When you can’t enable a new pattern type

Some reminders about pattern types…

A pattern type is a collection of plug-ins that identify components, links, and policies, along with configuration files, which are packaged in a .tgz file. You can then use these components, links, and policies to build patterns.

Some pattern types are entitled with IBM Cloud Pak System (IBM WebSphere Application Server, IBM Db2, IBM Spectrum Scale, RedHat Update Service…), some can be bought separately (IBM MQ for example). IBM usually provides new pattern types or new versions of pattern types with new IBM Cloud Pak System releases. For example, IBM Cloud Pak System v2.3.2.0 brought a new pattern type for RedHat OpenShift Container Platform v4.2 and a new version of the Foundation Pattern type, among others.

As a reminder, by default, when you deploy a new instance of a pattern, IBM Cloud Pak System will use the latest version of the pattern type that is enabled in its catalog, independently from the date of the pattern. More information about how to change this here, see “Lock option for plugin usage”.

Now, the issue you may face…

Once you have uploaded a new pattern type (following the instructions given here or here), you need to accept its license (sometimes) and enable it (always) so that it can be used.

In some cases, and especially for the WebSphere Application Server pattern type, nothing happens when you try to accept the license, or a simple “error” message appears on top of the screen.

And a solution…

Try the following procedure:

  1. Select “Product Licenses” in the “System” menu.
  2. Expand the “IBM Software Catalog product licenses “section and then the “Update IBM Software Catalog”
  3. Click the “Download IBM Software Catalog” link or go to ftp://ftp.software.ibm.com/software/tivoli_support/misc/CandO/TivoliCatalog/ibm/SwKBT/. Download the most recent file called “IBMSoftwareCatalog_canonical_form_yyyymmdd.zip” (it is currently “IBMSoftwareCatalog_canonical_form_20170411.zip”).
  4. Then click on “Browse”, select the ZIP file you previously downloaded and click “Update”.
  5. Then retry to accept the license of the pattern type from the “Catalog -> Pattern types” page.

Installing OpenShift Container Storage 4 on IBM Cloud Pak System 2.3.2.0

Earlier this year IBM announced support for OpenShift 4 on IBM Cloud Pak System. In the blog post Deploying OpenShift 4 on IBM Cloud Pak System, I pointed to a detailed technical tutorial on how this works.

My IBM colleagues Pallavi Joshi, Roy Brabson and Xiaojun Chai recently published another technical tutorial Installing OpenShift Container Storage on IBM Cloud Pak System 2.3.2.0. Red Hat OpenShift Container Storage 4 is a separate offering that complementes Red Hat OpenShift 4. This latest IBM tutorial is a great resource for clients looking to run both Red Hat OpenShift 4 products on their IBM Cloud Pak System!

Deploying OpenShift 4 on IBM Cloud Pak System

I just published this IBM Developer Recipe on How to deploy Red Hat OpenShift 4 on IBM Cloud Pak System 2.3.2.0. This hands-on tutorial you through all the steps to get your first OpenShift 4 cluster up and running as quickly as possible!

This IBM Developer Recipe is the natural successor to the IBM Developer tutorial Accelerate your Red Hat OpenShift Container Platform deployment with IBM Cloud Pak System and the blog post Best Practices deploying OpenShift 3.11 on IBM Cloud Pak System.

You will notice that the OpenShift 4 deployment process has been greatly simplified on IBM Cloud Pak System 2.3.3.0. For example there is no longer a need to manually populate your Docker Private Registry with the OpenShift Docker images.

And a big thank you to my fellow IBMers Hugh Hockett, Rahul Nema and Prasad Ganinga for their support here.

Learn about IBM Cloud Pak System and subscribe to IBM SupportTV on YouTube!

Earlier this month a number of videos about IBM Cloud Pak System were posted on the the YouTube channel IBM SupportTV. Subscribe to the channel and learn from IBM experts about IBM Cloud Pak System, see below for what’s available today.

Thanks Pallavi and Swanand for sharing these videos!

IBM Cloud Pak System 2.3.2.0 is now available

IBM released IBM Cloud Pak System 2.3.2.0 on Friday 27th March, details have been included in the IBM Support document for IBM Cloud Pak System releases here. You can find details regarding the versions of software and hardware components, as well as an overview of included APARs.

You can read more about all the new features here in the IBM Knowledge Center, I have highlighthed some of them below. Support for OpenShift 4.2 is a major improvement over OpenShift 3.11 that was available in previous releases. And the IBM Cloud Pak patterns now all support OpenShift 4.2.

  • Support for Red Hat OpenShift Container Platform V4.2 on Intel in IBM Cloud Pak System
  • Support for OpenShift Container Platform 4.x pattern types for all the Cloud Paks
  • Support for IBM Cloud Pak for Security on Intel
  • Support for BYOL (Bring your own license) for all IBM Cloud Pak patterns

Also note that there is a new User Interface, available as technology preview in 2.3.2.0!

Best Practices deploying OpenShift 3.11 on IBM Cloud Pak System

IBM worked with a number of clients earlier this year to deploy Red Hat OpenShift Container Platform 3.11 on their IBM Cloud Pak System platform. We followed the process described on the IBM Developer tutorial “Accelerate your Red Hat OpenShift Container Platform deployment with IBM Cloud Pak System”.

In this blog post I would like to share some of the best practices we came across. I am planning to get the IBM Developer tutorial updated shortly, but in the mean time consider the points below.

  1. Start by upgrading to IBM Cloud Pak System 2.3.1.1 or higher first
    If your IBM Cloud Pak System is on 2.3.0.1 and you are unable to upgrade immediately, please raise a PMR with IBM Support. You are likely to be able to proceed by downloading and importing the OpenShift Container Platform 1.0.2.1 pattern type and the IBM OS Image for Red Hat Linux Systems v 3.0.14.0 – RHEL v7.7 virtual image from IBM Fix Central.
  2. Ensure that the OpenShift Container Platform 1.0.2.1 pattern type has been imported and enabled on your IBM Cloud Pak System
  3. Ensure that you have the “IBM OS Image for Red Hat Linux Systems v 3.0.14.0 – RHEL v7.7” virtual image has been imported on your IBM Cloud Pak System.
    This is very important as the OpenShift Container Platform 1.0.2.1 pattern type will install OpenShift 3.11.146 (see point 6), which has minimum kernel version requirements met by the aforementioned virtual image.
  4. When using the Virtual System Pattern “” as private docker registry, note that this uses a self-signed TLS certificate. When populating this with Docker images, make sure that you configure Docker on your client to use treat the registry as insecure as documented here.
    Note that you need to configure the FQDN of your private Docker registry in the docker /etc/docker/daemon.json and restart Docker.
  5. When populating your private Docker registry with the Docker images for Red Hat OpenShift Container Platform 3.11, make sure to explicitly pull version 3.11.146. This version is what is expected when deploying using the OpenShift Container Platform 1.0.2.1 pattern type on IBM Cloud Pak System. So avoid simply pulling the latest version!
  6. IBM Cloud Pak System 2.3.1.1 and the OpenShift Container Platform 1.0.2.1 pattern type introduced a new shared service called Cloud Pak System Software Registry Service. Refer to the IBM Cloud Pak System 2.3.1 Knowledge Center – Cloud Pak System Software Registry Service, you need to deploy this prior to deploying the Red Hat OpenShift Container Platform pattern.
  7. Before you deploy the OpenShift Container Platform Virtual System Pattern, make sure that you do not use an IP group used for Data that has been associated with any part of the 172.30.0.0/16 IPv4 network. This network is reserved for use as the overlay network by OpenShift, as documented here and here.
  8. The name of the domain that you specify for your OpenShift cluster must meet the following criteria – for example you cannot use capital letters or underscores. Refer to Configuring Cluster Variables of the OpenShift Container Platform 3.11 documentation.
  9. Do not override the default value of 8443 for the OpenShift Master Console Port, currently that is not supported.
  10. Taking all the above in mind, you should be able to deploy OpenShift 3.11 on IBM Cloud Pak System.

Note that the OpenShift Container Platform 1.0.2.1 pattern type has some limitations. Refer to the IBM Cloud Pak System 2.3.1 Knowledge Center – OpenShift Container Platform pattern, where the following is noted:

OpenShift Container Platform pattern is only supported on Single System and cloud groups that have a “Deployment type” of “Single Cloud”.

This implies the following:

  • Multi-system deployments are not supported – you cannot deploy the VMs of a single pattern across multiple CPS racks.
  • Deployments on multi cloud cloud groups are not supported – raise a PMR with IBM Support and ask for the OpenShift Container Platform 1.0.2.3 pattern type (which is also available from IBM FixCentral here).

A big thank you to Pallavi Singh, Mallanagouda Patil and Anshu Garg from IBM for their contributions here!

Naming your Script Packages in CloudPak System

Earlier this year I was working with an IBM Cloud Pak System client who was facing issues with the execution of Script Packages. The client had been creating their own customized Virtual System Patterns with a number of Script Packages that they had created themselves. For reasons we did not understand, some (but not all) Script Packages were failing to run when manually executed after deployment of the Virtual System Pattern.

I reviewed the trace.log of the maestro agent on a VM of the deployed Virtual System Instance, this file can be found in /opt/IBM/maestro/agent/usr/servers/<node_name>/logs/<node_name>/<script-package-name>-Script/trace.log. Here I noticed the following DEBUG message:
ScriptUtils.py <id> pid=<pid> DEBUG No value found for attribute key: LOGSERVER_HOSTNAME, returning empty string.

While working through this issue with IBM Support, we found that this issue was caused by special characters in Script Package name. We were using names that contained a colon (:) character, which clashes with the internals of IBM Cloud Pak System. IBM Support confirmed that this issue will be resolved through delivery of APAR IT31777 in a future firmware version for IBM Cloud Pak System. But in the meantime, avoid using colon (:) characters in the name of your Script Packages!

How to deploy Red Hat OpenShift on IBM Cloud Pak System

Together with @vgadepalusibmcom I recently published a tutorial called Accelerate your Red Hat OpenShift Container Platform deployment with IBM Cloud Pak System on the IBM Developer site.

Deploying OpenShift on IBM Cloud Pak System is straightforward, but you need to have a good understanding of the prerequisites and mechanics. This tutorial takes you through all of those to simplify the deployment.

This should help pave the way for clients looking to deploy IBM Cloud Paks or their own applications in containers. IBM Cloud Pak System supports both scenarios, in addition to first-class support for VM based workloads.

Let us know how the tutorial works for you, and do contact us if you have any questions!

IBM Cloud Pak System 2.3.1.0 provides support for custom password policies

IBM Cloud Pak System 2.3.1.0 was released on Fri 29 November 2019, more details are available at this link about the different release versions. There are a number of significant changes, read all about it here in the IBM Knowledge Center. It is worth noting that IBM has also updated the firmware for a number of components of the hardware stack in this release, as documented here for W3500 models and here for W3550 models. New Compute Nodes now ship with Intel Cascade Lake processors, which require 2.3.1.0 firmware.

A great enhancement in this release is the introduction of custom password policies. IBM PureApplication Platform/System 2.2.6.0 and IBM Cloud Pak System 2.3.0.0 introduced a password policy, however it was not configurable by clients. I explained in this blog post how clients could prepare their patterns for that password policy.

With IBM Cloud Pak System 2.3.1.0, clients can now configure their own custom password policies. The scope for these policies is the Environment Profile, so you could easily setup different policies on the same system. Read about the new password policy here in the Knowledge Center.

Impact of HyperThreadingMitigation introduced in IBM PureApplication System 2.2.6.0 or IBM Cloud Pak System 2.3.0.0

Originally posted on IBM Developer blog “Exploring PureApplication System, Software Service and more”  by Hendrik van Run on 24 July 2019 (344 visits)

Clients planning to upgrade to IBM PureApplication System 2.2.6.0 or IBM Cloud Pak System 2.3.0.0 should be aware that IBM has introduced HyperThreadingMitigation. This impacts Intel based systems where the Side-Channel-Aware Scheduler on the ESXi has been enabled. Note that since the aforementioned releases use VMware 6.5, it is Side-Channel-Aware Scheduler V1 that has been enabled.

IBM has just released this technote, which provides guidance for clients to determine potential impact of having the Side-Channel-Aware Scheduler enabled. This security measure helps protect clients from CVE -2018-3646, something most know as the Meltdown and Spectre vulnerabilities of Intel (and other) processors that were widely publicised last year. Ultimately clients will have to balance performance and security here. IBM has prioritised security by default in its appliances, but for those clients who prefer another option IBM can help.

Design a site like this with WordPress.com
Get started