Installing BMC Helix ITSM Service Management in a Google Kubernetes Engine cluster
You can install BMC Helix IT Service Management in a Google Cloud Platform Google Kubernetes Engine (GKE) cluster if you want to use GKE to manage your Kubernetes platform.
Skills required
- Managing Kubernetes cluster
- Using Google Cloud Platform
Reference installation architecture
The following image shows the reference logical architecture used by BMC to install BMC Helix IT Service Management in a GKE cluster:
Important
BMC provides general guidelines to install BMC Helix IT Service Management in a Google Kubernetes Engine cluster based on the following reference architecture used by BMC. Although you can choose any alternative architecture or installation options on this platform. BMC does not provide support for alternative options.
Before you begin
Make sure you have a domain and have configured DNS for the BMC Helix IT Service Management applications so that you can access the applications by using URLs.
BMC certifies the use of Google Cloud Domain to create the domain and DNS configuration.- Make sure that you create an SSL certificate so that BMC Helix IT Service Management application URLs can support the HTTPS protocol.
BMC certifies the use of the LetsEncrypt service to create the wildcard SSL certificate. - Review system requirements for BMC Helix IT Service Management installation.
- Download the installation files and container images access key from Electronic Product Download (EPD).
Create your Harbor repository and synchronize the repository with BMC Docker Trusted Registry (DTR).
Important
Google Cloud Artifact Registry is not supported for BMC Helix IT Service Management installation.
Process to install BMC Helix IT Service Management in a GKE cluster
The following image provides an overview of BMC Helix IT Service Management installation in a GKE cluster:
The following table lists the tasks to install BMC Helix IT Service Management in a GKE cluster:
| Task | Action | Reference |
|---|---|---|
1 | Create and set up a GKE cluster | |
| a | Create a Kubernetes cluster by using the GKE service. Important: BMC has certified using the Google Cloud Platform (GCP) Persistent Disk based default storage class standard-rwo available in the GKE Cluster. You can use the default storage class or create your own storage class. |
Creating a private cluster
Persistent volumes and dynamic provisioning
|
| b | Create a GCP virtual machine instance to function as the controller instance for BMC Helix Platform services installation. Important: Select the same region and zone as you specified in the GKE cluster. |
Creating and starting a VM instance
|
| c | Create a Network Address Translation (NAT) gateway to enable traffic to your private GKE network. |
Set up and manage network address translation with Cloud NAT
|
| d | Create a cloud storage bucket to store installer files. |
Create storage buckets
|
| e | Install and configure Kubernetes Ingress Nginx Controller. | |
2 | Set up a database | |
Set up an external database for BMC Helix Innovation Suite. Important: You can use a database of your choice. However, BMC has certified using the PostgreSQL 13 database by using GCP Cloud SQL Service. |
| |
3 | Set up BMC Deployment Engine | |
Set up BMC Deployment Engine to call the relevant BMC Helix IT Service Management installation pipelines that install the platform and applications. | Setting up BMC Deployment Engine | |
4 | Install BMC Helix Platform services | |
| a | Configure the Elasticsearch vm.max_map_count parameter to met the virtual memory requirements for Elasticsearch installation through BMC Helix Platform services installation. | To configure the virtual memory parameter for Elasticsearch |
| b | Install BMC Helix Platform services. Important: Use the BMC Deployment Engine system as a controller instance to install BMC Helix Platform services. | |
5 | Install BMC Helix IT Service Management | |
Install BMC Helix Innovation Suite platform and applications. | ||
Installing and configuring Kubernetes Ingress Nginx Controller
The Ingress Nginx Controller is a load balancer for your cluster.
To install and configure Ingress Nginx Controller, perform the following tasks:
To install and configure Kubernetes Ingress Nginx Controller
Install Kubernetes Ingress Nginx Controller 1.2.0 by using the following command:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.2.0/deploy/static/provider/cloud/deploy.yamlIngress Controller is deployed in the ingress-nginx namespace and an external load balancer is created. A network load balancer is provisioned in GCP by the Ingress Controller.
- To view the network load balancer, in the Google Cloud Console, navigate to the LOAD BALANCERS console.
To create a secret and configure Ingress Controller
For secure connections to a server, create a secret, and then add the certificate in Ingress Controller:
Create a secret from the trusted certificate and key by using the following command:
kubectl create secret tls my-tls-secret --cert=/path/to/cert.pem --key=/path/to/privkey.pem -n defaultIn the Ingress Controller, in the args section, set the default certificate to
my-tls-secretas shown in the following example:--default-ssl-certificate=ingress-nginx/my-tls-secretSet the ingress class value.
For example:--ingress-class=knginxImportant
Make sure that you set the same ingress class value in the configs/infra.config file during the BMC Helix Platform services deployment.
The ingress class value is used by the INGRESS_CLASS parameter in the HELIX_ONPREM_DEPLOYMENT pipeline during BMC Helix IT Service Management installation.
- Export the certificate and store the intermediate certificate R3(r3-intermediate.cer) as a base 64 encoded X.509 .cer file.
- Edit the certificate file, remove the new line, and save the file with a single line as the intermediate certificate.
- During the BMC Helix Platform services deployment, in the infra.config file, in the CLIENT_ROOT_CERT parameter, add the intermediate certificate.
To update the Ingress ConfigMap
Customize the NGINX configuration by updating the Ingress ConfigMap.
Edit the Ingress ConfigMap by using the following command:
kubectl edit cm -n ingress-nginx ingress-nginx-controllerSpecify the following parameter values as shown in the example:
data: enable-underscores-in-headers: "true" proxy-body-size: 250m server-name-hash-bucket-size: "1024" ssl-redirect: "false" use-forwarded-headers: "true"
To configure the virtual memory parameter for Elasticsearch
For all worker nodes in your GKE cluster, set the vm.max_map_count parameter to 262144 before installing BMC Helix Platform services.
In your GKE cluster, connect to the worker node through Secure Shell (SSH), and run the following command:
gcloud compute ssh GKE cluster name --project=Project name --zone=Zone nameFor example:
gcloud compute ssh gke-gke-cluster-1-pool-3-350f29d8-j1gf --project=sso-gcp-dsom-itom-pub-cc39770 --zone=us-central1-c- Set the vm.max_map_count parameter to 262144.
Example of setting up a GKE cluster
The following example shows the procedure to set up an GKE cluster by using the Google Cloud Console:
- In the Google Cloud console, navigate to the Google Kubernetes Engine page, and click Create.
See Create a zonal cluster by using the Google Cloud console
in Google Cloud documentation. - Complete the Cluster basics section as shown in the following image:
- Complete the Networking section as shown in the following image:
- Complete the Features section as shown in the following image:
- After the GKE cluster is provisioned, scale the cluster by adding node pools.
See Add and manage node pools
in Google Cloud documentation.
Comments
Log in or register to comment.