Chapter 2. Preparing to deploy Red Hat Decision Manager in your OpenShift environment
Before deploying Red Hat Decision Manager in your OpenShift environment, you need to complete several preparatory tasks. You do not need to repeat these tasks if you want to deploy additional images, for example, for new versions of decision services or for other decision services
2.1. Ensuring the availability of image streams
You must ensure that the image streams that are required for the deployment are available in your OpenShift environment. Some versions of the OpenShift environment include the necessary image streams. You must check if they are available. If they are not available, you must install the rhdm71-image-streams.yaml file.
Procedure
Run the following commands:
$ oc get imagestreamtag -n openshift | grep rhdm71-decisioncentral-openshift $ oc get imagestreamtag -n openshift | grep rhdm71-kieserver-openshift
If the outputs of both commands are not empty, the required image streams are available and no further action is required.
If the output of one or both of the commands is empty, download the
rhdm-7.1.0-openshift-templates.zipproduct deliverable file from the Software Downloads page. Extract therhdm71-image-streams.yamlfile from it. Complete one of the following actions:Run the following command:
$ oc create -f rhdm71-image-streams.yaml
- Using the OpenShift Web UI, select Add to Project → Import YAML / JSON, then choose the file or paste its contents.
2.2. Creating the secrets for Decision Server
OpenShift uses objects called Secrets to hold sensitive information, such as passwords or keystores. See the Secrets chapter in the OpenShift documentation for more information.
You must create an SSL certificate for Decision Server and provide it to your OpenShift environment as a secret.
You do not need to create the secrets object if you are planning to deploy only Decision Servers without support for HTTPS.
Procedure
Generate an SSL keystore with a private and public key for SSL encryption for Decision Server. In a production environment, generate a valid signed certificate that matches the expected URL of the Decision Server. Save the keystore in a file named
keystore.jks. Record the name of the certificate and the password of the keystore file.See Generate a SSL Encryption Key and Certificate for more information on how to create a keystore with self-signed or purchased SSL certificates.
Use the
occommand to generate a secret namedkieserver-app-secretfrom the new keystore file:$ oc create secret generic kieserver-app-secret --from-file=keystore.jks
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.