Deployment requirements checklist
Requirements checklist
Use the following check list to plan and prepare for BMC Helix Service Management installation:
Category | Requirement | Description | Reference | Verification method | Expected outcome | Customer recorded outcome | Name of customer owner | Completion date | Status In Progress, or Complete ) |
|---|---|---|---|---|---|---|---|---|---|
Hardware | Master nodes | Check the overall deployment sizing requirements for your containerized such as total number of servers, total number of CPU, memory, and disk space. | BMC does not provide sizing guidelines for master nodes. You can configure the master nodes based on your environment requirements. | ||||||
Master node disk space | |||||||||
Worker nodes | Check the overall deployment sizing requirements for your containerized such as total number of servers, total number of CPU, memory, and disk space. | ||||||||
Worker node disk space | Worker nodes must have minimum 150 GB free disk space. | ||||||||
Worker node solid-state drive (SSD) | We recommend that you use solid-state drive (SSD) with the following specifications:
| ||||||||
PersistentVolumeClaim (PVC) | BMC Helix Platform uses the ReadWriteOnce and ReadWriteMany access modes. | ||||||||
Tanzu | If you are using Tanzu to manage your Kubernetes cluster, follow the instructions to install Tanzu in the VMware documentation. | ||||||||
Persistent volume disk minimum | The disk requirement for Compact, Small, Medium, and Large deployment sizes is 1.7 TB. | ||||||||
Deployment Engine | Check the BMC Deployment Engine requirements such as total number of CPU, memory, disk space, and operating system versions. | ||||||||
Disk Storage | Make sure that Kubernetes storage is in a Bound state and PCV is binding to the storage class. | Running in multiple zones in Kubernetes documentation Create a PersistentVolumeClaim in Kubernetes documentation | Use the following command: (For OpenShift) oc get pv -o wide (For Kubernetes) kubectl get pv -o wide | Example command output: STORAGECLASS REASON AGE VOLUMEMODE poc-matrix-pv 10Gi RWX Recycle Bound matrix/pvc | |||||
High Availability (HA) and Disaster Recovery (DR) | Check how the containerized platform is built for HA and DR. | Running in multiple zones in Kubernetes documentation | |||||||
Software | Java | Review the supported versions of Java for BMC Deployment Engine. | |||||||
Known issues | Review the known issues for BMC Helix Service Management installation. | ||||||||
Password encryption | Prepare for password encryption by using the secrets.txt file properties. | ||||||||
Electronic Product Distribution (EPD) files | Download the BMC Helix Service Management installation artifacts and token to access the container images. | The installation files are available on | |||||||
Local Harbor Registry | BMC certifies the use of the open-source Harbor repository to synchronize the container images hosted on BMC Docker Trusted Registry (DTR). You can choose any container repository solution that is compatible with the BMC Helix Service Management installation. | ||||||||
Deployment Engine | Set up the BMC Deployment Engine and check that the ports are open on the Jenkins server to communicate with the Kubernetes cluster. BMC Deployment Engine server must have internet access to run the automation script. | Use ss or nmap | |||||||
Install sshpass | Use the following command: which sshpass | ||||||||
Harbor repository | Check the system requirements to access images from a local Harbor repository. | ||||||||
Synchronize the Harbor repository with BMC DTR by using the access key from the EPD and verify by checking the image text files that contain the list of required container images. | Number of containers synchronized must equal to number of containers specified in the image text files. | ||||||||
Email Engine | A SMTP server is required to activate the tenant through email. During the BMC Helix Platform services deployment, the deployment script, deployment-manager.sh, attempts to connect to an SMTP server and validate login. Use any SMTP server type that is able to communicate with the cluster. | ||||||||
Security certificates | DigiCert and R3 certificates. Custom CA signed certificates and self-signed certificates are supported. | ||||||||
If you are using a self-signed or custom CA certificate, make sure that you use the same custom certificate during BMC Helix Platform and BMC Helix Service Management installation. | |||||||||
License Keys | After you install BMC Helix Service Management, you must obtain and apply a license key within three days. | Add license to AR System server. | |||||||
BMC Helix Single Sign-On realm | You must create a BMC Helix Single Sign-On realm and configure BMC Helix Single Sign-On after you install BMC Helix Platform services. | Log in to BMC Helix Single Sign-On. | A new realm is created. | ||||||
Network | Firewall policies | Update your firewall policies to enable access to BMC DTR. Use the following fully qualified domain names:
| Ping or attempt to connect to hostnames. | All names are resolved. | |||||
Network | Register DNS records for what will become the RSSO Admin console, Helix Portal, TMS and MINIO systems. Helix Portal: acme-private-poc.bmcmatrix.ie The Helix Portal (Tenant URL) is derived from the following parameters in the infra.config file: $COMPANY_NAME-$TENANT_TYPE-$ENVIRONMENT.$DOMAIN (use hyphens as indicated in the example) | All four DNS aliases must resolve to the load balancer IP. | |||||||
Load balancer | F5 Load Balancer or other Load Balancer. The following load balancer SSL methods are supported:
| ||||||||
DNS for applications | Make sure that you configure DNS for the BMC Helix Service Management applications so that you can access the applications by using the following URL format. | ||||||||
Kubernetes | Kubernetes | Review the supported Kubernetes versions for BMC Helix Service Management installation. | |||||||
Helm | Review the supported Helm version for BMC Helix Service Management installation. | ||||||||
Functional | Test simple POD deployment. Make sure that the Kubernetes cluster with master and worker nodes are fully functional before installation. | Production environment in Kubernetes documentation | Test the deployment. | Make sure that the pods are in a running state and deployed across the nodes. | |||||
Kubernetes ports | Make sure that Kubernetes components can communicate with each other through the ports. | Ports and Protocols in Kubernetes documentation | |||||||
Network Time Protocol (NTP) | Make sure that NTP or equivalent component is installed on the worker and master nodes. IMPORTANT: Time synchronization with all BMC architecture components is done prior to installation. | ntpstat |
| ||||||
Namespaces | Review the following requirements for the namespaces in your cluster:
| Use the following commands: kubectl create ns <namespace name> kubectl get ns kubectl describe ns | Example command output: NAME STATUS AGE | ||||||
Ingress | Nginx Ingress controller is used to distribute the load between the services. Review the supported Ingress controller versions and the parameter value requirements in the nginx-configuration configmap. | ||||||||
Create a sample Ingress resource and test to ensure it's functioning with the load balancer. | Ingress in Kubernetes documentation | Use the following command: | |||||||
kubeconfig | Make sure that you copy the kubeconfig file to your Jenkins server and update the Jenkins kubeconfig credential to use it. Kubeconfig must contain correct cluster or security details to connect to the cluster. Important: A new copy of the kubeconfig file must be uploaded to the Kubeconfig account in Jenkins before the installation otherwise authentication may fail if an idle connection is detected. | Use the following command: kubectl config view | |||||||
Persistent or Elastic Storage | BMC supports a Bring-Your-Own-Storage-Class model, for any block storage supporting high performance IOPS. | ||||||||
Mapping Memory Limits | Increase maximum number of memory maps on each worker node. For example: # echo vm.max_map_count=262144 > /etc/sysctl.d/es-custom.conf # sysctl -w vm.max_map_count=262144 | Maximum map count check in Elastic documentation. | |||||||
Metrics server | BMC Helix Platform uses the HorizontalPodAutoscaler (HPA) for its services so that the product can scale based on the customer usage. For the HPA to function, Kubernetes must expose metrics that are used to trigger scaling activities, for which a Metrics Server is required. | ||||||||
OpenShift | OpenShift | Review the prerequisites to install BMC Helix Service Management in an OpenShift cluster. Make sure that the OpenShift cluster has access to the NGINX Ingress controller or operator. | Use the following commands: kubectl get pod -n OpenShift-ingress-operator | Sample command output: NAME READY STATUS RESTARTS AGE | |||||
Database | Unicode | BMC supports BMC Helix Service Management installation only with Unicode. Before you install BMC Helix Service Management, make sure that your database is configured to use Unicode. | |||||||
Database | Database | Prepare the database. Make sure that all the Kubernetes worker nodes have access to the database and the database host entry is configured to include the IP range of the Kubernetes worker nodes. | Download a database client on the worker nodes and validate connections to the external database. | ||||||
If you are using AKS, EKS, or GKE cluster, validate the database type and version is supported. | |||||||||
Backup | Snapshot or backup | We recommend that you take snapshots of all the master and worker nodes before performing the BMC Helix Service Management installation. | NA | Snapshot for all the master and worker nodes in the OpenShift or Kubernetes cluster. In addition snapshot for Discovery before starting the deployment. | Confirm if an action is taken. | ||||
Deployment | BMC Helix Platform configuration files parameters | Review the BMC Helix Platform parameters in the infra.config and deployment.config files. | |||||||
Deployment | Installation pipeline | Review the BMC Helix Service Management installation pipeline parameters. | |||||||
Environment validation and troubleshooting | Helix IS Triage Tool | The Helix IS Triage Tool helps you validate that your environment is configured correctly and troubleshoot BMC Helix Service Management installation and postinstallation issues. The Helix IS Triage Tool artifacts are available in the BMC Helix Containerization Group on BMC Community. Alternatively, you can contact BMC Support and log a support case to obtain the tool artifacts. |