IBM Security Verify

 View Only
  • 1.  ISAM Helm chart

    Posted Wed April 17, 2019 04:19 AM
    First I would like to thank the community for setting up the ibm-sam helm chart Link. It really is helpful

    I managed to go through it and deploying on Google Kubernetes engine (GKE) it helps on the issue I was having of resource quotas for the isamconfig  container. I am experiencing less evicted pods. However a new challenge is arising with this helm chart with respect to pvc provisioning. 

    My first installation with tutorials by John Harry
     https://github.com/jonpharry/isamdocker/blob/master/studentfiles/container-install/kubernetes/sam-google.yaml  
    did not give me errors as the webseal and config containers did not share the same PVC with ReadWriteMany access mode. 

    GCE persistent disk does not allow ReadWriteMany thus the helm chart will not be successfully deployed. 

    How best can I retain the ISAM deployment using the provided helm chart on GKE?

    ------------------------------
    Tinashe Wilbrod Chipomho
    ------------------------------


  • 2.  RE: ISAM Helm chart

    Posted Tue May 07, 2019 06:26 AM
    There has been some other communication on this but, just to close the loop:

    It is true that the current version of the "Official" ISAM Helm charts will not work on GKE without modification because of the disk mode issue described above.  The offical Helm charts can only be deployed if persistence is disabled (which is not really suitable since data will be lost when pods are removed and recreated).

    The next version of the official Helm chart will use PVCs configured in ReadWriteOnce mode.  A different PVC is created for each deployment that needs persistent storage.  This next version will also include other enhancements rolled back in from my unofficial enhancements.

    I have an unofficial fork of the ISAM Helm chart which is available now.  This includes my previous enhancements and use of ReadWriteOnce mode.  If you want to use it as-is, you can clone it from Github here.   The README.MD file has information on using the chart.

    Cheers... Jon.

    ------------------------------
    Jon Harry
    Consulting IT Security Specialist
    IBM
    ------------------------------