Installing IBM Cloud Pak for MultiCloud Management V1.3.0 on OCP 3.11
In this post, we will go through the steps involved in installing IBM Cloud Pak for Multicloud Management V1.3.0 on Openshift 3.11. The mode of installation is offline.
The infrastructure used in this case is for demo purpose and is same as the one in my previous posts. I have uninstalled the earlier V1.2 and using the same environment for installing V1.3.
I have used node ose-ose-4 ( a node which is different than the one from which I had installed V1.2. This is because of images being already loaded error that is thrown during the installation).
Before installing the IBM Cloud Pak for Multicloud Management, complete the following requirements:
1) Login to OCP Master using the below command:
oc login <openshifturl> -u <username> -p <password>
The user should have cluster-admin authority
2) OpenShift Container Platform web console is accessible through the default subdomain route (default subdomain route is the value you had provided in “openshift_master_default_subdomain” during installation). To verify the subdomain run the following command:
3) Ensure that the admission webhooks are enabled on the OpenShift Container Platform master node.
4) A pre-configured dynamic StorageClass is available in the OpenShift Container Platform. In our case, we have used GlusterFS storage. (“oc get sc” will list the current storage classes provisioned.
Here glusterfs-storage is the default storage class and will be used in Persistent Volume creations during the installation process.
5) Ensure that registry is accessible and has sufficient storage space
a. OpenShift Container Platform image registry is exposed with a route accessible through the default subdomain.
b. Ensure that the image registry (docker registry) has minimum 100GB of space. (This can be checked by running the “df -h” command after login to the shell in the docker registry pod using “oc exec -it <podname> bash -n default” command)
6) Ensure that the vm.max_map_count setting is at least 262144 on all nodes
7) Download the Installer Package from the IBM Passport Advantage site. For our installation we will be using the following image
For any other platform, the image details are given here.
Once the pre-requisites are verified and the required installation images are downloaded, complete the following steps to install IBM Cloud Pak for Multicloud Management on OCP 3.11
1) Change (cd)to the directory where the “ibm-cp4mcm-core-1.3-x86_64.tar.gz” file is kept on the ansible host
2) Load the container images to the local docker registry by running the below command:
tar xf ibm-cp4mcm-core-1.3-x86_64.tar.gz -O | sudo docker load
3) Once the container images are loaded to the docker registry, create a installation directory on the ansible node by running the below command:
mkdir /opt/ibm-multicloud-manager-1.3; cd /opt/ibm-multicloud-manager-1.3
4) Extract the cluster directory by running the below command:
sudo docker run — rm -v $(pwd):/data:z -e LICENSE=accept — security-opt label:disable ibmcom/mcm-inception-amd64:3.2.5 cp -r cluster /data
(the above command should be run in the /opt/ibm-multicloud-manager-1.2 directory)
5) Copy the kubeconfig file to the ansible host. To do this complete the following steps
a. Change (cd) to the cluster “/opt/ibm-multicloud-manager-1.3/cluster”directory. (The cluster directory is created in the above step)
b. Transfer the file using the below command:
scp <user>@<master-host>:/etc/origin/master/admin.kubeconfig /opt/ibm-multicloud-manager-1.3/cluster/kubeconfig
(user should have permission to scp the file from the above system and directory)
6) Edit the config.yaml file in the cluster directory and set the following values:
a. OpenShift Nodes
# A list of OpenShift nodes
cluster_nodes:
master:
- ose-ose-3.fyre.ibm.com
proxy:
- ose-ose-4.fyre.ibm.com
management:
- ose-ose-1.fyre.ibm.com
(Refer to the Roles as mentioned in the Infrastructure Used)
b. Storage Class
# Storage Class
storage_class: glusterfs-storage
(glusterfs-storage is the default storage class)
c. Password Rules:
default_admin_password: <password>
password_rules:
- ‘(.*)’
(Here password_rules is specified because if password_rules is not defined, the default_admin_password must meet the default passport enforcement rule ‘^([a-zA-Z0–9\-]{32,})$’.)
d. Define the Management Services to be enabled:
## You can disable following services if they are not needed
management_services:
# Common services
iam-policy-controller: enabled
metering: enabled
licensing: disabled
monitoring: enabled
nginx-ingress: enabled
common-web-ui: enabled
catalog-ui: enabled
mcm-kui: enabled
logging: enabled
audit-logging: disabled
system-healthcheck-service: disabled
multitenancy-enforcement: disabled
# mcm services
multicluster-hub: enabled
search: enabled
key-management: enabled
notary: disabled
cis-controller: disabled
vulnerability-advisor: disabled
mutation-advisor: disabled
sts: disabled
secret-encryption-policy-controller: disabled
image-security-enforcement: disabled
For my cloud pak installation, I have enabled the logging which is disabled by default.
e. Set the multicluster-hub.etcd.accessModes to ReadWriteMany and multicluster-hub.etcd.persistence to true in the config.yaml file. Add the below lines to the config.yaml file if it is not present already:
When persistence is set to true, either the storageClassName or the local directory (default is /var/lib/etcd-mcm) for persistence volume in all management nodes for etcd is required. In our case, the storageClassName is the default dynamic storage class that is available in the environment.
7) Change to the cluster directory (/opt/ibm-multicloud-manager-1.3/cluster/) and run the Cloud Pak deployment using the below command:
docker run -t — net=host -e LICENSE=accept -v $(pwd):/installer/cluster:z -v /var/run:/var/run:z -v /etc/docker:/etc/docker:z — security-opt label:disable ibmcom/mcm-inception-amd64:3.2.5 install-with-openshift
The installation starts as shown in below screen:
8) The installation completes with a Play Recap (failed = 0 confirms that there were no failures in the playbook) and access information for your cluster is displayed as shown below :
9) Access the URL to connect to the IBM Cloud Pak for Multicloud Management console as shown below:
10) Login with the User admin and Password as given in default_admin_password in the config.yaml file. The IBM Cloud Pak for Multicloud Management welcome page is displayed as given below with version displayed:
This concludes the IBM Cloud Pak for Multicloud Management V1.3 Installation in the demo infrastructure.