IBM Sterling: Deploy do Sterling B2B no OpenShift

= Procedimento =

Alternando para o Projeto
1) O projeto já foi criado anteriormente, vamos alter para ele

oc project sterling-b2bi-app

Executando os scripts pre-instalação
1) Extrair o arquivo ibm-b2bi-prod-2.0.0.tgz, que vinha com o arquivo STER_B2B_INT_CERT_CONT_V6.1_ML.tar

tar -xzvf ibm-b2bi-prod-2.0.0.tgz

2) Alternar o diretório e executar as permissões

cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration oc apply -f ibm-b2bi-scc.yaml --validate=false oc apply -f ibm-b2bi-cr-scc.yaml --validate=false oc apply -f ibm-b2bi-psp.yaml oc apply -f ibm-b2bi-cr.yaml cd ../../../../..

retornar para o diretório anterior

3) Alternar o diretório, gerar os novos arquivos e criar as permissões

cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/namespaceAdministration sed 's//'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb-scc.yaml > my-ibm-b2bi-rb-scc.yaml sed 's//'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb.yaml > my-ibm-b2bi-rb.yaml oc create -f my-ibm-b2bi-rb-scc.yaml oc create -f my-ibm-b2bi-rb.yaml cd ../../../../..

Configurando o Armazenamento
1) Localize as informações necessárias no default storage volume (volume de armazenamento padrão)

oc get pv -n openshift-image-registry NAME      CAPACITY ACCESS MOD  RECLAIM POLICY  STATUS  CLAIM                                              STORAGECLASS pvc-42... 20Gi    RWO           Delete          Bound   sterling-b2bi-mq/data-mqsterling-ibm-mq-0 pvc-99... 100Gi    RWX           Delete          Bound   openshift-image-registry/image-registry-storage  ibmc-file-gold pvc-ac3... 20Gi    RWO           Delete          Bound   sterling-b2bi-db2/db2vol-db2-0

2) Pegue os detalhes do pv

oc describe pv pvc-99... :Ref 5 ... failure-domain.beta.kubernetes.io/region=us-south failure-domain.beta.kubernetes.io/zone=dal10 ... Type:  NFS (an NFS mount that lasts the lifetime of a pod) Server: fsf-xxxxxxx-xx.adn.networklayer.com Path:  /IBMxxSEVxxxxxxx_xx/data01 ...

3) Crie o arquivo my-b2bi-pv.yaml e faça os ajustes

kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-resources-pv labels: intent: resources spec: storageClassName: "ibmc-file-gold" accessModes: - ReadOnlyMany capacity: storage: 500Mi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/resources/ --- kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-logs-pv labels: intent: logs spec: storageClassName: "ibmc-file-gold" accessModes: - ReadWriteMany capacity: storage: 1000Mi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/logs/ --- kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-documents-pv labels: intent: documents spec: storageClassName: "ibmc-file-gold" accessModes: - ReadWriteMany capacity: storage: 1Gi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/documents/

4) Realize a criação do PV/PVC

oc create -f my-b2bi-pv.yaml persistentvolume/sterling-b2bi-app-resources-pv created persistentvolume/sterling-b2bi-app-logs-pv created persistentvolume/sterling-b2bi-app-documents-pv created

Configurando a passphrase para B2Bi, DB secret e MQ secret
1) Crie o arquivo b2bi-secrets.yaml e faça os ajustes

apiVersion: v1 kind: Secret metadata: name: b2b-system-passphrase-secret type: Opaque stringData: SYSTEM_PASSPHRASE: password

--- apiVersion: v1 kind: Secret metadata: name: b2b-db-secret type: Opaque stringData: DB_USER: db2inst1 DB_PASSWORD: db2inst1
 * 1)  DB_TRUSTSTORE_PASSWORD: password
 * 2)  DB_KEYSTORE_PASSWORD: password

--- apiVersion: v1 kind: Secret metadata: name: b2b-jms-secret type: Opaque stringData: JMS_USERNAME: jms JMS_PASSWORD: password JMS_KEYSTORE_PASSWORD: password JMS_TRUSTSTORE_PASSWORD: password --- apiVersion: v1 kind: Secret metadata: name: b2b-liberty-secret type: Opaque stringData: LIBERTY_KEYSTORE_PASSWORD: password

2) Realize a criação do PV/PVC

oc create -f b2bi-secrets.yaml

Ajustando o arguivo override.yaml
Execute o seguinte comando:

cd ibm-b2bi-prod

1) Pegando a informação do pullSecret

oc describe sa default Name:               default Namespace:          sterling-b2bi-app Labels: Annotations: Image pull secrets: default-dockercfg-mrk6k ...

2) Crie o arquivo my-b2bi-override.yaml e faça os ajustes

global: image: repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi" tag: "6.1.0.0" pullPolicy: IfNotPresent # Get value --> "oc describe sa default" and check line pullSecret: "default-dockercfg-" appResourcesPVC: enabled: true name: sterling-b2bi-app-resources-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "resources" accessMode: ReadOnlyMany size: 500Mi

appLogsPVC: name: sterling-b2bi-app-logs-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "logs" accessMode: ReadWriteMany size: 1000Mi appDocumentsPVC: enabled: true name: sterling-b2bi-app-documents-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "documents" accessMode: ReadWriteMany size: 1Gi

security: supplementalGroups: [65534] fsGroup: 1010 runAsUser: 1010

dataSetup: # enabled=true only on setup, after enabled=false enabled: true upgrade: false

env: tz: "UTC" license: "accept" upgradeCompatibilityVerified: false logs: enableAppLogOnConsole: false setupCfg: #Upgrade #upgrade: false basePort: 50000 licenseAcceptEnableSfg: true licenseAcceptEnableEbics: false licenseAcceptEnableFinancialServices: false licenseAcceptEnableFileOperation: false

# Name of system passphrase secret if available systemPassphraseSecret: b2b-system-passphrase-secret enableFipsMode: false nistComplianceMode: "off"

# Database Attributes --> "oc get svc -n sterling-b2bi-db2" ->  #   dbVendor: db2 dbHost:  dbPort: 50000 dbData: B2BIDB dbDrivers: db2jcc4.jar dbSecret: b2b-db-secret # enabled=true only on setup, after enabled=false dbCreateSchema: true

# SMTP Attributes adminEmailAddress: siadmin@company.com smtpHost: mail.company.com #WMQ  --> "oc get svc -n sterling-b2bi-mq" #JMS properties are optional if jmsVendor is empty #To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ and provide other connection details jmsVendor: IBMMQ jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory jmsConnectionFactoryInstantiator: jmsQueueName: DEV.QUEUE.1 jmsHost:  jmsPort: 1414 jmsConnectionNameList: (1414) jmsEnableSsl: false jmsChannel: DEV.APP.SVRCONN jmsSecret: b2b-jms-secret

updateJcePolicyFile: false #jcePolicyFile: local_policy.jar SANDBOX_LAUNCH_CLA2_SERVER: true SANDBOX_WEBAPP_PROTOCOL: https SANDBOX_WEBAPP_LIST_PORT: 5001

asi: replicaCount: 1

frontendService: type: ClusterIP ports: http: name: http port: 35000 targetPort: http nodePort: 30000 protocol: TCP https: name: https port: 35001 targetPort: https nodePort: 30001 protocol: TCP soa: name: soa port: 35002 targetPort: soa nodePort: 30002 protocol: TCP soassl: name: soassl port: 35003 targetPort: soassl nodePort: 30003 protocol: TCP extraPorts: [] #-name: http-1 # port: 46000 # targetPort: http # nodePort: 30100 # protocol: TCP

backendService: #type: NodePort type: LoadBalancer ports: - name: adapter-1 port: 30201 targetPort: 30201 nodePort: 30201 protocol: TCP portRanges: - name: adapters portRange: 30301-30400 targetPortRange: 30301-30400 nodePortRange: 30301-30400 protocol: TCP ingress: internal: # Get this value on IBM Cloud > Console > OpenShift > Cluster >  > Ingress Domain host: asi. tls: enabled: true secretName: "" extraPaths: [] # - routePrefix: "hello" #   path: "/hello" #   servicePort: "my-http" #   enableHttps: false ac:

replicaCount: 1

frontendService: type: ClusterIP ports: http: name: http port: 35004 targetPort: http nodePort: 30004 protocol: TCP extraPorts: [] #-name: http-1 # port: 37000 # targetPort: http # nodePort: 30200 # protocol: TCP backendService: #type: NodePort type: LoadBalancer ports: - name: adapter-1 port: 30401 targetPort: 30401 nodePort: 30401 protocol: TCP portRanges: [] #- name: adapters # portRange: 30501-30600 # targetPortRange: 30501-30600 # nodePortRange: 30501-30600 # protocol: TCP

ingress: internal: # Get this value on IBM Cloud > Console > OpenShift > Cluster >  > Ingress Domain host: ac. tls: enabled: true secretName: "" extraPaths: [] # - routePrefix: "hello" #   path: "/hello" #   servicePort: "my-http" #   enableHttps: false

api:

replicaCount: 1

frontendService: type: ClusterIP ports: http: name: http port: 35005 targetPort: http nodePort: 30005 protocol: TCP https: name: https port: 35006 targetPort: https nodePort: 30006 protocol: TCP extraPorts: [] #-name: http-1 # port: 35000 # targetPort: http # nodePort: 30300 # protocol: TCP

ingress: internal: # Get this value on IBM Cloud > Console > OpenShift > Cluster >  > Ingress Domain host: api. tls: enabled: true secretName: ""

dashboard: enabled: true

purge: enabled: true image: repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge" tag: "6.1.0.0" pullPolicy: IfNotPresent # Get value --> oc describe sa default pullSecret: "default-dockercfg-" schedule: "*/30 * * * *" startingDeadlineSeconds: activeDeadlineSeconds: 3600 concurrencyPolicy: Forbid suspend: false successfulJobsHistoryLimit: 3 failedJobsHistoryLimit: 1

salve e feche o arquivo.

Executando o Deploy com o Helm
1) Execute o seguinte comando:

cd ibm-b2bi-prod helm install sterling-b2bi-app --namespace sterling-b2bi-app --timeout 120m0s -f ../my-b2bi-override.yaml.

Essa operação é bem demorada. Vá tomar um café!!! 2) Abra uma nova janela de terminal e execute o comando

oc get pods NAME                                   READY   STATUS    RESTARTS   AGE sterling-b2bi-app-b2bi-db-setup-fbf64  1/1     Running   0          12m

3) Execute o comando para acompanhar

oc logs -f sterling-b2bi-app-b2bi-db-setup-fbf64

O resultado final é Total B2biSetup time : 01:31:02 Total B2biInDockerTotal time: 01:33:05

4) Conferindo o resultado

oc get pods NAME                                   READY   STATUS    RESTARTS   AGE sterling-b2bi-app-b2bi-ac-server-0                 1/1     Running     0          3h6m sterling-b2bi-app-b2bi-api-server-0                1/1     Running     0          3h6m sterling-b2bi-app-b2bi-asi-server-0                1/1     Running     0          3h6m

oc get jobs NAME                             COMPLETIONS   DURATION   AGE sterling-b2bi-app-b2bi-db-setup  1/1           93m        3h31

Pós install
Após o deploy, devemos desabilitar o setup do database, caso seja necessário executar o helm install novamente

1) Edite o arquivo my-b2bi-override.yaml e altere os parâmetros para false:

... dataSetup: enabled: false ... setupCfg: ...  dbCreateSchema: false

Salve e feche o arquivo

Pegando a url para acesso
oc get routes NAME                                                     HOST/PORT                                       PATH sterling-b2bi-app-b2bi-api-internal-route                api.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ...   sterling-b2bi-app-b2bi-api-internal-route-b2bapi          api.ebasso-roks-demo-sb2bi8...appdomain.cloud   /B2BAPIs/svc       ...   sterling-b2bi-app-b2bi-api-internal-route-customization   api.ebasso-roks-demo-sb2bi8...appdomain.cloud   /propertyUI/app    ...   sterling-b2bi-app-b2bi-asi-internal-route                 asi.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ...   sterling-b2bi-app-b2bi-asi-internal-route-dashboard       asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /dashboard         ...   sterling-b2bi-app-b2bi-asi-internal-route-filegateway     asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /filegateway       ...   sterling-b2bi-app-b2bi-asi-internal-route-mailbox         asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /mailbox           ...   sterling-b2bi-app-b2bi-asi-internal-route-myfg            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /myfg              ...   sterling-b2bi-app-b2bi-asi-internal-route-myfilegateway   asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /myfilegateway     ...   sterling-b2bi-app-b2bi-asi-internal-route-queuewatch      asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /queueWatch        ...   sterling-b2bi-app-b2bi-asi-internal-route-soap            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap              ...   sterling-b2bi-app-b2bi-asi-internal-route-soap-new        asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-new          ...   sterling-b2bi-app-b2bi-asi-internal-route-soap-sync       asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-sync         ...   sterling-b2bi-app-b2bi-asi-internal-route-soap-sync-new   asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-sync-new     ...   sterling-b2bi-app-b2bi-asi-internal-route-wsdl            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /wsdl              ...

Acesse com um navegador

https://asi.ebasso-roks-demo-sb2bi8...appdomain.cloud/dashboard

Verificando em quais Nodes nossos Pods estão executando
Vamos pegar os nome dos Nodes primeiro

$ oc get nodes NAME          STATUS   ROLES           AGE     VERSION 10.xxx.xx.68  Ready    master,worker   6h29m   v1.19.0+d856161 10.xxx.xx.73  Ready    master,worker   6h24m   v1.19.0+d856161

Listando o Primeiro Node

oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.68 | grep sterling NAMESPACE              NAME                                                  READY   STATUS sterling-b2bi-app      sterling-b2bi-app-b2bi-ac-server-0                    1/1     Running sterling-b2bi-app      sterling-b2bi-app-b2bi-api-server-0                   1/1     Running

Listando o Segundo Node oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.73 | grep sterling NAMESPACE              NAME                                                  READY   STATUS sterling-b2bi-app      sterling-b2bi-app-b2bi-asi-server-0                    1/1     Running sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621981800-lfpll      0/1     Completed sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621985400-zvszc      0/1     Completed sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621989000-lfg8h      1/1     Running sterling-b2bi-db2      db2-0                                                  1/1     Running sterling-b2bi-mq       sterling-b2bi-mq-ibm-mq-0                              1/1     Running sterling-b2bi-toolkit  sterling-b2bi-toolkit-859c45f7c-mr6h8                  1/1     Running

= See Also =


 * IBM Sterling: Deploy do Sterling B2Bi no OpenShift na IBM Cloud


 * Artigos sobre IBM Sterling
 * Mais Artigos sobre Cloud / WebDev / Tecnologias