Changed in 51.0.0.0 Installing the App Host stand-alone software

Follow this procedure to install the App Host stand-alone software for the IBM Security QRadar® SOAR Platform.

This procedure applies only when you are installing the (.run) file.

Before you begin

Make sure that your system is up to date with all operating system security updates.

If you intend to install the App Host in an air gap environment, see Standalone software in an air gap environment before you continue with this procedure.

Procedure

  1. If not already installed, install the createrepo and container-selinux packages.
    1. To install the createrepo package, type this command: 
      sudo yum install -y createrepo
    2. To install the container-selinux package, choose from the following commands:
      • For Red Hat® Enterprise Linux® 7, type this command: 
        sudo subscription-manager repos --enable=rhel-7-server-extras-rpms && 
sudo yum install container-selinux
      • For Red Hat Enterprise Linux 8, type this command:
        sudo subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms &&
sudo yum install container-selinux
  2. Download the App Host stand-alone file (app host-<version>.run) from IBM® Support Fix Central.

    The .run file must be available on the system that is to host the App Host.

  3. If the software package that you acquired from IBM Security is downloaded to a different system, transfer it to the system that is to host the App Host.
  4. Run the following firewall rules: 
    sudo firewall-cmd --permanent --zone=trusted --add-interface=cni0 &&
sudo firewall-cmd --permanent --zone=trusted --add-interface=flannel.1 &&
sudo firewall-cmd --permanent --zone=trusted --add-port=443/tcp &&
sudo firewall-cmd --permanent --zone=trusted --add-port=6443/tcp &&
sudo firewall-cmd --permanent --zone=trusted --add-port=10250/tcp
    sudo firewall-cmd --permanent --zone=public --add-port=22/tcp
    sudo firewall-cmd --reload &&
systemctl restart firewalld
  5. Changed in 51.0.0.0 Enter the following command to install the App Host, where <x.x.x> is the version number. 
    sudo bash apphost-<x.x.x>.run

    The apphost-<x.x.x>.run file prompts you for the default Kubernetes k3s cluster settings. You can confirm by pressing the Y key to proceed, or change as described below.

    The default Kubernetes k3s cluster settings are:
    • Cluster CIDR is 10.42.0.0/16
    • Service CIDR is 10.43.0.0/16
    The command line options available are:
    • --cluster-cidr=<CIDR> to specify the cluster CIDR, such as 10.44.0.0/16
    • --service-cidr=<CIDR> to specify the service CIDR, such as 10.45.0.0/16
    • --yes to accept the default Kubernetes k3s cluster settings.

    To accept the default Kubernetes k3s cluster setting without requesting confirmation, enter the following with the two hyphens -- before the option:

    sudo apphost-<version>.run -- --yes

    To change the Kubernetes k3s cluster CIDR to 10.44.0.0/16, enter the following with the two hyphens -- before the option:

    sudo apphost-<version>.run -- --cluster-cidr=10.44.0.0/16

    To change the Kubernetes k3s cluster CIDR to 10.44.0/16 and the service CIDR to 10.45.0.0/16, enter the following with the two hyphens -- before the option:

    sudo apphost-<version>.run -- --cluster-cidr=10.44.0.0/16 --service-cidr=10.45.0.0/16

Results

The App Host image is successfully installed.

If you are installing the App Host in an air gap environment, you need to complete the procedure in Standalone software in an air gap environment; otherwise, the next step is to deploy App Host instances as described in Create an App Host pairing.