Configuring the Manager Node

Throughout this guide, you have configured mgt.iots310.wso2.com as the manager node.

Let's start configuring the Manager node.

1. Configure the HostName and  MgtHostName properties in the <IOTS_HOME>/conf/carbon.xml file as shown below.

   <HostName>iots310.wso2.com</HostName>
   <MgtHostName>mgt.iots310.wso2.com</MgtHostName>

   Make sure to have the Offset property configured to zero. If it is set to a value other than zero, you need to update the NGINX configuration based on the port offset.

2. Configure the <IOTS_HOME>/bin/iotserver.sh file as shown below:

   -Diot.manager.host="mgt.iots310.wso2.com" \
   -Diot.manager.https.port="443" \
   -Diot.core.host="iots310.wso2.com" \
   -Diot.core.https.port="443" \
   -Diot.keymanager.host="keymgt.iots310.wso2.com" \
   -Diot.keymanager.https.port="443" \
   -Diot.gateway.host="gateway.iots310.wso2.com" \
   -Diot.gateway.https.port="443" \
   -Diot.gateway.http.port="80" \
   -Diot.gateway.carbon.https.port="443" \
   -Diot.gateway.carbon.http.port="80" \
   -Diot.apimpublisher.host="gateway.iots310.wso2.com" \
   -Diot.apimpublisher.https.port="443" \
   -Diot.apimstore.host="gateway.iots310.wso2.com" \
   -Diot.apimstore.https.port="443" \

3. The publisher and store of the app manager run on manager node. Configuring the app manager:

   1. Configure the following properties in the  <IOTS_HOME>/repository/deployment/server/jaggeryapps/store/config/store.json file for SSO by replacing  https://localhost:9443 with https://keymgt.iots310.wso2.com.

      • identityProviderURL

      • storeAcs

      "ssoConfiguration":{
            "enabled":true,
            "issuer":"store",
            "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
            "keyStorePassword":"wso2carbon",
            "identityAlias":"wso2carbon",
            "responseSigningEnabled":"true",
            "storeAcs":"https://mgt.iots310.wso2.com/store/acs",
            "keyStoreName":"/repository/resources/security/wso2carbon.jks",
            "validateAssertionValidityPeriod":true,
            "validateAudienceRestriction":true,
            "assertionSigningEnabled":true
      },

   2. Configure the following properties in the  <IOTS_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json file for SSO by replacing  https://localhost:9443  with  https://keymgt.iots310.wso2.com .

      • identityProviderURL

      • publishereAcs

      "ssoConfiguration":{
            "enabled":true,
            "issuer":"publisher",
            "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
            "keyStorePassword":"wso2carbon",
            "identityAlias":"wso2carbon",
            "responseSigningEnabled":"true",
            "publisherAcs":"https://mgt.iots310.wso2.com/publisher/sso",
            "keyStoreName":"/repository/resources/security/wso2carbon.jks",
            "validateAssertionValidityPeriod":true,
            "validateAudienceRestriction":true,
            "assertionSigningEnabled":true
       }

   3. Configure the AppDownloadURLHost property in the <IOTS_HOME>/conf/app-manager.xml to point to  http://mgt.iots310.wso2.com .

      <Config name="AppDownloadURLHost">http://mgt.iots310.wso2.com</Config>

4. Configure the following properties in the  <IOTS_HOME>/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json file for SSO by replacing  https://localhost:9443  with  https://keymgt.iots310.wso2.com .

   "ssoConfiguration":{
         "enabled":"true",
         "issuer":"API_STORE",
         "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
         "keyStorePassword":"",
         "identityAlias":"",
         "responseSigningEnabled":"true",
         "assertionSigningEnabled":"true",
         "keyStoreName":"",
         "passive":"false",
         "signRequests":"true",
         "assertionEncryptionEnabled":"false"
   },

5. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/android-web-agent/app/conf/config.json file to update the Android agent download URL.

   "generalConfig":{
         "host":"https://mgt.iots310.wso2.com",
         "companyName":"WSO2 IoT Server",
         "browserTitle":"WSO2 IoT Server",
         "copyrightText":"\u00A9 %date-year%, WSO2 Inc. (http://www.wso2.org) All Rights Reserved."
   },

6. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/devicemgt/app/conf/config.json file to update the URL of the QR code, which will be used to enroll a device by scanning the QR code.
   

   "generalConfig":{
         "host":"https://mgt.iots310.wso2.com",
         "companyName":"WSO2 Carbon Device Manager",
         "browserTitle":"WSO2 Device Manager",
         "copyrightPrefix":"\u00A9 %date-year%, ",
         "copyrightOwner":"WSO2 Inc.",
         "copyrightOwnersSite":"http://www.wso2.org",
         "copyrightSuffix":" All Rights Reserved."
   },

7. Start the core profile of WSO2 IoT Server.

   cd <IOTS_HOME>/bin
   ./iot-server.sh

8. Optionally, enable the device status monitoring task on the manager node and disable it on the other nodes. Open the <IOTS_HOME>/conf/cdm-config.xml file and make sure the DeviceStatusTaskConfig is enabled. This configuration is enabled by default. For more information, see Monitoring the Device Status.

   In a clustered environment make sure to enable this task only in the manager node and not the worker nodes. Else, the server crashes when the worker nodes start pushing notifications along with the manager node. 

9. Optionally, open the <IOTS_HOME>/conf/cdm-config.xml file and make sure the SchedulerTaskEnabled that is under PushNotificationConfiguration is enabled. This configuration is enabled by default. For more information, see Scheduling the Push Notification Task.

   In a clustered environment make sure to enable this task only in the manager node and not the worker nodes. Else, the server crashes when the worker nodes start pushing notifications along with the manager node. 

What's next?

Next, let's configure the worker nodes.