Deploying IBM Sterling Secure Proxy using an IBM Certified Container Software
The IBM Certified Container Software offers a Red Hat certified IBM Sterling Secure Proxy image and Helm chart and can be used to deploy a production-ready IBM Sterling Secure Proxy image into Red Hat OpenShift/ Kubernetes Service.
IBM Certified Containers are more than a simple Helm chart that accelerate time to value and improve enterprise readiness at a lower cost than containers alone.
The IBM Certified Container meets standard criteria for packaging and deployment of containerized software with platform integrations.
Prerequisites
- Installing a Kubernetes cluster and configuring
kubectl
client for the user. - Applying security configurations to your deployment. For minimum security configuration, see Creating Pod Security Policy for Kubernetes Cluster for Kubernetes and Creating security context constraints for OpenShift Cluster.
- Installing and Configuring helm client for the user
Overview
- Deploy
- Upgrade
- Configure
Key Concepts
- Charts
A Certified Container Software uses a packaging format called Charts. IBM Sterling Secure Proxy Chart is a collection of files that consists of a few YAML configuration files and templates rendered into Kubernetes manifest files. Charts are created as files laid out in a directory tree that you can package into versioned archives that the system deploys.
- ReleaseRelease is a running instance of a chart combined with a specific configuration. A Certified Container release uses:
- A command line tool, helm to provide a user interface
- Packaging format called Charts.
Key Components
A Certified Container Software software has two major components:- Helm Client: It manages charts and is a command line interface for end users. Use Helm client to:
- Develop charts
- Manage repositories
- Send charts to be used for deployment
- Ask for information about Releases
- Request upgrades or uninstallation of existing Releases
- A container image
Network
The Certified Container Software release is tested with Weave Net-type network for Kubernetes. For more information, refer to Kubernetes Networking