IBM Sustainability Software - Ideas Portal


This portal is to open public enhancement requests against the products and services belonging to IBM Sustainability Software. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Future consideration
Workspace IBM MAS - Manage (Base)
Categories Integration
Created by Guest
Created on Jul 23, 2025

RELATED IDEAS

Support Additional Network on MAS Manage to connect to external resources (for example Database)

To achieve network segregation and enhance security, we should connect to external resources (for example, the MAS Manage database) through an additional network dedicated to that traffic, separate from the default OpenShift cluster network. OpenShift allows this configuration using a NetworkAttachmentDefinition by editing the default cluster network object.
We have tested this configuration by modifying the relevant MAS Manage deployments (adding an annotation), and it works. However, this change is not persistent during updates of the Manage objects and is not officially supported.

Idea priority Urgent
Needed By Yesterday (Let's go already!)
  • Post comment
  • Guest
    Sep 2, 2025

    Thank you for your follow-up. Please find below the requested details regarding the customer's configuration and observations:

    1. How are you using this? Share resource definition YAML files that show the bigger picture of this additional network in the context of the OCP cluster.

    Customer configured a dedicated network interface using the OpenShift Network Operator. Specifically, the object networks.operator.openshift.io/cluster was modified to include an additionalNetworks entry with the following configuration:


    spec:

    additionalNetworks:

    - name: db-ens224

    namespace: default

    rawCNIConfig: '{

    "cniVersion": "0.3.1",

    "name": "db-ens224",

    "type": "macvlan",

    "master": "ens224",

    "mode": "bridge",

    "ipam": {

    "type": "whereabouts",

    "routes": [

    { "dst": "172.50.88.0/24" }

    ],

    "range": "172.50.88.0/24",

    "exclude": [

    "172.50.88.1", "172.50.88.254", "172.50.88.44", "172.50.88.47",

    "172.50.88.49", "172.50.88.50", "172.50.88.51", "172.50.88.52",

    "172.50.88.53", "172.50.88.54", "172.50.88.154"

    ]

    }

    }'

    type: Raw

    2. What annotations are being applied, and to which resources?

    The annotation below was then added to the relevant deployments:

    annotations:

    k8s.v1.cni.cncf.io/networks: default/db-ens224

    This enables the Manage pods to use the dedicated network interface to connect to the external Oracle database.

    This annotation is currently applied to the following deployments in the manage namespace:

    • manage-maxinst

    • all

    These deployments are responsible for establishing connectivity with the external Oracle DB.


    3. Regarding persistence: Are the annotations being removed from the resources?

    At this time, the customer has not observed the annotations being removed automatically (exept for ACM update). However, clarification is being sought on whether this configuration will persist across:

    • Operator reconciliation cycles

    • MAS Manage updates

    • MAS Manage upgrades

    IBM Support indicated that, since the annotations are manually added and operators typically use patch operations, the changes should persist unless explicitly overwritten. The customer is monitoring this behavior to confirm.


    Reply
  • Admin
    Lisa Stuckless
    Aug 20, 2025

    Could you please provide more information:

    • How are you using this? Share resource definition yaml files that show the bigger picture of this additional network in the context of the OCP cluster.

    • What annotations are you applying, what resources are you applying them to?

    • When you say that the change is not persistant, are saying that the annotations are being removed from the resources?

      • Some of resources lose annotations, all of them do?

      • When are they being removed? Every reconcile cycle, or just when Manage is updated to a new version, or just when Manage is upgrade to a new release, or something else?

    Specific information would be helpful to determine the Idea for future consideration. Thank you

    Reply

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.