Deploying BMC Helix common services for BMC Helix IT Service Management
Use the container images to deploy the BMC Helix Platform common services for use with BMC Helix IT Service Management.
The following BMC Helix Platform services are used by BMC Helix IT Service Management:
- BMC Helix Dashboards
- ITSM Insights
- BMC Helix Platform logging
Before you begin
Create a namespace and configure the ingress controller before deploying the product. Perform the following actions:
Important
Only the root user is supported for deployment.
Create a namespace by running the following command. The namespace must be a DNS-1123 label. That is, it must consist of lowercase alphanumeric characters or '-', and must start and end with an alphanumeric character.
kubectl create ns <namespace>
Verify that nothing is installed in the namespace in which you plan to deploy the product. Perform the following steps:
Run the following command:
kubectl get all -n <namespace_created_earlier_in_this_procedure>
Make sure that the following message is displayed:
No resources found.
Configure the ingress controller. Perform the following steps:
Identify the configmap name by running the following command:
kubectl get all -n <ingress_nginx_namespace>
Change the configmap name to use the configmap in your environment by running the following command:
kubectl edit cm <ingress_nginx_configmap> -n <ingress_nginx_namespace> data: enable-underscores-in-headers: "true" proxy-body-size: 250m server-name-hash-bucket-size: "1024" ssl-redirect: "false" use-forwarded-headers: "true"
- If you are deploying BMC Helix AIOps, perform the following steps:
- Open the ../products/aiops/aiops.json file.
- Under
the ml-model-mgmt-service
entry, replaceimage.org
withcontainers[0].org
. - Save and close the file.
For EFK logging
Create a namespace called bmc-helix-logging by using the following command:
kubectl create ns bmc-helix-logging
The Elasticsearch, FluentD, and Kibana services are installed in this namespace. These services are required to access logs from the pods that are running on BMC Helix Platform.
For more information, see Preparing for BMC Helix logging.
To deploy the BMC Helix Platform common services
- Log in to the controller or bastion machine from where the Kubernetes cluster is accessible.
Go to the directory where you downloaded the deployment manager from the EPD and give the execute permission to the helix-on-prem-deployment-manager-<release_version>.sh file.
Self-extract the deployment manager. Run the following command:
./helix-on-prem-deployment-manager-<release_version>.sh cd helix-on-prem-deployment-manager
In the helix-on-prem-deployment-manager/config/infra.config file, modify the following parameters that are environment-specific.
Important
- The following load balancer hosts are required. You do not need any subdomains.
- LB_HOST
- TMS_LB_HOST
- MINIO_LB_HOST
- Tenant URL that is derived based on the following parameters from the infra.config file:
$COMPANY_NAME-$TENANT_TYPE-$ENVIRONMENT.$DOMAIN
- Make sure that you have created a storage class.
Property
Example Value
Description
IMAGE_REGISTRY_HOST
containers.bmc.com
(or local repo if copied down)
Image registry from where the nodes on the cluster download the images.
If you have synchronized the images to local Harbor registry, make sure Harbor registry is set up with HTTPS.
IMAGE_REGISTRY_USERNAME
abc@bmc.com
User name to log in to BMC DTR.
If you use a local Harbor registry to synchronize with BMC DTR, specify the user name to log in to your local registry.
IMAGE_REGISTRY_PASSWORD
1234578abcdefgh
Password to log in to BMC DTR.
If you use a local Harbor registry to synchronize with BMC DTR, specify the password to log in to your local registry.
ENVIRONMENT
poc Type of environment such as poc, dev, qa, and prod.
Do not use special characters for the environment value.
You can use the same environment value while performing the BMC Helix Innovation Suite installation.
NAMESPACE
dark-helmet
Namespace in which to install the services.
You must have separate namespaces to install BMC Helix Platform services and BMC Helix Innovation Suite platform and applications.
Learn about the required namespaces at Deployment process overview.
LB_HOST
host-india-app.mydomain.com
Host for load balancer for BMC Helix Innovation Suite.
Specify the BMC Helix Innovation Suite URL.
LB_PORT
443
Port for load balancer. TMS_LB_HOST
tms-private-poc.mydomain.com
Host for tenant management system.
Specify the host of the load balancer that points to the tenant management system service.
Domain
mydomain.com
Domain name of the Load Balancer
MINIO_LB_HOST
minio-private-poc.mydomain.com URL for Minio storage.
CLUSTER_TYPE
""
Cluster type can have values openshift or ocp for OpenShift.
If CLUSTER_TYPE is not set to openshift or ocp then cluster type is treated as kubernetes cluster.
COMPANY_NAME
photon2
This will be used in the tenant URL formation like $COMPANY_NAME-$TENANT_TYPE-$ENVIRONMENT.$DOMAIN
Do not use special characters for the Company name.
COMPANY_NAME value is used to generate the tenant URL.
TENANT_EMAIL
pqr@mycompany.com
TENANT_FIRST_NAME
TestName
TENANT_LAST_NAME
TestLastName
TENANT_TYPE
private
COUNTRY
"United States"
The country name must match the value in the OS locale.
Important
- Add the country name within double quotes. For example:
"India"
Do not use abbreviation in country names.
Click here to view a list of the supported country names.
NFS_MOUNT_PATH
"" Leave it as blank ""
This parameter is not required for BMC Helix IT Service Management.
NFS_SERVER
"" Leave it as blank ""
Leave blank. This parameter is not required for BMC Helix IT Service Management.
NFS_STORAGE_CLASS
"" Leave it as blank ""
Leave blank. This parameter is not required for BMC Helix IT Service Management.
SMTP_HOST
mailhost.mycompany.com
SMTP host name of IP address accessible from cluster
This parameter is required.
SMTP parameters are required for the emails that are sent to the administrator for tenant activation after the BMC Helix Platform deployment is complete.
SMTP_PORT
25
SMTP server port, e.g. 25
This parameter is required.
SMTP_USERNAME
abc@mycompany.com
SMTP user name
This parameter is required.
SMTP_PASSWORD
test123
SMTP password
This parameter is required.
SMTP_FROM_EMAIL
helix-rd@mycompany.com
Email to use for the from address in all emails
This parameter is required.
SMTP_TLS
""
SMTP server TLS, Leave it blank if not in use
This parameter is required.
SMTP_AUTH
plain
Use values as "plain" or "login"
This parameter is required.
OPS_GROUP_EMAIL
ops-grp@mycompany.com
ops email address
All emails related to tenant activities such as tenant creation, tenant registration, and tenant offboarding are sent to your organization's operations team.
APPROVAL_GROUP_EMAIL
grp-rd@mycompany.com
email address for approval
When a new tenant is created, an email is sent for tenant approval to this email group.
PG_STORAGE_CLASS
ceph-block-storage
Storage class used. Usually there is one Storage class configured for all the infra services. Please repeat the same value in that case
VMSTORAGE_STORAGE_CLASS
onprem-storage
Storage class for VictoriaMetrics. VMAGGSTORAGE_STORAGE_CLASS
onprem-storage
ES_MASTER_STORAGE_CLASS
block-store-class Storage class for Elasticsearch master nodes ES_DATA_STORAGE_CLASS
block-store-class Storage class for Elasticsearch data nodes. MINIO_STORAGE_CLASS
onprem-storage
Storage class for Minio. EFS_STORAGE_CLASS
"" Leave it as blank "" REDIS_HA_GLOBAL_STORAGECLASS
block-store-class Storage class for REDIS KAFKA_STORAGECLASS
block-store-class Storage class for Kafka ESLOG_MASTER_STORAGE_CLASS
block-store-class Storage class for Elasticsearch log ESLOG_DATA_STORAGE_CLASS
block-store-class Storage class for Elasticsearch log AIOPS_STORAGE_CLASS
"" Leave it as blank "" OPT_STORAGE_CLASS
"" Leave it as blank "" REPOPV_MOUNT_PATH
"" Leave it as blank "" MIGRATORPV_MOUNT_PATH
"" Leave it as blank "" ETLPV_MOUNT_PATH
"" Leave it as blank "" CUSTOM_CA_SIGNED_CERT_IN_USE
false The default value is
false
.CLIENT_ROOT_CERT
"" Leave it as blank "" SMART_SYSTEM_USERNAME
"" Leave it as blank "" SMART_SYSTEM_PASSWORD
"" Leave it as blank "" INGRESS_CLASS
nginx
Ingress class used while deploying Ingress controller. Change if multiple ingress controllers on cluster.
By default rancher will have nginx.
If you have more than one ingress controllers in your cluster, use INGRESS_CLASS to specify the ingress class name that you want to use.
HELM_BIN
/usr/local/bin/helm
Absolute path of the HELM binary
KUBECTL_BIN
/usr/bin/kubectl
Absolute path of the kubectl binary
OC_BIN
/usr/local/sbin/oc
OC_BIN path should be set if CLUSTER_TYPE is openshift or ocp
PG_HOSTNAME
postgres-postgresql-ha-pgpool Host of the PostgreSQL database. PG_USER
postgres User name of the PostgreSQL database. PG_PASSWD
pGTest2020 Password for the PostgreSQL database user. PG_DATABASE
postgres Name of the PostgreSQL database. REDIS_HA_HOSTNAME
redis-redis-ha-haproxy Host of the Redis database. KAFKA_HOSTNAME
kafka Host of the Kafka database. ZOOKEEPER_HOSTNAME
kafka-zookeeper Host of the Zookeeper database. RSSO_PG_DB
ade_rsso Host of the BMC Helix Single Sign-On PostgreSQL database. ES_EVENTS_HOSTNAME
elasticsearch-events-opendistro-es-data-svc Host name of Elasticsearch events instance. ES_LOGS_HOSTNAME
elasticsearch-logs-opendistro-es-data-svc Host name of Elasticsearch log instance. MINIO_HOSTNAME
Leave it as blank, no double quotes. MINIO_HOSTNAME=
IMAGE_REGISTRY_SECRET
bmc-dtrhub Kubernetes secret name for accessing the images from BMC DTR or a local Harbor registry. LOGIN_ID
hannah_admin
Tenant admin
- The following load balancer hosts are required. You do not need any subdomains.
In the helix-on-prem-deployment-manager/configs/deployment.config file, modify the following parameters:
Parameter Required value DEPLOYMENT_ENVIRONMENT
small
HELIX_DASHBOARD_SERVICES
yes
VICTORIAMETRICS
yes
MINIO
yes
(Optional) ITSMINSIGHT_SERVICES
yes
If you are not using ITSM Insights, set this parameter to
No
.BMC_HELIX_LOGGING
yes
To install the product, run the following command:
./deployment-manager.sh
To run the deployment in the background, run the following command:
nohup ./deployment-manager.sh </dev/null &
To view the logs during installation, run the following command:
tail -f logs/deployment.log
After the BMC Helix Platform services are deployed, the tenant administrator receives the following emails:
- An email with details about the BMC Helix Platform account
- An email to change the BMC Helix Platform account password at the first login
After the installation, you can see the Elasticsearch, Fluentd, and Kibana pods in the bmc-helix-logging namespace. You can access Kibana with the following URL:
http://<masternodeio>:5601/
All installation logs are located in the following directory:
helix-on-prem-deployment-manager/logs
Where to go from here
Set up your environment to make it ready for installing BMC Helix Innovation Suite. For more information, see the BMC Helix Innovation Suite documentation .
Comments
Hi,
There is inconsistency around deployment.config file. Document says to set VICTORIAMETRICS=no but the sample file has parameter _VICTORIAMETRICS=yes. Which should it be?
Thanks
Thank you. This is fixed in the documentation.
Hi,
Deployment.config contains entry _MINIO=yes which causes preinstall-checker to expect values for MINIO_HOSTNAME and MINIO_STORAGE_CLASS. According to the documentation these parameters are expected to be empty.
Thanks
Thank you. This is fixed in the documentation.
Hello Team, Same issue as what Ariel Manka mentioned above. Do we have to install _MINIO services ? If yes then I guess additional DNS entry is needed for the 'MINIO_LB_HOST' which is not mentioned in document,
Thank you. This is fixed in the documentation.
Hi Folks, I also found the way to 21.3 ;-).. Iam stuck on Deployment with TMS Package... Iget a timeout on HELM upgrade TMS package. if I run the command manually I get this error:
history.go:56: [debug] getting history for release tms Error: failed parsing --set-string data: key "1" has no value (cannot end with ,) helm.go:88: [debug] key "1" has no value (cannot end with ,)
I am pretty sure the problem is this Part: job1.job.container.envMap.env.REALM_DOMAIN=helix-tenant.domain.com\,127.0.0.1
Somehow the Escape Character in front of the comma seems not to work. Anyone else see this problem?? I've Helm 3.7.2
Thanks Yours Stefan
Hi Stefan,
I have sent this out to the dev team. I will update you as we have more information.
Thank you.
Hello,
If the problem persists, please open a support ticket with BMC so we can help you.
Thank you.
Hi, Can someone explain to me what is TMS_LB_HOST? This clarification: "Host for tenant management system" tells me nothing. I googled what Minio is and now I am completely lost (again). Why do we need Minio? Why is this feature not even mentioned in System Requirements as a prerequisite for the installation process? Thanks,
Hello,
MinIO is an infrastructure component. For information about MinIO in the product architecture, see BMC Helix Operations Management deployment architecture.
Thank you.
In https://docs.bmc.com/docs/brid213/viewing-and-collecting-critical-logs-by-using-the-kibana-dashboard-1046256686.html the kibana url is documented as https://--kibana. but here you document http://:5601/ for access. This is somewhat confusing/inconsistent. IIRC there also was no ingress object for the -kibana URL unless you create it manually so https://--kibana. does not really work after deployment.
Hello,
The problem is not immediately clear to us. Can you please provide more details?
Thank you
Hi,
I just noticed that there is no parameter DEPLOYMENT_ENVIRONMENT in my infra.config. Weird, since it controls hardware specification pre-flight check. Does the pre-flight checker assume that the environment is "small" in the absence of this parameter?
Ariel
Sorry for the confusion. It is in the deployment.config file. We have corrected the document.
Hi,
Getting below error while executing deployment-manager.sh even if LB having a valid certificates from CA.
Load balancer bmc-helix-innovation-suite-prod.xxxxx.xxx does not have valid domain certificate for this domain[xxxx.xxx]
Any suggestions please.
Best Regards,
Sujan
Hi Sujan,
I have sent this out to the dev team. I will update you as we have more information.
Thank you
Hello,
If the problem persists, please open a support ticket with BMC so we can help you.
Thank you
On Step 3 under Before you begin, wouldn't the command be this: kubectl edit cm internet-ingress-configuration -n internet-ingress
If you followed the directions for prerequisites here - https://docs.bmc.com/docs/itomdeploy/213/deploying-the-ingress-controller-for-openshift-or-kubernetes-1049122802.html
That is correct.
We have used variables instead of internet-ingress-configuration and internet-ingress.
confluence.bmc.com is not a public IP.
Log in or register to comment.