IBM Data Lifecycle - Integration and Governance Connect with experts and peers to elevate technical expertise, solve problems and share insights. Join / Log in
Steps required before running this installer:
** Be aware that this installation instructions still require the cluster-admin role to be set for the service accounts default and icpd-anyuid-sa.
Installation Steps:
# oc new-project zen
#!/bin/bash#******************************************************************************# Licensed Materials - Property of IBM# (c) Copyright IBM Corporation 2019. All Rights Reserved.## Note to U.S. Government Users Restricted Rights:# Use, duplication or disclosure restricted by GSA ADP Schedule# Contract with IBM Corp.#****************************************************************************** export NAMESPACE="zen" oc apply -f - << EOFallowHostDirVolumePlugin: falseallowHostIPC: trueallowHostNetwork: falseallowHostPID: falseallowHostPorts: falseallowPrivilegedContainer: falseallowedCapabilities:- '*'allowedFlexVolumes: nullapiVersion: v1defaultAddCapabilities: nullfsGroup: type: RunAsAnygroups:- cluster-adminskind: SecurityContextConstraintsmetadata: annotations: kubernetes.io/description: ${NAMESPACE}-zenuid provides all features of the restricted SCC but allows users to run with any UID and any GID. name: ${NAMESPACE}-zenuidpriority: 10readOnlyRootFilesystem: falserequiredDropCapabilities: nullrunAsUser: type: RunAsAnyseLinuxContext: type: MustRunAssupplementalGroups: type: RunAsAny users: []volumes:- configMap- downwardAPI- emptyDir- persistentVolumeClaim- projected- secretEOF oc adm policy add-scc-to-user ${NAMESPACE}-zenuid system:serviceaccount:${NAMESPACE}:defaultoc adm policy add-scc-to-user anyuid system:serviceaccount:${NAMESPACE}:icpd-anyuid-saoc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:${NAMESPACE}:defaultecho "SCRIPT RUN SUCESSFULLY"
#!/bin/bash#******************************************************************************# Licensed Materials - Property of IBM# (c) Copyright IBM Corporation 2019. All Rights Reserved.## Note to U.S. Government Users Restricted Rights:# Use, duplication or disclosure restricted by GSA ADP Schedule# Contract with IBM Corp.#****************************************************************************** export NAMESPACE="zen"export STORAGE_CLASS="ibmc-file-gold"export DOCKER_USERNAME="iamapikey"export DOCKER_REGISTRY="cp.stg.icr.io/cp/cp4d"export DOCKER_REGISTRY_PASS="<<DOCKER_PASS>>"export INSTALL_TILLER=1export TILLER_NAMESPACE=${NAMESPACE}export TILLER_IMAGE=" cp.stg.icr.io/cp/cp4d/tiller:v2.9.1"export TILLER_TLS=0export CONSOLE_ROUTE_PREFIX="cp4data-console" # create pull secretoc create secret docker-registry icp4d-anyuid-docker-pull -n ${NAMESPACE} --docker-server=${DOCKER_REGISTRY} --docker-username=${DOCKER_USERNAME} --docker-password=${DOCKER_REGISTRY_PASS}oc secrets -n ${NAMESPACE} link default icp4d-anyuid-docker-pull --for=pulloc create secret docker-registry sa-${NAMESPACE} -n ${NAMESPACE} --docker-server=${DOCKER_REGISTRY} --docker-username=${DOCKER_USERNAME} --docker-password=${DOCKER_REGISTRY_PASS} cat << EOF | oc apply --namespace ${NAMESPACE} -f ----apiVersion: apps/v1kind: Deploymentmetadata: name: cloud-installer labels: app: cp4data-installerspec: replicas: 1 selector: matchLabels: app: cp4data-installer template: metadata: labels: app: cp4data-installer spec: containers: - env: - name: NAMESPACE value: ${NAMESPACE} - name: TILLER_NAMESPACE value: ${TILLER_NAMESPACE} - name: INSTALL_TILLER value: "${INSTALL_TILLER}" - name: TILLER_IMAGE value: ${TILLER_IMAGE} - name: TILLER_TLS value: "${TILLER_TLS}" - name: STORAGE_CLASS value: ${STORAGE_CLASS} - name: DOCKER_REGISTRY value: ${DOCKER_REGISTRY} - name: DOCKER_USERNAME value: ${DOCKER_USERNAME} - name: DOCKER_REGISTRY_USER value: ${DOCKER_USERNAME} - name: DOCKER_REGISTRY_PASS value: ${DOCKER_REGISTRY_PASS} - name: CONSOLE_ROUTE_PREFIX value: ${CONSOLE_ROUTE_PREFIX} name: installer image: cp.stg.icr.io/cp/cp4d/cp4d-installer:v1 imagePullPolicy: Always resources: limits: memory: "200Mi" cpu: 1 command: [ "/bin/sh", "-c" ] args: [ "./deploy-cp4data.sh; sleep 30000" ] imagePullSecrets: - name: icp4d-anyuid-docker-pullEOF sleep 5oc get pods -n ${NAMESPACE}POD=$(oc get pods -n ${NAMESPACE} -l app=cp4data-installer -o jsonpath="{.items[0].metadata.name}")echo $PODoc logs -n ${NAMESPACE} --follow $POD