Deploy Metric Insights on OpenShift 4

OpenShift is Red Hat's version of Kubernetes. It is a viable option for container orchestration, especially if your organization already has a Red Hat subscription.

The deployment process includes the following:

1. Allow a Project in OpenShift to Run the Containers as Root User

2. Create the Secrets in OpenShift

3. Apply the Manifest

4. Check the Deployment

5. Create Routes for the Web Service and the Monitoring Service

Before starting the process, ensure that you have:

  • Installed OpenShift CLI (oc)
  • The manifest with customized values. It includes the following files:  mysql.secret, data-analyzer.env, web.env, seed.env, dataprocessor.env, monitoring.env, application.yml

Deploy Metric Insights

1. Allow a Project in OpenShift to Run the Containers as Root User

For the Metric Insights to work, allow the namespace to run the containers as root user.

2. Create the Secrets in OpenShift

1. Create the secret for MySQL Service container:

oc create secret generic --namespace <namespace> metricinsights-mysql-root-password --from-file mysql.secret

2. Create the secret for Data Analyzer Service container:

oc create secret generic --namespace <namespace> metricinsights-data-analyzer --from-file data-analyzer.env

3. Create the secret for the Web Service container:

oc create secret generic --namespace <namespace> metricinsights-web --from-file web.env

4. Create the secret for Seed Service container:

oc create secret generic --namespace <namespace> metricinsights-seed --from-file seed.env

5. Create the secret for Data Processor Seed Node Service container:

oc create secret generic --namespace <namespace> metricinsights-seed --from-file seed.env

6. Create the secret for Data Processor Service container:

oc create secret generic --namespace <namespace> metricinsights-dataprocessor --from-file dataprocessor.env

7. Create the secret for the Monitoring Service container:

oc create secret generic --namespace <namespace> metricinsights-monitoring --from-file monitoring.env

8. Create the secret to pull the Docker image:

oc create secret docker-registry --namespace <namespace> metricinsights-secret --docker-server docker.metricinsights.com --docker-username installer --docker-password <password> --docker-email <email_address>

3. Apply the Manifest

Apply the deployment file:

oc --namespace <namespace> apply -f application.yml

4. Check the Deployment

There are 2 ways to check the deployment:

1. Using OpenShift Container Platform console.

2. Using the terminal.

Using the OpenShift Container Platform Console

1. Select Required Project in the Web Console

  1. In the OpenShift Container Platform console, click Home
  2. Click Projects
  3. Click required project

2. Check the Pods Statuses

  1. Click Workloads
  2. Click Pods
  3. The deployment is successful when you can see that all the pods are ready
Using the Terminal

Just run the command below:

oc get pods -n <namespace>

The deployment is successful when you can see that all the pods are ready.

5. Create Routes for the Web Service and the Monitoring Service

1. Access the Routes Creation Form  

Routes · OKD - Google Chrome
  1. Click Networking
  2. Click Routes
  3. Click [Create Route]

2. Fill in the Routes Creation Form

  1. Enter a name for the Web Service/the Monitoring Service within the project
  2. Enter a hostname for the Web Service/the Monitoring Service within the project
  3. Select the pod of the Web Service/the Monitoring Service from the drop-down menu
  4. After you select the pod, the drop-down menu becomes active. For the Web Service, select "443 -> 443 (TCP)". For the Monitoring Service, select "80 -> 80 (TCP)"
  5. Tick the checkbox

3. Apply the Valid Certificate and Private Key for the Web Service and the Monitoring Service

  1. Select "Re-encrypt" from TLS Termination drop-down menu
  2. Select "Redirect" from Insecure Traffic drop-down menu
  3. Click [Browse] to select the certificate in PEM format
  4. Click [Browse] to select the Private Key
  5. Click [Browse] to select the CA certificate
  6. [Browse] to select ca.crt certificate. You can retrieve the certificate from the web pod: /opt/mi/ssl/ca.crt.

4. Create and Check the Routes

Click [Create] at the bottom. To check the routes, open the Web Service and the Monitoring Service hostnames in a browser. You will see the login pages.