The deployment plan template
Use this deployment plan template to prepare your deployment plan that covers the following sections at a minimum:
- Your Proposed Deployment Architecture
- Kubernetes cluster sizing and setup (Master & Worker Nodes)
- Load Balancer
- Ingress/Nginx
- Persistent Volume
- RSSO
- Planning your BMC Helix Platform & Applications Deployment pipelines.
Deployment Architecture
To learn more about the container deployment architecture of BMC Helix Service Management, see BMC Helix Service Management deployment architecture
<< Add your proposed architecture here >>
Sizing of container environment
To learn about sizing baselines, see Sizing and scalability considerations.
Assess the number of users, plan your sizing and update the following table.
Environment | Deployment Size | Resilient concurrent users | Maximum concurrent users |
|---|---|---|---|
Dev | Small | ||
QA | Medium | ||
Prod | Large |
Planning for multi-tenant deployment
BMC Helix Service Management supports multi-instance deployments. You can deploy new instances of BMC Helix Service Management in multiple namespaces that utilize the same BMC Helix Platform. For example, you can plan your Dev, QA and Prod instances to share a common Helix Platform with multiple namespaces. For more details, see Sizing and scalability considerations.
Kubernetes quotas
Review the If you plan to use a shared cluster, make sure to review the sizing requirements for each namespace and update the necessary resources (RAM/CPU) are allocated appropriately.
Review the Kubernetes Quotas section at Sizing and scalability considerations and update your proposed values in the following tables for BMC Helix Platform namespace and BMC Helix Service Management namespace.
BMC Helix Platform namespace quotas
Environment | CPU requests (milli core) | CPU limits (milli core) | Memory requests (GB) | Memory limits (GB) |
|---|---|---|---|---|
Dev |
|
|
|
|
QA |
|
|
|
|
Prod |
|
|
|
|
BMC Helix Service Management namespace quotas
Environment | CPU requests (milli core) | CPU limits (milli core) | Memory requests (GB) | Memory limits (GB) |
|---|---|---|---|---|
Dev |
|
|
|
|
QA |
|
|
|
|
Prod |
|
|
|
|
Kubernetes cluster setup
See the supported versions of all components at System requirements and update the versions of the components that you plan to use for your deployment.
Component | Version |
|---|---|
ORCHESTRSTION PLATFORMS | |
Orchestration Platform |
|
Supported Kubernetes and OpenShift platforms |
|
INGRESS CONTROLLER | |
Ingress controller |
|
Package Manager |
|
LOAD BALANCER | |
Load balancer |
|
STORAGE AND SECURITY CERTIFICATES | |
Persistent or Elastic Storage |
|
Security certificates |
|
OTHER SYSTEM REQUIREMENTS | |
Java |
|
Container host OS |
|
Host OS Bash Shell |
|
Docker Registry |
|
DB Support |
|
Email Engine |
|
BMC Helix Platform |
|
Metrics Server |
|
Helm version |
|
Network port requirements
Review the following components and the ports used and update the Notes column. See also Network Port Requirements.
Source component | Destination | Port | Direction | Notes |
|---|---|---|---|---|
Local image registry (Harbor) with internet access | BMC Docker Trusted Registry (DTR) | 443 | Outbound | |
Kubernetes cluster (Worker nodes)
| Local image registry (Harbor) with internet access | 443, 80 | Outbound | |
Database server | Database port The port varies based on your database type and service. Important: If you are using Oracle Real Application Clusters (RAC), make sure that you open the ONS port 6200 on each server worker node. | Outbound | ||
SMTP server | SMTP server port | Outbound | ||
End user traffic | Load balancer or HA proxy | 443 Important: Only port 443 is supported for application URLs incoming traffic. | Incoming | |
Load balancer | Ingress controller | Ingress controller service port | Incoming | |
AR Clients (Developer Studio) | BMC Helix Innovation Suite server Admin service | 46262 You can expose this port through EXTERNAL-IP or Nodeport for the platform-admin-ext service. | Inbound | |
BMC Deployment Engine | Kubernetes cluster | Kubernetes API server port | Outbound | |
HDM virtual machine | Staging database server | Database port The port varies based on your database type and service. | Outbound |
Ports used by BMC Helix Platform Common Services
Review the ports and IP addresses required for access, and coordinate with your security team to ensure they are open. See also Ports used by BMC Helix Platform Common Services on the System requirements page.
Service Name | Ports and Protocol | Notes |
|---|---|---|
adeauthsvc | TCP - 8000 |
|
adereporting | TCP - 8080, 8000 |
|
adereporting-apiservice | TCP - 8080 |
|
adereporting-renderer-service | TCP - 8081 |
|
adereporting-report-generator-service | TCP - 3002, 3003 |
|
aif-api-service | TCP - 50197, 60197, 8094, 9094, 11000 |
|
aif-clustering-ingestion-service | TCP - 50220, 60220, 11000 |
|
aif-clustering-query-service | TCP - 50219, 60219, 11000 |
|
aif-clustering-service | TCP - 50221, 60221, 11000 |
|
aif-core-service | TCP - 50177, 60177, 11000 |
|
aif-incident-ingestion-service | TCP - 50197, 60197, 11000 |
|
aif-job-manager-service | TCP - 50207, 60207, 11000 |
|
aif-machine-learning-utilities | TCP - 50052, 60052, 11000, 8080, 9080 |
|
aif-ticket-service | TCP - 50217, 60217, 11000 |
|
ans | TCP - 8000 |
|
aud | TCP - 8000 |
|
efk-elasticsearch-coordinating-hl | TCP - 9200, 9300 |
|
efk-elasticsearch-data-hl | TCP - 9200, 9300 |
|
efk-elasticsearch-efk-elasticsearch-coordinating-hl | TCP - 9200, 9300 |
|
efk-elasticsearch-ingest-hl | TCP - 9200, 9300 |
|
efk-elasticsearch-kibana | TCP - 5601 |
|
efk-elasticsearch-master-hl | TCP - 9200, 9300 |
|
efk-fluent-bit | TCP - 9880 |
|
elasticsearch-events-opendistro-es-client-service | TCP - 9200, 9300, 9600, 9650 |
|
elasticsearch-events-opendistro-es-data-svc | TCP - 9300, 9200, 9600, 9650 |
|
elasticsearch-events-opendistro-es-discovery | TCP - 9300 |
|
elasticsearch-logs-opendistro-es-client-service | TCP - 9200, 9300, 9600, 9650 |
|
elasticsearch-logs-opendistro-es-data-svc | TCP - 9300, 9200, 9600, 9650 |
|
elasticsearch-logs-opendistro-es-discovery | TCP - 9300 |
|
featureflag | TCP - 8000 |
|
ims | TCP - 8000 |
|
imsportal | TCP - 8000, 9000 |
|
kafka | TCP - 9092 |
|
kafka-headless | TCP - 9092, 9093 |
|
kafka-zookeeper | TCP - 2181, 2888, 3888 |
|
kafka-zookeeper-headless | TCP - 2181, 2888, 3888 |
|
metric-gateway-service | TCP - 50059, 60059, 8093, 9093, 11000, 8080 |
|
metric-gateway-service-svc | TCP - 50059, 60059, 8093, 9093, 11000, 8080 |
|
metric-ingestion-service | TCP - 50051, 60051, 8080 |
|
metric-ingestion-service-svc | TCP - 50051, 60051, 8080 |
|
metric-query-service | TCP - 50051, 60051, 8091, 8080 |
|
metric-query-service-svc | TCP - 50051, 60051, 8091, 8080 |
|
minio | TCP - 9000, 9001 |
|
minio-headless | TCP - 9000, 9001 |
|
postgres-bmc-pg-ha | TCP - 5432 |
|
postgres-bmc-pg-ha-config | <none> |
|
postgres-bmc-pg-ha-pool | TCP - 5432 |
|
postgres-bmc-pg-ha-repl | TCP - 5432 |
|
redis-redis-ha | TCP - 6379, 26379 |
|
redis-redis-ha-announce-0 | TCP - 6379, 26379 |
|
redis-redis-ha-announce-1 | TCP - 6379, 26379 |
|
redis-redis-ha-announce-2 | TCP - 6379, 26379 |
|
redis-redis-ha-haproxy | TCP - 6379 |
|
rsso | TCP - 8080 |
|
smart-graph-api | TCP - 8000 |
|
smart-graph-controller | TCP - 25210, 25677 |
|
tas | TCP - 8000 |
|
tms | TCP - 8000, 9000 |
|
tmsportal | TCP - 8000 |
|
ucs | TCP - 8000 |
|
victoria-metrics-cluster-vminsert | TCP - 8480, 2003, 8189 UDP – 2003, 8189 |
|
victoria-metrics-cluster-vmselect | TCP - 8481 |
|
victoria-metrics-cluster-vmstorage | TCP - 8482, 8401, 8400 |
|
Ports used by BMC Helix Service Management services
Review the ports and IP addresses required for access, and coordinate with your security team to ensure they are open. See also Ports used by BMC Helix Service Management services on the System requirements page.
Service Name | Ports and Protocol | Notes |
|---|---|---|
atriumwebsvc | TCP - 8080 |
|
catalog-itsm-plugin | TCP - 9822 |
|
clamav | TCP - 3310 |
|
dwp-tomcat | TCP - 9000 |
|
midtier-int | TCP - 8080 |
|
midtier-int-dns-lookup | TCP - 5701 |
|
midtier-user | TCP - 8080 |
|
midtier-user-dns-lookup | TCP - 5701 |
|
openfire | TCP - 5222 |
|
openfire-dns-lookup | TCP - 5701 |
|
openfire-ext | TCP - 7001, 7070 |
|
platform-admin | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-admin-ext | TCP - 46262, 8008, 20000, 61617, 7319, 40001, 9999, 9556 |
|
platform-fts | TCP - 46262, 8008, 20000, 61617, 7319, 40001, 9977 |
|
platform-fts-ext | TCP - 46262, 8008, 20000, 61617, 7319, 40001, 9977 |
|
platform-int | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-int-ext | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-sr | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-sr-ext | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-user | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
platform-user-ext | TCP - 46262, 8008, 20000, 61617, 7319, 40001 |
|
smartit | TCP - 9000 |
|
smartit-dns-lookup | TCP - 5701 |
|
Jenkins Server Requirements
Update your requirements for the Jenkins server. For more details see, Jenkins Server Requirements.
Component | Node | vCPU | OS | RAM(GB) | Disk Space(GB) |
|---|---|---|---|---|---|
Jenkins Server |
|
|
|
|
|
Harbor Repository Requirements
Update your requirements for the harbor repository. For more details see, Harbor repository requirements.
Component | CPU | Memory(GB) | Disk Space(GB) |
|---|---|---|---|
Harbor repository |
|
|
|
Namespace Requirements
Update the requirements for the namespaces in your cluster. See, Namespaces.
Component | Namespace |
|---|---|
BMC Helix Platform Common Services and EFK for logging |
|
BMC Helix Service Management |
|
Hardware Requirements
Environment | vCPU | RAM(GB) |
|---|---|---|
Dev |
|
|
QA |
|
|
Prod |
|
|
Kubernetes Nodes Requirements
Update your requirements for the Kubernetes nodes. For more details, see Kubernetes node requirements.
Environment | Deployment Size (Compact/Small/Medium/Large) | No of Master nodes
| No of worker nodes
|
|---|---|---|---|
Dev |
|
|
|
QA |
|
|
|
Prod |
|
|
|
Database Resource Requirements
Update your requirements for the database server. For more details, see Database resource requirements.
Environment | vCPU | RAM(GB) | Database type | Unicode | Case Sensitive |
|---|---|---|---|---|---|
Dev |
|
| Oracle/ MS SQL / PostgreSQL | Y/N | Y/N |
QA |
|
| Oracle/ MS SQL / PostgreSQL | Y/N | Y/N |
Prod |
|
| Oracle/ MS SQL / PostgreSQL | Y/N | Y/N |
If you are planning for Unicode and case-insensitive databases, see Preparing to install on a Unicode database
Persistent Volume Claim Requirements
Update the PVC requirements in the following table. For more information, see Persistent volume requirements and Persistent Volume Claim requirements.
Environment | Block Storage(GB) | Storage Read Write type |
|---|---|---|
Dev |
| ReadWriteOnce / ReadWriteOncePod / ReadOnlyMany / ReadWriteMany |
QA |
| ReadWriteOnce / ReadWriteOncePod / ReadOnlyMany / ReadWriteMany |
Prod |
| ReadWriteOnce / ReadWriteOncePod / ReadOnlyMany / ReadWriteMany |
Solid-State Drive (SSD) specifications
Update your SSD specifications in the following table. For more information, see Persistent volume requirements.
Environment | Average Latency
| Write throughput
| Read throughput
| IOPS Write
| IOPS Read |
|---|---|---|---|---|---|
Dev |
|
|
|
|
|
QA |
|
|
|
|
|
Prod |
|
|
|
|
|
Disaster recovery requirements
Update your disaster recovery specifications in the following table. For more information, see Disaster recovery requirements.
Kubernetes cluster requirement (per data center)
Environment | CPU(Core) | RAM(GB) | PVC(GB) |
|---|---|---|---|
Dev |
|
|
|
QA |
|
|
|
Prod |
|
|
|
BMC Helix Service Management Namespace Quotas (DR Additions)
Update your details in the following table. For more information, see Kubernetes Quotas section in Sizing and scalability considerations.
Environment | CPU requests(milli core) | CPU limits(milli core) | Memory Requests(GB) | Memory limits(GB) |
Dev |
|
|
|
|
|---|---|---|---|---|
QA |
|
|
|
|
Prod |
|
|
|
|
Downloading the Installation Files:
Update your details in the following table. For more information, see Downloading the installation files .
Components | Remarks |
Git Repositories and artefacts |
|
Deployment Manager |
|
Database Dump Files |
|
BMC Helix Container access key |
|
Setting up Harbor Repository to Sync Container Images:
Update your details in the following table. For more information, see Setting up a Harbor repository to synchronize container images.
Tasks | Remarks |
Create Harbor registry |
|
Configure Harbor Registry endpoint |
|
Synchronize Harbor repository with BMC DTR |
|
Setting up Database
Learn more from the following documentation pages:
Setting up a Microsoft SQL Server database
Setting up a PostgreSQL database
Setting up BMC Deployment Engine
Update your details in the following table. For more information, see Setting up BMC Deployment Engine on a server with internet access .
Tasks | Remarks |
Create and configure users |
|
Run deployment engine automation script |
|
Perform post installation configurations |
|
Perform pipeline dry run |
|
Installing BMC Helix Platform Common services:
Update your details in the following table. For more information, see Installing BMC Helix Platform Common services .
Tasks | Remarks |
Create service account, Role and RoleBinding |
|
Download and extract deployment manager |
|
Prepare for password encryption |
|
Install BMC Helix Platform services |
|
Setting up the Installation environment:
Update your details in the following table. For more information, see Setting up the installation environment.
Tasks | Remarks |
Configure BMC Single Sign-On |
|
Create an external IP for FTS_ELASTICSEARCH |
|
Create an external IP for LOGS_ELASTICSEARCH |
|
Install BMC Helix Platform services |
|
Performing BMC Helix Service Management Installation:
Update your details in the following table. For more information, see Performing the BMC Helix Service Management installation.
Tasks | Remarks |
Build Parameters for HELIX_ONPREM_DEPLOYMENT pipeline and run the pipeline |
|
Installing AR System Clients |
|
Performing Post installation Checks |
|
Installing additional locales and products |
|
Performing BMC Helix Service Management Post Installation Tasks:
Update your details in the following table. For more information, see Performing the postinstallation configurations .
Tasks | Remarks |
Obtaining License Keys |
|
Activating application licenses |
|
Performing Post installation Configurations |
|
Onboarding and Implementation |
|