Prerequisites

Ensure that the following tools, utilities, and cluster requirements prerequisites are met:

Kuberenetes Tool Requirements

Install the following Kubernetes tools:
Tool Version References
Helm 4.1.0 Install the Helm CLI
Helmfile 1.2.3 Set up your helmfile
kubectl 1.32.2 Set up Kubernetes Tools on Your Computer
Bash 3.2.57 NA
oc (OpenShift CLI) 4.20.1 Install OpenShift CLI
yq 4.x github.com/mikefarah/yq
jq 1.7.1 jqlang.github.io/jq
skopeo 1.21.0 Required for load-images.sh
To verify the above tools are present in your computer, run the following commands:
CODE 
# Check all required tools
helm version --short
helmfile version
kubectl version --client
oc version --client
yq --version
jq --version
bash --version | head -1

# For image loading
skopeo --version

Essential Linux Tools

Ensure that have the standard utilities such as sed, awk, grep, curl, base64, and so on.

Kubernetes Cluster Requirements

Ensure that you have the following cluster requirements:
  • OpenShift version 4.18 or higher.
  • Network connectivity to the API server.
  • Storage provisoner to create storage volumes as needed.
    Note: To support dynamic provisioning, the administrator must define a default StorageClass, it enables pods to fulfill PersistentVolumeClaims automatically.

Hardware Specification

The following table describes the minimum hardware specification to deploy Virtual Appliance using Persistent Volume Claim (PVC) with default storage class:

Profile Specification Min Node Count Max Agents Max Metrics/Minute EUM Beacons/Minute Synthetic Sessions/Minute OpenTelemetry Spans/Minute
Browser Mobile
Medium

32 vCPUs, 128 GB RAM, 200 GB OS Disk, and 3 TB SSD Data Disk

4

3500

600,000

20000

40000

15000

48000
Extra Large

96 vCPUs, 384 GB RAM, 200 GB OS Disk, and 10 TB SSD Data Disk

5

14,500

2,600,000

80000

160000

60000

1.28,000

Service Account Privileges

Ensure that the user or service account has the following privileges:

  • Create and manage namespaces
  • Create Custom Resource Definitions (CRDs)
  • Create ClusterRoles and ClusterRoleBindings
  • Manage Security Context Constraints (SCCs)
  • Patch IngressController resources

Use cluster-admin role or equivalent for the user or service account.

CODE 
# Login with cluster-admin
oc login --token=<token> --server=<api-server>
# OR
oc login -u cluster-admin -p '<password>' <api-server>

# Verify current privileges (Following list is minimal)
oc auth can-i create namespaces
oc auth can-i create customresourcedefinitions
oc auth can-i create clusterroles

Configure the Kuberenetes Cluster

Run the deploy-byok.sh script:

This script automatically patches the Ingress Controller during the preparation phase by running the following command internally.

JSON 
kubectl patch ingresscontroller default -n openshift-ingress-operator --type=merge \-p '{"spec":{"routeAdmission":{"namespaceOwnership":"InterNamespaceAllowed"}}}'
Note: Ensure the service account used for cluster deployment has the required permissions to run this command.

Download the BYOK Deployer

Complete the following steps to download the Bring Your Own Kubernetes (BYOK) build:
  1. Log in to the Downloads portal using your credentials.
  2. In Downloads, select the Virtual Appliance tab.
  3. Select BYOK from the Type list.
  4. Select Download.
  5. Run this command to extract the file contents.
    CODE 
    tar -xzvf <filename.tar.gz>
    Example:
    CODE 
    tar -xzvf byok8s.tar.gz
The extracted files and folders will appear in your computer as follows:
PYTHON 
byok8s/
├── install.sh                       # Install helper (./install.sh <profile>)
├── uninstall.sh                     # Uninstall helper (./uninstall.sh)
├── deploy-byok.sh                   # Core deployment engine (used by install/uninstall)
├── config/                          # Configuration files
│   ├── globals.yaml.gotmpl          # Main configuration file
│   ├── secrets.yaml.template        # Secrets template
│   ├── secrets.yaml                 # Actual secrets (copy from template and fill in)
│   ├── license.lic                  # License file (place here)
│   ├── namespaces.conf              # Namespace definitions
│   └── pull-secret.conf             # Pull secret configuration
├── scripts/                         # Utility scripts
│   ├── find-available-service-ip.sh # Service CIDR IP finder for CoreDNS
│   ├── load-images.sh               # Image loading for air-gapped environments
│   ├── create-pull-secrets.sh       # Pull secret creation
│   ├── create-namespaces.sh         # Namespace creation
│   └── update-license.sh            # License update script
├── appd-charts/                     # Core AppDynamics charts
├── aiops-charts/                    # AIOps charts
├── otis-charts/                     # OTIS charts
├── atd-charts/                      # ATD charts
├── uil-charts/                      # UIL charts
└── secapp-charts/                   # SecureApp charts
    └── secureapp-byok.sh            # SecureApp operations script