2).
    2. Select the deployment type production.
    3. Select Yes if you want to install the CP4BA operator in 'All Namespaces'. The default is No.
    4. Enter the name for a new project or an existing project (cp4ba-project) for the target deployment namespace. For more information, see Preparing a namespace for the Cloud Pak operator.

      If an existing CP4BA operator is found in another project on your cluster, confirm that you want to deploy another CP4BA operator in the new project by entering Yes. You must install a CP4BA operator in each namespace where you want to install a CP4BA instance.

    5. Enter Yes or No to confirm whether you want to use the images in the IBM Entitlement Registry.
    6. If you replied Yes, enter your IBM Entitled Registry key and login credentials (user and password).

      If you want to load the container images to a local registry, then set up the cluster by mirroring the images instead of running the cp4a-clusteradmin-setup.sh script. For more information, see Setting up the cluster and use a local image registry.

      Tip: If you ran the cp4a-clusteradmin-setup.sh script and you see one or more of the following messages, then make sure that you start Docker or Podman and run the script again.
      Error saving credentials: error storing credentials
Error: unable to connect
The Entitlement Registry key failed

    The following message is displayed:

    [INFO] Checking the IBM Cert-manager Operator ready or not
...
[INFO] Applying the latest IBM CP4BA Operator catalog source...
[✔] IBM CP4BA Operator catalog source Updated!
  7. Monitor the operator pods until they show a STATUS of "Running". 
    oc get pod -w
    Tip: If ibm-cp4a-operator is inactive for some time, you can delete the operator pod and let it reconcile.

    To confirm that the operator is stuck, check to see whether the log is providing an output. 

    oc project <namespace of Cloud Pak for Business Automation operator>
NAMESPACE=$(oc project -q)
podname=$(oc get pod -n $NAMESPACE | grep ibm-cp4a-operator | awk '{print $1}')
oc logs $podname -f

    You can also list the ClusterServiceVersion (CSV) to verify the version of the running operators on your cluster.

    oc get csv -n $NAMESPACE
    Note: The version number (23.1.0) of the installed operators corresponds to the channel for Cloud Pak for Business Automation 23.0.1.

    If you set any subscriptions to manual, then you must approve any pending operator updates. It is not recommended to set subscriptions to manual because it can make the installation error prone when some of the dependency operators are not approved. By default, all subscriptions are set to automatic.

    Tip: Subscriptions for the IBM Cloud Pak foundational services operators are created when they are "needed". Some subscriptions are created during the installation of the operators. If other subscriptions are needed, they are created during the installation of the CP4BA deployment. Business Teams Service, for example, is installed only "if it is needed". To check for subscriptions that are waiting for approval, get the install plans by running the following command.
    oc get installPlan

Results

When the script is finished, all of the available storage class names are displayed along with the infrastructure node name. Take a note of the following information and provide it to the Cloud Pak admin user as they are needed for the deployment script:

  1. Project name or namespace.
  2. Username to log in to the cluster.

What to do next

You can see the list of operators that are installed in your cluster on the Operators > Installed Operators page. For more information about foundational services, see IBM Cloud Pak foundational services.

To verify the foundational services installation, check whether all the pods in the target CP4BA deployment namespace are running. Use the following command:

oc get pods -n $NAMESPACE

Continue to prepare everything that you need for each capability that you want to install in Preparing your chosen capabilities.