Author: Lawrence Louie
Reviewers: Adam Davis, Alain Robert, Xiao Hua Lu, Yan Fen Guo
In this document, you will complete the ODM 20.0.3 enterprise deployment. You must complete part 1 and part 2 before you start part 3. Part 3 includes setting up a database, creating a database secret, and configuring a basic Liberty registry to allow user access in the CR that you created in part 2. When the custom resource is ready, you can apply the CR file and the operator that you installed in part 2 takes care of the ODM deployment.
Step 1: Create the ODM database
Connecting to the machine where DB2 is installed and execute the following commands:
$ db2 create database ODMDB automatic storage yes using codeset UTF-8 territory US pagesize 32768
$ db2 connect to ODMDB user db2inst using Pa88w0rd
$ db2 CREATE BUFFERPOOL BP32K SIZE 2000 PAGESIZE 32K
$ db2 CREATE TABLESPACE RESDWTS PAGESIZE 32K BUFFERPOOL BP32K
$ db2 CREATE SYSTEM TEMPORARY TABLESPACE RESDWTMPTS PAGESIZE 32K BUFFERPOOL BP32K
Step 2: Create database user secret
Login to the openshift using ocadmin and execute the command below:
kubectl create secret generic odm-db-secret --from-literal=db-user=db2inst1 --from-literal=db-password=Pa88w0rd
Step 3: Create a secret for the user authentication configuration.
We are using the sample webSecurity sample configuration for user authentication.
kubectl create secret generic my-auth-secret --from-file=webSecurity.xml=/root/cert-kubernetes/ODM/configuration/security/sample-webSecurity-basic-registry.xml
Step 4: Update the CR with the ODM configuration parameter
Copy the generated custom resource file, and configure the new CR file with the information you collected in the previous steps.
$ cp cert-kubernetes/scripts/generated-cr/ibm_cp4a_cr_final.yaml ~/odm.yaml
Edit the odm.yaml file with the values for the database type=db2, db secret=odm-db-secret, database name=ODMDB, servername=9.30.14.244, port=50000, and authSecretRef=my-auth-secret.
Delete the section of datasource configuration and have the following:
datasource_configuration:
dc_ssl_enabled: false
dc_odm_datasource:
dc_database_type: "db2"
database_servername: "9.30.14.244"
dc_common_database_port: "50000"
dc_common_database_name: "ODMDB"
dc_common_database_instance_secret: "odm-db-secret"
dc_common_ssl_enabled: false
dc_ssl_secret_name: "<Required>"
Add the section below in the odm_configuration section
customization:
authSecretRef: "my-auth-secret"
Below is the section of datasource_configuration and odm_configuration in the custom resource:
datasource_configuration:
## The dc_ssl_enabled parameter is used to support database connection over SSL for DB2/Oracle .
dc_ssl_enabled: false
dc_odm_datasource:
## Provide the database type from your infrastructure.
## The possible values are "db2" / "postgres" / "sqlserver".
dc_database_type: "db2"
## Provide the database server name or IP address of the database server.
database_servername: "9.30.14.244"
## Provide the database server port. For Db2, the default is "50000". For Oracle, the default is "1521"
dc_common_database_port: "50000"
## Provide the name of the database for ODM. For example: "ODMDB"
dc_common_database_name: "ODMDB"
## The name of the secret that contains the credentials to connect to the database.
dc_common_database_instance_secret: "odm-db-secret"
## Set to true when the database is using SSL
dc_common_ssl_enabled: false
## If SSL is used to secure the database connection, specify the name of the SSL secret.
dc_ssl_secret_name: "<Required>"
########################################################################
######## IBM Operational Decision Manager configuration ########
########################################################################
odm_configuration:
# To enable ODM Runtime.
decisionServerRuntime:
enabled: true
replicaCount: 2
# To enable the Authoring part
decisionRunner:
enabled: true
replicaCount: 2
decisionCenter:
enabled: true
replicaCount: 2
image:
tag: 8.10.5.0
# For UMS
customization:
## Customizes user authentication and management by realizing mapping between UMS Roles and LDAP groups.
authSecretRef: "my-auth-secret"
Step 5: Remove LDAP configuration from the custom resource.
Because we are not using the LDAP in this tutorial, we need to remove the configuration section entries from
## The beginning section of LDAP configuration for CP4A
to
## The beginning section of database configuration for CP4A
When you are done, verify the YAML in the odm.yaml file by copying and pasting the content of your CR into a tool like http://www.yamllint.com/.
Step 6: Deploy the ODM custom resource.
If you need to make any changes after the deployment, you can run the command again with the overwrite parameter:
oc apply -f odm.yaml --overwrite=true
Step 7: post-deployment
When the ODM pods are started, you can get the routes for the ODM services by running the post deployment script:
$ ./cp4a-post-deployment.sh
Step 8: Login to business console using odmAdmin/odmAdmin
Next Step:
To learn more about the product feature of Operational Decision Manager, please visit the ODM knowledge center
here.
#cp4a
#CP4BA