IBM Support

Installing IBM Business Automation Workflow containers V20.0.0.2 or V21.0.2 on Kubernetes

How To


Summary

Learn how to install IBM Business Automation Workflow containers V20.0.0.2 or V21.0.2 on Kubernetes.

Steps

Note: IBM Business Automation Workflow V21.0.2 follows V20.0.0.2.
 
Note: IBM Business Automation Insights is limited to OpenShift Container Platform (OCP) and does not support any other Cloud Native Computing Foundation (CNCF) platform.
Before You Begin
  1. Install the Kubernetes cluster by following the instructions in Kubernetes production environment.
  2. Install the Ingress controller of your choice. The controller used as an example in this document is the ingress-nginx controller. The only difference between the configuration of each Ingress controller is the script used to create the Ingress controller when deploying Business Automation Workflow.
  3. Install IBM License Service on Kubernetes:
  4. Install the storage class:
    1. Create the storage class in the Kubernetes cluster and select a provisioner. Each storage class has a provisioner that determines what volume plug-in is used for provisioning Kubernetes persistent volumes (PVs).
    2. Ensure that the PV generates automatically. Run the following command to get the storage class: 
        
      kubectl get storageclass
Preparing IBM Business Automation Workflow
  1. Prepare the provisioned Lightweight Directory Access Protocol (LDAP) server and ensure that it is accessible to the created Kubernetes cluster. For more information, see Preparing users and groups.
  2. Set up your database server, and create the database manually. When your database server is ready, prepare all the databases required for Business Automation Workflow. For more information, see Creating required databases
  3. Get access to the container images by following the steps in Getting access to container images. For a list of packages in IBM Passport Advantage, see Download IBM Business Automation Workflow V20.0.0.1 for a new installation. To find and download the images for an interim fix, go to Fix Central and search for "IBM Business Automation Workflow".
  4. Create the component specific secrets. To create the required secrets for Business Automation Workflow, see Creating secrets to protect sensitive configuration data and replace the oc command with kubectl.
  5. Create the shared operator persistent volume claim (PVC):
    1. Download and extract the .tar.gz file.
      • For V21.0.2:
        1. Go to IBM/cloud-pak and download the tar.gz file. Use the tar -xvzf command to extract the package.
        2. In the ibm-cs-bawautomation/inventory/cp4aOperatorSdk/files/deploy/crs folder, extract the content from the .tar file into the ~/cert-kubernetes directory.
      • For V20.0.0.2 and V20.0.0.2 iFix, download the 20.0.0.2.tar.gz file from ibmbpm/BAW-Ctnr and extract the file into the ~/cert-kubernetes directory.
    2. Go to the ~/cert-kubernetes/descriptors directory:
      cd ~/cert-kubernetes/descriptors
    3. Open the operator-shared-pvc.yaml file and set storageClassName as your-storage-class-name.
    4. Apply the operator by running the following command:
      kubectl apply -f operator-shared-pvc.yaml
Deploy Business Automation Workflow
  1. Deploy the IBM Cloud Pak for Automation operator:
    1. If you are using an offline or private image registry, you must update the image address in the operator.yaml file from cp.icr.io to the docker repository that you used to push your images in step 3 of Preparing IBM Business Automation Workflow.
    2. The operator has a number of descriptors that must be applied.
      • descriptors/ibm_cp4a_crd.yaml contains the description of the custom resource definition.
      • descriptors/role.yaml defines the access of the operator.
      • descriptors/role_binding.yaml defines the access of the operator.
      • descriptors/cluster_role.yaml defines the access of the operator.
      • descriptors/cluster_role_binding.yaml defines the access of the operator.
      • descriptors/service_account.yaml defines the identity for processes that run inside the pods of the operator.
      • descriptors/operator.yaml defines the deployment of the operator code.

        Note: Update the API version of cluster_role.yaml and cluster_role_binding.yaml to rbac.authorization.k8s.io/v1.
    3. Complete step 4 in Preparing the operator and log file storage to add the JDBC drivers to the jdbc folder.
    4. When the operator pod is ready, copy the JDBC driver into the shared operator persistent volume claim (PVC) by using the following command:
      kubectl cp jdbc <operator_pod_name>:/opt/ansible/share
  2. Prepare the custom resource (CR) file:
    1. Download the CR template from ~/cert-kubernetes/descriptors/patterns/ibm_cp4a_cr_enterprise_FC_workflow.yaml.
    2. Input the required parameters according to your environment. For information about the parameters, see IBM Business Automation Workflow Server parameters.
  3. Modify the ibm_cp4a_cr_enterprise_FC_workflow.yaml file:
    1. Change the service_type value from Route to Ingress.
    2. Add the following field:
       shared_configuration.sc_deployment_platform: other.
    3. IBM Business Automation Insights is not supported. Comment out the kafka_configuration section, baml_configuration section, and bai_configuration section.
  4. Create the Ingress manually. The following ingress.yaml file is for the ingress-nginx Ingress controller. If you are using a different Ingress controller, you must modify the ingress.yaml file kubernetes.io/ingress.class: "nginx" line to the indicate the Ingress controller you are using:
    1. Download the appropriate ingress.yaml_.zip file attached in this document. If you have IBM Business Automation Workflow V20.0.0.2, download ingress-20.0.x.yaml_.zip. If you have IBM Business Automation Workflow V21.0.x, download ingress-21.0.x.yaml_.zip.
    2. In the ingress.yaml file, change all mentions of <url> to the value of spec.shared_configuration.sc_deployment_hostname_suffix, and all mentions of xxxxxx to the value of metadata.name. You can find the value of spec.shared_configuration.sc_deployment_hostname_suffix and metadata.name in the ibm_cp4a_cr_enterprise_FC_workflow.yaml file.
    3. Apply the ingress.yaml file:
      kubectl apply -f ingress.yaml
  5. If your environment has a restrictive pod security policy to restrict the creation of a pod with a privileged container, complete the following steps:
    1. Create a service account for es and download the psp.yaml_.zip file attached in this document. 
    2. Apply the psp.yaml file:
      kubectl apply -f psp.yaml
    3. Modify the ibm_cp4a_cr_enterprise_FC_workflow.yaml file to add service_account: ibm-pfs-es-service-account to the elasticsearch_configuration.service_account field.
  6. Deploy the CR file:
    1. If you are using an offline or private image registry, you must update the image address in the ibm_cp4a_cr_enterprise_FC_workflow.yaml file to the docker repository that you used to push your images in step 3 of Preparing IBM Business Automation Workflow.
    2. Complete the properties according to your environment in the ibm_cp4a_cr_enterprise_FC_workflow.yaml file.
    3. Apply the ibm_cp4a_cr_enterprise_FC_workflow.yaml file:
      kubectl apply -f ibm_cp4a_cr_enterprise_FC_workflow.yaml
Verify Business Automation Workflow
To verify Business Automation Workflow, see Verifying IBM Business Automation Workflow.

Document Location

Worldwide

[{"Type":"SW","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS8JB4","label":"IBM Business Automation Workflow"},"ARM Category":[{"code":"a8m0z0000001juvAAA","label":"Install and Deployment Environments-\u003EContainers"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"20.0.0;21.0.0"}]

Document Information

Modified date:
18 November 2021

UID

ibm16381418

Page Feedback