diff --git a/.secrets.baseline b/.secrets.baseline index 18d8d4c5..2500cd3e 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-11-22T11:14:58Z", + "generated_at": "2024-11-13T08:35:31Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -1340,7 +1340,7 @@ "hashed_secret": "dc081999b19ee322ee45e3d4451246b7c449db0a", "is_secret": false, "is_verified": false, - "line_number": 134, + "line_number": 143, "type": "Secret Keyword", "verified_result": null }, @@ -1348,7 +1348,7 @@ "hashed_secret": "5a2ea68e9ea943ea31948fe51388c798e13346a9", "is_secret": false, "is_verified": false, - "line_number": 181, + "line_number": 185, "type": "Secret Keyword", "verified_result": null } @@ -1363,7 +1363,7 @@ "verified_result": null }, { - "hashed_secret": "8ce7feb4d1c89d5611541bafa8f7ea83a4039665", + "hashed_secret": "e6a8430b6dc3747f44d258a127b11f4705d9ee01", "is_secret": false, "is_verified": false, "line_number": 20, diff --git a/platform/gcloud/README.md b/platform/gcloud/README.md index 16e413c4..e361c6df 100644 --- a/platform/gcloud/README.md +++ b/platform/gcloud/README.md @@ -1,12 +1,12 @@ # Deploying IBM Operational Decision Manager on Google GKE -This project demonstrates how to deploy an IBM® Operational Decision Manager (ODM) clustered topology using the [container-native load balancer of GKE](https://cloud.google.com/blog/products/containers-kubernetes/container-native-load-balancing-on-gke-now-generally-available). +This project demonstrates how to deploy an IBM® Operational Decision Manager (ODM) clustered topology using the [container-native load balancer of GKE](https://cloud.google.com/kubernetes-engine/docs/concepts/container-native-load-balancing). The ODM services will be exposed using the Ingress provided by the ODM on Kubernetes Helm chart. This deployment implements Kubernetes and Docker technologies. -Here is the Google Cloud home page: https://cloud.google.com +Here is the Google Cloud home page: - +![Architecture](images/architecture.png) The ODM on Kubernetes Docker images are available in the [IBM Entitled Registry](https://www.ibm.com/cloud/container-registry). The ODM Helm chart is available in the [IBM Helm charts repository](https://github.com/IBM/charts). @@ -26,6 +26,7 @@ The commands and tools have been tested on macOS and Linux. ## Prerequisites First, install the following software on your machine: + - [gcloud CLI](https://cloud.google.com/sdk/gcloud) - [kubectl](https://kubernetes.io/docs/tasks/tools/) - [Helm v3](https://helm.sh/docs/intro/install/) @@ -40,7 +41,8 @@ Then, perform the following tasks: Without the relevant billing level, some Google Cloud resources will not be created. -> NOTE: Prerequisites and software supported by ODM 9.0.0 are listed on [the Detailed System Requirements page](https://www.ibm.com/support/pages/ibm-operational-decision-manager-detailed-system-requirements). +> [!NOTE] +> Prerequisites and software supported by ODM 9.0.0 are listed on [the Detailed System Requirements page](https://www.ibm.com/support/pages/ibm-operational-decision-manager-detailed-system-requirements). ## Steps to deploy ODM on Kubernetes from Google GKE @@ -64,8 +66,8 @@ Refer to the [GKE quickstart](https://cloud.google.com/kubernetes-engine/docs/qu After installing the `gcloud` tool, use the following command line: -``` -gcloud auth login +```shell +gcloud auth login ``` #### b. Create a GKE cluster @@ -76,49 +78,55 @@ Regions and zones (used below) can be listed respectively with `gcloud compute r - Set the project (associated to a billing account): - ``` + ```shell gcloud config set project ``` - Set the region: - ``` - gcloud config set compute/region + ```shell + gcloud config set compute/region ``` - Set the zone: - ``` - gcloud config set compute/zone + ```shell + gcloud config set compute/zone ``` - Create a cluster and [enable autoscaling](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-autoscaler). Here, we start with 6 nodes (16 max): - ``` + ```shell gcloud container clusters create \ - --release-channel=regular --cluster-version=1.28 \ + --release-channel=regular --cluster-version=1.30 \ --enable-autoscaling --num-nodes=6 --total-min-nodes=1 --total-max-nodes=16 ``` - > If you get a red warning about a missing gke-gcloud-auth-plugin, install it with `gcloud components install gke-gcloud-auth-plugin` and enable it for each kubectl command with `export USE_GKE_GCLOUD_AUTH_PLUGIN=True` ([more information](https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke)). +> [!NOTE] +> If you get a red warning about a missing gke-gcloud-auth-plugin, install it with `gcloud components install gke-gcloud-auth-plugin`. +> For Kubernetes versions lower than 1.26 you have to enable it for each kubectl command with `export USE_GKE_GCLOUD_AUTH_PLUGIN=True` ([more information](https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke)). - > NOTE: You can also create your cluster from the Google Cloud Platform using the **Kubernetes Engine** > **Clusters** panel and clicking the **Create** button - > +> [!NOTE] +> You can also create your cluster from the Google Cloud Platform using the **Kubernetes Engine** > **Clusters** panel and clicking the **Create** button +> ![Create cluster](images/create_cluster.png) #### c. Set up your environment - Create a kubeconfig to connect to your cluster: - ``` + + ```shell gcloud container clusters get-credentials ``` - > NOTE: You can also retrieve the command line to configure `kubectl` from the Google Cloud Console using the **Kubernetes Engine** > **Clusters** panel and clicking **Connect** on the dedicated cluster. - > +> [!NOTE] +> You can also retrieve the command line to configure `kubectl` from the Google Cloud Console using the **Kubernetes Engine** > **Clusters** panel and clicking **Connect** on the dedicated cluster. +> ![Connection](images/connection.png) - Check your environment If your environment is set up correctly, you should be able to get the cluster information by running the following command: - ``` + + ```shell kubectl cluster-info ``` @@ -130,11 +138,11 @@ We will use the Google Cloud Platform console to create the database instance. - Go to the [SQL context](https://console.cloud.google.com/sql), and then click the **CREATE INSTANCE** button - Click **Choose PostgreSQL** + - Database version: `PostgreSQL 15` - Instance ID: ```` - Password: ```` - Take note of this password. - - Database version: `PostgreSQL 15` - Region: ```` (must be the same as the cluster for the communication to be optimal between the database and the ODM instance) - - Keep **Multiple zones** for Zonal availability to the highest availability + - Eventually select **Multiple zones** for Zonal availability for redundancy - Expand **Show customization option** and expand **Connections** - As *Public IP* is selected by default, in Authorized networks, click the **ADD NETWORK** button, put a name and add *0.0.0.0/0* for Network, then click **DONE**. > NOTE: It is not recommended to use a public IP. In a production environment, you should use a private IP. @@ -142,24 +150,20 @@ We will use the Google Cloud Platform console to create the database instance. After the database instance is created, you can drill on the SQL instance overview to retrieve needed information to connect to this instance, like the IP address and the connection name. Take note of the **Public IP address**. - - -> NOTE: A default *postgres* database is created with a default *postgres* user. You can change the password of the postgres user in the **Users** panel by selecting the *postgres* user, and then using the **Change password** menu: -> +![Database overview](images/database_overview.png) #### b. Create the database secret for Google Cloud SQL PostgreSQL To secure access to the database, you must create a secret that encrypts the database user and password before you install the Helm release. -``` -kubectl create secret generic \ - --from-literal=db-user= \ - --from-literal=db-password=  +```shell +kubectl create secret generic odmdbsecret \ + --from-literal=db-user=postgres \ + --from-literal=db-password= ``` Where: -- `` is the secret name -- `` is the database username (default is *postgres*) + - `` is the database password (PASSWORD set during the PostgreSQL instance creation above) ### 3. Prepare your environment for the ODM installation (10 min) @@ -172,39 +176,39 @@ To get access to the ODM material, you need an IBM entitlement key to pull the i - In the Container software library tile, verify your entitlement on the **View library** page, and then go to **Get entitlement key** to retrieve the key. -#### b. Create a pull secret by running a kubectl create secret command. +#### b. Create a pull secret by running a kubectl create secret command -``` -kubectl create secret docker-registry \ +```shell +kubectl create secret docker-registry registrysecret \ --docker-server=cp.icr.io \ --docker-username=cp \ - --docker-password="" \ + --docker-password='' \ --docker-email= ``` Where: -* `` is the secret name. -* `` is the entitlement key from the previous step. Make sure you enclose the key in double-quotes. -* `` is the email address associated with your IBMid. +- `` is the entitlement key from the previous step. Make sure you enclose the key in quotes. +- `` is the email address associated with your IBMid. -> NOTE: The `cp.icr.io` value for the docker-server parameter is the only registry domain name that contains the images. You must set the docker-username to `cp` to use an entitlement key as docker-password. +> [!NOTE] +> The `cp.icr.io` value for the docker-server parameter is the only registry domain name that contains the images. You must set the docker-username to `cp` to use an entitlement key as docker-password. -Take note of the secret name so that you can set it for the *image.pullSecrets* parameter when you run a helm install command of your containers. The *image.repository* parameter will later be set to `cp.icr.io/cp/cp4a/odm`. +The *image.repository* parameter will later be set to `cp.icr.io/cp/cp4a/odm`. #### c. Add the public IBM Helm charts repository -``` +```shell helm repo add ibm-helm https://raw.githubusercontent.com/IBM/charts/master/repo/ibm-helm helm repo update ``` #### d. Check you can access ODM charts -``` +```shell helm search repo ibm-odm-prod -NAME CHART VERSION APP VERSION DESCRIPTION -ibm-helm/ibm-odm-prod 24.0.0 9.0.0.0 IBM Operational Decision Manager +NAME CHART VERSION APP VERSION DESCRIPTION +ibm-helm/ibm-odm-prod 24.1.0 9.0.0.1 IBM Operational Decision Manager ``` ### 4. Manage a digital certificate (2 min) @@ -215,15 +219,15 @@ In this step, you will generate a certificate to be used by the GKE load balance If you do not have a trusted certificate, you can use OpenSSL and other cryptography and certificate management libraries to generate a certificate file and a private key to define the domain name and to set the expiration date. The following command creates a self-signed certificate (`.crt` file) and a private key (`.key` file) that accept the domain name *mynicecompany.com*. The expiration is set to 1000 days: -``` +```shell openssl req -x509 -nodes -days 1000 -newkey rsa:2048 -keyout mynicecompany.key \ -out mynicecompany.crt -subj "/CN=mynicecompany.com/OU=it/O=mynicecompany/L=Paris/C=FR" ``` #### b. Create a TLS secret with these keys -``` -kubectl create secret tls mynicecompany-crt-secret --key mynicecompany.key --cert mynicecompany.crt +```shell +kubectl create secret tls mynicecompany-tls-secret --key mynicecompany.key --cert mynicecompany.crt ``` The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.0.0?topic=servers-server-certificates) and [Working with certificates and SSL](https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html). @@ -237,26 +241,25 @@ It automatically creates an HTTPS GKE load balancer. We will disable the ODM int - Get the [gcp-values.yaml](./gcp-values.yaml) file and replace the following keys: - - ``: the name of the secret containing the IBM Entitled Registry key - - ``: the name of the secret containing the database user and password - ``: the database IP - - ``: the database name (default is postgres) - > NOTE: You can configure the driversUrl parameter to point to the appropriate version of the Google Cloud SQL PostgreSQL driver. For more information, refer to the [Cloud SQL Connector for Java](https://github.com/GoogleCloudPlatform/cloud-sql-jdbc-socket-factory#cloud-sql-connector-for-java) documentation. +> [!NOTE] +> You can configure the driversUrl parameter to point to the appropriate version of the Google Cloud SQL PostgreSQL driver. For more information, refer to the [Cloud SQL Connector for Java](https://github.com/GoogleCloudPlatform/cloud-sql-jdbc-socket-factory#cloud-sql-connector-for-java) documentation. - Install the chart from IBM's public Helm charts repository: - ``` - helm install ibm-helm/ibm-odm-prod --version 24.1.0 -f gcp-values.yaml - ``` + ```shell + helm install ibm-helm/ibm-odm-prod --version 24.1.0 -f gcp-values.yaml + ``` - > NOTE: You might prefer to access ODM components through the NGINX Ingress controller instead of using the IP addresses. If so, please follow [these instructions](README_NGINX.md). +> [!NOTE] +> You might prefer to access ODM components through the NGINX Ingress controller instead of using the IP addresses. If so, please follow [these instructions](README_NGINX.md). #### b. Check the topology Run the following command to check the status of the pods that have been created: -``` +```shell kubectl get pods NAME READY STATUS RESTARTS AGE -odm-decisioncenter-*** 1/1 Running 0 20m @@ -271,18 +274,17 @@ To get the status of the current deployment, go to the [Kubernetes Engine / Serv The Ingress remains in the state *Creating ingress* for several minutes until the pods are up and running, and the backend gets in a healthy state. - +![Ingress creating](images/ingress_creating.png) -You can also check the [load balancer status](https://console.cloud.google.com/net-services/loadbalancing/list/loadBalancers). -It provides information about the backend using the service health check. +You can also check the [load balancer status](https://console.cloud.google.com/net-services/loadbalancing/list/loadBalancers). It provides information about the backend using the service health check. - +![Load balancer](images/lb.png) In the Ingress details, you should get a *HEALTHY* state on all backends. This panel also provides some logs on the load balancer activity. When the Ingress shows an OK status, all ODM services can be accessed. - +![Ingress details](images/ingress_details.png) #### d. Create a Backend Configuration for the Decision Center Service @@ -294,20 +296,20 @@ A configuration that uses [BackendConfig](https://cloud.google.com/kubernetes-en - Create the [Decision Center Backend Config](decisioncenter-backendconfig.yaml): - ``` + ```shell kubectl create -f decisioncenter-backendconfig.yaml ``` - Annotate the Decision Center Service with this GKE Backend Config: - ``` + ```shell kubectl annotate service -odm-decisioncenter \ - cloud.google.com/backend-config='{"ports": {"9453":"dc-backendconfig"}}' + cloud.google.com/backend-config='{"ports": {"9453":"dc-backendconfig"}}' ``` As soon as GKE manages Decision Center session affinity at the load balancer level, you can check the ClientIP availability below the Decision Center Network Endpoint Group configuration from the Google Cloud Console in the Load Balancer details. - + ![DecisionCenter session affinity](images/dc_sessionaffinity.png) ### 6. Access ODM services @@ -318,13 +320,13 @@ We only have to manage a configuration to simulate the mynicecompany.com access. - Get the EXTERNAL-IP with the command line: - ``` + ```shell kubectl get ingress -odm-ingress -o jsonpath='{.status.loadBalancer.ingress[].ip}' ``` - Edit your /etc/hosts file and add the following entry: - ``` + ```shell mynicecompany.com ``` @@ -333,14 +335,16 @@ We only have to manage a configuration to simulate the mynicecompany.com access. | SERVICE NAME | URL | USERNAME/PASSWORD | --- | --- | --- - | Decision Server Console | https://mynicecompany.com/res | odmAdmin/odmAdmin - | Decision Center | https://mynicecompany.com/decisioncenter | odmAdmin/odmAdmin - | Decision Center REST-API | https://mynicecompany.com/decisioncenter-api | odmAdmin/odmAdmin - | Decision Server Runtime | https://mynicecompany.com/DecisionService | odmAdmin/odmAdmin - | Decision Runner | https://mynicecompany.com/DecisionRunner | odmAdmin/odmAdmin + | Decision Server Console | | odmAdmin/odmAdmin + | Decision Center | | odmAdmin/odmAdmin + | Decision Center REST-API | | odmAdmin/odmAdmin + | Decision Server Runtime | | odmAdmin/odmAdmin + | Decision Runner | | odmAdmin/odmAdmin - > NOTE:You can also click the Ingress routes accessible from the Google Cloud console under the [Kubernetes Engine/Services & Ingress Details Panel](https://console.cloud.google.com/kubernetes/ingresses). - > + +> [!NOTE] +> You can also click the Ingress frontends accessible from the Google Cloud console under the [Kubernetes Engine/Services & Ingress Details Panel](https://console.cloud.google.com/kubernetes/ingresses). +> ![Ingress routes](images/ingress_routes.png) ### 7. Track ODM usage with the IBM License Service @@ -348,51 +352,51 @@ This section explains how to track ODM usage with the IBM License Service. #### a. Install the IBM License Service -Follow the **Installation** section of the [Manual installation without the Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cpfs?topic=software-manual-installation-without-operator-lifecycle-manager-olm) +Follow the **Installation** section of the [Manual installation without the Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.10?topic=ils-installing-license-service-without-operator-lifecycle-manager-olm) and stop before it asks you to update the License Service instance. It will be done in the next paragraph. -> NOTE: Make sure you do not follow the instantiation part! +#### b. Create the IBM Licensing instance -#### b. Create an NGINX Ingress controller +Get the [licensing-instance.yaml](./licensing-instance.yaml) file and run the following command: -- Add the official stable repository: +```shell +kubectl apply -f licensing-instance.yaml -n ibm-licensing +``` - ``` - helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx - helm repo update - ``` +> [!NOTE] +> You can find more information and use cases on [this page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.10?topic=service-configuration). -- Use Helm to deploy the NGINX Ingress controller: +#### c. Modify GKE Load Balancer settings - ``` - helm install nginx-ingress ingress-nginx/ingress-nginx -n ibm-common-services - ``` +As Google native Load Balancer does not support the same URL rewriting rules as other ones (such as NGINX), [some settings have to be modified](https://cloud.google.com/load-balancing/docs/https/setting-up-url-rewrite) directly on GCP Web UI. -#### c. Create the IBM Licensing instance +You have to look for the ibm-licensing-service-instance in the list of Ingresses, then select its Load Balancer in the list of resources at the bottom: -Get the [licensing-instance.yaml](./licensing-instance.yaml) file and run the following command: +![Load balancing resources](images/lb_resources.png) -``` -kubectl create -f licensing-instance.yaml -n ibm-common-services -``` +Edit the rule about /ibm-licensing-service-instance/* and add `/` as path prefix rewrite: + +![Load balancing Host and Path rules](images/lb_host_and_path_rules.png) +![Load balancing Rewrite](images/lb_rewrite.png) -> NOTE: You can find more information and use cases on [this page](https://www.ibm.com/docs/en/cpfs?topic=software-configuration). +> [!NOTE] +> GKE Load Balancer may take a few minutes after its new configuration to actually apply it. #### d. Retrieving license usage After a couple of minutes, the Ingress configuration is created and you will be able to access the IBM License Service by retrieving the URL with the following command: -``` -export LICENSING_URL=$(kubectl get ingress ibm-licensing-service-instance -n ibm-common-services -o jsonpath='{.status.loadBalancer.ingress[0].ip}')/ibm-licensing-service-instance -export TOKEN=$(kubectl get secret ibm-licensing-token -o jsonpath={.data.token} -n ibm-common-services |base64 -d) +```shell +export LICENSING_URL=$(kubectl get ingress ibm-licensing-service-instance -n ibm-licensing -o jsonpath='{.status.loadBalancer.ingress[0].ip}')/ibm-licensing-service-instance +export TOKEN=$(kubectl get secret ibm-licensing-token -o jsonpath={.data.token} -n ibm-licensing |base64 -d) ``` You can access the `http://${LICENSING_URL}/status?token=${TOKEN}` URL to view the licensing usage or retrieve the licensing report .zip file by running the following command: -``` +```shell curl -v "http://${LICENSING_URL}/snapshot?token=${TOKEN}" --output report.zip ``` -If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cpfs?topic=software-troubleshooting). +If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.10?topic=service-troubleshooting-license). ## Troubleshooting @@ -402,6 +406,6 @@ If your ODM instances are not running properly, refer to [our dedicated troubles Get hands-on experience with IBM Operational Decision Manager in a container environment by following this [Getting started tutorial](https://github.com/DecisionsDev/odm-for-container-getting-started/blob/master/README.md). -# License +## License [Apache 2.0](/LICENSE) diff --git a/platform/gcloud/README_NGINX.md b/platform/gcloud/README_NGINX.md index 7a0f037d..9bc5f002 100644 --- a/platform/gcloud/README_NGINX.md +++ b/platform/gcloud/README_NGINX.md @@ -16,7 +16,11 @@ For reference, see the Google Cloud documentation https://cloud.google.com/commu ### 1. Create a NGINX Ingress controller -Refer to the [Create a NGINX Ingress controller](README.md#a-create-a-nginx-ingress-controller) section if you have not created it already. +- Use Helm to deploy the NGINX Ingress controller: + + ```shell + helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx --namespace ingress-nginx --create-namespace + ``` ### 2. Install the ODM release @@ -27,10 +31,10 @@ The secured HTTPS communication is managed by the NGINX ingress controller. So, Replace the placeholders in the [gcp-values.yaml](./gcp-values.yaml) file and install the chart: -``` +```shell helm install mycompany ibm-helm/ibm-odm-prod --version 24.1.0 \ -f gcp-values.yaml \ - --set service.ingress.annotations={"kubernetes.io/ingress.class: nginx"} + --set service.ingress.class=nginx ``` > **Note** @@ -44,6 +48,6 @@ Refer to the [the main README](README.md#b-check-the-topology) to check the depl If your ODM instances are not running properly, please refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting-support). -# License +## License [Apache 2.0](/LICENSE) diff --git a/platform/gcloud/gcp-values.yaml b/platform/gcloud/gcp-values.yaml index 28bfef21..cfde4bfc 100644 --- a/platform/gcloud/gcp-values.yaml +++ b/platform/gcloud/gcp-values.yaml @@ -4,24 +4,24 @@ usersPassword: "odmAdmin" image: repository: cp.icr.io/cp/cp4a/odm pullSecrets: - - + - registrysecret service: enableTLS: false ingress: enabled: true - tlsSecretRef: mynicecompany-crt-secret + tlsSecretRef: mynicecompany-tls-secret host: mynicecompany.com tlsHosts: - mynicecompany.com externalDatabase: type: postgres - secretCredentials: + secretCredentials: odmdbsecret port: 5432 serverName: - databaseName: + databaseName: postgres # You can get the last Google Cloud SQL PostgreSQL driver version # at https://github.com/GoogleCloudPlatform/cloud-sql-jdbc-socket-factory/releases driversUrl: - - https://storage.googleapis.com/cloud-sql-java-connector/v1.7.1/postgres-socket-factory-1.7.1-jar-with-driver-and-dependencies.jar + - https://storage.googleapis.com/cloud-sql-connectors-java/v1.13.1/postgres-socket-factory-1.13.1-jar-with-driver-and-dependencies.jar diff --git a/platform/gcloud/images/database_changepassword.png b/platform/gcloud/images/database_changepassword.png deleted file mode 100644 index 26fae3f8..00000000 Binary files a/platform/gcloud/images/database_changepassword.png and /dev/null differ diff --git a/platform/gcloud/images/dc_sessionaffinity.png b/platform/gcloud/images/dc_sessionaffinity.png index d8b977ab..ff654048 100644 Binary files a/platform/gcloud/images/dc_sessionaffinity.png and b/platform/gcloud/images/dc_sessionaffinity.png differ diff --git a/platform/gcloud/images/loadbalancer.png b/platform/gcloud/images/lb.png similarity index 100% rename from platform/gcloud/images/loadbalancer.png rename to platform/gcloud/images/lb.png diff --git a/platform/gcloud/images/lb_host_and_path_rules.png b/platform/gcloud/images/lb_host_and_path_rules.png new file mode 100644 index 00000000..21f597bd Binary files /dev/null and b/platform/gcloud/images/lb_host_and_path_rules.png differ diff --git a/platform/gcloud/images/lb_resources.png b/platform/gcloud/images/lb_resources.png new file mode 100644 index 00000000..8ad41e8c Binary files /dev/null and b/platform/gcloud/images/lb_resources.png differ diff --git a/platform/gcloud/images/lb_rewrite.png b/platform/gcloud/images/lb_rewrite.png new file mode 100644 index 00000000..c451d604 Binary files /dev/null and b/platform/gcloud/images/lb_rewrite.png differ diff --git a/platform/gcloud/licensing-instance-NGINX.yaml b/platform/gcloud/licensing-instance-NGINX.yaml new file mode 100644 index 00000000..0c64fbee --- /dev/null +++ b/platform/gcloud/licensing-instance-NGINX.yaml @@ -0,0 +1,17 @@ +apiVersion: operator.ibm.com/v1alpha1 +kind: IBMLicensing +metadata: + name: instance +spec: + apiSecretToken: ibm-licensing-token + datasource: datacollector + httpsEnable: false + ingressEnabled: true + ingressOptions: + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/rewrite-target: /$2 + path: /ibm-licensing-service-instance(/|$)(.*) + instanceNamespace: ibm-licensing + license: + accept: true diff --git a/platform/gcloud/licensing-instance.yaml b/platform/gcloud/licensing-instance.yaml index b1183a85..e87bd849 100644 --- a/platform/gcloud/licensing-instance.yaml +++ b/platform/gcloud/licensing-instance.yaml @@ -3,12 +3,14 @@ kind: IBMLicensing metadata: name: instance spec: + apiSecretToken: ibm-licensing-token datasource: datacollector - instanceNamespace: ibm-common-services httpsEnable: false ingressEnabled: true ingressOptions: annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/rewrite-target: '/$2' - path: /ibm-licensing-service-instance(/|$)(.*) + ingress.kubernetes.io/rewrite-target: / + path: /ibm-licensing-service-instance/* + instanceNamespace: ibm-licensing + license: + accept: true