Attention: This version of Event Streams has reached End of Support. For more information about supported versions, see the support matrix.

Installing on IBM Cloud Private

Event Streams is the paid-for version intended for enterprise use, and includes full IBM support and additional features such as geo-replication.

You can also install a basic deployment of Event Streams Community Edition to try it out.

Before you begin

  • Ensure you have set up your environment according to the prerequisites, including your IBM Cloud Private environment.
  • The Event Streams installation process creates and runs jobs in the target namsepace (the namespace where you are installing Event Streams) and in the kube-system namespace. If you are using host groups with namespace isolation configured in your IBM Cloud Private cluster, ensure you have sufficient worker nodes available to the kube-system namespace to perform the installation (at least one worker node, or more, depending on your setup). Otherwise, the namespace isolation causes the installation process to hang with jobs in pending state.
  • Ensure you have planned for your installation, such as planning for persistent volumes if required, and creating a ConfigMap for Kafka static configuration.
  • Gather the following information from your administrator:
    • The master host and port for your IBM Cloud Private cluster. These values are set during the installation of IBM Cloud Private. The default port is 8443. Make a note of these values, and enter them in the steps that have https://<Cluster Master Host>:<Cluster Master API Port>
    • The SSH password if you are connecting remotely to the master host of your IBM Cloud Private cluster.
  • Ensure your proxy address uses lowercase characters. This is a setting that often needs to be checked when installing Event Streams on an IBM Cloud Private cluster deployed on Amazon Web Services (AWS). If the address is in uppercase, edit the ibmcloud-cluster-info ConfigMap in the kube-public namespace, and change the uppercase characters to lowercase for the proxy_address parameter:
    kubectl edit configmap -n ibmcloud-cluster-info -n kube-public
  • Ensure you have the IBM Cloud Private monitoring service installed. Usually monitoring is installed by default. However, some deployment methods might not install it. For example, monitoring might not be part of the default deployment when installing IBM Cloud Private on Azure by using Terraform. Without this service, parts of the Event Streams UI do not work. You can install the monitoring service from the Catalog or CLI for existing deployments.

Preparing the platform

Prepare your platform for installing Event Streams as follows.

Create a namespace

You must use a namespace that is dedicated to your Event Streams deployment. This is required because Event Streams uses network security policies to restrict network connections between its internal components.

If you plan to have multiple Event Streams instances, create namespaces to organize your Event Streams deployments into, and control user access to them.

To create a namespace, you must have the Cluster administrator role.

  1. Log in to your IBM Cloud Private cluster management console from a supported web browser by using the URL https://<Cluster Master Host>:<Cluster Master API Port>. The master host and port for your cluster are set during the installation of IBM Cloud Private. For more information, see the IBM Cloud Private documentation.
    Ensure you log in as a user that has the Cluster Administrator role.
  2. From the navigation menu, click Manage > Namespaces.
  3. Click Create Namespace.
  4. Enter a name for your namespace.
  5. Ensure you have the ibm-restricted-psp PodSecurityPolicy selected for the target namespace.
  6. Click Create.

See the IBM Cloud Private documentation for more information about creating namespaces.

Download the archive

Download the Event Streams installation image file from the IBM Passport Advantage site and make it available in your catalog.

  1. Go to IBM Passport Advantage, and search for “Event Streams”. Download the images related to the part numbers for your platform.
  2. Ensure you configure your Docker CLI to access your cluster.
  3. Log in to your cluster from the IBM Cloud Private CLI and log in to the Docker private image registry:
    cloudctl login -a https://<cluster_CA_domain>:8443
    docker login <cluster_CA_domain>:8500
    

    Note: The default value for the cluster_CA_domain parameter is mycluster.icp. If necessary add an entry to your system’s host file to allow it to be resolved. For more information, see the IBM Cloud Private documentation.

  4. Make the Event Streams Helm chart available in the catalog by using the compressed image you downloaded from IBM Passport Advantage.
    cloudctl catalog load-archive --archive <PPA-image-name.tar.gz>

    When the image installation completes successfully, the catalog is updated with the Event Streams local chart, and the internal Docker repository is populated with the Docker images used by Event Streams.

Preparing the repository

Prepare your repository for the installation as follows.

The following steps require you to run kubectl commands. To run the commands, you must be logged in to your IBM Cloud Private cluster as an administrator.

Log in to your cluster as an administrator by using the IBM Cloud Private CLI:
cloudctl login -a https://<Cluster Master Host>:<Cluster Master API Port>
The master host and port for your cluster are set during the installation of IBM Cloud Private. The default port is 8443.

Create an image pull secret

Create an image pull secret for the namespace where you intend to install Event Streams (this is the namespace created earlier). The secret enables access to the internal Docker repository provided by IBM Cloud Private.

To create a secret, use the following command:

kubectl create secret docker-registry regcred --docker-server=<cluster_CA_domain>:8500 --docker-username=<user-name> --docker-password=<password> --docker-email=<your-email> -n <namespace_for_event_streams>

For example:

kubectl create secret docker-registry regcred --docker-server=mycluster.icp:8500 --docker-username=admin --docker-password=admin --docker-email=john.smith@ibm.com -n event-streams

For more information about creating image pull secrets, see the IBM Cloud Private documentation.

Create an image policy

Create an image policy for the internal Docker repository. The policy enables images to be retrieved during installation.
To create an image policy:

  1. Create a .yaml file with the following content, then replace <cluster_CA_domain> with the correct value for your IBM Cloud Private environment, and replace the <namespace_for_event_streams> value with the name where you intend to install Event Streams (set as -n event-streams in the previous example):
    apiVersion: securityenforcement.admission.cloud.ibm.com/v1beta1
    kind: ImagePolicy
    metadata:
      name: image-policy
      namespace: <namespace_for_event_streams>
    spec:
      repositories:
      - name: docker.io/*
        policy: null
      - name: <cluster_CA_domain>:8500/*
        policy: null
    
  2. Run the following command: kubectl apply -f <filename>.yaml

For more information about container image security, see the IBM Cloud Private documentation.

Installing the Event Streams chart

Install the Event Streams chart as follows.

  1. Log in to your IBM Cloud Private cluster management console from a supported web browser by using the URL https://<Cluster Master Host>:<Cluster Master API Port>. The master host and port for your cluster are set during the installation of IBM Cloud Private. For more information, see the IBM Cloud Private documentation.
    Ensure you log in as a user that has the Cluster Administrator role.
  2. Click Catalog in the top navigation menu.
  3. Search for ibm-eventstreams-prod and select it from the result. The Event Streams README is displayed.
  4. If you are installing Event Streams on IBM Cloud Private 3.1.1 running on Red Hat Enterprise Linux, remove AppArmor settings in the PodSecurityPolicy to avoid installation issues.
  5. Click Configure.
    Note: The README includes information about how to install Event Streams by using the CLI. To use the CLI, follow the instructions in the README instead of clicking Configure.
  6. Enter a release name that identifies your Event Streams installation, select the target namespace you created previously, and accept the terms of the license agreement.
  7. Expand the All parameters section to configure the settings for your installation as described in configuring. Configuration options to consider include setting up persistent storage, external access, and preparing for geo-replication.
    Important: As part of the configuration process, enter the name of the secret you created previously in the Image pull secret field.
  8. Click Install.
  9. Verify your installation and consider other post-installation tasks.