IBM Sterling: Deploy do Sterling B2B no OpenShift: Difference between revisions

From Wiki
 
(10 intermediate revisions by the same user not shown)
Line 63: Line 63:
  ...</small>
  ...</small>


3) Crie o arquivo '''b2bi-pv.yaml''' e faça os ajustes
3) Crie o arquivo '''my-b2bi-pv.yaml''' e faça os ajustes


  <nowiki>kind: PersistentVolume
  <nowiki>kind: PersistentVolume
Line 117: Line 117:
4) Realize a criação do PV/PVC
4) Realize a criação do PV/PVC


  oc create -f b2bi-pv.yaml
  oc create -f my-b2bi-pv.yaml
   
   
  <small>persistentvolume/sterling-b2bi-app-resources-pv created
  <small>persistentvolume/sterling-b2bi-app-resources-pv created
  persistentvolume/sterling-b2bi-app-logs-pv created
  persistentvolume/sterling-b2bi-app-logs-pv created
  persistentvolume/sterling-b2bi-app-documents-pv created</small>
  persistentvolume/sterling-b2bi-app-documents-pv created</small>


==Configurando a passphrase para B2Bi, DB secret e MQ secret==
==Configurando a passphrase para B2Bi, DB secret e MQ secret==
Line 174: Line 173:
  oc create -f b2bi-secrets.yaml
  oc create -f b2bi-secrets.yaml


==Ajustando o arguivo override.yaml==
==Ajustando o arquivo override.yaml==
 
Execute o seguinte comando:
 
cd ibm-b2bi-prod


1) Pegando a informação do pullSecret
1) Pegando a informação do pullSecret
Line 191: Line 186:
  ...</small>
  ...</small>


2) Crie o arquivo '''override.yaml''' e faça os ajustes
2) Crie o arquivo '''my-b2bi-override.yaml''' e faça os ajustes
 
<nowiki>
global:
  image:
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi"
    tag: "6.1.0.0"
    pullPolicy: IfNotPresent
    # Get value  --> "oc describe sa default" and check line
    pullSecret: "default-dockercfg-<CHANGE HERE>" 
 
appResourcesPVC:
  enabled: true
  name: sterling-b2bi-app-resources-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "resources"
  accessMode: ReadOnlyMany
  size: 500Mi
 
appLogsPVC:
  name: sterling-b2bi-app-logs-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "logs"
  accessMode: ReadWriteMany
  size: 1000Mi
 
appDocumentsPVC:
  enabled: true
  name: sterling-b2bi-app-documents-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "documents"
  accessMode: ReadWriteMany
  size: 1Gi
 
security:
  supplementalGroups: [65534]
  fsGroup: 1010
  runAsUser: 1010
 
dataSetup:
  # enabled=true only on setup, after enabled=false
  enabled: true
  upgrade: false
 
env:
  tz: "UTC"
  license: "accept"
  upgradeCompatibilityVerified: false
 
logs:
  enableAppLogOnConsole: false
     
setupCfg:
  #Upgrade
  #upgrade: false
  basePort: 50000
  licenseAcceptEnableSfg: true
  licenseAcceptEnableEbics: false
  licenseAcceptEnableFinancialServices: false
  licenseAcceptEnableFileOperation: false
 
  # Name of system passphrase secret if available
  systemPassphraseSecret: b2b-system-passphrase-secret
  enableFipsMode: false
  nistComplianceMode: "off"


global:
  # Database Attributes --> "oc get svc -n sterling-b2bi-db2"  -> <EXTERNAL-IP>
  image:
  dbVendor: db2
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi"
  dbHost: <CHANGE HERE>       
    tag: "6.1.0.0"
  dbPort: 50000   
    pullPolicy: IfNotPresent
  dbData: B2BIDB
    pullSecret: "'''default-dockercfg-mrk6k'''"  # oc describe sa default ; at purge image also
  dbDrivers: db2jcc4.jar
 
  dbSecret: b2b-db-secret
appResourcesPVC:
  # enabled=true only on setup, after enabled=false
  name: sterling-b2bi-app-resources-pvc
  dbCreateSchema: true
  storageClassName: "ibmc-file-gold"
 
  selector:
  # SMTP Attributes
    label: "intent"
  adminEmailAddress: [email protected]
    value: "resources"
  smtpHost: mail.company.com
  accessMode: ReadOnlyMany
 
  size: 500Mi
  #WMQ  --> "oc get svc -n sterling-b2bi-mq"
  #JMS properties are optional if jmsVendor is empty
appLogsPVC:
  #To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ and provide other connection details
  name: sterling-b2bi-app-logs-pvc
  jmsVendor: IBMMQ
  storageClassName: "ibmc-file-gold"
  jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory
  selector:
  jmsConnectionFactoryInstantiator:
    label: "intent"
  jmsQueueName: DEV.QUEUE.1
    value: "logs"
  jmsHost: <CHANGE HERE>
  accessMode: ReadWriteMany
  jmsPort: 1414
  size: 1000Mi
  jmsConnectionNameList: <CHANGE HERE>(1414)
 
  jmsEnableSsl: false
  appDocumentsPVC:
  jmsChannel: DEV.APP.SVRCONN
  enabled: true
  jmsSecret: b2b-jms-secret
  name: sterling-b2bi-app-documents-pvc
 
  storageClassName: "ibmc-file-gold"
  updateJcePolicyFile: false
  selector:
  #jcePolicyFile: local_policy.jar
    label: "intent"
 
    value: "documents"
  SANDBOX_LAUNCH_CLA2_SERVER: true
  accessMode: ReadWriteMany
  SANDBOX_WEBAPP_PROTOCOL: https
  size: 1Gi
  SANDBOX_WEBAPP_LIST_PORT: 5001
 
  security:
asi:
  supplementalGroups: [65534]
  replicaCount: 1
  fsGroup: 1010
 
  runAsUser: 1010
  frontendService:
    type: ClusterIP
dataSetup:
    ports:
  enabled: true
      http:  
  upgrade: false
        name: http
        port: 35000
env:
        targetPort: http
  tz: "UTC"
        nodePort: 30000
  license: "accept"
        protocol: TCP
  upgradeCompatibilityVerified: false
      https:
 
        name: https
logs:
        port: 35001
  # true if user wish to redirect the application logs to console else false. If provided value is true , then application logs will reside inside containers. No volume mapping will be used.
        targetPort: https
  enableAppLogOnConsole: false
        nodePort: 30001
     
        protocol: TCP
  #setup.cfg configuration starts here. Property names must follow camelCase format.
      soa:
  setupCfg:
        name: soa
  #Upgrade
        port: 35002
  #upgrade: false
        targetPort: soa
  basePort: 5000
        nodePort: 30002
  #License - specify values as true/false
        protocol: TCP
  licenseAcceptEnableSfg: true
      soassl:  
        name: soassl
  # Name of system passphrase secret if available
        port: 35003
  systemPassphraseSecret: b2b-system-passphrase-secret
        targetPort: soassl
  enableFipsMode: false
        nodePort: 30003
  nistComplianceMode: "off"
        protocol: TCP
    extraPorts: []
  # Provide the DB attributes --> "oc get svc -n sterling-b2bi-db2"
      #-name: http-1
  dbVendor: db2
      # port: 46000
  dbHost: 169.46.72.83
      # targetPort: http
  dbPort: 50000   
      # nodePort: 30100
  dbData: B2BIDB
      # protocol: TCP
  dbDrivers: db2jcc4.jar
 
  dbCreateSchema: true
  backendService:
  # Name of DB secret
    #type: NodePort
  dbSecret: b2b-db-secret
    type: LoadBalancer
    ports:  
  #Provide the admin email address
      - name: adapter-1
  adminEmailAddress: [email protected]
        port: 30201
  # Provide the SMTP host details 
        targetPort: 30201
  smtpHost: mail.company.com
        nodePort: 30201
 
        protocol: TCP
  #WMQ  --> "oc get svc -n sterling-b2bi-mq"
    portRanges:
  #JMS properties are optional if jmsVendor is empty
      - name: adapters
  #To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ
        portRange: 30301-30400
  # and provide other connection details
        targetPortRange: 30301-30400
  jmsVendor: IBMMQ
        nodePortRange: 30301-30400
  # Provide the name of connection factory class.
        protocol: TCP
  jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory
 
  jmsConnectionFactoryInstantiator:
  ingress:
  jmsQueueName: DEV.QUEUE.1
    internal:
  jmsHost: 172.21.6.39
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
  jmsPort: 1414
      host: asi.<YOUR_CLUSTER Ingress Domain>
  jmsConnectionNameList: 172.21.6.39(1414)
      tls:
  jmsEnableSsl: false
        enabled: true
  jmsChannel: DEV.APP.SVRCONN
        secretName: ""
  jmsSecret: sterling-b2bi-mq-secret
      extraPaths: []
 
      # - routePrefix: "hello"
  SANDBOX_LAUNCH_CLA2_SERVER: true
      #    path: "/hello"
  SANDBOX_WEBAPP_PROTOCOL: https
      #    servicePort: "my-http"
  SANDBOX_WEBAPP_LIST_PORT: 5001
      #    enableHttps: false
           
asi:
ac:
  replicaCount: 1
 
  replicaCount: 1
  service:
 
    type: LoadBalancer
  frontendService:
    ports:
    type: ClusterIP
      http:  
    ports:
        name: http
      http:  
        port: 35000
        name: http
        targetPort: http
        port: 35004
        nodePort: 30000
        targetPort: http
        protocol: TCP
        nodePort: 30004
        protocol: TCP
    extraPorts:
    extraPorts: []
      TCP1:
      #-name: http-1
        name: asi-http-1
      # port: 37000
        port: 6443
      # targetPort: http
        targetPort: 6443
      # nodePort: 30200
        protocol: TCP
      # protocol: TCP
      TCP2:
 
        name: asi-sftp-1
  backendService:
        port: 6022
    #type: NodePort
        targetPort: 6022
    type: LoadBalancer
        protocol: TCP
    ports:  
             
      - name: adapter-1
  ac:
        port: 30401
        targetPort: 30401
  replicaCount: 1
        nodePort: 30401
        protocol: TCP
  service:
    portRanges: []
    type: LoadBalancer
      #- name: adapters
    ports:
      #  portRange: 30501-30600
      http:  
      #  targetPortRange: 30501-30600
        name: http
      # nodePortRange: 30501-30600
        port: 35001
      # protocol: TCP
        targetPort: http
 
        nodePort: 30001
  ingress:
        protocol: TCP
    internal:
   
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
    extraPorts:
      host: ac.<YOUR_CLUSTER Ingress Domain>
      TCP1:
      tls:
        name: ac-http-1
        enabled: true
        port: 5443
        secretName: ""
        targetPort: 5443
      extraPaths: []
        protocol: TCP
      # - routePrefix: "hello"
      TCP2:
      #    path: "/hello"
        name: ac-sftp-1
      #   servicePort: "my-http"
        port: 5022
      #    enableHttps: false   
        targetPort: 5022
 
        protocol: TCP  
api:
   
 
  api:
  replicaCount: 1
   
 
   replicaCount: 1
  frontendService:
 
    type: ClusterIP
  service:
    ports:
    type: LoadBalancer
      http:
    ports:
        name: http
      http:
        port: 35005
        name: http
        targetPort: http
        port: 35002
        nodePort: 30005
        targetPort: http
        protocol: TCP
        nodePort: 30002
      https:
        protocol: TCP
        name: https
      https:
        port: 35006
        name: https
        targetPort: https
        port: 35003
        nodePort: 30006
        targetPort: https
        protocol: TCP
        nodePort: 30003
    extraPorts: []
        protocol: TCP  
      #-name: http-1
      # port: 35000
dashboard:
      # targetPort: http
    enabled: true
      # nodePort: 30300
      # protocol: TCP
purge:
 
  enabled: true
  ingress:
  image:
    internal:
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge"
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
  # Provide the tag value in double quotes
      host: api.<CHANGE HERE YOUR_CLUSTER Ingress Domain>
    tag: "6.1.0.0"
      tls:
    pullPolicy: IfNotPresent
        enabled: true
    pullSecret: "default-dockercfg-mrk6k"
        secretName: ""
  schedule: "*/30 * * * *"
 
dashboard:
    enabled: true
 
purge:
  enabled: true
  image:
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge"
    tag: "6.1.0.0"
    pullPolicy: IfNotPresent
    # Get value  --> oc describe sa default
    pullSecret: "default-dockercfg-<CHANGE HERE>"
  schedule: "*/30 * * * *"
  startingDeadlineSeconds:
  activeDeadlineSeconds: 3600
  concurrencyPolicy: Forbid
  suspend: false
  successfulJobsHistoryLimit: 3
  failedJobsHistoryLimit: 1
</nowiki>
 
salve e feche o arquivo.


== Executando o Deploy de SETUP com o Helm ==
== Executando o Deploy com o Helm ==


1) Execute o seguinte comando:
1) Execute o seguinte comando:
Line 384: Line 470:
  cd ibm-b2bi-prod
  cd ibm-b2bi-prod
   
   
  helm install sterling-b2bi-app --namespace sterling-b2bi-app --timeout 120m0s -f ..\b2bi-override.yaml .
  helm install sterling-b2bi-app --namespace sterling-b2bi-app --timeout 120m0s -f ../my-b2bi-override.yaml .


<big>Essa operação é bem demorada. Vá tomar um café!!!</big>
<big>Essa operação é bem demorada. Vá tomar um café!!!</big>
Line 408: Line 494:
   
   
  <small>NAME                                    READY  STATUS    RESTARTS  AGE
  <small>NAME                                    READY  STATUS    RESTARTS  AGE
  sterling-b2bi-app-b2bi-db-setup-fbf64  0/1    Completed  0          3h9m</small>
  sterling-b2bi-app-b2bi-ac-server-0                 1/1    Running    0          3h6m
sterling-b2bi-app-b2bi-api-server-0                1/1    Running    0          3h6m
sterling-b2bi-app-b2bi-asi-server-0                1/1    Running    0          3h6m</small>


  oc get jobs
  oc get jobs
Line 414: Line 502:
  sterling-b2bi-app-b2bi-db-setup  1/1          93m        3h31</small>
  sterling-b2bi-app-b2bi-db-setup  1/1          93m        3h31</small>


== Executando o Deploy de RUNTIME com o Helm ==
== Pós install ==


Após o setup, iremos executar o Helm novamente para o RUNTIME.
Após o deploy, devemos desabilitar o setup do database, caso seja necessário executar o helm install novamente


1) Deletando o Helm
1) Edite o arquivo '''my-b2bi-override.yaml''' e altere os parâmetros para false:


  helm delete sterling-b2bi-app
  ...
  oc delete job sterling-b2bi-app-b2bi-db-setup
  dataSetup:
  enabled: false
...
setupCfg:
  ...
  dbCreateSchema: false


2) Executando o '''oc patch''', para liberar os PVs.
Salve e feche o arquivo


oc patch pv/sterling-b2bi-app-resources-pv --type json -p $'- op: remove\n  path: /spec/claimRef'
== Dicas ==
oc patch pv/sterling-b2bi-app-logs-pv --type json -p $'- op: remove\n  path: /spec/claimRef'
oc patch pv/sterling-b2bi-app-documents-pv --type json -p $'- op: remove\n  path: /spec/claimRef'


Verificando o resultado
=== Pegando a url para acesso ===


  oc get pv
  oc get routes
   
   
  <small>NAME                                      CAPACITY  ACCESS MODES  RECLAIM POLICY  STATUS      CLAIM                                              STORAGECLASS     REASON  AGE
  <small>
  pvc-24d3f168-5de9-44b4-baee-05782b2e4d56   20Gi      RWO            Delete          Bound       sterling-b2bi-db2/sterling-b2bi-db2-storage-db2-0                            6h42m
NAME                                                     HOST/PORT                                       PATH      
  pvc-3ca3c42b-cd9d-4429-af9e-39fe80264752   20Gi      RWO            Delete          Bound      sterling-b2bi-mq/data-sterling-b2bi-mq-ibm-mq-0                              5h52m
  sterling-b2bi-app-b2bi-api-internal-route                api.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ... 
  pvc-9933b069-8f86-4bee-bdf7-ab84a2c8b583  100Gi      RWX           Delete          Bound      openshift-image-registry/image-registry-storage    ibmc-file-gold            45h
sterling-b2bi-app-b2bi-api-internal-route-b2bapi          api.ebasso-roks-demo-sb2bi8...appdomain.cloud   /B2BAPIs/svc       ... 
  sterling-b2bi-app-documents-pv            1Gi        RWX            Retain          Available                                                      ibmc-file-gold            4h3m
sterling-b2bi-app-b2bi-api-internal-route-customization  api.ebasso-roks-demo-sb2bi8...appdomain.cloud  /propertyUI/app    ... 
  sterling-b2bi-app-logs-pv                  1000Mi    RWX           Retain          Available                                                      ibmc-file-gold            4h3m
sterling-b2bi-app-b2bi-asi-internal-route                asi.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ... 
  sterling-b2bi-app-resources-pv            500Mi      ROX            Retain          Available                                                      ibmc-file-gold            4h3m
  sterling-b2bi-app-b2bi-asi-internal-route-dashboard      asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /dashboard        ... 
  sterling-b2bi-toolkit-pv                  20Gi      RWX            Retain          Bound       sterling-b2bi-toolkit/sterling-b2bi-toolkit-pvc                              4h37m</small>
sterling-b2bi-app-b2bi-asi-internal-route-filegateway    asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /filegateway      ... 
sterling-b2bi-app-b2bi-asi-internal-route-mailbox        asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /mailbox          ... 
  sterling-b2bi-app-b2bi-asi-internal-route-myfg           asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /myfg              ... 
sterling-b2bi-app-b2bi-asi-internal-route-myfilegateway  asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /myfilegateway    ... 
  sterling-b2bi-app-b2bi-asi-internal-route-queuewatch      asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /queueWatch        ... 
  sterling-b2bi-app-b2bi-asi-internal-route-soap           asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /soap              ... 
  sterling-b2bi-app-b2bi-asi-internal-route-soap-new        asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /soap-new          ... 
  sterling-b2bi-app-b2bi-asi-internal-route-soap-sync       asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /soap-sync        ... 
sterling-b2bi-app-b2bi-asi-internal-route-soap-sync-new  asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /soap-sync-new    ... 
sterling-b2bi-app-b2bi-asi-internal-route-wsdl            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud  /wsdl              ...  </small>
 
Acesse com um navegador


3) Edite o arquivo '''b2bi-override.yaml''' e altere os parâmetros para false:
<nowiki>https://asi.ebasso-roks-demo-sb2bi8...appdomain.cloud/dashboard</nowiki>


* dataSetup.enabled: false
=== Verificando em quais Nodes nossos Pods estão executando ===
* setupCfg.dbCreateSchema: false


Salve e feche o arquivo
Vamos pegar os nome dos Nodes primeiro
 
$ oc get nodes
<small>NAME          STATUS  ROLES          AGE    VERSION
10.xxx.xx.68  Ready    master,worker  6h29m  v1.19.0+d856161
10.xxx.xx.73  Ready    master,worker  6h24m  v1.19.0+d856161</small>


4) Execute o helm no diretório '''ibm-b2bi-prod'''.
Listando o Primeiro Node
helm install sterling-b2bi-app --namespace sterling-b2bi-app --timeout 120m0s -f ..\b2bi-override.yaml .


<big>Essa operação é bem demorada. Vá tomar um café!!!</big>
oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.68 | grep sterling
   
   
5) Abra uma nova janela de terminal e execute o comando
<small>NAMESPACE              NAME                                                  READY  STATUS
sterling-b2bi-app      sterling-b2bi-app-b2bi-ac-server-0                    1/1    Running
sterling-b2bi-app      sterling-b2bi-app-b2bi-api-server-0                  1/1    Running</small>


oc get pods
Listando o Segundo Node
   
   
  <small>NAME                                    READY  STATUS    RESTARTS  AGE
  oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.73 | grep sterling
sterling-b2bi-app-b2bi-db-setup-fbf64  1/1    Running  0          12m</small>
 
6) Execute o comando para acompanhar
 
oc logs -f sterling-b2bi-app-b2bi-db-setup-fbf64
 
O resultado final é
<small>Total B2biSetup time : 01:31:02
Total B2biInDockerTotal time: 01:33:05</small>
 
7) Conferindo o resultado
 
oc get pods
   
   
  <small>NAME                                   READY  STATUS   RESTARTS  AGE
  <small>NAMESPACE              NAME                                                 READY  STATUS
  sterling-b2bi-app-b2bi-db-setup-fbf64  0/1    Completed  0          3h9m</small>
  sterling-b2bi-app       sterling-b2bi-app-b2bi-asi-server-0                    1/1    Running 
sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621981800-lfpll      0/1    Completed
sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621985400-zvszc      0/1    Completed
sterling-b2bi-app      sterling-b2bi-app-b2bi-ext-purge-1621989000-lfg8h      1/1    Running 
sterling-b2bi-db2      db2-0                                                  1/1    Running 
sterling-b2bi-mq        sterling-b2bi-mq-ibm-mq-0                              1/1    Running 
sterling-b2bi-toolkit   sterling-b2bi-toolkit-859c45f7c-mr6h8                  1/1    Running</small>


= See Also =
= See Also =

Latest revision as of 01:34, 26 May 2021

Procedimento

Alternando para o Projeto

1) O projeto já foi criado anteriormente, vamos alter para ele 

oc project sterling-b2bi-app

Executando os scripts pre-instalação

1) Extrair o arquivo ibm-b2bi-prod-2.0.0.tgz, que vinha com o arquivo STER_B2B_INT_CERT_CONT_V6.1_ML.tar 

tar -xzvf ibm-b2bi-prod-2.0.0.tgz

2) Alternar o diretório e executar as permissões 

cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/clusterAdministration

oc apply -f ibm-b2bi-scc.yaml --validate=false
oc apply -f ibm-b2bi-cr-scc.yaml --validate=false
oc apply -f ibm-b2bi-psp.yaml
oc apply -f ibm-b2bi-cr.yaml

cd ../../../../..

retornar para o diretório anterior

3) Alternar o diretório, gerar os novos arquivos e criar as permissões 

cd ibm-b2bi-prod/ibm_cloud_pak/pak_extensions/pre-install/namespaceAdministration

sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb-scc.yaml > my-ibm-b2bi-rb-scc.yaml
sed 's/{{ NAMESPACE }}/'$MY_SB2BI_PROJECT'/g' ibm-b2bi-rb.yaml > my-ibm-b2bi-rb.yaml

oc create -f my-ibm-b2bi-rb-scc.yaml
oc create -f my-ibm-b2bi-rb.yaml

cd ../../../../..

Configurando o Armazenamento

1) Localize as informações necessárias no default storage volume (volume de armazenamento padrão) 

oc get pv -n openshift-image-registry

NAME       CAPACITY ACCESS MOD  RECLAIM POLICY  STATUS  CLAIM                                              STORAGECLASS    
pvc-42...  20Gi     RWO           Delete          Bound   sterling-b2bi-mq/data-mqsterling-ibm-mq-0                                 
pvc-99...  100Gi    RWX           Delete          Bound   openshift-image-registry/image-registry-storage  ibmc-file-gold      
pvc-ac3... 20Gi     RWO           Delete          Bound   sterling-b2bi-db2/db2vol-db2-0

2) Pegue os detalhes do pv 

oc describe pv pvc-99...

:Ref 5
...
failure-domain.beta.kubernetes.io/region=us-south
failure-domain.beta.kubernetes.io/zone=dal10
...
Type:   NFS (an NFS mount that lasts the lifetime of a pod)
Server: fsf-xxxxxxx-xx.adn.networklayer.com
Path:   /IBMxxSEVxxxxxxx_xx/data01
...

3) Crie o arquivo my-b2bi-pv.yaml e faça os ajustes 

kind: PersistentVolume
apiVersion: v1
metadata:
  name: sterling-b2bi-app-resources-pv
  labels:
    intent: resources
spec:
  storageClassName: "ibmc-file-gold"
  accessModes:
    - ReadOnlyMany
  capacity: 
    storage: 500Mi
  nfs:
   server: fsf-xxxxxxx-xx.adn.networklayer.com
   path: /IBMxxSEVxxxxxxx_xx/data01/resources/

---
kind: PersistentVolume
apiVersion: v1
metadata:
  name: sterling-b2bi-app-logs-pv
  labels:
    intent: logs
spec:
  storageClassName: "ibmc-file-gold"
  accessModes:
    - ReadWriteMany
  capacity: 
    storage: 1000Mi
  nfs:
   server: fsf-xxxxxxx-xx.adn.networklayer.com
   path: /IBMxxSEVxxxxxxx_xx/data01/logs/

---
kind: PersistentVolume
apiVersion: v1
metadata:
  name: sterling-b2bi-app-documents-pv
  labels:
    intent: documents
spec:
  storageClassName: "ibmc-file-gold"
  accessModes:
    - ReadWriteMany
  capacity: 
    storage: 1Gi
  nfs:
   server: fsf-xxxxxxx-xx.adn.networklayer.com
   path: /IBMxxSEVxxxxxxx_xx/data01/documents/

4) Realize a criação do PV/PVC 

oc create -f my-b2bi-pv.yaml

persistentvolume/sterling-b2bi-app-resources-pv created
persistentvolume/sterling-b2bi-app-logs-pv created
persistentvolume/sterling-b2bi-app-documents-pv created

Configurando a passphrase para B2Bi, DB secret e MQ secret

1) Crie o arquivo b2bi-secrets.yaml e faça os ajustes 

apiVersion: v1
kind: Secret
metadata:
  name: b2b-system-passphrase-secret
type: Opaque
stringData:
  SYSTEM_PASSPHRASE: password

---
apiVersion: v1
kind: Secret
metadata:
  name: b2b-db-secret
type: Opaque
stringData:
  DB_USER: db2inst1
  DB_PASSWORD: db2inst1
#  DB_TRUSTSTORE_PASSWORD: password
#  DB_KEYSTORE_PASSWORD: password

---
apiVersion: v1
kind: Secret
metadata:
  name: b2b-jms-secret
type: Opaque
stringData:
  JMS_USERNAME: jms
  JMS_PASSWORD: password
  JMS_KEYSTORE_PASSWORD: password
  JMS_TRUSTSTORE_PASSWORD: password
  
---
apiVersion: v1
kind: Secret
metadata:
  name: b2b-liberty-secret
type: Opaque
stringData:
  LIBERTY_KEYSTORE_PASSWORD: password

2) Realize a criação do PV/PVC 

oc create -f b2bi-secrets.yaml

Ajustando o arquivo override.yaml

1) Pegando a informação do pullSecret 

oc describe sa default

Name:                default
Namespace:           sterling-b2bi-app
Labels:              <none>
Annotations:         <none>
Image pull secrets:  default-dockercfg-mrk6k
...

2) Crie o arquivo my-b2bi-override.yaml e faça os ajustes 

global:
  image:
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/b2bi"
    tag: "6.1.0.0"
    pullPolicy: IfNotPresent
    # Get value  --> "oc describe sa default" and check line 
    pullSecret: "default-dockercfg-<CHANGE HERE>"  
  
appResourcesPVC:
  enabled: true
  name: sterling-b2bi-app-resources-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "resources"
  accessMode: ReadOnlyMany
  size: 500Mi

appLogsPVC:
  name: sterling-b2bi-app-logs-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "logs"
  accessMode: ReadWriteMany
  size: 1000Mi
  
appDocumentsPVC:
  enabled: true
  name: sterling-b2bi-app-documents-pvc
  storageClassName: "ibmc-file-gold"
  selector:
    label: "intent"
    value: "documents"
  accessMode: ReadWriteMany
  size: 1Gi

security:
  supplementalGroups: [65534]
  fsGroup: 1010
  runAsUser: 1010

dataSetup:
  # enabled=true only on setup, after enabled=false
  enabled: true
  upgrade: false

env:
  tz: "UTC"
  license: "accept"
  upgradeCompatibilityVerified: false
  
logs:
  enableAppLogOnConsole: false
      
setupCfg:
  #Upgrade
  #upgrade: false
  basePort: 50000
  licenseAcceptEnableSfg: true
  licenseAcceptEnableEbics: false
  licenseAcceptEnableFinancialServices: false
  licenseAcceptEnableFileOperation: false

  # Name of system passphrase secret if available
  systemPassphraseSecret: b2b-system-passphrase-secret
  enableFipsMode: false
  nistComplianceMode: "off"

  # Database Attributes --> "oc get svc -n sterling-b2bi-db2"  ->  #  <EXTERNAL-IP>
  dbVendor: db2
  dbHost: <CHANGE HERE>        
  dbPort: 50000  
  dbData: B2BIDB
  dbDrivers: db2jcc4.jar
  dbSecret: b2b-db-secret
  # enabled=true only on setup, after enabled=false
  dbCreateSchema: true

  # SMTP Attributes
  adminEmailAddress: [email protected]
  smtpHost: mail.company.com
  
  #WMQ   --> "oc get svc -n sterling-b2bi-mq"
  #JMS properties are optional if jmsVendor is empty
  #To use IBMMQ for communication between ASI & AC, change property to jmsVendor: IBMMQ and provide other connection details
  jmsVendor: IBMMQ
  jmsConnectionFactory: com.ibm.mq.jms.MQQueueConnectionFactory
  jmsConnectionFactoryInstantiator:
  jmsQueueName: DEV.QUEUE.1
  jmsHost: <CHANGE HERE> 
  jmsPort: 1414
  jmsConnectionNameList: <CHANGE HERE>(1414)
  jmsEnableSsl: false
  jmsChannel: DEV.APP.SVRCONN
  jmsSecret: b2b-jms-secret

  updateJcePolicyFile: false
  #jcePolicyFile: local_policy.jar
  
  SANDBOX_LAUNCH_CLA2_SERVER: true
  SANDBOX_WEBAPP_PROTOCOL: https
  SANDBOX_WEBAPP_LIST_PORT: 5001

asi:
  replicaCount: 1

  frontendService:
    type: ClusterIP
    ports:
      http: 
        name: http
        port: 35000
        targetPort: http
        nodePort: 30000
        protocol: TCP
      https: 
        name: https
        port: 35001
        targetPort: https
        nodePort: 30001
        protocol: TCP
      soa: 
        name: soa
        port: 35002
        targetPort: soa
        nodePort: 30002
        protocol: TCP
      soassl: 
        name: soassl
        port: 35003
        targetPort: soassl
        nodePort: 30003
        protocol: TCP
    extraPorts: []
      #-name: http-1
      # port: 46000
      # targetPort: http
      # nodePort: 30100
      # protocol: TCP

  backendService:
    #type: NodePort
    type: LoadBalancer
    ports: 
      - name: adapter-1
        port: 30201
        targetPort: 30201
        nodePort: 30201
        protocol: TCP
    portRanges: 
      - name: adapters
        portRange: 30301-30400
        targetPortRange: 30301-30400
        nodePortRange: 30301-30400
        protocol: TCP
  
  ingress:
    internal:
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
      host: asi.<YOUR_CLUSTER Ingress Domain>
      tls:
        enabled: true
        secretName: ""
      extraPaths: []
      #  - routePrefix: "hello"
      #    path: "/hello"
      #    servicePort: "my-http"
      #    enableHttps: false
             
ac:

  replicaCount: 1

  frontendService:
    type: ClusterIP
    ports:
      http: 
        name: http
        port: 35004
        targetPort: http
        nodePort: 30004
        protocol: TCP
    extraPorts: []
      #-name: http-1
      # port: 37000
      # targetPort: http
      # nodePort: 30200
      # protocol: TCP
  
  backendService:
    #type: NodePort
    type: LoadBalancer
    ports: 
      - name: adapter-1
        port: 30401
        targetPort: 30401
        nodePort: 30401
        protocol: TCP
    portRanges: []
      #- name: adapters
      #  portRange: 30501-30600
      #  targetPortRange: 30501-30600
      #  nodePortRange: 30501-30600
      #  protocol: TCP

  ingress:
    internal:
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
      host: ac.<YOUR_CLUSTER Ingress Domain>
      tls:
        enabled: true
        secretName: ""
      extraPaths: []
      #  - routePrefix: "hello"
      #    path: "/hello"
      #    servicePort: "my-http"
      #    enableHttps: false    

api:

  replicaCount: 1

  frontendService:
    type: ClusterIP
    ports:
      http:
        name: http
        port: 35005
        targetPort: http
        nodePort: 30005
        protocol: TCP
      https:
        name: https
        port: 35006
        targetPort: https
        nodePort: 30006
        protocol: TCP
    extraPorts: []
      #-name: http-1
      # port: 35000
      # targetPort: http
      # nodePort: 30300
      # protocol: TCP

  ingress:
    internal:
      # Get this value on IBM Cloud > Console > OpenShift > Cluster > <YOUR_CLUSTER> > Ingress Domain
      host: api.<CHANGE HERE YOUR_CLUSTER Ingress Domain>
      tls:
        enabled: true
        secretName: ""

dashboard:
    enabled: true

purge:
  enabled: true
  image:
    repository: "image-registry.openshift-image-registry.svc:5000/sterling-b2bi-app/purge"
    tag: "6.1.0.0"
    pullPolicy: IfNotPresent
    # Get value  --> oc describe sa default
    pullSecret: "default-dockercfg-<CHANGE HERE>"
  schedule: "*/30 * * * *"
  startingDeadlineSeconds:
  activeDeadlineSeconds: 3600
  concurrencyPolicy: Forbid
  suspend: false
  successfulJobsHistoryLimit: 3
  failedJobsHistoryLimit: 1

salve e feche o arquivo.

Executando o Deploy com o Helm

1) Execute o seguinte comando: 

cd ibm-b2bi-prod

helm install sterling-b2bi-app --namespace sterling-b2bi-app --timeout 120m0s -f ../my-b2bi-override.yaml .

Essa operação é bem demorada. Vá tomar um café!!!

2) Abra uma nova janela de terminal e execute o comando 

oc get pods

NAME                                    READY   STATUS    RESTARTS   AGE
sterling-b2bi-app-b2bi-db-setup-fbf64   1/1     Running   0          12m

3) Execute o comando para acompanhar 

oc logs -f sterling-b2bi-app-b2bi-db-setup-fbf64

O resultado final é 

Total B2biSetup time : 01:31:02
Total B2biInDockerTotal time: 01:33:05

4) Conferindo o resultado 

oc get pods

NAME                                    READY   STATUS    RESTARTS   AGE
sterling-b2bi-app-b2bi-ac-server-0                  1/1     Running     0          3h6m
sterling-b2bi-app-b2bi-api-server-0                 1/1     Running     0          3h6m
sterling-b2bi-app-b2bi-asi-server-0                 1/1     Running     0          3h6m

oc get jobs
NAME                              COMPLETIONS   DURATION   AGE
sterling-b2bi-app-b2bi-db-setup   1/1           93m        3h31

Pós install

Após o deploy, devemos desabilitar o setup do database, caso seja necessário executar o helm install novamente

1) Edite o arquivo my-b2bi-override.yaml e altere os parâmetros para false: 

...
dataSetup:
  enabled: false
...
setupCfg:
  ...
  dbCreateSchema: false

Salve e feche o arquivo

Dicas

Pegando a url para acesso

oc get routes


NAME                                                      HOST/PORT                                       PATH     
sterling-b2bi-app-b2bi-api-internal-route                 api.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ...  
sterling-b2bi-app-b2bi-api-internal-route-b2bapi          api.ebasso-roks-demo-sb2bi8...appdomain.cloud   /B2BAPIs/svc       ...  
sterling-b2bi-app-b2bi-api-internal-route-customization   api.ebasso-roks-demo-sb2bi8...appdomain.cloud   /propertyUI/app    ...  
sterling-b2bi-app-b2bi-asi-internal-route                 asi.ebasso-roks-demo-sb2bi8...appdomain.cloud                      ...  
sterling-b2bi-app-b2bi-asi-internal-route-dashboard       asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /dashboard         ...  
sterling-b2bi-app-b2bi-asi-internal-route-filegateway     asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /filegateway       ...  
sterling-b2bi-app-b2bi-asi-internal-route-mailbox         asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /mailbox           ...  
sterling-b2bi-app-b2bi-asi-internal-route-myfg            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /myfg              ...  
sterling-b2bi-app-b2bi-asi-internal-route-myfilegateway   asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /myfilegateway     ...  
sterling-b2bi-app-b2bi-asi-internal-route-queuewatch      asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /queueWatch        ...  
sterling-b2bi-app-b2bi-asi-internal-route-soap            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap              ...  
sterling-b2bi-app-b2bi-asi-internal-route-soap-new        asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-new          ...  
sterling-b2bi-app-b2bi-asi-internal-route-soap-sync       asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-sync         ...  
sterling-b2bi-app-b2bi-asi-internal-route-soap-sync-new   asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /soap-sync-new     ...  
sterling-b2bi-app-b2bi-asi-internal-route-wsdl            asi.ebasso-roks-demo-sb2bi8...appdomain.cloud   /wsdl              ...

Acesse com um navegador 

https://asi.ebasso-roks-demo-sb2bi8...appdomain.cloud/dashboard

Verificando em quais Nodes nossos Pods estão executando

Vamos pegar os nome dos Nodes primeiro 

$ oc get nodes
NAME           STATUS   ROLES           AGE     VERSION
10.xxx.xx.68   Ready    master,worker   6h29m   v1.19.0+d856161
10.xxx.xx.73   Ready    master,worker   6h24m   v1.19.0+d856161

Listando o Primeiro Node 

oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.68 | grep sterling

NAMESPACE               NAME                                                  READY   STATUS
sterling-b2bi-app       sterling-b2bi-app-b2bi-ac-server-0                    1/1     Running
sterling-b2bi-app       sterling-b2bi-app-b2bi-api-server-0                   1/1     Running

Listando o Segundo Node 

oc get pods --all-namespaces -o wide --field-selector spec.nodeName=10.xxx.xx.73 | grep sterling

NAMESPACE               NAME                                                  READY   STATUS
sterling-b2bi-app       sterling-b2bi-app-b2bi-asi-server-0                    1/1     Running  
sterling-b2bi-app       sterling-b2bi-app-b2bi-ext-purge-1621981800-lfpll      0/1     Completed
sterling-b2bi-app       sterling-b2bi-app-b2bi-ext-purge-1621985400-zvszc      0/1     Completed
sterling-b2bi-app       sterling-b2bi-app-b2bi-ext-purge-1621989000-lfg8h      1/1     Running  
sterling-b2bi-db2       db2-0                                                  1/1     Running  
sterling-b2bi-mq        sterling-b2bi-mq-ibm-mq-0                              1/1     Running  
sterling-b2bi-toolkit   sterling-b2bi-toolkit-859c45f7c-mr6h8                  1/1     Running

See Also

Retrieved from "https://ebasso.net/wiki/index.php?title=IBM_Sterling:_Deploy_do_Sterling_B2B_no_OpenShift&oldid=6996"