Chapter 2. Preparing to deploy Red Hat Process Automation Manager in your OpenShift environment

Procedure

1. Run the following commands:

   $ oc get imagestreamtag -n openshift | grep rhpam71-businesscentral
   $ oc get imagestreamtag -n openshift | grep rhpam71-kieserver

   If the outputs of both commands are not empty, the required image streams are available and no further action is required.

2. If the output of one or both of the commands is empty, download the rhpam-7.1.0-openshift-templates.zip product deliverable file from the Software Downloads page. Extract the rhpam71-image-streams.yaml file from it. Complete one of the following actions:

   • Run the following command:

     $ oc create -f rhpam71-image-streams.yaml

   • Using the OpenShift Web UI, select Add to Project Import YAML / JSON, then choose the file or paste its contents.

Procedure

1. Generate an SSL keystore with a private and public key for SSL encryption for Process Server. In a production environment, generate a valid signed certificate that matches the expected URL of the Process Server. Save the keystore in a file named keystore.jks. Record the name of the certificate and the password of the keystore file.

   See Generate a SSL Encryption Key and Certificate for more information on how to create a keystore with self-signed or purchased SSL certificates.

2. Use the oc command to generate a secret named kieserver-app-secret from the new keystore file:

   $ oc create secret generic kieserver-app-secret --from-file=keystore.jks

Procedure

1. Generate an SSL keystore with a private and public key for SSL encryption for Business Central. In a production environment, generate a valid signed certificate that matches the expected URL of the Business Central. Save the keystore in a file named keystore.jks. Record the name of the certificate and the password of the keystore file.

   See Generate a SSL Encryption Key and Certificate for more information on how to create a keystore with self-signed or purchased SSL certificates.

2. Use the oc command to generate a secret named businesscentral-app-secret from the new keystore file:

   $ oc create secret generic businesscentral-app-secret --from-file=keystore.jks

Procedure

1. To check whether your environment uses GlusterFS, run the following command:

   oc get storageclass

   In the results, check whether the (default) marker is on the storage class that lists glusterfs. For example, in the following output the default storage class is gluster-container, which does list glusterfs:

   NAME              PROVISIONER                       AGE
   gluster-block     gluster.org/glusterblock          8d
   gluster-container (default) kubernetes.io/glusterfs 8d

   If the result has a default storage class that does not list glusterfs or if the result is empty, you do not need to make any changes. In this case, skip the rest of this procedure.

2. To save the configuration of the default storage class into a YAML file, run the following command:

   oc get storageclass <class-name> -o yaml >storage_config.yaml

   Where class-name is the name of the default storage class. For example:

   oc get storageclass gluster-container -o yaml >storage_config.yaml

3. Edit the storage_config.yaml file:

   1. Remove the lines with the following keys:

      • creationTimestamp
      • resourceVersion
      • selfLink
      • uid

   2. On the line with the volumeoptions key, add the following two options: features.cache-invalidation on, performance.nl-cache on. For example:

      volumeoptions: client.ssl off, server.ssl off, features.cache-invalidation on, performance.nl-cache on

4. To remove the existing default storage class, run the following command:

   oc delete storageclass <class-name>

   Where class-name is the name of the default storage class. For example:

   oc delete storageclass gluster-container

5. To re-create the storage class using the new configuration, run the following command:

   oc create -f storage_config.yaml