Make sure your environment meets the following requirements prior to installing the DataPower Operations Dashboard Cloud Agent Operator and deploying the Custom Resources.

Container environment

Supported platforms

The DataPower Operations Dashboard Cloud Agent Operator supports the following platforms:

OpenShift Container Platform (OCP) 4.10

Resource requirements

Operator

The DataPower Operations Dashboard Cloud Agent Operator include the following resource spec:

resources:
  limits:
    cpu: '2'
    memory: 2Gi
  requests:
    cpu: 500m
    memory: 512Mi

Operand

Cloud Agent Manager

The Could Agent Manager deployment include minimum of 3 replicas

manager container

resources:
  limits:
    cpu: 500m
    memory: 1526Mi
  requests:
    cpu: 500m
    memory: 1526Mi

api-proxy container

resources:
  limits:
    cpu: 200m
    memory: 512Mi
  requests:
    cpu: 200m
    memory: 512Mi

Cloud Agent Syslog Ingester

The Could Agent Syslog Ingester deployment include minimum of 3 replicas

syslog-ingester container

resources:
  limits:
    cpu: 2
    memory: 2Gi
  requests:
    cpu: 500m
    memory: 2Gi

Cloud Agent Messaging

The Could Agent Messaging deployment include minimum of 3 replicas

messaging-broker container

resources:
  limits:
    cpu: 2
    memory: 4Gi
  requests:
    cpu: 500m
    memory: 4Gi

Cluster-scope permissions

Operator

The DataPower Operations Dashboard Cloud Agent Operator requires the following cluster-scope permissions. These are brought in by a ClusterRole and bound to the operator's ServiceAccount via ClusterRoleBinding

Permissions needed to customize OCP web console YAML samples:

API Groups: console.openshift.io
Resources: consoleyamlsamples
Verbs: create, get, update, delete.

Permissions needed to list storage:

API Groups: storage.k8s.io
Resources: storageclasses
Verbs: get, list

Permissions needed to list CustomResourceDefinitions:

API Groups: apiextensions.k8s.io
Resources: customresourcedefinitions
Verbs: get, list

Permissions needed for management of owned CustomResourceDefinitions:

API Groups: integration.ibm.com
Resources: dpodcloudagents, dpodcloudagents/status
Verbs: create, delete, get, list, patch, update, watch

Permissions needed for management of roles:

API Groups: rbac.authorization.k8s.io
Resources: clusterroles, roles, rolebindings
Verbs: create, delete, get, list, patch, update, watch

Permissions needed to list pods and services:

API Groups: '' (none)
Resources: pods, services
Verbs: get, list, watch

Permissions needed to list DataPower service:

API Groups: datapower.ibm.com
Resources: datapowerservices, datapowerservicebindings
Verbs: get, list, watch

Permissions needed to list namespaces:

API Groups: '' (none)
Resources: namespaces
Verbs: get, list, watch

Permissions needed for management of cloud agent components:

API Groups: '' (none)
Resources: pods, services, persistentvolumeclaims, configmaps, secrets, serviceaccounts
Verbs: create, delete, get, list, patch, update, watch

Permissions needed for management of cloud agent workloads:

API Groups: apps
Resources: deployments, statefulsets
Verbs: create, delete, get, list, patch, update, watch

Permissions needed for management of routs:

API Groups: route.openshift.io
Resources: routes, routes/custom-host
Verbs: create, delete, get, list, patch, update, watch

Permissions needed for creating of events:

API Groups: events.k8s.io
Resources: events
Verbs: create

Permissions needed for management of leases:

API Groups: coordination.k8s.io
Resources: leases
Verbs: create, delete, get, list, patch, update, watch

Operand

Permissions needed to list services and pods:

API Groups: '' (none)
Resources: services, pods
Verbs: get, list, watch

IBM DataPower Operations Dashboard v1.0.19.0

Prerequisites

Container environment

Supported platforms

Resource requirements

Operator

Operand

Cloud Agent Manager

Cloud Agent Syslog Ingester

Cloud Agent Messaging

Cluster-scope permissions

Operator

Operand