An example about CPD 4.0 deployment for multi-tenancy support
Authors: Yunbo Zhang, Hongwei Jia
The Cloud Pak for Data platform supports multiple mechanisms for achieving service multi-tenancy. In this article, we'll introduce an example about the most common deployment method for achieving multi-tenancy - Installing a single instance of the service in each project where the control plane is installed.
Before we start, we assume that the following tasks have been finished.
- Mirroring images to the private registry.
- Configuring your cluster to pull images.
And here we'll share an example about CPD 4.0 deployment for supporting two tenants.
1. Installing IBM Cloud Pak foundational services
1.1 Create the ibm-common-services project
oc new-project ibm-common-services
1.2 OperatorGroups
This installation will be single namespace for IBM Foundation.
Please make sure only one operator group is defined in the namespace, OLM will give error, if you create two operator group in a single namespace
cat <<EOF |oc apply -f -
apiVersion: operators.coreos.com/v1alpha2
kind: OperatorGroup
metadata:
name: operatorgroup
namespace: ibm-common-services
spec:
targetNamespaces:
- ibm-common-services
EOF
Status
oc get OperatorGroup operatorgroup -n ibm-common-services -o yaml
1.3 Create the appropriate operator subscription for your environment
cat <<EOF | oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: ibm-common-service-operator
namespace: ibm-common-services
spec:
channel: v3
installPlanApproval: Automatic
name: ibm-common-service-operator
source: opencloud-operators
sourceNamespace: openshift-marketplace
EOF
Verifying the installation
Verify the status of the operators by running the following commands:
- Verify the status of ibm-common-service-operator:
oc --namespace ibm-common-services get csv
The command should return output with the following format:
NAME DISPLAY VERSION REPLACES PHASE
ibm-common-service-operator.v3.8 IBM Cloud Pak foundational services 3.8 ibm-common-service-operator.v3.7.0 Succeeded
- Verify that the custom resource definitions were created:
oc get crd | grep operandrequest
The command should return output with the following format:
NAME CREATED AT
operandrequests.operator.ibm.com 2021-06-23T10:10:22Z
- Confirm that IBM Cloud Pak foundational services API resources are available:
oc api-resources --api-group operator.ibm.com
2. Creating operator subscriptions
Create the Cloud Pak for Data operator subscription: oc new-project cpd-operators
2.1 OperatorGroups
This installation will be single namespace for CPD operators.
Please make sure only one operator group is defined in the namespace, OLM will give error, if you create two operator group in a single namespace
cat <<EOF |oc apply -f -
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: operatorgroup
namespace: cpd-operators
spec:
targetNamespaces:
- cpd-operators
EOF
Status
oc get OperatorGroup operatorgroup -n cpd-operators -o yaml
2.2 Create Cloud Pak for Data Operator Subscription
cat <<EOF |oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: cpd-operator
namespace: cpd-operators # Pick the project that contains the Cloud Pak for Data operator
spec:
channel: stable-v1
installPlanApproval: Automatic
name: cpd-platform-operator
source: cpd-platform
sourceNamespace: openshift-marketplace
EOF
2.3 Namespace Scope Operator
cat <<EOF |oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: ibm-namespace-scope-operator
namespace: cpd-operators
spec:
channel: v3
installPlanApproval: Automatic
name: ibm-namespace-scope-operator
source: opencloud-operators
sourceNamespace: openshift-marketplace
EOF
2.4 Creating an operator subscription for WSL service as example
2.4.1 WSL Operator
cat <<EOF |oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
annotations:
name: ibm-cpd-ws-operator-catalog-subscription
namespace: cpd-operators # Pick the project that contains the Cloud Pak for Data operator
spec:
channel: v2.0
installPlanApproval: Automatic
name: ibm-cpd-wsl
source: ibm-cpd-ws-operator-catalog
sourceNamespace: openshift-marketplace
EOF
3 Change Node Settings
This requires cluster administrator permission
4 Install Cloud Pak for Data Instance1
We’ll take Specialized Installation approach.
Create a new project cpd-instance1: oc new-project cpd-instance1
Enable the IBM Cloud Pak for Data platform operator and the IBM Cloud Pak foundational services operator to watch the project where you will install IBM Cloud Pak for Data.
Update the IBM NamespaceScope Operator in the Cloud Pak for Data operators project to watch the project where you plan to install Cloud Pak for Data.
Edit the namespaceMembers list to add the project where you plan to install Cloud Pak for Data. For example, if you plan to install Cloud Pak for Data in the cpd-instance project, add that project to the list:
cat <<EOF |oc apply -f -
apiVersion: operator.ibm.com/v1
kind: NamespaceScope
metadata:
name: cpd-operators
namespace:
cpd-operators
# (Default) Replace with the Cloud Pak for Data platform operator project name
spec:
namespaceMembers:
-
cpd-operators
# (Default) Replace with the Cloud Pak for Data platform operator project name
- cpd-instance1 # Replace with the project where you will install Cloud Pak for Data
EOF
4.1 Install Zen service (control plane)
cat <<EOF |oc apply -f -
apiVersion: cpd.ibm.com/v1
kind: Ibmcpd
metadata:
name:
ibmcpd-cr
# This is the recommended name, but you can change it
namespace: cpd-instance1 # Replace with the project where you will install Cloud Pak for Data
spec:
license:
accept: true
license:
Enterprise
# Specify the Cloud Pak for Data license you purchased
storageClass: ocs-storagecluster-cephfs # Replace with the name of a RWX storage class
zenCoreMetadbStorageClass:
ocs-storagecluster-ceph-rbd
# (Recommended) Replace with the name of a RWO storage class
version: "4.0.1"
EOF
4.2 Install WSL
https://www.ibm.com/support/producthub/icpdata/docs/content/SSQNUZ_latest/cpd/install/node-settings.html
cat <<EOF |oc apply -f -
apiVersion: ws.cpd.ibm.com/v1beta1
kind: WS
metadata:
name: ws-cr # This is the recommended name, but you can change it
namespace: cpd-instance1 # Replace with the project where you will install Watson Studio
spec:
docker_registry_prefix: cp.icr.io/cp/cpd
license:
accept: true
license: Enterprise # Specify the license you purchased
version: 4.0.0
storageVendor: ocs
storageClass: ocs-storagecluster-cephfs #if you use a different storage class, replace it with the appropriate storage class
EOF
5 Install Cloud Pak for Data Instance2
Create a new project cpd-instance2
oc new-project cpd-instance2
Enable the IBM Cloud Pak for Data platform operator and the IBM Cloud Pak foundational services operator to watch the project where you will install IBM Cloud Pak for Data.
Update the IBM NamespaceScope Operator in the Cloud Pak for Data operators project to watch the project where you plan to install Cloud Pak for Data.
Edit the namespaceMembers list to add the project where you plan to install Cloud Pak for Data. For example, if you plan to install Cloud Pak for Data in the cpd-instance project, add that project to the list:
cat <<EOF |oc apply -f -
apiVersion: operator.ibm.com/v1
kind: NamespaceScope
metadata:
name: cpd-operators
namespace:
cpd-operators
# (Default) Replace with the Cloud Pak for Data platform operator project name
spec:
namespaceMembers:
-
cpd-operators
# (Default) Replace with the Cloud Pak for Data platform operator project name
- cpd-instance1 # Replace with the project where you will install Cloud Pak for Data Instance1
- cpd-instance2 # Replace with the project where you will install Cloud Pak for Data Instance2
EOF
5.1 Install Zen service
Create a custom resource to install Cloud Pak for Data in cpd-instance2.
cat <<EOF |oc apply -f -
apiVersion: cpd.ibm.com/v1
kind: Ibmcpd
metadata:
name:
ibmcpd-cr
# This is the recommended name, but you can change it
namespace: cpd-instance2 # Replace with the project where you will install Cloud Pak for Data
spec:
license:
accept: true
license:
Enterprise
# Specify the Cloud Pak for Data license you purchased
storageClass: ocs-storagecluster-cephfs # Replace with the name of a RWX storage class
zenCoreMetadbStorageClass:
ocs-storagecluster-ceph-rbd
# (Recommended) Replace with the name of a RWO storage class
version: "4.0.1"
EOF
5.2 Install WSL
Do it similarly as what we have did for cpd-instance1. Just change the namespace to cpd-instance2 here.
#CloudPakforDataGroup