Deploy Oracle Blockchain Platform Enterprise Edition on a Red Hat OpenShift On-Premises Cluster

Before deploying Oracle Blockchain Platform Enterprise Edition, you must have a Red Hat OpenShift Enterprise cluster running and you must install several prerequisites.

The instructions in this topic are a guideline suggesting how you might deploy Oracle Blockchain Platform Enterprise Edition on Red Hat OpenShift on premises. Before actually attempting this, particularly for production environments, you should familiarize yourself with the Red Hat OpenShift documentation which supersedes any information in this topic.

Red Hat OpenShift: OpenShift Container Platform 4.17 Documentation
Red Hat OpenShift on-premises installation documentation: Installing an on-premise cluster

Create a Red Hat OpenShift Cluster

Your cluster must meet the requirements outlined in the Red Hat OpenShift documentation outlined here: OpenShift Container Platform Prerequisites

Recommended minimum specifications for your cluster worker nodes:

	Production with High Availability
Node CPU	4 CPUs or higher
Node Memory	32 GB or higher
Node Count	3 or higher
Boot volume size	100 GB or higher

Install the OpenShift CLI (oc) so that you can access your cluster. See OpenShift CLI.

Verfiy that you're connected to OpenShift.

oc get nodes

This command should return the list of master and worker nodes and their status.

Install Oracle Blockchain Platform Enterprise Edition

Set the istio profile. You must have completed the steps in Install Istio before running the following commands.

istioctl install --set profile=openshift --set
values.pilot.env.ENABLE_TLS_ON_SIDECAR_INGRESS=true --set components.cni.enabled=true --set
values.cni.repair.deletePods="true"

Download Oracle Blockchain Platform: Oracle Blockchain Platform.
Extract the zip package and find the runme script for OpenShift.
Update the runme-input.yaml file with the required values. The following example runme-input.yaml file can be used as reference:
```
imageRegistryConfiguration:
  registry: <container_registry_name>
  imageTagPrefix: <container-image-repository-prefix>
  username: <container-registry-username>
 
imageReleaseVersion: 24.1.3-20240723083137
 
controlPlaneStorage:
  storageClassName: 
  size: 10Gi
  
parentDomainName: example.com
#imagePullTimeout: Use this field to customize the wait time (in seconds) for pulling the required container images from the repository. Default is 1800 seconds.
  imagePullTimeout: 1800
```
Note:
We recommend setting up the container registry in your environment so that the image pulls are faster. If you are using your own container registry, use the imageReleaseVersion value of 24.1.3-20240723083137.
In the previous example, the variables are defined as shown in the following list:
- imageRegistryConfiguration.registry: Container registry server to use.
- imageRegistryConfiguration.imageTagPrefix: Container base repository path with the registry, where the images will be pushed to and pulled from. Example: registryname.rhoscr.io/obpee/bcs
- imageRegistryConfiguration.username: Container registry login user name.
- imageReleaseVersion - Oracle Blockchain Platform Enterprise Edition release version
- controlPlaneStorage.storageClassName: Kubernetes storage class to use for PVC (PersistentVolumeClaim). If empty, the default storageClass is used
- controlPlaneStorage.size: PVC size for Blockchain Platform Manager (control plane) services
- parentDomainName: Domain name to use for Blockchain Platform Manager services. Example: example.com. Blockchain Platform Manager and service console URLs will contain this domain name.
- imagePullTimeout: Image pull wait timeout in seconds during Oracle Blockchain Platform Enterprise Edition installation. Default is 1800 seconds.
Open runme_openshift.sh in an editor, and comment out the following two lines:
- openshift_status_check
- check_software_exists "crc"
Run runme_openshift.sh and complete the steps as prompted:
```
chmod +x runme_openshift.sh

./runme_openshift.sh --publish-images
# The publish-images option uploads the containers to the container image registry specified in runme-input.yaml
# Running the script without this option pulls images you've already pre-uploaded from the repository specified in runme-input.yaml
```
The prompts you'll encounter:
- Enter OpenLDAP admin password - This will be used by Blockchain Platform Manager and users will be created on this OpenLDAP server.
- Enter Control Plane Admin password - This password will be for the Oracle Blockchain Platform admin user and will be used for first time log in into the Blockhain Platform Manager console.
- Enter the registry login password for the user specified in run-input.yaml - This is used to connect to the container repository.
- The script installs the following services under the obp-cp namespace:
  - control-plane
  - openldap
  - obp-auth-server
  - obp-operator
  - hlf-operator
Get the Istio ingress gateway service's external IP address:
```
kubectl get svc/istio-ingressgateway -n istio-system
```
Add the following line as required to one of these files on the host used to connect to the Blockchain Platform Manager console:
- Linux or macOS: /etc/hosts
- Windows: C:\Windows\system32\drivers\etc\hosts
```
<public_svc_ip> controlplane.<parentDomainName> openldap.<parentDomainName> auth.<parentDomainName>
```
where <public_svc_ip> is the public, external IP address from the previous step.

Postrequisites

You're now ready to log on to the Oracle Blockchain Platform for the first time and provision an instance.