IBM Sterling: Deploy do Sterling B2B no OpenShift
Procedimento
Alternando para o Projeto
1) O projeto já foi criado anteriormente, vamos alter para ele
oc project sterling-b2bi-app
Executando os scripts pre-instalação
1) Extrair o arquivo ibm-b2bi-prod-2.0.0.tgz, que vinha com o arquivo STER_B2B_INT_CERT_CONT_V6.1_ML.tar
tar -xzvf ibm-b2bi-prod-2.0.0.tgz
2) Alternar o diretório e executar as permissões
cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration
oc apply -f ibm-b2bi-scc.yaml --validate=false oc apply -f ibm-b2bi-cr-scc.yaml --validate=false oc apply -f ibm-b2bi-psp.yaml oc apply -f ibm-b2bi-cr.yaml
retornar para o diretório anterior
3) Alternar o diretório, gerar os novos arquivos e criar as permissões
cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration
sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb-scc.yaml > $MY_SB2BI_PROJECT-ibm-b2bi-rb-scc.yaml
sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb.yaml > $MY_SB2BI_PROJECT-ibm-b2bi-rb.yaml
oc create -f $MY_SB2BI_PROJECT-ibm-b2bi-rb-scc.yaml
oc create -f $MY_SB2BI_PROJECT-ibm-b2bi-rb.yaml
Configurando o Armazenamento
1) Localize as informações necessárias no default storage volume (volume de armazenamento padrão)
oc get pv -n openshift-image-registry NAME CAPACITY ACCESS MOD RECLAIM POLICY STATUS CLAIM STORAGECLASS pvc-42... 20Gi RWO Delete Bound sterling-b2bi-mq/data-mqsterling-ibm-mq-0 pvc-99... 100Gi RWX Delete Bound openshift-image-registry/image-registry-storage ibmc-file-gold pvc-ac3... 20Gi RWO Delete Bound sterling-b2bi-db2/db2vol-db2-0
2) Pegue os detalhes do pv
oc describe pv pvc-99... :Ref 5 ... failure-domain.beta.kubernetes.io/region=us-south failure-domain.beta.kubernetes.io/zone=dal10 ... Type: NFS (an NFS mount that lasts the lifetime of a pod) Server: fsf-xxxxxxx-xx.adn.networklayer.com Path: /IBMxxSEVxxxxxxx_xx/data01 ...
3) Crie o arquivo b2bi-pv.yaml e faça os ajustes
kind: PersistentVolume
apiVersion: v1
metadata:
name: sterling-b2bi-app-resources-pv
labels:
intent: resources
spec:
storageClassName: "ibmc-file-gold"
accessModes:
- ReadOnlyMany
capacity:
storage: 500Mi
nfs:
server: fsf-xxxxxxx-xx.adn.networklayer.com
path: /IBMxxSEVxxxxxxx_xx/data01/resources/
---
kind: PersistentVolume
apiVersion: v1
metadata:
name: sterling-b2bi-app-logs-pv
labels:
intent: logs
spec:
storageClassName: "ibmc-file-gold"
accessModes:
- ReadWriteMany
capacity:
storage: 1000Mi
nfs:
server: fsf-xxxxxxx-xx.adn.networklayer.com
path: /IBMxxSEVxxxxxxx_xx/data01/logs/
---
kind: PersistentVolume
apiVersion: v1
metadata:
name: sterling-b2bi-app-documents-pv
labels:
intent: documents
spec:
storageClassName: "ibmc-file-gold"
accessModes:
- ReadWriteMany
capacity:
storage: 1Gi
nfs:
server: fsf-xxxxxxx-xx.adn.networklayer.com
path: /IBMxxSEVxxxxxxx_xx/data01/documents/
4) Realize a criação do PV/PVC
oc create -f b2bi-pv.yaml persistentvolume/sterling-b2bi-app-resources-pv created persistentvolume/sterling-b2bi-app-logs-pv created persistentvolume/sterling-b2bi-app-documents-pv created
Configurando a passphrase para B2Bi, DB secret e MQ secret
1) Crie o arquivo b2bi-secrets.yaml e faça os ajustes
apiVersion: v1 kind: Secret metadata: name: b2b-system-passphrase-secret type: Opaque stringData: SYSTEM_PASSPHRASE: password --- apiVersion: v1 kind: Secret metadata: name: b2b-db-secret type: Opaque stringData: DB_USER: db2inst1 DB_PASSWORD: db2inst1 # DB_TRUSTSTORE_PASSWORD: password # DB_KEYSTORE_PASSWORD: password --- apiVersion: v1 kind: Secret metadata: name: b2b-jms-secret type: Opaque stringData: JMS_USERNAME: jms JMS_PASSWORD: password JMS_KEYSTORE_PASSWORD: password JMS_TRUSTSTORE_PASSWORD: password --- apiVersion: v1 kind: Secret metadata: name: b2b-liberty-secret type: Opaque stringData: LIBERTY_KEYSTORE_PASSWORD: password
2) Realize a criação do PV/PVC
oc create -f b2bi-secrets.yaml
Ajustando o arguivo override.yaml
1) Pegando a informação do pullSecret
oc describe sa default Name: default Namespace: sterling-b2bi-app Labels: <none> Annotations: <none> Image pull secrets: default-dockercfg-mrk6k ...
2) Crie o arquivo override.yaml e faça os ajustes
global:
image:
repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi"
tag: "6.1.0.0"
pullPolicy: IfNotPresent
pullSecret: "default-dockercfg-mrk6k" # oc describe sa default ; at purge image also
appResourcesPVC:
name: sterling-b2bi-app-resources-pvc
storageClassName: "ibmc-file-gold"
selector:
label: "intent"
value: "resources"
accessMode: ReadOnlyMany
size: 500Mi
appLogsPVC:
name: sterling-b2bi-app-logs-pvc
storageClassName: "ibmc-file-gold"
selector:
label: "intent"
value: "logs"
accessMode: ReadWriteMany
size: 1000Mi
appDocumentsPVC:
enabled: true
name: sterling-b2bi-app-documents-pvc
storageClassName: "ibmc-file-gold"
selector:
label: "intent"
value: "documents"
accessMode: ReadWriteMany
size: 1Gi
security:
supplementalGroups: [65534]
fsGroup: 1010
runAsUser: 1010
dataSetup:
enabled: true
upgrade: false
env:
tz: "UTC"
license: "accept"
upgradeCompatibilityVerified: false
logs:
# true if user wish to redirect the application logs to console else false. If provided value is true , then application logs will reside inside containers. No volume mapping will be used.
enableAppLogOnConsole: false
#setup.cfg configuration starts here. Property names must follow camelCase format.
setupCfg:
#Upgrade
#upgrade: false
basePort: 5000
#License - specify values as true/false
licenseAcceptEnableSfg: true
# Name of system passphrase secret if available
systemPassphraseSecret: b2b-system-passphrase-secret
enableFipsMode: false
nistComplianceMode: "off"
# Provide the DB attributes --> "oc get svc -n sterling-b2bi-db2"
dbVendor: db2
dbHost: 169.46.72.83
dbPort: 50000
dbData: B2BIDB
dbDrivers: db2jcc4.jar
dbCreateSchema: true
# Name of DB secret
dbSecret: b2b-db-secret
#Provide the admin email address
adminEmailAddress: [email protected]
# Provide the SMTP host details
smtpHost: mail.company.com
#WMQ --> "oc get svc -n sterling-b2bi-mq"
#JMS properties are optional if jmsVendor is empty
#To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ
# and provide other connection details
jmsVendor: IBMMQ
# Provide the name of connection factory class.
jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory
jmsConnectionFactoryInstantiator:
jmsQueueName: DEV.QUEUE.1
jmsHost: 172.21.6.39
jmsPort: 1414
jmsConnectionNameList: 172.21.6.39(1414)
jmsEnableSsl: false
jmsChannel: DEV.APP.SVRCONN
jmsSecret: sterling-b2bi-mq-secret
SANDBOX_LAUNCH_CLA2_SERVER: true
SANDBOX_WEBAPP_PROTOCOL: https
SANDBOX_WEBAPP_LIST_PORT: 5001
asi:
replicaCount: 1
service:
type: LoadBalancer
ports:
http:
name: http
port: 35000
targetPort: http
nodePort: 30000
protocol: TCP
extraPorts:
TCP1:
name: asi-http-1
port: 6443
targetPort: 6443
protocol: TCP
TCP2:
name: asi-sftp-1
port: 6022
targetPort: 6022
protocol: TCP
ac:
replicaCount: 1
service:
type: LoadBalancer
ports:
http:
name: http
port: 35001
targetPort: http
nodePort: 30001
protocol: TCP
extraPorts:
TCP1:
name: ac-http-1
port: 5443
targetPort: 5443
protocol: TCP
TCP2:
name: ac-sftp-1
port: 5022
targetPort: 5022
protocol: TCP
api:
replicaCount: 1
service:
type: LoadBalancer
ports:
http:
name: http
port: 35002
targetPort: http
nodePort: 30002
protocol: TCP
https:
name: https
port: 35003
targetPort: https
nodePort: 30003
protocol: TCP
dashboard:
enabled: true
purge:
enabled: true
image:
repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge"
# Provide the tag value in double quotes
tag: "6.1.0.0"
pullPolicy: IfNotPresent
pullSecret: "default-dockercfg-mrk6k"
schedule: "*/30 * * * *"