Prerequisites

Ensure your environment meets the following prerequisites before installing Event Endpoint Management.

Container environment

Event Endpoint Management 11.1.x is supported on the Red Hat OpenShift Container Platform and other Kubernetes platforms that support the Red Hat Universal Base Images (UBI) containers.

If you are using Red Hat OpenShift Container Platform, ensure you have the following set up for your environment:

  • A supported version of the OpenShift Container Platform installed. For supported versions, see the support matrix.
  • The OpenShift Container Platform CLI (oc) installed.

If you are using other Kubernetes platforms, ensure you have the following set up for your environment:

  • A supported version of a Kubernetes platform installed. For supported versions, see the support matrix.
  • The Kubernetes command-line tool (kubectl) installed.

Hardware requirements

Ensure your hardware can accommodate the resource requirements for your planned deployment.

Resource requirements

Event Endpoint Management resource requirements depend on several factors. The following sections provide guidance about minimum requirements for a quick start deployment, and options for initial production configurations.

Minimum resource requirements are as follows, and are based on the total of requests set for the deployment. You will require more resources to accommodate the limit settings (see more about “requests” and “limits” later in this section).

Deployment CPU (cores) Memory (GiB) Chargeable cores (see licensing)
Event Endpoint Management operator 0.2 0.25 N/A
Event Endpoint Management instance 0.5 0.5 1
Event Gateway instance 1.0 1.0 1

Note: Event Endpoint Management provides sample configurations to help you get started with deployments. The resource requirements for these specific samples are detailed in the planning section. If you do not have an Event Endpoint Management installation on your system yet, always ensure you include the resource requirements for the operator together with the intended Event Endpoint Management and Event Gateway instance requirements (quick start or production).

Requests and limits are Kubernetes concepts for controlling resource types such as CPU and memory.

  • Requests set the minimum requirements a container requires to be scheduled. If your system does not have the required request value, then the services will not start up.
  • Limits set the value beyond which a container cannot consume the resource. It is the upper limit within your system for the service. Containers that exceed a CPU resource limit are throttled, and containers that exceed a memory resource limit are terminated by the system.

Ensure you have sufficient CPU capacity and physical memory in your environment to service these requirements. Your Event Endpoint Management and Event Gateway instances can be dynamically updated later through the configuration options provided in the custom resource.

Operator requirements

The Event Endpoint Management operator requires the following minimum resource requirements. Ensure you always include sufficient CPU capacity and physical memory in your environment to service the operator requirements.

CPU request (cores) CPU limit (cores) Memory request (GiB) Memory limit (GiB)
0.2 1.0 0.25 0.25

Cluster-scoped permissions required

The Event Endpoint Management operator requires the following cluster-scoped permissions:

  • Permission to manage admission webhooks: The Event Endpoint Management operator uses admission webhooks to provide immediate validation and feedback about the creation and modification of Event Endpoint Management and Event Gateway instances. The permission to manage webhooks is required for the operator to register these actions.
  • Permission to list specific CustomResourceDefinitions: This allows Event Endpoint Management to identify whether other optional dependencies have been installed into the cluster.

In addition to the previous permissions, the Event Endpoint Management operator requires the following cluster-scoped permissions on Red Hat OpenShift Container Platform:

  • Permission to manage ConsoleYAMLSamples: ConsoleYAMLSamples are used to provide samples for Event Endpoint Management and Event Gateway resources in the OpenShift Container Platform web console. The permission to manage ConsoleYAMLSamples is required for the operator to register the setting up of samples.
  • Permission to list ClusterRoles and ClusterRoleBindings: The Event Endpoint Management operator uses ClusterRoles created by the Operator Lifecycle Manager (OLM) as parents for supporting resources that the Event Endpoint Management operator creates. This is needed so that the supporting resources are correctly cleaned up when Event Endpoint Management is uninstalled. The permission to list ClusterRoles is required to allow the operator to identify the appropriate cluster role to use for this purpose.

Red Hat OpenShift Security Context Constraints

If used, Event Endpoint Management requires a Security Context Constraint (SCC) to be bound to the target namespace prior to installation.

By default, Event Endpoint Management complies with restricted or restricted-v2 SCC depending on your OpenShift Container Platform version.

Network requirements

Event Endpoint Management is supported for use with IPv4 networks only.

Ingress controllers

To expose Event Endpoint Management services externally outside your cluster, the Event Endpoint Management operator will create:

  • OpenShift routes when installing on Red Hat OpenShift Container Platform.
  • Kubernetes ingress resources when installing on other Kubernetes platforms.

To use ingress, ensure you install and run an ingress controller on your Kubernetes platform. The SSL passthrough must be enabled in the ingress controller for your Event Endpoint Management services to work. Refer to your ingress controller documentation for more information.

Data storage requirements

Event Endpoint Management supports any Container Storage Interface (CSI) compatible storage classes.

Specifically for RedHat OpenShift Kubernetes Service (ROKS), you can use either:

  • IBM Cloud Block storage, ibmc-block-<tier>, where <tier> can be gold, silver or bronze
  • (Only on Single-Zone clusters) IBM Cloud File storage with support for supplemental group IDs, ibmc-file-<tier>-gid

You can use the storage classes to set up persistent storage or to back up and restore your data.

If you want to set up persistent storage, ensure the cluster administrator has created one or more storage classes that support ReadWriteOnce and allows read and write access to non-root users.

For example, you can use one of the following systems:

  • Red Hat OpenShift Data Foundation (previously OpenShift Container Storage) version 4.2 or later (block storage only)
  • IBM Cloud Block storage
  • IBM Storage Suite for IBM Cloud Paks: block storage from IBM Spectrum Virtualize, FlashSystem, or DS8K
  • Portworx Storage version 2.5.5 or later
  • Rook Ceph

Important: The previous list includes storage providers that you can use to provision persistent volumes for Event Endpoint Management. There is no guarantee that all features of a storage provider, such as snapshot-based backup and restore of the volumes, are supported. If you want to back up and restore your Event Endpoint Management instance, ensure you use a storage provider compatible with the CSI specification for snapshotting.

Event Endpoint Management UI

The Event Endpoint Management user interface (UI) is supported on the following web browsers:

  • Google Chrome version 113 or later
  • Mozilla Firefox version 113 or later
  • Safari version 16.5 or later

Certificate management

By default, all certificates that are required by Event Endpoint Management are managed by Cert Manager. Cert Manager simplifies the process of creating, renewing, and using those certificates.

  • On Red Hat OpenShift Container Platform, install IBM Cert Manager
  • On other Kubernetes platforms, use Cert Manager installations that support Issuer.cert-manager.io/v1 and Certificate.cert-manager.io/v1 GroupVersionKind (GVK), or create certificates manually and provide them to Event Endpoint Management by using Kubernetes secrets.

IBM Cert Manager on Red Hat OpenShift Container Platform

If you already have Cert Manager installed on your cluster, you can skip this installation.

To check whether Cert Manager is installed on your cluster by using the OpenShift web console:

  1. Log in to the OpenShift Container Platform web console using your login credentials.
  2. Expand the Operators dropdown and select Installed Operators to open the Installed Operators page.
  3. In the list of installed operators, check whether IBM Cert Manager is available, and whether the status is showing as Succeeded.

Alternatively, to check whether Cert Manager is installed on your cluster by using the CLI, run the following command to check whether ibm-cert-manager-operator is available:

oc get subs --all-namespaces

Important: You can only have one Cert Manager operator installed on your cluster. Choose the appropriate version depending on what other software is running in your environment. If you have an existing IBM Cloud Pak for Integration deployment, check whether you have a foundational services operator running already and note the version.

To install Cert Manager, see the following sections and follow the instructions for your foundational services version.

With foundational services version 3.x

If you are installing Event Endpoint Management on a cluster where foundational services version 3.x is already installed, follow these instructions to configure the Cert Manager operator.

Note: The following instructions apply to both online and offline clusters.

  1. Ensure that you have installed foundational services as described in the foundational services documentation.

  2. Create an OperandRequest custom resource with the following YAML in the Operand Deployment Lifecycle Manager as described in the foundational services documentation.

    apiVersion: operator.ibm.com/v1alpha1
kind: OperandRequest
metadata:
   name: common-service
   namespace: <namespace>
spec:
  requests:
    - operands:
       - name: ibm-cert-manager-operator
      registry: common-service
      registryNamespace: ibm-common-services

    Where <namespace> is the namespace from where you are creating the OperandRequest and planning to install the Event Endpoint Management operator.

In the namespaces where you want to use Event Endpoint Management, verify that the cert-manager operator status is Succeeded.

With foundational services version 4.0.0, or without foundational services

Follow the instructions to install Cert Manager 4.0.0 as part of foundational services version 4.0.0, or without foundational services in an online or offline environment.

For online environments

Follow the foundational services instructions to install IBM Cert Manager version 4.0.0 in online environments that are running with or without foundational services.

In the namespaces where you want to use Event Endpoint Management, verify that the cert-manager operator status is Succeeded.

For offline environments

If you are installing Event Endpoint Management in an offline environment, follow the instructions in the foundational services documentation to mirror the necessary images, and install the IBM Cert Manager from its CASE bundle.

In the namespaces where you want to use Event Endpoint Management, verify that the cert-manager operator status is Succeeded.