IBM Sterling: Deploy do Sterling B2B no OpenShift
Procedimento
Alternando para o Projeto
1) O projeto já foi criado anteriormente, vamos alter para ele
oc project sterling-b2bi-app
Executando os scripts pre-instalação
1) Extrair o arquivo ibm-b2bi-prod-2.0.0.tgz, que vinha com o arquivo STER_B2B_INT_CERT_CONT_V6.1_ML.tar
tar -xzvf ibm-b2bi-prod-2.0.0.tgz
2) Alternar o diretório e executar as permissões
cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration
oc apply -f ibm-b2bi-scc.yaml --validate=false oc apply -f ibm-b2bi-cr-scc.yaml --validate=false oc apply -f ibm-b2bi-psp.yaml oc apply -f ibm-b2bi-cr.yaml
retornar para o diretório anterior
3) Alternar o diretório, gerar os novos arquivos e criar as permissões
cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb-scc.yaml > $MY_SB2BI_PROJECT-ibm-b2bi-rb-scc.yaml sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb.yaml > $MY_SB2BI_PROJECT-ibm-b2bi-rb.yaml oc create -f $MY_SB2BI_PROJECT-ibm-b2bi-rb-scc.yaml oc create -f $MY_SB2BI_PROJECT-ibm-b2bi-rb.yaml
Configurando o Armazenamento
1) Localize as informações necessárias no default storage volume (volume de armazenamento padrão)
oc get pv -n openshift-image-registry NAME CAPACITY ACCESS MOD RECLAIM POLICY STATUS CLAIM STORAGECLASS pvc-42... 20Gi RWO Delete Bound sterling-b2bi-mq/data-mqsterling-ibm-mq-0 pvc-99... 100Gi RWX Delete Bound openshift-image-registry/image-registry-storage ibmc-file-gold pvc-ac3... 20Gi RWO Delete Bound sterling-b2bi-db2/db2vol-db2-0
2) Pegue os detalhes do pv
oc describe pv pvc-99... :Ref 5 ... failure-domain.beta.kubernetes.io/region=us-south failure-domain.beta.kubernetes.io/zone=dal10 ... Type: NFS (an NFS mount that lasts the lifetime of a pod) Server: fsf-xxxxxxx-xx.adn.networklayer.com Path: /IBMxxSEVxxxxxxx_xx/data01 ...
3) Crie o arquivo b2bi-pv.yaml e faça os ajustes
kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-resources-pv labels: intent: resources spec: storageClassName: "ibmc-file-gold" accessModes: - ReadOnlyMany capacity: storage: 500Mi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/resources/ --- kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-logs-pv labels: intent: logs spec: storageClassName: "ibmc-file-gold" accessModes: - ReadWriteMany capacity: storage: 1000Mi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/logs/ --- kind: PersistentVolume apiVersion: v1 metadata: name: sterling-b2bi-app-documents-pv labels: intent: documents spec: storageClassName: "ibmc-file-gold" accessModes: - ReadWriteMany capacity: storage: 1Gi nfs: server: fsf-xxxxxxx-xx.adn.networklayer.com path: /IBMxxSEVxxxxxxx_xx/data01/documents/
4) Realize a criação do PV/PVC
oc create -f b2bi-pv.yaml persistentvolume/sterling-b2bi-app-resources-pv created persistentvolume/sterling-b2bi-app-logs-pv created persistentvolume/sterling-b2bi-app-documents-pv created
Configurando a passphrase para B2Bi, DB secret e MQ secret
1) Crie o arquivo b2bi-secrets.yaml e faça os ajustes
apiVersion: v1 kind: Secret metadata: name: b2b-system-passphrase-secret type: Opaque stringData: SYSTEM_PASSPHRASE: password --- apiVersion: v1 kind: Secret metadata: name: b2b-db-secret type: Opaque stringData: DB_USER: db2inst1 DB_PASSWORD: db2inst1 # DB_TRUSTSTORE_PASSWORD: password # DB_KEYSTORE_PASSWORD: password --- apiVersion: v1 kind: Secret metadata: name: b2b-jms-secret type: Opaque stringData: JMS_USERNAME: jms JMS_PASSWORD: password JMS_KEYSTORE_PASSWORD: password JMS_TRUSTSTORE_PASSWORD: password --- apiVersion: v1 kind: Secret metadata: name: b2b-liberty-secret type: Opaque stringData: LIBERTY_KEYSTORE_PASSWORD: password
2) Realize a criação do PV/PVC
oc create -f b2bi-secrets.yaml
Ajustando o arguivo override.yaml
1) Pegando a informação do pullSecret
oc describe sa default Name: default Namespace: sterling-b2bi-app Labels: <none> Annotations: <none> Image pull secrets: default-dockercfg-mrk6k ...
2) Crie o arquivo override.yaml e faça os ajustes
global: image: repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi" tag: "6.1.0.0" pullPolicy: IfNotPresent pullSecret: "default-dockercfg-mrk6k" # oc describe sa default ; at purge image also appResourcesPVC: name: sterling-b2bi-app-resources-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "resources" accessMode: ReadOnlyMany size: 500Mi appLogsPVC: name: sterling-b2bi-app-logs-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "logs" accessMode: ReadWriteMany size: 1000Mi appDocumentsPVC: enabled: true name: sterling-b2bi-app-documents-pvc storageClassName: "ibmc-file-gold" selector: label: "intent" value: "documents" accessMode: ReadWriteMany size: 1Gi security: supplementalGroups: [65534] fsGroup: 1010 runAsUser: 1010 dataSetup: enabled: true upgrade: false env: tz: "UTC" license: "accept" upgradeCompatibilityVerified: false logs: # true if user wish to redirect the application logs to console else false. If provided value is true , then application logs will reside inside containers. No volume mapping will be used. enableAppLogOnConsole: false #setup.cfg configuration starts here. Property names must follow camelCase format. setupCfg: #Upgrade #upgrade: false basePort: 5000 #License - specify values as true/false licenseAcceptEnableSfg: true # Name of system passphrase secret if available systemPassphraseSecret: b2b-system-passphrase-secret enableFipsMode: false nistComplianceMode: "off" # Provide the DB attributes --> "oc get svc -n sterling-b2bi-db2" dbVendor: db2 dbHost: 169.46.72.83 dbPort: 50000 dbData: B2BIDB dbDrivers: db2jcc4.jar dbCreateSchema: true # Name of DB secret dbSecret: b2b-db-secret #Provide the admin email address adminEmailAddress: [email protected] # Provide the SMTP host details smtpHost: mail.company.com #WMQ --> "oc get svc -n sterling-b2bi-mq" #JMS properties are optional if jmsVendor is empty #To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ # and provide other connection details jmsVendor: IBMMQ # Provide the name of connection factory class. jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory jmsConnectionFactoryInstantiator: jmsQueueName: DEV.QUEUE.1 jmsHost: 172.21.6.39 jmsPort: 1414 jmsConnectionNameList: 172.21.6.39(1414) jmsEnableSsl: false jmsChannel: DEV.APP.SVRCONN jmsSecret: sterling-b2bi-mq-secret SANDBOX_LAUNCH_CLA2_SERVER: true SANDBOX_WEBAPP_PROTOCOL: https SANDBOX_WEBAPP_LIST_PORT: 5001 asi: replicaCount: 1 service: type: LoadBalancer ports: http: name: http port: 35000 targetPort: http nodePort: 30000 protocol: TCP extraPorts: TCP1: name: asi-http-1 port: 6443 targetPort: 6443 protocol: TCP TCP2: name: asi-sftp-1 port: 6022 targetPort: 6022 protocol: TCP ac: replicaCount: 1 service: type: LoadBalancer ports: http: name: http port: 35001 targetPort: http nodePort: 30001 protocol: TCP extraPorts: TCP1: name: ac-http-1 port: 5443 targetPort: 5443 protocol: TCP TCP2: name: ac-sftp-1 port: 5022 targetPort: 5022 protocol: TCP api: replicaCount: 1 service: type: LoadBalancer ports: http: name: http port: 35002 targetPort: http nodePort: 30002 protocol: TCP https: name: https port: 35003 targetPort: https nodePort: 30003 protocol: TCP dashboard: enabled: true purge: enabled: true image: repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge" # Provide the tag value in double quotes tag: "6.1.0.0" pullPolicy: IfNotPresent pullSecret: "default-dockercfg-mrk6k" schedule: "*/30 * * * *"