Deploy IBM Sterling Secure Proxy on OpenShift using Ansible Scripts
Playbook will run the last version of SEAS, but take care of Kubernetes/Openshift version is supported
| SSP | OpenShift | Kubernetes | helm-chart | Helm |
|---|---|---|---|---|
| 6.2.0.0 | >= 4.13 and <= 4.16 | >=1.26.0 <=1.30.0 | 1.4.0 | -- |
| 6.1.0.0.04 | >= 4.13 | >=1.26.0 | 1.3.6 | -- |
| 6.1.0.0.03plus | -- | >=1.19.0 | 1.3.5 | -- |
Check with
kubectl version
Preparation
1. IBM Entitled Registry
You must have kubectl, oc, git and ansible installed in your machine
Log in the IBM Container software library with the IBMid and password that are associated with the entitled software. Click Get entitlement key. With key export variable
export ENTITLED_REGISTRY_KEY=<entitlement_key>
2. Login on OpenShift
Do a login in Openshift console and run the command:
oc login --token=sha256~P...k --server=https://c....containers.cloud.xxx.com:31234
3. Cloning ansible-ibm-websphere from git
git clone https://github.com/ibm-sterling-devops/ansible-ibm-sterling.git
4. Set roles path
To run playbook the playbook
cd ansible-ibm-sterling
export ANSIBLE_CONFIG=./ansible.cfg
Deploying Sterling Secure Proxy
1) First you need to provide SSP_INSTANCEID, this is used to define your environment. Samples: dev01, dev02, poc01, qa01, prod01
export SSP_INSTANCEID=dev01
2) To run the playbook
ansible-playbook playbooks/deploy_ssp.yml
Environment Variable
For all environment variables
- Role ssp_cm_deploy
- Role ssp_deploy
- Role ssp_ps_deploy
- Role ssp_config