...
| Table of Contents | ||||
|---|---|---|---|---|
|
Container
...
Environment
The DataPower Operations Dashboard Cloud Agent Operator supports the following platforms:
OpenShift Container Platform (OCP) 4.10
Resource requirements
Operator
The DataPower Operations Dashboard Cloud Agent Operator include the following resource spec:
| Code Block |
|---|
resources:
limits:
cpu: '2'
memory: 2Gi
requests:
cpu: 500m
memory: 512Mi |
Operand
Cloud Agent Manager
The Could Agent Manager deployment include minimum of 3 replicas
manager container
| Code Block |
|---|
resources:
limits:
cpu: 500m
memory: 1526Mi
requests:
cpu: 500m
memory: 1526Mi |
api-proxy container
| Code Block |
|---|
resources:
limits:
cpu: 200m
memory: 512Mi
requests:
cpu: 200m
memory: 512Mi |
Cloud Agent Syslog Ingester
The Could Agent Syslog Ingester deployment include minimum of 3 replicas
syslog-ingester container
| Code Block |
|---|
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 500m
memory: 2Gi |
Cloud Agent Messaging
The Could Agent Messaging deployment include minimum of 3 replicas
messaging-broker container
| Code Block |
|---|
resources:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 500m
memory: 4Gi |
Cluster-scope permissions
Operator
, 4.12
Operator Lifecycle Manager (OLM) installed
IBM DataPower Gateway operator v1.6.0+
Network Requirements
Firewall Requirements for Cloud Agent
Resource Requirements
Component | CPU | Memory |
|---|---|---|
Operator | 500m (limit: 2) | 512Mi (limit: 2Gi) |
Cloud Agent Messaging - | 500m (limit: 2) | 4Gi |
Cloud Agent Manager - | 500m | 1526Mi |
Cloud Agent Manager - | 200m | 512Mi |
Cloud Agent Syslog Ingester - | 500m (limit: 2) | 2Gi |
Total | 2.2 (limit: 6.7) | 8.5Gi (limit: 10Gi) |
Storage Requirements
A block storage class that provides ReadWriteOnce (RWO) access mode and 10 IOPS (Input-Output Operations per second) that is at least 50 GB, for storing the collected data.
Cluster-scope Permissions
The DataPower Operations Dashboard Cloud Agent Operator requires the following cluster-scope permissions. These are brought in by a ClusterRole ClusterRoles and bound to the operator's ServiceAccount via ClusterRoleBinding
Permissions needed to customize OCP web console YAML samples:
...
and the manager’s ServiceAccounts via ClusterRoleBindings.
API Groups | Resources | Verbs | Description |
|---|---|---|---|
console.openshift.io |
...
consoleyamlsamples |
...
create, get, update, delete |
...
Permissions needed to |
...
customize OCP web console YAML samples |
storage.k8s.io |
...
storageclasses |
...
get, list | Permissions needed to list |
...
storage |
...
apiextensions.k8s.io |
...
customresourcedefinitions |
...
get, list | Permissions needed |
...
to list CustomResourceDefinitions |
integration.ibm.com |
...
dpodcloudagents, dpodcloudagents/status |
...
create, delete, get, list, patch, update, watch | Permissions needed for management of |
...
owned CustomResourceDefinitions |
rbac.authorization.k8s.io |
...
clusterroles, roles, rolebindings |
...
create, delete, get, list, patch, update, watch | Permissions needed |
...
for management of roles |
'' (none) |
...
pods, services |
...
get, list, watch | Permissions needed to list |
...
pods and services |
datapower.ibm.com |
...
datapowerservices, datapowerservicebindings |
...
get, list, watch | Permissions needed to list |
...
DataPower service |
'' (none) |
...
namespaces |
...
get, list, watch | Permissions needed |
...
to list namespaces |
'' (none) |
...
pods, services, persistentvolumeclaims, configmaps, secrets, serviceaccounts |
...
create, delete, get, list, patch, update, watch | Permissions needed for management of cloud agent |
...
components |
...
apps |
...
deployments, statefulsets |
...
create, delete, get, list, patch, update, watch | Permissions needed for management of |
...
cloud agent workloads |
route.openshift.io |
...
routes, routes/custom-host |
...
create, delete, get, list, patch, update, watch | Permissions needed for |
...
management of |
...
routes |
...
events.k8s.io |
...
events |
...
create | Permissions needed for |
...
creating of |
...
events |
...
coordination.k8s.io |
...
leases |
...
create, delete, get, list, patch, update, watch |
...
Permissions needed |
...
for management of leases |
'' (none) |
...
services, pods |
...
get, list, watch | Permissions needed to list services and pods |