diff --git a/.github/workflows/check-links.yml b/.github/workflows/check-links.yml index 2ea6949..ed4cf1c 100644 --- a/.github/workflows/check-links.yml +++ b/.github/workflows/check-links.yml @@ -1,25 +1,16 @@ -name: Check Markdown links -#on: -# push: -# branches: -# - master -# pull_request: -# branches: [master] +name: 'Check Markdown Links with linkspector' on: push jobs: - markdown-link-check: + check-links: + name: runner / linkspector runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: technote-space/get-diff-action@v6 + - name: Run linkspector + uses: umbrelladocs/action-linkspector@v1 with: - PATTERNS: | - **/**.md - - - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - use-quiet-mode: 'yes' - use-verbose-mode: 'yes' - config-file: '.md_check_config.json' + fail_on_error: true + filter_mode: nofilter + show_stats: true diff --git a/.linkspector.yml b/.linkspector.yml new file mode 100644 index 0000000..9e6807c --- /dev/null +++ b/.linkspector.yml @@ -0,0 +1,18 @@ +files: + - README.md +dirs: + - ./ +ignorePatterns: + - pattern: '^https://mynicecompany.com/.*$' + - pattern: '^https://odm.*$' + - pattern: '^https://localhost*$' + - pattern: '^https://dummyUrl$' + - pattern: '^https://cognito-idp.COGNITO_REGION.amazonaws.com/COGNITO_USER_POOL_ID/.*$' +replacementPatterns: + - pattern: "https://www.ibm.com/docs" + replacement: 'https://ibmdocs-test.dcs.ibm.com/docs' +aliveStatusCodes: + - 200 + - 206 + - 429 +useGitIgnore: true \ No newline at end of file diff --git a/.md_check_config.json b/.md_check_config.json index 17934a0..d069f98 100644 --- a/.md_check_config.json +++ b/.md_check_config.json @@ -1,14 +1,23 @@ { "ignorePatterns": [ { - "pattern": "^http://localhost" + "pattern": "^http://localhost", + "pattern": "^https://jwt.io" } ], "replacementPatterns": [ { "pattern": "^/LICENSE", "replacement": "{{BASEURL}}/LICENSE" + }, + { + "pattern": "https://www.ibm.com/docs", + "replacement": "https://ibmdocs-test.dcs.ibm.com/docs" } ], - "timeout": "20s" - } \ No newline at end of file + + "timeout": "20s", + "retryOn429": true, + "retryCount": 5, + "fallbackRetryDelay": "30s" + } diff --git a/.secrets.baseline b/.secrets.baseline index 0b9759b..47c0f79 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2025-03-14T10:15:47Z", + "generated_at": "2025-05-06T15:44:53Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -776,7 +776,7 @@ "hashed_secret": "b11974a9da0d56698df935ab86e19b127804d6d4", "is_secret": false, "is_verified": false, - "line_number": 69, + "line_number": 67, "type": "Secret Keyword", "verified_result": null }, @@ -784,7 +784,7 @@ "hashed_secret": "fd1daf2e350a06b865f4a1e17bb39183b806c1e9", "is_secret": false, "is_verified": false, - "line_number": 133, + "line_number": 131, "type": "Secret Keyword", "verified_result": null } @@ -1116,7 +1116,7 @@ "hashed_secret": "07596f183f5e91b1778d5e47b2752b8d42aa763d", "is_secret": false, "is_verified": false, - "line_number": 174, + "line_number": 181, "type": "Secret Keyword", "verified_result": null }, @@ -1124,7 +1124,7 @@ "hashed_secret": "3ea3f9802accf8817bacd6f3df46a73b93ccddec", "is_secret": false, "is_verified": false, - "line_number": 175, + "line_number": 182, "type": "Secret Keyword", "verified_result": null }, @@ -1132,7 +1132,7 @@ "hashed_secret": "12d57965bd88277e9e9d69dc2b36aae2c0b7e316", "is_secret": false, "is_verified": false, - "line_number": 274, + "line_number": 281, "type": "Secret Keyword", "verified_result": null }, @@ -1140,7 +1140,7 @@ "hashed_secret": "41b864c967d31ed0bf10562e22faa36324405048", "is_secret": false, "is_verified": false, - "line_number": 292, + "line_number": 299, "type": "Secret Keyword", "verified_result": null } diff --git a/README.md b/README.md index cdfb760..93583da 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ IBM Operational Decision Manager on Certified Kubernetes ## Deploying IBM Operational Decision Manager on a Certified Kubernetes Cluster -This repository centralizes materials to deploy [IBM® Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0) ODM on Certified Kubernetes. It is deployed in a clustered topology that uses WebSphere® Application Server Liberty on a Kubernetes cluster. +This repository centralizes materials to deploy [IBM® Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0) ODM on Certified Kubernetes. It is deployed in a clustered topology that uses WebSphere® Application Server Liberty on a Kubernetes cluster. ODM is a decisioning platform to automate your business policies. Business rules are used at the heart of the platform to implement decision logic on a business vocabulary and run it as web decision services. diff --git a/authentication/AzureAD/README_WITH_CLIENT_SECRET.md b/authentication/AzureAD/README_WITH_CLIENT_SECRET.md index 0c39361..f2dc29f 100644 --- a/authentication/AzureAD/README_WITH_CLIENT_SECRET.md +++ b/authentication/AzureAD/README_WITH_CLIENT_SECRET.md @@ -2,7 +2,7 @@ -- [Set up a Microsoft Entra ID application using a client secret](#set-up-an-microsoft-entra-id-application-using-a-client-secret) +- [Set up a Microsoft Entra ID application using a client secret](#set-up-a-microsoft-entra-id-application-using-a-client-secret) - [Deploy ODM on a container configured with Microsoft Entra ID Part 2](#deploy-odm-on-a-container-configured-with-microsoft-entra-id-part-2) - [Prepare your environment for the ODM installation](#prepare-your-environment-for-the-odm-installation) - [Create a secret to use the Entitled Registry](#create-a-secret-to-use-the-entitled-registry) @@ -24,7 +24,7 @@ -1. Create the *ODM application*. +## 1. Create the *ODM application*. In **Microsoft Entra Id** / **Manage** / **App registration**, click **New Registration**: @@ -34,7 +34,7 @@ ![New Web Application](images/RegisterApp.png) -2. Retrieve Tenant and Client information. +## 2. Retrieve Tenant and Client information In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application** and click **Overview**: @@ -43,7 +43,7 @@ ![Tenant ID](images/GetTenantID.png) -3. Generate an OpenID client secret. +## 3. Generate an OpenID client secret. In **Microsoft Entra Id** / **Manage** / **App registrations**, select **ODM Application**: @@ -56,7 +56,7 @@ >Important: This client secret can not be revealed later. If you forgot to take note of it, you'll have to create another one. -4. Add Claims. +## 4. Add Claims. In **Microsoft Entra Id** / **Manage** / **App registrations**, select **ODM Application**, and in **Manage / Token Configuration**: @@ -81,7 +81,7 @@ * Check Security Groups * Click Add -5. Create a custom claim named "identity" +## 5. Create a custom claim named "identity" To allow ODM rest-api to use the password flow with email as user identifier and the client-credentials flow with client_id as user identifier, we need to create a new claim named "identity" that will take the relevant value according to the flow: @@ -95,7 +95,7 @@ 2. User Type: Members / Scoped Groups: 0 / Source: Attribute / Value: user.mail * Click Save -6. API Permissions. +## 6. API Permissions. In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **API Permissions**. @@ -107,7 +107,7 @@ * Don't forget to **Grant Admin Consent for Default Directory** on these API permissions -7. Manifest change. +## 7. Manifest change. In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **Manifest**. @@ -126,7 +126,7 @@ Then, click Save. -8. Check the configuration. +## 8. Check the configuration. Download the [azuread-odm-script.zip](azuread-odm-script.zip) file to your machine and unzip it in your working directory. This .zip file contains scripts and templates to verify and set up ODM. @@ -277,9 +277,9 @@ ``` Where: - - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#retrieve-tenant-and-client-information) + - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#2-retrieve-tenant-and-client-information) - *CLIENT_SECRET* is listed in your ODM Application, section **General** / **Client Credentials** - - *GROUP_ID* is the identifier of the ODM Admin group created in a [previous step](#manage-group-and-user) (ID of the group named *odm-admin*) + - *GROUP_ID* is the identifier of the ODM Admin group created in a [previous step](README.md#manage-groups-and-users) (ID of the group named *odm-admin*) - *SSO_DOMAIN* is the domain name of your SSO. If your AzureAD is connected to another SSO, you should add the SSO domain name in this parameter. If your user has been declared as explained in step **Create at least one user that belongs to this new group**, you can omit this parameter. The following four files are generated into the `output` directory: @@ -307,7 +307,7 @@ This section is optional. - ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.0.0?topic=center-enabling-users-groups) in order to set access security on specific projects. + ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.5.0?topic=center-enabling-users-groups) in order to set access security on specific projects. The Groups and Users import can be done using an LDAP connection. But, if the openId server also provides a SCIM server, then it can also be managed using a SCIM connection. @@ -318,7 +318,7 @@ - [for users](https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0&preserve-view=true) - [for groups](https://learn.microsoft.com/en-us/graph/api/resources/groups-overview?view=graph-rest-1.0&tabs=http) - Then, it will generate a [group-security-configurations.xml](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-optional-user-liberty-configurations#reference_w1b_xhq_2rb__title__3) file that will be consumed using the [Decision Center rest-api](https://www.ibm.com/docs/en/odm/9.0.0?topic=mufdc-creating-users-groups-roles-by-using-rest-api) to populate Groups and Users in the Administration Tab. + Then, it will generate a [group-security-configurations.xml](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-optional-user-liberty-configurations#reference_w1b_xhq_2rb__title__3) file that will be consumed using the [Decision Center rest-api](https://www.ibm.com/docs/en/odm/9.5.0?topic=mufdc-creating-users-groups-roles-by-using-rest-api) to populate Groups and Users in the Administration Tab. In a kubernetes context, this script can be called by a CRON job. Using the new ODM sidecar container mechanism, it can also be managed by the Decision Center pod himself. @@ -356,7 +356,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### a. Installation on OpenShift using Routes - See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. + See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. ```shell helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ @@ -377,7 +377,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### b. Installation using Ingress Refer to the following documentation to install an NGINX Ingress Controller on: - - [Microsoft Azure Kubernetes Service](../../platform/azure/README.md#create-a-nginx-ingress-controller) + - [Microsoft Azure Kubernetes Service](../../platform/azure/README-NGINX.md) - [Amazon Elastic Kubernetes Service](../../platform/eks/README-NGINX.md) - [Google Kubernetes Engine](../../platform/gcloud/README_NGINX.md) @@ -409,7 +409,7 @@ You can now install the product. We will use the PostgreSQL internal database an 1. Get the ODM endpoints. - Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. + Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift you can get the route names and hosts with: ```shell @@ -472,7 +472,7 @@ You can now install the product. We will use the PostgreSQL internal database an ### Access the ODM services -Well done! You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-url) and log in as an ODM admin with the account you created in [the first step](#manage-group-and-user). +Well done! You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-urls) and log in as an ODM admin with the account you created in [the first step](README.md#manage-groups-and-users). ### Set up Rule Designer @@ -502,7 +502,7 @@ To be able to securely connect your Rule Designer to the Decision Server and Dec 4. Restart Rule Designer. -For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule). +For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule). ### Getting Started with IBM Operational Decision Manager for Containers @@ -522,7 +522,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json). -As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. +As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. You can realize a basic authentication ODM runtime call the following way: @@ -552,7 +552,7 @@ curl -H "Content-Type: application/json" -k --data @payload.json \ # Troubleshooting -If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting) +If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting) # License diff --git a/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md b/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md index 8720dfa..e416a6f 100644 --- a/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md +++ b/authentication/AzureAD/README_WITH_PRIVATE_KEY_JWT.md @@ -30,7 +30,7 @@ For additional information regarding the implement in Liberty, please refer to t -1. Create the *ODM application*. +## 1. Create the *ODM application*. In **Microsoft Entra Id** / **Manage** / **App registration**, click **New Registration**: @@ -40,7 +40,7 @@ For additional information regarding the implement in Liberty, please refer to t ![New Web Application](images/RegisterApp.png) -2. Retrieve Tenant and Client information. +## 2. Retrieve Tenant and Client information In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application** and click **Overview**: @@ -49,7 +49,7 @@ For additional information regarding the implement in Liberty, please refer to t ![Tenant ID](images/GetTenantID.png) -3. Register a public certificate. +## 3. Register a public certificate. To manage private key JWT authentication, you need a private certificate (.key file) and a public certificate (.crt file), which should be registered on the ODM client side (RP) application. On the Microsoft Entra ID (OP) side, you are required to register the public certificate. @@ -71,7 +71,7 @@ For additional information regarding the implement in Liberty, please refer to t * Description: `For ODM integration` * Click **Add** -4. Add Claims. +## 4. Add Claims. In **Microsoft Entra Id** / **Manage** / **App registrations**, select **ODM Application**, and in **Manage / Token Configuration**: @@ -96,7 +96,7 @@ For additional information regarding the implement in Liberty, please refer to t * Check **Security Groups** * Click **Add** -5. Create a custom claim named "identity" +## 5. Create a custom claim named "identity" To enable the ODM REST API to use both the 'Password Credentials' flow with email as the user identifier and the 'Client Credentials' flow with client_id as the user identifier, we must establish a new claim named "identity" that will dynamically capture the appropriate value based on the chosen flow: In **Microsoft Entra Id** / **Manage** / **Enterprise applications**, select **ODM Application**, and in **Manage / Single sign-on**: @@ -108,13 +108,13 @@ For additional information regarding the implement in Liberty, please refer to t 1. User Type: Any / Scoped Groups: 0 / Source: Attribute / Value: 2. User Type: Members / Scoped Groups: 0 / Source: Attribute / Value: user.mail -6. API Permissions. +## 6. API Permissions. In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **API Permissions**. * Click **Grant Admin Consent for ** -7. Manifest change. +## 7. Manifest change. In **Microsoft Entra Id** / **Manage** / **App Registration**, select **ODM Application**, and then click **Manifest**. @@ -203,8 +203,8 @@ For additional information regarding the implement in Liberty, please refer to t ``` Where: - - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#retrieve-tenant-and-client-information) - - *GROUP_ID* is the identifier of the ODM Admin group created in [Manage groups and users](README.md#manage-group-and-user) (*ID of `odm-admin`*) + - *TENANT_ID* and *CLIENT_ID* have been obtained from [previous step](#2-retrieve-tenant-and-client-information) + - *GROUP_ID* is the identifier of the ODM Admin group created in [Manage groups and users](README.md#manage-groups-and-users) (*ID of `odm-admin`*) - *SSO_DOMAIN* is the domain name of your SSO. If your AzureAD is connected to another SSO, you should add the SSO domain name in this parameter. If your user has been declared as explained in step **Create at least one user that belongs to this new group**, you can omit this parameter. The following four files are generated into the `outputPKeyJWT` directory: @@ -251,7 +251,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### a. Installation on OpenShift using Routes - See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. + See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. ```shell helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ @@ -268,7 +268,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### b. Installation using Ingress Refer to the following documentation to install an NGINX Ingress Controller on: - - [Microsoft Azure Kubernetes Service](../../platform/azure/README.md#create-a-nginx-ingress-controller) + - [Microsoft Azure Kubernetes Service](../../platform/azure/README-NGINX.md) - [Amazon Elastic Kubernetes Service](../../platform/eks/README-NGINX.md) - [Google Kubernetes Engine](../../platform/gcloud/README_NGINX.md) @@ -296,7 +296,7 @@ You can now install the product. We will use the PostgreSQL internal database an 1. Get the ODM endpoints. - Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. + Refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift you can get the route names and hosts with: ```shell @@ -371,7 +371,7 @@ You can now install the product. We will use the PostgreSQL internal database an ### Access the ODM services -Well done! You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-url) and log in as an ODM admin with the account you created in ['manage groups and users' in the first article](README.md#manage-group-and-user). +Well done! You can now connect to ODM using the endpoints you got [earlier](#register-the-odm-redirect-urls) and log in as an ODM admin with the account you created in ['manage groups and users' in the first article](README.md#manage-groups-and-users). ### Set up Rule Designer @@ -401,7 +401,7 @@ To be able to securely connect your Rule Designer to the Decision Server and Dec 4. Restart Rule Designer. -For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule). +For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule). ### Getting Started with IBM Operational Decision Manager for Containers @@ -421,7 +421,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json). -As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. +As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. You can realize a basic authentication ODM runtime call the following way: @@ -442,7 +442,7 @@ openssl pkcs12 -export -out myodmcompany.p12 -inkey myodmcompany.key -in myodmco keytool -importkeystore -srckeystore myodmcompany.p12 -srcstoretype pkcs12 -srcalias 1 -srcstorepass changeme -destkeystore myodmcompany.jks -deststoretype jks -deststorepass changeme -destalias myalias ``` -Now you can generate the client_assertion following the [ODM documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-generating-json-web-token-client-assertion). +Now you can generate the client_assertion following the [ODM documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-generating-json-web-token-client-assertion). ```shell java -cp $DCLIB/jrules-teamserver.jar:$DCLIB/jose4j-0.9.5.jar:$DCLIB/slf4j-api-1.7.25.jar com.ibm.rules.oauth.ClientAssertionHelper -clientId -tokenEndpoint https://login.microsoftonline.com//oauth2/v2.0/token -keyAliasName myalias -keyStorePwd changeme -keyStoreLocation ./myodmcompany.jks @@ -466,7 +466,7 @@ curl -H "Content-Type: application/json" -k --data @payload.json \ # Troubleshooting -If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting) +If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting) # License diff --git a/authentication/Cognito/README.md b/authentication/Cognito/README.md index fb8a87d..9b2e019 100644 --- a/authentication/Cognito/README.md +++ b/authentication/Cognito/README.md @@ -2,6 +2,7 @@ +- [Configuration of ODM with Amazon Cognito](#configuration-of-odm-with-amazon-cognito) - [Introduction](#introduction) - [What is Amazon Cognito?](#what-is-amazon-cognito) - [About this task](#about-this-task) @@ -13,18 +14,19 @@ - [Create an ODM Admin Group](#create-an-odm-admin-group) - [Add the created user to the odm-admin group](#add-the-created-user-to-the-odm-admin-group) - [Create a dedicated App client for the client-credentials flow](#create-a-dedicated-app-client-for-the-client-credentials-flow) - - [Create A custom claim](#create-a-custom-claim) + - [Create a custom claim](#create-a-custom-claim) - [Deploy ODM on a container configured with Cognito Part 2](#deploy-odm-on-a-container-configured-with-cognito-part-2) - - [Create a secret to use the Entitled Registry](#create-a-secret-to-use-the-entitled-registry) - - [Create secrets to configure ODM with Cognito](#create-secrets-to-configure-odm-with-cognito) + - [Prepare your environment for the ODM installation](#prepare-your-environment-for-the-odm-installation) + - [Create a secret to use the Entitled Registry](#create-a-secret-to-use-the-entitled-registry) + - [Create secrets to configure ODM with Cognito](#create-secrets-to-configure-odm-with-cognito) - [Install your ODM Helm release](#install-your-odm-helm-release) - - [Add the public IBM Helm charts repository](#add-the-public-ibm-helm-charts-repository) - - [Check that you can access the ODM chart](#check-that-you-can-access-the-odm-chart) - - [Run the helm install command](#run-the-helm-install-command) + - [Add the public IBM Helm charts repository](#1-add-the-public-ibm-helm-charts-repository) + - [Check that you can access the ODM chart](#2-check-that-you-can-access-the-odm-chart) + - [Run the helm install command](#3-run-the-helm-install-command) - [a. Installation on OpenShift using Routes](#a-installation-on-openshift-using-routes) - [b. Installation using Ingress](#b-installation-using-ingress) - [Complete post-deployment tasks](#complete-post-deployment-tasks) - - [Register the ODM redirect URLs](#register-the-odm-redirect-urls) + - [Register the ODM redirect URL](#register-the-odm-redirect-url) - [Access the ODM services](#access-the-odm-services) - [Set up Rule Designer](#set-up-rule-designer) - [Getting Started with IBM Operational Decision Manager for Containers](#getting-started-with-ibm-operational-decision-manager-for-containers) @@ -492,7 +494,6 @@ In the **Container software library** tile, verify your entitlement on the **Vie ## Install your ODM Helm release - ### 1. Add the public IBM Helm charts repository ```shell @@ -513,7 +514,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie #### a. Installation on OpenShift using Routes - See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. + See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. ```shell helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ @@ -529,7 +530,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie #### b. Installation using Ingress Refer to the following documentation to install an NGINX Ingress Controller on: - - [Microsoft Azure Kubernetes Service](../../platform/azure/README.md#create-a-nginx-ingress-controller) + - [Microsoft Azure Kubernetes Service](../../platform/azure/README-NGINX.md) - [Amazon Elastic Kubernetes Service](../../platform/eks/README-NGINX.md) - [Google Kubernetes Engine](../../platform/gcloud/README_NGINX.md) @@ -553,7 +554,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie 1. Get the ODM endpoints. - Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. + Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift you can get the route names and hosts with: ``` @@ -629,7 +630,7 @@ In the **Container software library** tile, verify your entitlement on the **Vie 4. Restart Rule Designer. -For more information, refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule). +For more information, refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule). ### Getting Started with IBM Operational Decision Manager for Containers @@ -649,7 +650,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json). -As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise you to use basic authentication for the ODM runtime call for better performance and to avoid token expiration and revocation. +As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise you to use basic authentication for the ODM runtime call for better performance and to avoid token expiration and revocation. You perform a basic authentication ODM runtime call in the following way: @@ -686,7 +687,7 @@ curl -k --data @payload.json \ # Troubleshooting -If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting) +If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting) # License diff --git a/authentication/Keycloak/README.md b/authentication/Keycloak/README.md index c43a189..58c84e3 100644 --- a/authentication/Keycloak/README.md +++ b/authentication/Keycloak/README.md @@ -172,7 +172,7 @@ You can create roles and grant these roles directly to an individual user, or ev * resDeployers * resExecutors - For more information about ODM groups and roles, refer to the [ODM on Kubernetes documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-user-roles-groups). + For more information about ODM groups and roles, refer to the [ODM on Kubernetes documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-user-roles-groups). 2. Create a group for ODM administrators. @@ -460,7 +460,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### a. Installation on OpenShift using Routes - See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. + See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. ```shell helm install my-odm-release ibm-helm/ibm-odm-prod \ @@ -478,7 +478,7 @@ You can now install the product. We will use the PostgreSQL internal database an #### b. Installation using Ingress Refer to the following documentation to install an NGINX Ingress Controller on: - - [Microsoft Azure Kubernetes Service](../../platform/azure/README.md#create-a-nginx-ingress-controller) + - [Microsoft Azure Kubernetes Service](../../platform/azure/README-NGINX.md) - [Amazon Elastic Kubernetes Service](../../platform/eks/README-NGINX.md) - [Google Kubernetes Engine](../../platform/gcloud/README_NGINX.md) @@ -504,7 +504,7 @@ You can now install the product. We will use the PostgreSQL internal database an 1. Get the ODM endpoints. - Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. + Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift you can get the route names and hosts with: ```shell @@ -586,7 +586,7 @@ To be able to securely connect your Rule Designer to the Decision Server and Dec 4. Restart Rule Designer. -For more information, refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule). +For more information, refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule). ### Getting Started with IBM Operational Decision Manager for Containers @@ -606,7 +606,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json). -As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise you to use basic authentication for the ODM runtime call for better performance and to avoid token expiration and revocation. +As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise you to use basic authentication for the ODM runtime call for better performance and to avoid token expiration and revocation. You perform a basic authentication ODM runtime call in the following way: @@ -636,7 +636,7 @@ If you want to perform a bearer authentication ODM runtime call using the Client # Troubleshooting -If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting) +If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting) # License diff --git a/authentication/Keycloak/README_FINE_GRAIN_PERMISSION.md b/authentication/Keycloak/README_FINE_GRAIN_PERMISSION.md index fe052bd..ee399e5 100644 --- a/authentication/Keycloak/README_FINE_GRAIN_PERMISSION.md +++ b/authentication/Keycloak/README_FINE_GRAIN_PERMISSION.md @@ -3,9 +3,9 @@ ## Table of Contents - [Introduction](#introduction) -- [Deploy on OpenShift a custom Keycloak service with a SCIM Server](#deploy-on-openShift-a-custom-keycloak-service-with-a-scim-server) +- [Deploy on OpenShift a custom Keycloak service with a SCIM Server](#deploy-on-openshift-a-custom-keycloak-service-with-a-scim-server) - [Build the Keycloak docker image embedding the open source SCIM plug-in](#build-the-keycloak-docker-image-embedding-the-open-source-scim-plug-in) - - [Push the image on the OpenShift Cluster](#push-the-image-on-the-openShift-cluster) + - [Push the image on the OpenShift Cluster](#push-the-image-on-the-openshift-cluster) - [Deploy Keycloak Service using the keycloak-scim image](#deploy-keycloak-service-using-the-keycloak-scim-image) - [Configure an ODM Application with Keycloak dashboard](#configure-an-odm-application-with-keycloak-dashboard) - [Deploy an Open LDAP Service](#deploy-an-open-ldap-service) @@ -27,7 +27,7 @@ # Introduction -ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.0.0?topic=center-managing-users-groups-from-business-console) in order to set access security on specific projects. +ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.5.0?topic=center-managing-users-groups-from-business-console) in order to set access security on specific projects. The Groups and Users import can be done using an LDAP connection. But, if the openId server also provides a SCIM server, then it can also be managed using a SCIM connection. @@ -346,7 +346,7 @@ Make sure that you finish [Complete post-deployment tasks](README.md#complete-po # Manage Security on ODM Decision Service Project -ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.0.0?topic=center-managing-users-groups-from-business-console) in order to set access security on specific projects. +ODM Decision Center allows to [manage users and groups from the Business console](https://www.ibm.com/docs/en/odm/9.5.0?topic=center-managing-users-groups-from-business-console) in order to set access security on specific projects. Now, we will manage the following scenario. We will load the "Loan Validation Service" and "Miniloan Service" projects that are available at the getting started repository. We will only provide access to the "Loan Validation Service" project for users belonging at the "TaskAuditors" group. We will only provide access to the "Miniloan Service" project for users belonging at the "TaskUsers" group. diff --git a/authentication/Okta/README.md b/authentication/Okta/README.md index ed6f523..c2ea7a1 100644 --- a/authentication/Okta/README.md +++ b/authentication/Okta/README.md @@ -289,9 +289,9 @@ In this step, we augment the token with meta-information that is required by the Where: - *OKTA_API_SCOPE* has been defined [above](#configure-the-default-authorization-server) (*odmapiusers*) - - *OKTA_SERVER_NAME* has been obtained from [previous step](#retrieve-okta-server-information) + - *OKTA_SERVER_NAME* has been obtained from previous step. (Retrieve Okta Server information) - Both *OKTA_CLIENT_ID* and *OKTA_CLIENT_SECRET* are listed in your ODM Application, section **Applications** / **Applications** / **ODM Application** / **General** / **Client Credentials** - - *OKTA_ODM_GROUP* is the ODM Admin group we created in a [previous step](#manage-group-and-user) (*odm-admin*) + - *OKTA_ODM_GROUP* is the ODM Admin group we created in a [previous step](#manage-groups-and-users) (*odm-admin*) The files are generated into the `output` directory. @@ -321,7 +321,7 @@ In this step, we augment the token with meta-information that is required by the ``` ``` NAME CHART VERSION APP VERSION DESCRIPTION - ibm-helm/ibm-odm-prod 24.1.0 9.0.0.1 IBM Operational Decision Manager + ibm-helm/ibm-odm-prod 25.0.0 9.5.0.0 IBM Operational Decision Manager ``` 3. Run the `helm install` command. @@ -329,7 +329,7 @@ In this step, we augment the token with meta-information that is required by the You can now install the product. We will use the PostgreSQL internal database and disable the data persistence (`internalDatabase.persistence.enabled=false`) to avoid any platform complexity concerning persistent volume allocation. ``` - helm install my-odm-release ibm-helm/ibm-odm-prod --version 24.1.0 \ + helm install my-odm-release ibm-helm/ibm-odm-prod --version 25.0.0 \ --set image.repository=cp.icr.io/cp/cp4a/odm --set image.pullSecrets=icregistry-secret \ --set oidc.enabled=true \ --set internalDatabase.persistence.enabled=false \ @@ -343,14 +343,14 @@ In this step, we augment the token with meta-information that is required by the > ``` > --set internalDatabase.runAsUser='' --set customization.runAsUser='' --set service.enableRoute=true > ``` - > See [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. + > See [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for additional information. ## Complete post-deployment tasks ### Register the ODM redirect URLs 1. Get the ODM endpoints. - You can refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the ODM endpoints. + You can refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the ODM endpoints. For example, on OpenShift you can get the route names and hosts with: ``` @@ -411,7 +411,7 @@ To be able to securely connect your Rule Designer to the Decision Server and Dec 4. Restart Rule Designer. -For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=designer-importing-security-certificate-in-rule). +For more information, refer to the [documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=designer-importing-security-certificate-in-rule). ### Getting Started with IBM Operational Decision Manager for Containers @@ -432,7 +432,7 @@ Deploy the **Loan Validation Service** production_deployment ruleapps using the You can retrieve the payload.json from the ODM Decision Server Console or use [the provided payload](payload.json) -As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.0.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. +As explained in the ODM on Certified Kubernetes documentation [Configuring user access with OpenID](https://www.ibm.com/docs/en/odm/9.5.0?topic=access-configuring-user-openid), we advise to use basic authentication for the ODM runtime call for performance reasons and to avoid the issue of token expiration and revocation. You can realize a basic authentication ODM runtime call in the following way: @@ -462,7 +462,7 @@ But if you want to execute a bearer authentication ODM runtime call using the Cl # Troubleshooting -If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#Troubleshooting) +If you encounter any issue, have a look at the [common troubleshooting explanation](../README.md#troubleshooting) # License diff --git a/contrib/monitor/mpmetrics/README.md b/contrib/monitor/mpmetrics/README.md index 3195fe3..318976f 100644 --- a/contrib/monitor/mpmetrics/README.md +++ b/contrib/monitor/mpmetrics/README.md @@ -77,7 +77,7 @@ Create the monitor-secret You can now install the product. We will use the PostgreSQL internal database and disable data persistence (`internalDatabase.persistence.enabled=false`) to avoid any platform complexity with persistent volume allocation. -See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.0.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. +See the [Preparing to install](https://www.ibm.com/docs/en/odm/9.5.0?topic=production-preparing-install-operational-decision-manager) documentation for more information. ```shell helm install my-odm-release ibm-helm/ibm-odm-prod \ diff --git a/contrib/monitor/opentelemetry/README.md b/contrib/monitor/opentelemetry/README.md index 655131b..198d9e7 100644 --- a/contrib/monitor/opentelemetry/README.md +++ b/contrib/monitor/opentelemetry/README.md @@ -150,7 +150,7 @@ Using **-Dotel.traces.exporter=otlp** JVM options, no OTEL traces are exported i After instantiating ODM by populating it with the sample data, we are ready to directly execute some Decision Server Runtime calls. -Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. +Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift, you can obtain the route names and hosts with the following commands: diff --git a/contrib/secrets-store/README.md b/contrib/secrets-store/README.md index ba5a89e..ea919a9 100644 --- a/contrib/secrets-store/README.md +++ b/contrib/secrets-store/README.md @@ -271,7 +271,7 @@ It replaces the K8s secret that would have been created with (again, don't do th kubectl create secret generic mynicecompanytlssecret --from-file=tls.crt=mynicecompany.crt --from-file=tls.key=mynicecompany.key ``` -The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.0.0?topic=servers-server-certificates). +The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.5.0?topic=servers-server-certificates). We also would like to create a Basic Registry configuration to be used as authSecretRef (refer to both accompanying files group-security-configurations.xml and webSecurity.xml). It will allow some "mat" guy to connect to ODM components. First upload their contents to HashiCorp Vault: diff --git a/platform/azure/README-Azure-SQL-MI.md b/platform/azure/README-Azure-SQL-MI.md index d6439ae..e922c56 100644 --- a/platform/azure/README-Azure-SQL-MI.md +++ b/platform/azure/README-Azure-SQL-MI.md @@ -2,7 +2,7 @@ This page provides instructions on setting up IBM® Operational Decision Manager (ODM) with Azure SQL Managed Instance (MI). -Search for 'Azure SQL' among the available services and create a SQL Managed Instance or a Single instance: +Search for 'Azure SQL' among the available services and create a **SQL Managed Instance** with Resource type: `Single instance`: ![Single instance](images/sqlmi-select_offer.png) @@ -10,24 +10,28 @@ Choose the desired Resource Group for deploying the SQL Managed Instance and spe ![Basics configuration](images/sqlmi-basics.png) -Click the link 'Configure Managed Instance' and reduce the number of CPUs allocated to the instance: +Click the link `Configure Managed Instance` that is next to the *Compute + storage* parameter under **Managed Instance details** section. + +Reduce the number of CPUs allocated for the instance to 4 vCores and apply the changes: ![Resources configuration](images/sqlmi-resources.png) -Back to basics, select `Use SQL authentication` as Authentication method and then fill in admin login and password values: +Back to **Basics** tab, select the option `Use SQL authentication` as **Authentication method** and then fill in admin login and password values: ![Authentication](images/sqlmi-authentication.png) -In the Networking tab, enable `Public endpoint` and allow access from `Azure services`: +In the **Networking** tab, enable `Public endpoint` and allow access from `Azure services`: > NOTE: It is not recommended to use a public IP. In a production environment, you should use a private IP. ![Network access](images/sqlmi-network.png) -You can now review your configuration and proceed to create the Managed Instance. While it can take up to six hours, in most cases, it is created in approximately one hour: +Click the **Review + create** button to review your configuration and proceed to create the Managed Instance. While it can take up to six hours, in most cases, it is created in approximately one hour: ![Review](images/sqlmi-review.png) -Once the SQL Managed Instance is operational, you have the ability to establish a database within it: +Once the SQL Managed Instance is operational, you have the ability to establish a database within it. + +Click **+ New database** to create one with `odmdb` as *Database name*: ![New database](images/sqlmi-newdb.png) @@ -35,7 +39,7 @@ Later you'll need the FQDN for your SQL MI; it can be found as `Host` in the ins ![SQL MI Overview](images/sqlmi-overview.png) -The port to use should always be 3342 but you can verify it in the public JDBC connection string from your SQL Managed Instance: +The port to use should always be 3342. You can verify it in the public *JDBC* connection string of your SQL Managed Instance (under **Setting** section): ![JDBC string](images/sqlmi-jdbcstring.png) @@ -49,27 +53,27 @@ kubectl create secret generic --from-literal=db-user= > [!WARNING] > db-user must not contain the `@` part! -Then you can deploy ODM with: - You can now install the product. - Get the [aks-sqlmi-values.yaml](./aks-sqlmi-values.yaml) file and replace the following keys: - `` is your registry secret name - - `` is your flexible postgres server name - `` is the database credentials secret name - `` is the container certificate - - `` is the password to login with the basic registry users like `odmAmin` + - `` is the password to login with the basic registry users like `odmAdmin` - `` is the name of the SQL managed instance - `` is the identifier of the dnsZone of the SQL managed instance +> [!NOTE] +> Make sure that you have created the registry secret and also the container certificate secret as explained in [Prepare your environment for the ODM installation](README.md#prepare-your-environment-for-the-odm-installation). + ```shell -helm install ibmcharts/ibm-odm-prod --version 24.1.0 -f aks-sqlmi-values.yaml +helm install ibm-helm/ibm-odm-prod --version 25.0.0 -f aks-sqlmi-values.yaml ``` Other deployment options (especially using NGINX) and IBM License Service usage are explained in the [NGINX README](README-NGINX.md). ## Troubleshooting -If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting-support). +If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-troubleshooting-support). ## Getting Started with IBM Operational Decision Manager for Containers diff --git a/platform/azure/README-NGINX.md b/platform/azure/README-NGINX.md index bf6bb97..4126067 100644 --- a/platform/azure/README-NGINX.md +++ b/platform/azure/README-NGINX.md @@ -16,7 +16,7 @@ Installing an NGINX Ingress controller allows you to access ODM components throu 1. Use the official YAML manifest: ```shell - kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.12.0-beta.0/deploy/static/provider/cloud/deploy.yaml + kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.12.1/deploy/static/provider/cloud/deploy.yaml ``` > [!NOTE] @@ -51,14 +51,14 @@ You can now install the product. - `` is your flexible postgres server name - `` is the database credentials secret name - `` is the container certificate - - `` is the password to login with the basic registry users like `odmAmin` + - `` is the password to login with the basic registry users like `odmAdmin` ```shell -helm install ibmcharts/ibm-odm-prod --version 24.1.0 -f aks-nginx-values.yaml +helm install ibm-helm/ibm-odm-prod --version 25.0.0 -f aks-nginx-values.yaml ``` > [!NOTE] -> By default, the NGINX Ingress controller does not enable sticky session. If you want to use sticky session to connect to DC, refer to [Using sticky session for Decision Center connection](../../contrib/sticky-session/README.md) +> By default, the NGINX Ingress controller does not enable sticky session. If you want to use sticky session to connect to DC, refer to [Using sticky session for Decision Center connection](../../contrib/sticky-session/README.md#configuring-ingress-to-use-sticky-sessions) ### Edit the file /etc/hosts on your host @@ -101,7 +101,7 @@ Where: This section explains how to track ODM usage with the IBM License Service. -Follow the **Installation** section of the [Manual installation without the Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.9?topic=ils-installing-license-service-without-operator-lifecycle-manager-olm) documentation. +Follow the **Installation** section of the [Manual installation without the Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=ilsfpcr-installing-license-service-without-operator-lifecycle-manager-olm) documentation. ### Patch the IBM Licensing instance with Nginx configuration @@ -140,11 +140,11 @@ Otherwise, you can also retrieve the licensing report .zip file by running: curl "http://${LICENSING_URL}/snapshot?token=${TOKEN}" --output report.zip ``` -If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.9?topic=service-troubleshooting-license). +If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=service-troubleshooting-license). ## Troubleshooting -If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting-support). +If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-troubleshooting-support). ## Getting Started with IBM Operational Decision Manager for Containers diff --git a/platform/azure/README.md b/platform/azure/README.md index aef3e0b..f2c2702 100644 --- a/platform/azure/README.md +++ b/platform/azure/README.md @@ -11,7 +11,7 @@ The ODM on Kubernetes Docker images are available in the [IBM Entitled Registry] The project comes with the following components: -- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0) +- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0) - [Azure Database for PostgreSQL](https://docs.microsoft.com/en-us/azure/postgresql/) - [Azure Kubernetes Service (AKS)](https://docs.microsoft.com/en-us/azure/aks/) - [Network concepts for applications in AKS](https://docs.microsoft.com/en-us/azure/aks/concepts-network) @@ -29,10 +29,9 @@ First, install the following software on your machine: Then, [create an Azure account and pay as you go](https://azure.microsoft.com/en-us/pricing/purchase-options/pay-as-you-go/). > [!NOTE] -> Prerequisites and software supported by ODM 9.0.0 are listed in [the Detailed System Requirements page](https://www.ibm.com/support/pages/ibm-operational-decision-manager-detailed-system-requirements). +> Prerequisites and software supported by ODM 9.5.0 are listed in [the Detailed System Requirements page](https://www.ibm.com/support/pages/ibm-operational-decision-manager-detailed-system-requirements). ## Steps to deploy ODM on Kubernetes to Azure AKS - - [Included components](#included-components) @@ -57,7 +56,7 @@ Source: https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough After installing the Azure CLI, use the following command line: -``` +```shell az login [--tenant .onmicrosoft.com] ``` @@ -65,7 +64,7 @@ A web browser opens where you can connect with your Azure credentials. ### Create a resource group -An Azure resource group is a logical group in which Azure resources are deployed and managed. When you create a resource group, you are asked to specify a location. This location is where resource group metadata is stored. It is also where your resources run in Azure, if you do not specify another region during resource creation. Create a resource group by running the `az group create` command. +An Azure resource group is a logical group in which Azure resources are deployed and managed. When you create a resource group, you will be prompted to specify a location. This location is where resource group metadata is stored. It is also where your resources run in Azure, if you do not specify another region during resource creation. To get a list of available locations, run: @@ -73,10 +72,10 @@ To get a list of available locations, run: az account list-locations -o table ``` -Then, create the resource group: +Then, create a resource group by running the following command: ```shell -az group create --name --location [--tags Owner= Team=DBA Usage=demo Usage_desc="Azure customers support" Delete_date=2023-12-31] +az group create --name --location --tags Owner= Team= Usage=demo Usage_desc="Azure customers support" Delete_date=2025-12-31 ``` The following example output shows that the resource group has been created successfully: @@ -90,32 +89,40 @@ The following example output shows that the resource group has been created succ "properties": { "provisioningState": "Succeeded" }, - "tags": null + "tags": { + "Delete_date": "2025-12-31", + "Owner": "", + "Team": "", + "Usage": "demo", + "Usage_desc": "Azure customers support" + }, + "type": "Microsoft.Resources/resourceGroups" } ``` ### Create an AKS cluster -Use the `az aks create` command to create an AKS cluster. The following example creates a cluster named with two nodes. Azure Monitor for containers is also enabled using the `--enable-addons monitoring` parameter. The operation takes several minutes to complete. - -> [!NOTE] -> During the creation of the AKS cluster, a second resource group is automatically created to store the AKS resources. For more information, see [Why are two resource groups created with AKS](https://docs.microsoft.com/en-us/azure/aks/faq#why-are-two-resource-groups-created-with-aks). +Use the `az aks create` command to create an AKS cluster. The following example creates a cluster named with two nodes. Azure Monitor for containers can also be enabled by using the `--enable-addons monitoring` parameter. The operation takes several minutes to complete. ```shell az aks create --name --resource-group --node-count 2 \ --enable-cluster-autoscaler --min-count 2 --max-count 4 --generate-ssh-keys ``` +> [!NOTE] +> During the creation of the AKS cluster, a second resource group is automatically created to store the AKS resources. For more information, see [Why are two resource groups created with AKS](https://docs.microsoft.com/en-us/azure/aks/faq#why-are-two-resource-groups-created-with-aks). -After a few minutes, the command completes and returns JSON-formatted information about the cluster. Make a note of the newly-created Resource Group that is displayed in the JSON output (e.g. "nodeResourceGroup": "") if you have to tag it, for example: +After a few minutes, the command completes and returns JSON-formatted information about the cluster. + +Make a note of the newly-created Resource Group that is displayed in the JSON output (e.g. `"nodeResourceGroup": ""`). You can update the resource with additional tags. For example: ```shell az group update --name \ - --tags Owner= Team=DBA Usage=demo Usage_desc="Azure customers support" Delete_date=2024-12-31 + --tags Owner= Team= Usage=demo Usage_desc="Azure customers support" Delete_date=2025-12-31 ```         ### Set up your environment to this cluster -To manage a Kubernetes cluster, use `kubectl`, the Kubernetes command-line client. If you use Azure Cloud Shell, kubectl is already installed. To install kubectl locally, use the `az aks install-cli` command: +To manage a Kubernetes cluster, you will need to use `kubectl`, the Kubernetes command-line client. If you use `Azure Cloud Shell`, kubectl is already installed. Otherwise, to use `kubectl` locally, run the the following command to install the client: ```shell az aks install-cli @@ -137,8 +144,8 @@ The following example output shows the single node created in the previous steps ``` NAME STATUS ROLES AGE VERSION -aks-nodepool1-27504729-vmss000000 Ready agent 21m v1.29.9 -aks-nodepool1-27504729-vmss000001 Ready agent 21m v1.29.9 +aks-nodepool1-27504729-vmss000000 Ready agent 21m v1.31.7 +aks-nodepool1-27504729-vmss000001 Ready agent 21m v1.31.7 ``` ## Create the PostgreSQL Azure instance (10 min) @@ -178,7 +185,7 @@ Result: "availabilityZone": "2", "backup": { "backupRetentionDays": 7, - "earliestRestoreDate": "2024-11-21T10:10:16.007641+00:00", + "earliestRestoreDate": "2025-04-29T09:37:34.208183+00:00", "geoRedundantBackup": "Disabled" }, "cluster": null, @@ -207,7 +214,7 @@ Result: "startHour": 0, "startMinute": 0 }, - "minorVersion": "8", + "minorVersion": "12", "name": "", "network": { "delegatedSubnetResourceId": null, @@ -241,7 +248,7 @@ Result: "type": "" }, "systemData": { - "createdAt": "2024-11-21T10:05:19.405443+00:00", + "createdAt": "2025-04-29T09:31:58.093917+00:00", "createdBy": null, "createdByType": null, "lastModifiedAt": null, @@ -254,7 +261,7 @@ Result: } ``` -Make a note of the server name that is displayed in the JSON output (e.g. "fullyQualifiedDomainName": ".postgres.database.azure.com") as it will be used later to deploy ODM with `helm install`. +Make a note of the server name that is displayed in the JSON output (e.g. `"fullyQualifiedDomainName": ".postgres.database.azure.com"`) as it will be used later to deploy ODM with `helm install`. ### Create a firewall rule that allows access from Azure services @@ -292,7 +299,6 @@ $ kubectl create secret docker-registry --docker-server=cp.icr. --docker-password="" \ --docker-email= ``` - Where: * \ is the secret name @@ -300,14 +306,15 @@ Where: * \ is the email address associated with your IBMid. > [!NOTE] -> The cp.icr.io value for the docker-server parameter is the only registry domain name that contains the images. You must set the docker-username to `cp` to use an entitlement key as docker-password. +> The `cp.icr.io` value for the `docker-server` parameter is the only registry domain name that contains the images. You must set the `docker-username` to `cp` to use an entitlement key as docker-password. + +Make a note of the secret name so that you can set it for the `image.pullSecrets` parameter when you run a helm install of your containers. The `image.repository` parameter should be set to `cp.icr.io/cp/cp4a/odm`. -Make a note of the secret name so that you can set it for the image.pullSecrets parameter when you run a helm install of your containers. The image.repository parameter will later be set to cp.icr.io/cp/cp4a/odm. Add the public IBM Helm charts repository: ```shell -helm repo add ibmcharts https://raw.githubusercontent.com/IBM/charts/master/repo/ibm-helm +helm repo add ibm-helm https://raw.githubusercontent.com/IBM/charts/master/repo/ibm-helm helm repo update ``` @@ -315,8 +322,8 @@ Check that you can access the ODM charts: ```shell helm search repo ibm-odm-prod -NAME CHART VERSION APP VERSION DESCRIPTION -ibmcharts/ibm-odm-prod 24.1.0 9.0.0.1 IBM Operational Decision Manager License By in... +NAME CHART VERSION APP VERSION DESCRIPTION +ibm-helm/ibm-odm-prod 25.0.0 9.5.0.0 IBM Operational Decision Manager License By in... ``` ### Manage a digital certificate (10 min) @@ -340,7 +347,7 @@ openssl req -x509 -nodes -days 1000 -newkey rsa:2048 -keyout mynicecompany.key \ kubectl create secret generic --from-file=tls.crt=mynicecompany.crt --from-file=tls.key=mynicecompany.key ``` -The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.0.0?topic=servers-server-certificates). +The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.5.0?topic=servers-server-certificates). ## Install an ODM Helm release and expose it with the service type LoadBalancer (10 min) @@ -361,10 +368,10 @@ You can now install the product. - `` is your flexible postgres server name - `` is the database credentials secret name - `` is the container certificate - - `` is the password to login with the basic registry users like `odmAmin` + - `` is the password to login with the basic registry users like `odmAdmin` ```shell -helm install ibmcharts/ibm-odm-prod --version 24.1.0 -f aks-values.yaml +helm install ibm-helm/ibm-odm-prod --version 25.0.0 -f aks-values.yaml ``` Where: @@ -406,7 +413,7 @@ You can then open a browser on `https://xxx.xxx.xxx.xxx:9453` to access Decision This section explains how to track ODM usage with the IBM License Service. -Follow the **Installation** section of the [Installation License Service without Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.9?topic=ils-installing-license-service-without-operator-lifecycle-manager-olm) documentation. +Follow the **Installation** section of the [Installation License Service without Operator Lifecycle Manager (OLM)](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=ilsfpcr-installing-license-service-without-operator-lifecycle-manager-olm) documentation. #### a. Expose the licensing service using the AKS LoadBalancer @@ -420,7 +427,7 @@ Wait a couple of minutes for the changes to be applied. Then, you should see an EXTERNAL-IP available for the exposed licensing service. ```shell -oc get service -n ibm-licensing +kubectl get service -n ibm-licensing NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ibm-licensing-service-instance LoadBalancer 10.0.58.142 xxx.xxx.xxx.xxx 8080:32301/TCP 10m ``` @@ -435,14 +442,14 @@ kubectl patch IBMLicensing instance --type merge --patch-file licensing-instance Wait a couple of minutes for the changes to be applied. -You can find more information and use cases on [this page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.9?topic=configuration-configuring-kubernetes-ingress). +You can find more information and use cases on [this page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=configuring-kubernetes-ingress). > **Note** -> If you choose to use the NGINX Ingress Controller, you must use the [licensing-instance-nginx.yaml](./licensing-instance-nginx.yaml) file. Refer to [Track ODM usage with the IBM License Service with NGINX Ingress Controller](README-NGINX.md#track-odm-usage-with-the-ibm-license-service-with-nginx-ingress-controller). +> If you choose to use the NGINX Ingress Controller, you must use the [licensing-instance-nginx.yaml](./licensing-instance-nginx.yaml) file. Refer to [Deploying IBM Operational Decision Manager with NGINX Ingress Controller on Azure AKS](README-NGINX.md#install-the-ibm-license-service-and-retrieve-license-usage). ### Retrieve license usage -You will be able to access the IBM License Service by retrieving the URL with this command: +You will be able to access the IBM License Service by retrieving the URL and the required token with this command: ```bash export LICENSING_URL=$(kubectl get service ibm-licensing-service-instance -n ibm-licensing -o jsonpath='{.status.loadBalancer.ingress[0].ip}') @@ -450,7 +457,7 @@ export TOKEN=$(kubectl get secret ibm-licensing-token -n ibm-licensing -o jsonpa ``` > **Note** -> If `LICENSING_URL` is empty, take a look at the [troubleshooting](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.9?topic=service-troubleshooting-license) page. +> If `LICENSING_URL` is empty, take a look at the [troubleshooting](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=service-troubleshooting-license) page. You can access the `http://${LICENSING_URL}:8080/status?token=${TOKEN}` URL to view the licensing usage or retrieve the licensing report .zip file by running: @@ -458,11 +465,11 @@ You can access the `http://${LICENSING_URL}:8080/status?token=${TOKEN}` URL to v curl "http://${LICENSING_URL}:8080/snapshot?token=${TOKEN}" --output report.zip ``` -If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cpfs?topic=software-troubleshooting). +If your IBM License Service instance is not running properly, refer to this [troubleshooting page](https://www.ibm.com/docs/en/cloud-paks/foundational-services/4.12.0?topic=service-troubleshooting-license). ## Troubleshooting -If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting-support). +If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-troubleshooting-support). ## Getting Started with IBM Operational Decision Manager for Containers diff --git a/platform/azure/licensing-instance-nginx.yaml b/platform/azure/licensing-instance-nginx.yaml index 221aabb..406b4eb 100644 --- a/platform/azure/licensing-instance-nginx.yaml +++ b/platform/azure/licensing-instance-nginx.yaml @@ -8,7 +8,7 @@ spec: httpsEnable: false ingressEnabled: true ingressOptions: + ingressClassName: nginx annotations: - kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/rewrite-target: '/$2' path: /ibm-licensing-service-instance(/|$)(.*) diff --git a/platform/eks/README-ECR.md b/platform/eks/README-ECR.md index 8bdaa87..f064d3e 100644 --- a/platform/eks/README-ECR.md +++ b/platform/eks/README-ECR.md @@ -4,13 +4,13 @@ The following steps explain how to use a bastion host to mirror the ODM on Kuber A bastion host is a host connected to both the private registry (Amazon ECR) and the public container registry. The related instructions in the online documentation are: -- [Setting up a host to mirror images to a private registry](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-setting-up-host-mirror-images-private-registry) -- [Setting environment variables and downloading CASE files](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-setting-environment-variables-downloading-case-files) -- [Option 1: Mirroring images to a private container registry with a bastion server](https://www.ibm.com/docs/en/odm/9.0.0?topic=mipr-option-1-mirroring-images-private-container-registry-bastion-server) +- [Setting up a host to mirror images to a private registry](https://www.ibm.com/docs/en/odm/9.5.0?topic=installation-setting-up-host-mirror-images-private-registry) +- [Setting environment variables and downloading CASE files](https://www.ibm.com/docs/en/odm/9.5.0?topic=installation-setting-environment-variables-downloading-case-files) +- [Option 1: Mirroring images to a private container registry with a bastion server](https://www.ibm.com/docs/en/odm/9.5.0?topic=mipr-option-1-mirroring-images-private-container-registry-bastion-server) ## Prerequisites: -- Install the following tools on your bastion host (if needed, refer to [Setting up a host to mirror images to a private registry](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-setting-up-host-mirror-images-private-registry)): +- Install the following tools on your bastion host (if needed, refer to [Setting up a host to mirror images to a private registry](https://www.ibm.com/docs/en/odm/9.5.0?topic=installation-setting-up-host-mirror-images-private-registry)): - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html) - Docker or Podman - OCP CLI (oc) @@ -58,7 +58,7 @@ The related instructions in the online documentation are: The command creates a flat directory structure under `~/.ibm-pak/data/cases/$CASE_NAME/$CASE_VERSION` that contains the ibm-odm-prod.tgz CASE files, a folder that contains the ibm-odm-prod Helm charts, and two CSV files that contain the list of images and the list of charts associated with the CASE. - For more information about this step, refer to [Setting environment variables and downloading CASE files](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-setting-environment-variables-downloading-case-files). + For more information about this step, refer to [Setting environment variables and downloading CASE files](https://www.ibm.com/docs/en/odm/9.5.0?topic=installation-setting-environment-variables-downloading-case-files). ### b. Mirror the ODM images to the ECR registry @@ -119,7 +119,7 @@ The related instructions in the online documentation are: > Note: Only the container images needed for your architecture are uploaded into the registry when specifying the option `--filter-by-os ".*/${ARCHITECTURE}"` - For more information about these commands, see [Mirroring images to a private container registry](https://www.ibm.com/docs/en/odm/9.0.0?topic=installation-mirroring-images-private-container-registry). + For more information about these commands, see [Mirroring images to a private container registry](https://www.ibm.com/docs/en/odm/9.5.0?topic=installation-mirroring-images-private-container-registry). You can check the repositories and the images available using the commands below : @@ -161,7 +161,7 @@ The related instructions in the online documentation are: You can find the Helm chart version related to a given CASE version: - - For a release: in the page [Upgrading ODM releases on Certified Kubernetes](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-upgrading-odm-releases-certified-kubernetes). + - For a release: in the page [Upgrading ODM releases on Certified Kubernetes](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-upgrading-odm-releases-certified-kubernetes). - For an interim fix: click the link for your version of ODM in the page [Operational Decision Manager Interim Fixes](https://www.ibm.com/support/pages/operational-decision-manager-interim-fixes) and then check the table "Interim fix for ODM on Certified Kubernetes". diff --git a/platform/eks/README.md b/platform/eks/README.md index 704c274..0a9d10a 100644 --- a/platform/eks/README.md +++ b/platform/eks/README.md @@ -9,7 +9,7 @@ The ODM on Kubernetes Docker images are available in the [IBM Cloud Container Re ## Included components The project uses the following components: -- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0?topic=operational-decision-manager-certified-kubernetes-900) +- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0?topic=operational-decision-manager-certified-kubernetes-950) - [Amazon Elastic Kubernetes Service (Amazon EKS)](https://aws.amazon.com/eks/) - [Amazon Relational Database Service (Amazon RDS)](https://aws.amazon.com/rds/) - [AWS Application Load Balancer (ALB)](https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html) diff --git a/platform/gcloud/README.md b/platform/gcloud/README.md index e361c6d..5d44fd3 100644 --- a/platform/gcloud/README.md +++ b/platform/gcloud/README.md @@ -14,7 +14,7 @@ The ODM on Kubernetes Docker images are available in the [IBM Entitled Registry] The project comes with the following components: -- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0?topic=operational-decision-manager-certified-kubernetes-900) +- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0?topic=operational-decision-manager-certified-kubernetes-950) - [Google Kubernetes Engine (GKE)](https://cloud.google.com/kubernetes-engine) - [Google Cloud SQL for PostgreSQL](https://cloud.google.com/sql) - [IBM License Service](https://github.com/IBM/ibm-licensing-operator) @@ -48,13 +48,13 @@ Without the relevant billing level, some Google Cloud resources will not be crea -- [Prepare your GKE instance 30 min](#prepare-your-gke-instance-30-min) -- [Create the Google Cloud SQL PostgreSQL instance 10 min](#create-the-google-cloud-sql-postgresql-instance-10-min) -- [Prepare your environment for the ODM installation 10 min](#prepare-your-environment-for-the-odm-installation-10-min) -- [Manage a digital certificate 2 min](#manage-a-digital-certificate-2-min) -- [Install the ODM release 10 min](#install-the-odm-release-10-min) -- [Access ODM services](#access-odm-services) -- [Track ODM usage with the IBM License Service](#track-odm-usage-with-the-ibm-license-service) +- [1. Prepare your GKE instance 30 min](#1-prepare-your-gke-instance-30-min) +- [2. Create the Google Cloud SQL PostgreSQL instance 10 min](#2-create-the-google-cloud-sql-postgresql-instance-10-min) +- [3. Prepare your environment for the ODM installation 10 min](#3-prepare-your-environment-for-the-odm-installation-10-min) +- [4. Manage a digital certificate 2 min](#4-manage-a-digital-certificate-2-min) +- [5. Install the ODM release 10 min](#5-install-the-odm-release-10-min) +- [6. Access ODM services](#6-access-odm-services) +- [7. Track ODM usage with the IBM License Service](#7-track-odm-usage-with-the-ibm-license-service) @@ -230,7 +230,7 @@ openssl req -x509 -nodes -days 1000 -newkey rsa:2048 -keyout mynicecompany.key \ kubectl create secret tls mynicecompany-tls-secret --key mynicecompany.key --cert mynicecompany.crt ``` -The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.0.0?topic=servers-server-certificates) and [Working with certificates and SSL](https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html). +The certificate must be the same as the one you used to enable TLS connections in your ODM release. For more information, see [Server certificates](https://www.ibm.com/docs/en/odm/9.5.0?topic=servers-server-certificates) and [Working with certificates and SSL](https://docs.oracle.com/cd/E19830-01/819-4712/ablqw/index.html). ### 5. Install the ODM release (10 min) @@ -400,7 +400,7 @@ If your IBM License Service instance is not running properly, refer to this [tro ## Troubleshooting -If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting). +If your ODM instances are not running properly, refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-troubleshooting). ## Getting Started with IBM Operational Decision Manager for Containers diff --git a/platform/gcloud/README_NGINX.md b/platform/gcloud/README_NGINX.md index 8c60c72..52167f5 100644 --- a/platform/gcloud/README_NGINX.md +++ b/platform/gcloud/README_NGINX.md @@ -54,7 +54,7 @@ kubectl apply -f licensing-instance-NGINX.yaml -n ibm-licensing ## Troubleshooting -If your ODM instances are not running properly, please refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.0.0?topic=900-troubleshooting-support). +If your ODM instances are not running properly, please refer to [our dedicated troubleshooting page](https://www.ibm.com/docs/en/odm/9.5.0?topic=950-troubleshooting-support). ## License diff --git a/platform/minikube/README.md b/platform/minikube/README.md index 630b31a..0fc2bf0 100644 --- a/platform/minikube/README.md +++ b/platform/minikube/README.md @@ -10,7 +10,7 @@ The ODM on Kubernetes Docker images are available in the [IBM Entitled Registry] ## Included Components -- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.0.0?topic=operational-decision-manager-certified-kubernetes-900) +- [IBM Operational Decision Manager](https://www.ibm.com/docs/en/odm/9.5.0?topic=operational-decision-manager-certified-kubernetes-950) - [Kubernetes Minikube](https://minikube.sigs.k8s.io/docs/) ## Test environment diff --git a/platform/roks/README.md b/platform/roks/README.md index 1096365..1ea0917 100644 --- a/platform/roks/README.md +++ b/platform/roks/README.md @@ -14,7 +14,7 @@ The ODM on Kubernetes Docker images are available in the [IBM Cloud Container Re The project uses the following components: -- [IBM Operational Decision Manager](https://ibmdocs-test.dcs.ibm.com/docs/en/odm/9.0.0?topic=operational-decision-manager-certified-kubernetes-900) +- [IBM Operational Decision Manager](https://ibmdocs-test.dcs.ibm.com/docs/en/odm/9.5.0?topic=operational-decision-manager-certified-kubernetes-950) - [IBM Cloud](https://cloud.ibm.com/login) ## Tested environment @@ -127,7 +127,7 @@ oc get pods ### 4. Access the ODM services   -Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.0.0?topic=tasks-configuring-external-access) to retrieve the endpoints. +Refer to [this documentation](https://www.ibm.com/docs/en/odm/9.5.0?topic=tasks-configuring-external-access) to retrieve the endpoints. For example, on OpenShift you can get the route names and hosts with: ```bash diff --git a/repo/stable/index.yaml b/repo/stable/index.yaml index 0af3668..38cf385 100644 --- a/repo/stable/index.yaml +++ b/repo/stable/index.yaml @@ -7,7 +7,7 @@ entries: description: 'IBM Operational Decision Manager for Developers License By installing this product you accept the following license terms: https://www14.software.ibm.com/cgi-bin/weblap/lap.pl?li_formnum=L-RBPW-WQTC4A' digest: 8cf16813b48a51c168ad515f3272e8b3c4b116549c2f4b7d45efeec1d6b1defb - home: https://www.ibm.com/docs/en/odm/9.0.0?topic=kubernetes-installing-odm-developers + home: https://www.ibm.com/docs/en/odm/9.5.0?topic=kubernetes-installing-odm-developers icon: https://raw.githubusercontent.com/ODMDev/ruledesigner/master/icons/automation-decision.png keywords: - OperationalDecisionManager @@ -171,7 +171,7 @@ entries: description: 'IBM Operational Decision Manager License By installing this product you accept the following license terms: https://www14.software.ibm.com/cgi-bin/weblap/lap.pl?li_formnum=L-SJDA-MUA6UZ' digest: 6ab8415971373da4a91df0f2cbf31b5cb5ffeff621ceb15b17f8ae8bd2682f84 - home: https://www.ibm.com/docs/en/odm/9.0.0?topic=production-installing-helm-release-odm + home: https://www.ibm.com/docs/en/odm/9.5.0?topic=production-installing-helm-release-odm icon: https://raw.githubusercontent.com/ODMDev/ruledesigner/master/icons/automation-decision.png keywords: - OperationalDecisionManager