diff --git a/.secrets.baseline b/.secrets.baseline index 75a645e..29288ba 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-11-20T09:47:21Z", + "generated_at": "2024-11-22T09:18:32Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -100,7 +100,7 @@ "hashed_secret": "5a2ea68e9ea943ea31948fe51388c798e13346a9", "is_secret": false, "is_verified": false, - "line_number": 227, + "line_number": 234, "type": "Secret Keyword", "verified_result": null }, @@ -108,7 +108,7 @@ "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3", "is_secret": false, "is_verified": false, - "line_number": 488, + "line_number": 495, "type": "Secret Keyword", "verified_result": null }, @@ -116,7 +116,7 @@ "hashed_secret": "076a042dcb8e3b7be55cbbe95e1f18f577ef1ba5", "is_secret": false, "is_verified": false, - "line_number": 534, + "line_number": 541, "type": "Secret Keyword", "verified_result": null } @@ -134,7 +134,7 @@ "hashed_secret": "5a2ea68e9ea943ea31948fe51388c798e13346a9", "is_secret": false, "is_verified": false, - "line_number": 145, + "line_number": 152, "type": "Secret Keyword", "verified_result": null }, @@ -142,7 +142,7 @@ "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3", "is_secret": false, "is_verified": false, - "line_number": 387, + "line_number": 394, "type": "Secret Keyword", "verified_result": null } @@ -404,7 +404,7 @@ "hashed_secret": "5a2ea68e9ea943ea31948fe51388c798e13346a9", "is_secret": false, "is_verified": false, - "line_number": 225, + "line_number": 250, "type": "Secret Keyword", "verified_result": null }, @@ -412,7 +412,7 @@ "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3", "is_secret": false, "is_verified": false, - "line_number": 379, + "line_number": 405, "type": "Secret Keyword", "verified_result": null }, @@ -420,7 +420,7 @@ "hashed_secret": "076a042dcb8e3b7be55cbbe95e1f18f577ef1ba5", "is_secret": false, "is_verified": false, - "line_number": 425, + "line_number": 451, "type": "Secret Keyword", "verified_result": null } @@ -1348,7 +1348,7 @@ "hashed_secret": "b11974a9da0d56698df935ab86e19b127804d6d4", "is_secret": false, "is_verified": false, - "line_number": 71, + "line_number": 72, "type": "Secret Keyword", "verified_result": null } diff --git a/authentication/AzureAD/README_WITH_CLIENT_SECRET.md b/authentication/AzureAD/README_WITH_CLIENT_SECRET.md index 1773801..0c39361 100644 --- a/authentication/AzureAD/README_WITH_CLIENT_SECRET.md +++ b/authentication/AzureAD/README_WITH_CLIENT_SECRET.md @@ -359,7 +359,7 @@ You can now install the product. We will use the PostgreSQL internal database an See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. ```shell - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ @@ -384,7 +384,7 @@ You can now install the product. We will use the PostgreSQL internal database an When the NGINX Ingress Controller is ready, you can install the ODM release with: ``` - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ diff --git a/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md b/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md index faeb565..8720dfa 100644 --- a/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md +++ b/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md @@ -254,7 +254,7 @@ You can now install the product. We will use the PostgreSQL internal database an See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. ```shell - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ @@ -275,7 +275,7 @@ You can now install the product. We will use the PostgreSQL internal database an When the NGINX Ingress Controller is ready, you can install the ODM release with: ``` - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ diff --git a/authentication/Cognito/README.md b/authentication/Cognito/README.md index 86c5f3c..17d92e8 100644 --- a/authentication/Cognito/README.md +++ b/authentication/Cognito/README.md @@ -516,7 +516,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. ```shell - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ @@ -536,7 +536,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie When the NGINX Ingress Controller is ready, you can install the ODM release with: ``` - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set license=true \ diff --git a/authentication/Okta/README.md b/authentication/Okta/README.md index d3d0047..ed6f523 100644 --- a/authentication/Okta/README.md +++ b/authentication/Okta/README.md @@ -329,7 +329,7 @@ In this step, we augment the token with meta-information that is required by the You can now install the product. We will use the PostgreSQL internal database and disable the data persistence (`internalDatabase.persistence.enabled=false`) to avoid any platform complexity concerning persistent volume allocation. ``` - helm install my-odm-release ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set internalDatabase.persistence.enabled=false \ diff --git a/platform/azure/README-Azure-SQL-MI.md b/platform/azure/README-Azure-SQL-MI.md index 0bd4ec0..6baaccb 100644 --- a/platform/azure/README-Azure-SQL-MI.md +++ b/platform/azure/README-Azure-SQL-MI.md @@ -54,7 +54,7 @@ Then you can deploy ODM with: ```bash helm install ibmcharts/ibm-odm-prod \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets= \ - --set image.tag=${ODM_VERSION:-9.0.0.0} --set service.type=LoadBalancer \ + --version 24.1.0 --set service.type=LoadBalancer \ --set externalDatabase.type=sqlserver \ --set externalDatabase.serverName=.public..database.windows.net \ --set externalDatabase.databaseName=odmdb \ diff --git a/platform/azure/README.md b/platform/azure/README.md index ff5a079..e3c239c 100644 --- a/platform/azure/README.md +++ b/platform/azure/README.md @@ -269,7 +269,7 @@ Check that you can access the ODM charts: ```shell helm search repo ibm-odm-prod NAME CHART VERSION APP VERSION DESCRIPTION -ibmcharts/ibm-odm-prod 24.0.0 9.0.0.0 IBM Operational Decision Manager License By in... +ibmcharts/ibm-odm-prod 24.1.0 9.0.0.1 IBM Operational Decision Manager License By in... ``` ### Manage a digital certificate (10 min) @@ -310,7 +310,7 @@ You can now install the product: ```shell helm install ibmcharts/ibm-odm-prod \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets= \ - --set image.tag=${ODM_VERSION:-9.0.0.0} --set service.type=LoadBalancer \ + --version 24.1.0 --set service.type=LoadBalancer \ --set externalDatabase.type=postgres \ --set externalDatabase.serverName=.postgres.database.azure.com \ --set externalDatabase.databaseName=postgres \ @@ -398,7 +398,7 @@ You can reuse the secret with TLS certificate created [above](#manage-adigital-c ```shell helm install ibmcharts/ibm-odm-prod \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets= \ - --set image.tag=${ODM_VERSION:-9.0.0.0} \ + --version 24.1.0 \ --set externalDatabase.type=postgres \ --set externalDatabase.serverName=.postgres.database.azure.com \ --set externalDatabase.databaseName=postgres \ diff --git a/platform/eks/README-ECR.md b/platform/eks/README-ECR.md index 250359c..8bdaa87 100644 --- a/platform/eks/README-ECR.md +++ b/platform/eks/README-ECR.md @@ -11,6 +11,7 @@ The related instructions in the online documentation are: ## Prerequisites: - Install the following tools on your bastion host (if needed, refer to [Setting up a host to mirror images to a private registry](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-setting-up-host-mirror-images-private-registry)): + - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html) - Docker or Podman - OCP CLI (oc) - [IBM ibm-pak plugin](https://github.com/IBM/ibm-pak) @@ -21,6 +22,12 @@ The related instructions in the online documentation are: - github.com for CASE files and tools - Amazon ECR +- Configure the `aws` CLI environment by running the following command: + ```bash + aws configure  + ``` + You will be prompted to provide your AWS Access Key ID, AWS Secret Access Key and the Default region name. + - Export the following environment variables (replace the placeholders ``, ``, `` and `` with actual values): ```bash @@ -65,34 +72,11 @@ The related instructions in the online documentation are: This command generates the files `images-mapping.txt` and `image-content-source-policy.yaml` at `~/.ibm-pak/data/mirror/${CASE_NAME}/${CASE_VERSION}`. The `~/.ibm-pak/mirror` directory is also created. -- For CASE versions up to 1.7.x (included), append `-` at the end of each line in `~/.ibm-pak/data/mirror/${CASE_NAME}/${CASE_VERSION}/images-mapping.txt` (where `` can be `amd64`, `ppc64le`, or `s390x`). - - - either manually, - - or by running the command below (on Linux only, not for MacOS): - - ```bash - sed -i "s/$/-${ARCHITECTURE}/" ~/.ibm-pak/data/mirror/${CASE_NAME}/${CASE_VERSION}/images-mapping.txt - ``` - - Here is an example of such a file after this modification: - - ``` - cp.icr.io/cp/cp4a/odm/dbserver@sha256:bde14b68043370e9a4e49b1f3394978c202e0d5495e0121bd7972b37a7d99c35=194826081736.dkr.ecr.eu-west-3.amazonaws.com/cp/cp4a/odm/dbserver:9.0.0.0-amd64 - cp.icr.io/cp/cp4a/odm/odm-decisioncenter@sha256:869a6a47b5c49865086242e60228eaba7292b8d2e8e56ee4b67ea4fc07d591ad=194826081736.dkr.ecr.eu-west-3.amazonaws.com/cp/cp4a/odm/odm-decisioncenter9.0.0.0-amd64 - cp.icr.io/cp/cp4a/odm/odm-decisionrunner@sha256:70824d9aa218c0b768e42a35f6dcc5f424779d1f54540a885fc9395a7a9e07c3=194826081736.dkr.ecr.eu-west-3.amazonaws.com/cp/cp4a/odm/odm-decisionrunner:9.0.0.0-amd64 - cp.icr.io/cp/cp4a/odm/odm-decisionserverconsole@sha256:9a2f71ab6b62ffc2adf84d68b9d5fcee54d91ab76b62661265a6842479f4388b=194826081736.dkr.ecr.eu-west-3.amazonaws.com/cp/cp4a/odm/odm-decisionserverconsole:9.0.0.0-amd64 - cp.icr.io/cp/cp4a/odm/odm-decisionserverruntime@sha256:b5539e7efbe410d1a874abcd20d170dabf073d91a0ad58ae69ee03b7acea92d3=194826081736.dkr.ecr.eu-west-3.amazonaws.com/cp/cp4a/odm/odm-decisionserverruntime:9.0.0.0-amd64 - ``` - - > WARNING: - For some interim fixes, the file `images-mapping.txt` need to be modified differently. The instructions can be found in the readme page of the interim fix. - - - Store authentication credentials of the source Docker registry `cp.icr.io` and the target Amazon ECR. > NOTE: You must specify the user as `cp` to log in to `cp.icr.io`. The password is your Entitlement key from the [IBM Cloud Container Registry](https://myibm.ibm.com/products-services/containerlibrary). - + - If you use Podman: > Note: by default Podman reads and stores credentials in `${XDG_RUNTIME_DIR}/containers/auth.json`. Read more [here](https://docs.podman.io/en/stable/markdown/podman-login.1.html). @@ -170,9 +154,9 @@ The related instructions in the online documentation are: - Find the Helm Chart version related to your CASE version: - For instance, if you choose the CASE version `1.8.0`, then the Helm chart version should be `24.0.0` and you should set: + For instance, if you choose the CASE version `1.9.0`, then the Helm chart version should be `24.1.0` and you should set: ```bash - export CHART_VERSION=24.0.0 + export CHART_VERSION=24.1.0 ``` You can find the Helm chart version related to a given CASE version: @@ -181,23 +165,23 @@ The related instructions in the online documentation are: - For an interim fix: click the link for your version of ODM in the page [Operational Decision Manager Interim Fixes](https://www.ibm.com/support/pages/operational-decision-manager-interim-fixes) and then check the table "Interim fix for ODM on Certified Kubernetes". - - Alternatively, you can also run the command `tree ~/.ibm-pak/data/cases/ibm-odm-prod/` (on the bastion host), and you can find the chart version number in the name of the file `ibm-odm-prod-.tgz` located in `/charts/` : + - Alternatively, you can also run the command `tree ~/.ibm-pak/data/cases/ibm-odm-prod/` (on the bastion host), and you can find the chart version number corresponding to the file `ibm-odm-prod-.tgz`. Below is an example for CASE version `1.9.0` that corresponds to Helm chart version `24.1.0` : ```bash /home/user/.ibm-pak/data/cases/ibm-odm-prod/ - └── 1.8.0 + └── 1.9.0 ├── caseDependencyMapping.csv ├── charts - │   └── ibm-odm-prod-24.0.0.tgz + │   └── ibm-odm-prod-24.1.0.tgz ├── component-set-config.yaml - ├── ibm-odm-prod-1.8.0-airgap-metadata.yaml - ├── ibm-odm-prod-1.8.0-charts.csv - ├── ibm-odm-prod-1.8.0-images.csv - ├── ibm-odm-prod-1.8.0.tgz + ├── ibm-odm-prod-1.9.0-airgap-metadata.yaml + ├── ibm-odm-prod-1.9.0-charts.csv + ├── ibm-odm-prod-1.9.0-images.csv + ├── ibm-odm-prod-1.9.0.tgz └── resourceIndexes └── ibm-odm-prod-resourcesIndex.yaml ``` -- Run the `helm install` command below: +- Run the `helm install` command below to install ODM: ```bash helm install mycompany ibm-helm/ibm-odm-prod --version ${CHART_VERSION} \ @@ -205,3 +189,6 @@ The related instructions in the online documentation are: --set image.repository=${TARGET_REGISTRY}/cp/cp4a/odm \ --values eks-values.yaml ``` + + > **Note:** + > By using `eks-values.yaml`, ODM with a PostgreSQL internal database will be installed. It requires an ALB ingress controller and a server certificate. For more information, see [Provision an AWS Load Balancer Controller](README.md#d-provision-an-aws-load-balancer-controller) and [Manage a digital certificate](README.md#4-manage-a-digital-certificate-10-min). diff --git a/platform/gcloud/README.md b/platform/gcloud/README.md index bf7dc65..16e413c 100644 --- a/platform/gcloud/README.md +++ b/platform/gcloud/README.md @@ -247,7 +247,7 @@ It automatically creates an HTTPS GKE load balancer. We will disable the ODM int - Install the chart from IBM's public Helm charts repository: ``` - helm install ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 -f gcp-values.yaml + helm install ibm-helm/ibm-odm-prod --version 24.1.0 -f gcp-values.yaml ``` > NOTE: You might prefer to access ODM components through the NGINX Ingress controller instead of using the IP addresses. If so, please follow [these instructions](README_NGINX.md). diff --git a/platform/gcloud/README_NGINX.md b/platform/gcloud/README_NGINX.md index 2e4fc27..7a0f037 100644 --- a/platform/gcloud/README_NGINX.md +++ b/platform/gcloud/README_NGINX.md @@ -28,7 +28,7 @@ The secured HTTPS communication is managed by the NGINX ingress controller. So, Replace the placeholders in the [gcp-values.yaml](./gcp-values.yaml) file and install the chart: ``` -helm install mycompany ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 \ +helm install mycompany ibm-helm/ibm-odm-prod --version 24.1.0 \ -f gcp-values.yaml \ --set service.ingress.annotations={"kubernetes.io/ingress.class: nginx"} ``` diff --git a/platform/minikube/README.md b/platform/minikube/README.md index 2311b38..2df1460 100644 --- a/platform/minikube/README.md +++ b/platform/minikube/README.md @@ -104,7 +104,7 @@ ibmcharts/ibm-odm-prod 24.1.0 9.0.0.1 IBM Operational Deci Get the [minikube-values.yaml](./minikube-values.yaml) file and run the following command: ```shell -helm install my-odm-release ibmcharts/ibm-odm-prod --set image.tag=9.0.0.0 -f minikube-values.yaml +helm install my-odm-release ibmcharts/ibm-odm-prod --version 24.1.0 -f minikube-values.yaml ``` #### b. Check the topology