Platform and Cloud Pak

Part 3: Complete your Operational Decision Manager enterprise deployment (20.0.3)

By Lawrence Louie posted Wed February 10, 2021 06:24 PM

  
Author: Lawrence Louie
Reviewers:  Adam Davis, Alain Robert, Xiao Hua Lu, Yan Fen Guo

In this document, you will complete the ODM 20.0.3 enterprise deployment.  You must complete part 1 and part 2 before you start part 3. Part 3 includes setting up a database, creating a database secret, and configuring a basic Liberty registry to allow user access in the CR that you created in part 2. When the custom resource is ready, you can apply the CR file and the operator that you installed in part 2 takes care of the ODM deployment.


Step 1:  Create the ODM database

Connecting to the machine where DB2 is installed and execute the following commands: 
$ db2 create database ODMDB automatic storage yes using codeset UTF-8 territory US pagesize 32768
$ db2 connect to ODMDB user db2inst using Pa88w0rd
$ db2 CREATE BUFFERPOOL BP32K SIZE 2000 PAGESIZE 32K
$ db2 CREATE TABLESPACE RESDWTS PAGESIZE 32K BUFFERPOOL BP32K
$ db2 CREATE SYSTEM TEMPORARY TABLESPACE RESDWTMPTS PAGESIZE 32K BUFFERPOOL BP32K

Step 2: Create database user secret

Login to the openshift using ocadmin and execute the command below:
kubectl create secret generic odm-db-secret --from-literal=db-user=db2inst1 --from-literal=db-password=Pa88w0rd



Step 3: Create a secret for the user authentication configuration.

We are using the sample webSecurity sample configuration for user authentication. 
kubectl create secret generic my-auth-secret --from-file=webSecurity.xml=/root/cert-kubernetes/ODM/configuration/security/sample-webSecurity-basic-registry.xml


    Step 4:  Update the CR with the ODM configuration parameter

    Copy the generated custom resource file, and configure the new CR file with the information you collected in the previous steps.
    $ cp cert-kubernetes/scripts/generated-cr/ibm_cp4a_cr_final.yaml ~/odm.yaml
    Edit the odm.yaml file with the values for the database type=db2, db secret=odm-db-secret, database name=ODMDB, servername=9.30.14.244, port=50000, and authSecretRef=my-auth-secret.  

    Delete the section of datasource configuration and have the following:
      datasource_configuration:
        dc_ssl_enabled: false
        dc_odm_datasource:
          dc_database_type: "db2"
          database_servername: "9.30.14.244"
          dc_common_database_port: "50000"
          dc_common_database_name: "ODMDB"
          dc_common_database_instance_secret: "odm-db-secret"
          dc_common_ssl_enabled: false
          dc_ssl_secret_name: "<Required>"

    Add the section below in the odm_configuration section
        customization:
          authSecretRef: "my-auth-secret"

    Below is the section of datasource_configuration and odm_configuration in the custom resource:
      datasource_configuration:
        ## The dc_ssl_enabled parameter is used to support database connection over SSL for DB2/Oracle .
        dc_ssl_enabled: false
        dc_odm_datasource:
          ## Provide the database type from your infrastructure.
          ## The possible values are "db2" / "postgres" / "sqlserver".
          dc_database_type: "db2"
          ## Provide the database server name or IP address of the database server.
          database_servername: "9.30.14.244"
          ## Provide the database server port.  For Db2, the default is "50000".  For Oracle, the default is "1521"
          dc_common_database_port: "50000"
          ## Provide the name of the database for ODM.  For example: "ODMDB"
          dc_common_database_name: "ODMDB"
          ## The name of the secret that contains the credentials to connect to the database.
          dc_common_database_instance_secret: "odm-db-secret"
          ## Set to true when the database is using SSL
          dc_common_ssl_enabled: false
          ## If SSL is used to secure the database connection, specify the name of the SSL secret.
          dc_ssl_secret_name: "<Required>"
      ########################################################################
      ########      IBM Operational Decision Manager configuration    ########
      ########################################################################
      odm_configuration:
        # To enable ODM Runtime.
        decisionServerRuntime:
          enabled: true
          replicaCount: 2
        # To enable the Authoring part
        decisionRunner:
          enabled: true
          replicaCount: 2
        decisionCenter:
          enabled: true
          replicaCount: 2
        image:
          tag: 8.10.5.0
        # For UMS
        customization:
        ## Customizes user authentication and management by realizing mapping between UMS Roles and LDAP groups.
          authSecretRef: "my-auth-secret"​


    Step 5: Remove LDAP configuration from the custom resource.

    Because we are not using the LDAP in this tutorial, we need to remove the configuration section entries from
    ## The beginning section of LDAP configuration for CP4A 
    to
    ## The beginning section of database configuration for CP4A

    When you are done, verify the YAML in the odm.yaml file by copying and pasting the content of your CR into a tool like http://www.yamllint.com/.

    Step 6: Deploy the ODM custom resource.

    oc apply -f odm.yaml

    If you need to make any changes after the deployment, you can run the command again with the overwrite parameter:
    oc apply -f odm.yaml --overwrite=true

    Step 7: post-deployment


    When the ODM pods are started, you can get the routes for the ODM services by running the post deployment script:
    $ ./cp4a-post-deployment.sh
    post-deployment.sh


    Step 8: Login to business console using odmAdmin/odmAdmin

    a


    Next Step:   

    To learn more about the product feature of Operational Decision Manager, please visit the ODM knowledge center here.
    #whatsnew
    #OperationalDecisionManager(ODM)
    #20.0.0
    #20.0.3
    #cp4a
    0 comments
    104 views

    Permalink