Ensure your environment meets the following prerequisites before installing Event Endpoint Management.
Container environment
Event Endpoint Management 11.3.x is supported on the Red Hat OpenShift Container Platform and other Kubernetes platforms that support the Red Hat Universal Base Images (UBI) containers.
If you are using Red Hat OpenShift Container Platform, ensure you have the following set up for your environment:
- A supported version of the OpenShift Container Platform installed. For supported versions, see the support matrix.
- The OpenShift Container Platform CLI (
oc
) installed.
If you are using other Kubernetes platforms, ensure you have the following set up for your environment:
- A supported version of a Kubernetes platform installed. For supported versions, see the support matrix.
- The Kubernetes command-line tool (
kubectl
) installed.
Hardware requirements
Ensure your hardware can accommodate the resource requirements for your planned deployment.
Resource requirements
Event Endpoint Management resource requirements depend on several factors. The following sections provide guidance about minimum requirements for a quick start deployment, and options for initial production configurations.
Minimum resource requirements are as follows, and are based on the total of requests set for the deployment. You will require more resources to accommodate the limit settings (see more about “requests” and “limits” later in this section).
Deployment | CPU (cores) | Memory (GiB) | Chargeable cores (see licensing) |
---|---|---|---|
Event Endpoint Management operator | 0.2 | 0.25 | N/A |
Event Manager instance | 0.5 | 0.5 | 1 |
Event Gateway instance | 1.0 | 1.0 | 1 |
Note: Event Endpoint Management provides sample configurations to help you get started with deployments. The resource requirements for these specific samples are detailed in the planning section. If you do not have an Event Endpoint Management installation on your system yet, always ensure you include the resource requirements for the operator together with the intended Event Manager and Event Gateway instance requirements (quick start or production).
Requests and limits are Kubernetes concepts for controlling resource types such as CPU and memory.
- Requests set the minimum requirements a container requires to be scheduled. If your system does not have the required request value, then the services will not start up.
- Limits set the value beyond which a container cannot consume the resource. It is the upper limit within your system for the service. Containers that exceed a CPU resource limit are throttled, and containers that exceed a memory resource limit are terminated by the system.
Ensure you have sufficient CPU capacity and physical memory in your environment to service these requirements. Your Event Manager and Event Gateway instances can be dynamically updated later through the configuration options provided in the custom resource.
Operator requirements
The Event Endpoint Management operator requires the following minimum resource requirements. Ensure you always include sufficient CPU capacity and physical memory in your environment to service the operator requirements.
CPU request (cores) | CPU limit (cores) | Memory request (GiB) | Memory limit (GiB) |
---|---|---|---|
0.2 | 1.0 | 0.25 | 0.5 |
You can only install one version of the Event Endpoint Management operator on a cluster. Installing multiple versions on a single cluster is not supported due to possible compatibility issues as they share the same Custom Resource Definitions (CRDs), making them unsuitable for coexistence.
Cluster-scoped permissions required
The Event Endpoint Management operator requires the following cluster-scoped permissions, even if the operator is set manage instances in a single namespace:
- Permission to retrieve storage classes: The Event Endpoint Management operator uses admission webhooks to provide immediate validation and feedback about the creation and modification of the Event Manager and Event Gateway instances. The permission to to retrieve storage classes is used by the webhooks to find a default storage class.
- Permission to list specific CustomResourceDefinitions: This allows Event Endpoint Management to identify whether other optional dependencies have been installed into the cluster.
Red Hat OpenShift Security Context Constraints
If used, Event Endpoint Management requires a Security Context Constraint (SCC) to be bound to the target namespace prior to installation.
By default, Event Endpoint Management complies with restricted
or restricted-v2
SCC depending on your OpenShift Container Platform version.
Network requirements
Event Endpoint Management is supported for use with IPv4 networks only.
Ingress controllers
To expose Event Endpoint Management services externally outside your cluster, the Event Endpoint Management operator will create:
- OpenShift routes when installing on Red Hat OpenShift Container Platform.
- Kubernetes ingress resources when installing on other Kubernetes platforms.
To use ingress, ensure you install and run an ingress controller on your Kubernetes platform. The SSL passthrough must be enabled in the ingress controller for your Event Endpoint Management services to work. Refer to your ingress controller documentation for more information.
Data storage requirements
Event Endpoint Management supports any Container Storage Interface (CSI) compatible storage classes.
Specifically for RedHat OpenShift Kubernetes Service (ROKS), you can use either:
- IBM Cloud Block storage,
ibmc-block-<tier>
, where<tier>
can begold
,silver
orbronze
- (Only on Single-Zone clusters) IBM Cloud File storage with support for supplemental group IDs,
ibmc-file-<tier>-gid
You can use the storage classes to set up persistent storage or to back up and restore your data.
If you want to set up persistent storage, ensure the cluster administrator has created one or more storage classes that support ReadWriteOnce
and allows read and write access to non-root users.
For example, you can use one of the following systems:
- Red Hat OpenShift Data Foundation (previously OpenShift Container Storage) version 4.2 or later (block storage only)
- IBM Cloud Block storage
- IBM Storage Suite for IBM Cloud Paks: block storage from IBM Spectrum Virtualize, FlashSystem, or DS8K
- Portworx Storage version 2.5.5 or later
- Rook Ceph
Important: The previous list includes storage providers that you can use to provision persistent volumes for Event Endpoint Management. There is no guarantee that all features of a storage provider, such as snapshot-based backup and restore of the volumes, are supported. If you want to back up and restore your Event Manager instance, ensure you use a storage provider compatible with the CSI specification for snapshotting.
Event Gateway compatibility
Ensure that both your Event Gateway and Event Manager instances are from the same version of Event Endpoint Management, or that the Event Gateway is from an earlier version.
Event Endpoint Management UI
The Event Endpoint Management user interface (UI) is supported on the following web browsers:
- Google Chrome version 113 or later
- Mozilla Firefox version 113 or later
- Safari version 16.5 or later
Certificate management
By default, all certificates that are required by Event Endpoint Management are managed by a certificate manager. A certificate manager simplifies the process of creating, renewing, and using those certificates.
- On Red Hat OpenShift Container Platform, install the cert-manager Operator for Red Hat OpenShift.
- On other Kubernetes platforms, use a certificate manager installation, for example cert-manager, that supports
Issuer.cert-manager.io/v1
andCertificate.cert-manager.io/v1
GroupVersionKind (GVK), or create certificates manually and provide them to Event Endpoint Management by using Kubernetes secrets.
The cert-manager Operator for Red Hat OpenShift Container Platform
If you already have the cert-manager Operator for Red Hat OpenShift installed on your cluster, you can skip this section.
-
To check whether the cert-manager Operator for Red Hat OpenShift is installed on your cluster by using the OpenShift web console, complete the following steps:
- Log in to the OpenShift Container Platform web console using your login credentials.
- Expand the Operators dropdown and select Installed Operators to open the Installed Operators page.
- In the list of installed operators, check whether cert-manager Operator for Red Hat OpenShift is available, and whether the status is showing as
Succeeded
in thecert-manager-operator
namespace.
-
To check whether the cert-manager Operator for Red Hat OpenShift is installed on your cluster by using the CLI, run the following command:
oc get pods -n cert-manager
If the cert-manager pods are up and running, the cert-manager Operator for Red Hat OpenShift is ready to use.
-
If you need to install the cert-manager Operator for Red Hat OpenShift, follow the instructions in the OpenShift documentation.
Important: You can only have one cert-manager Operator for Red Hat OpenShift installed on your cluster. Choose the appropriate version depending on what other software is running in your environment. If you have an existing IBM Cloud Pak for Integration deployment, check whether you have a foundational services operator running already and note the version.
Optional: Authenticate with Keycloak provided by IBM Cloud Pak for Integration
If you are installing on the OpenShift Container Platform as part of IBM Cloud Pak for Integration, you can configure access for your integration capabilities such as Event Endpoint Management by using Keycloak.
Keycloak is supported in Event Endpoint Management when an IBM Cloud Pak for Integration version 16.1.0 (operator 7.3.0) or later is available. See the IBM Cloud Pak for Integration documentation for information about installing IBM Cloud Pak for Integration.
For more information, see sections about configuring UI security and managing access with Keycloak.