Deployment requirements checklist
Requirements checklist
Use the following checklist to plan and prepare for BMC Helix IT Operations Management installation:
Requirement | Description | Reference | Verification method | Expected outcome | Customer recorded outcome | Name of customer owner | Completion date | Status |
|---|---|---|---|---|---|---|---|---|
Hardware | ||||||||
Master nodes | Check the overall deployment sizing requirements for your containerized environment, such as the total number of servers, total number of CPUs, | We do not provide sizing guidelines for the master |
|
|
|
|
|
|
Master node disk space | Master nodes must have a minimum of 150GB of free disk space. |
|
|
|
|
|
| |
Worker nodes | Check the overall deployment sizing requirements for your containerized environment, such as the total number of servers, total number of CPUs, memory, and disk space. |
|
|
|
|
|
| |
Worker node disk space | Worker nodes must have a minimum of 100GB of free disk space. | |||||||
Storage | High performance of Kubernetes Persistent Volume Disk is essential for the overall system performance. Persistent Volume Disk requires block and NFS storage. We support a Bring-Your-Own-Storage model for Kubernetes Persistent Volumes. |
|
|
|
|
|
| |
We recommend that you use a solid-state drive (SSD). Important: PVc storage is mandatory for ITOM implementation, with a small requirement for NFS. | See Sizing and scalability considerations to know | Run IOSTAT or equivalent disk | Performance should be as per BMC's recommendation. |
|
|
|
| |
BMC Helix Operations Managementrequires that two Services - Smart-Graph Controller (EFS_STORAGE_CLASS) and Repository use NFS Storage Class. Important: Block Storage is not supported for these two Services. | Run the following command to check if | Storage should be in 'Bound' state. |
|
|
|
| ||
Operating System | For all worker nodes, set the sysctl -w vm.max_map_count parameter | Discuss with system administrator of |
|
|
|
|
| |
Install the time synchronization protocol to synchronize the date and time on all nodes. | Discuss with system administrator. |
|
|
|
|
| ||
High Availability (HA) and Disaster Recovery (DR) | Check how the containerized platform is built for HA and DR. | HA is built as default with all production ready Contact BMC Product Manager for more details |
|
|
|
|
|
|
Disk storage | Make sure that Kubernetes storage is in a 'Bound' state and PCV is binding to the storage class. | The StorageClass Resource Create a PersistentVolumeClaim |
|
|
|
|
|
|
Software | ||||||||
Harbor registry | Install Harbor registry and set up SSL. We recommend you deploy the Harbor registry Registry the Harbor registry with DNS and |
|
|
|
|
|
| |
Install the latest version of SSL on the Harbor server. |
|
|
|
|
|
| ||
Docker | Install Docker Compose version 1.29.2 on Harbor |
|
|
|
|
|
| |
Email Engine | The Common Services script (deployment-manager.sh) attempts to connect to an SMTP server and validates login. The SMTP server is required to activate a tenant through email. We support all SMTP server types that can communicate with the cluster. A valid SMTP server is required for Production. If you are running a POC or a Demo system, you might use the SMTP Sink process to generate the activation email in a text file on the Server. |
|
|
|
|
|
| |
Security Certificates | BMC Helix IT Operations Management21.3.03 onwards, you can use self-signed or custom CA certificates while deploying BMC Helix Operations Management. BMC Helix Continuous Optimizationsupports self-signed or custom CA certificates for version 22.2.01 or later. Both Harbor registry and load balancer must use SSL certificates (wildcard certification is supported). |
|
|
|
|
|
|
|
Network | ||||||||
Firewall Ports | To deploy the BMC Helix IT Operations Management, a few network ports must be open for both Ingress and Egress. Within the cluster, each pod has open ports to communicate with each other and with persistent storage. |
| All names are resolved. |
|
|
|
| |
Firewall policies | Update your firewall policies to enable access to BMC DTR. |
|
|
|
|
|
|
|
Platform Software | Configure a Static IP for Kubernetes environment, on all master and worker nodes. Static IP is recommended for easy LB configuration and DNS entries. |
| Run the following command:
| TYPE=Ethernet |
|
|
|
|
DNS and URL Formation | Configure the following URLs and DNS with the
| URL for TMS, RSSO, and MinIO: URL for tenant access: URL forBMC Discovery: $COMPANY_NAME-disc- | nslookup okd-tms.pe.example.com Name: loadbalancer-vip.example.com |
|
|
|
| |
Load balancer | Configure the load balancer. F5 load balancer and other load balancers are supported. | The following load balancer SSL methods are supported:
Allow X-Forwarded- Headers | Make sure that you X-Forwarded-Proto—https |
|
|
|
| |
Make sure you set the following parameters:
| A network administrator must validate | After the ingress controller is configured, if you browse to the URLs, you must get 'default backend -404' error. |
|
|
|
| ||
Monitor | Configure a forward proxy for Patrol Agents, if used. | Configuring a Squid proxy server |
|
|
|
|
|
|
Kubernetes | ||||||||
Container | Review the supported Kubernetes versions forBMC Helix IT Operations Managementinstallation. |
|
|
|
|
|
| |
Review the container orchestration and the versions (For example, Rancher, OpenShift) used forBMC Helix IT Operations Managementinstallation. |
|
|
|
|
|
| ||
Functional | Test simple pod deployment. Make sure that the Kubernetes cluster with master and worker nodes is fully functional before installation. | Getting started | Run the following command to test kubectl get pods -o wide | Make sure the pods are in a running state and deployed across the nodes. |
|
|
|
|
Ingress | Nginx Ingress controller is used to distribute the load between the services. Review the supported Ingress controller versions and the parameter value requirements in the nginx-configuration configmap. | Run the following command to |
|
|
|
|
| |
Create a sample Ingress resource and test to make sure it's functioning with the load balancer. | Ingress | Ingress resources must function with the external load balancer before installing BMC Helix IT Operations Management |
|
|
|
| ||
Ingress parameters | Review parameter value requirements in the nginx-configuration configmap in the ingress-nginx namespace: enable-underscores-in-headers—true server-name-hash-bucket-size 1024 | ConfigMaps | Run the following command: |
|
|
|
|
|
Helm | Review the supported Helm version for BMC Helix IT Operations Management installation. |
|
|
|
|
|
| |
KUBECONFIG | KUBECONFIG must be configured to point to the Kubernetes cluster on the installation workstation. |
|
|
|
|
|
| |
Platform software | Verify that all nodes are in the ready state. |
| For Kubernetes, run the command on the node For Openshift, run the command where the OC | All nodes must be in ready state. |
|
|
|
|
OpenShift only | For all the product components, make sure that you increase the number of threads to 4096 per node so that sufficient threads are available to the processes running in the containers. |
| Number of threads |
|
|
|
|
|
Deploying the ingress controller for OpenShift |
|
|
|
|
|
| ||
OpenShift cluster must have access to the NGINX Ingress Controller or Operator. | Run the following commands: kubectl get ns | OpenShift-ingress Active 20d NAME READY STATUS RESTARTS AGE |
|
|
|
| ||
Discovery | ||||||||
BMC Discovery | Install and set up BMC Discovery. BMC Discovery is a mandatory requirement to deploy BMC Helix Operations Management and is optional for BMC Helix Continuous Optimization. | Log in to the |
|
|
|
|
| |
BMC Helix Single Sign-on | Disconnect from existing BMC Helix Single Sign-on. If BMC Discovery is connected to LDAP, you must disconnect it during the installation of BMC Helix Operations Management, as BMC Helix Operations Managementdeploys a new SSO Service. The installer connects BMC Discovery to this new SSO Service which then can be added back to LDAP manually. |
| If you are able to log in to BMC Discovery |
|
|
|
|
|
Backup | ||||||||
Docker | Download the required software from BMC Docker Trusted Registry (DTR) Important: You need a license to download the required software. Trial licences are time-limited. |
| Software is downloaded from BMC DTR to local Harbor registry. |
|
|
|
| |
Snapshot | If you are using VMware or a similar platform, we recommend that you take a snapshot of BMC Discovery, and control and worker nodes before starting the deployment | NA |
| Confirm if an action is taken. |
|
|
|
|
BMC Helix Operations Management | ||||||||
Make sure you have deployed the latest version of PATROL Agents. |
|
|
|
|
|
|
| |
Health Check Validation | ||||||||
Health Check Tool | The Health Check Tool helps you validate that your environment is configured correctly. The Health Check Tool artifacts are available in the BMC Helix Containerization Group on BMC Community. Alternatively, you can contact BMC Support and log a support case to obtain the tool artifacts. | After updating the infra.config, run the tool on the server which is connected to the cluster. | All checks must pass before proceeding with the installation. |
|
|
|
|
|