Unknown macro: {next_previous_link3}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Current »

Throughout this guide, you have configured mgt.iots310.wso2.com as the manager node.

Before you begin

  • Mount the registry as explained here.
  • Configure the following databases for the Key Manager in the <IOTS_HOME>/conf/datasources/master-datasources.xml file.
    For more information, see Setting Up the Databases for Clustering.
    • Registry database
    • User manager database
    • APIM database
    • App manager database and include the social and storage database schemas to the same database.
    • CDM database and include the certificate management, android, iOS and windows database schemas to the same database.

Let's start configuring the Manager node.

  1. Configure the HostName and  MgtHostName properties in the <IOTS_HOME>/conf/carbon.xml file as shown below.

    <HostName>iots310.wso2.com</HostName>
    <MgtHostName>mgt.iots310.wso2.com</MgtHostName>

    Make sure to have the Offset property configured to zero. If it is set to a value other than zero, you need to update the NGINX configuration based on the port offset.

  2. Configure the <IOTS_HOME>/bin/iotserver.sh file as shown below:

    -Diot.manager.host="mgt.iots310.wso2.com" \
    -Diot.manager.https.port="443" \
    -Diot.core.host="iots310.wso2.com" \
    -Diot.core.https.port="443" \
    -Diot.keymanager.host="keymgt.iots310.wso2.com" \
    -Diot.keymanager.https.port="443" \
    -Diot.gateway.host="gateway.iots310.wso2.com" \
    -Diot.gateway.https.port="443" \
    -Diot.gateway.http.port="80" \
    -Diot.gateway.carbon.https.port="443" \
    -Diot.gateway.carbon.http.port="80" \
    -Diot.apimpublisher.host="gateway.iots310.wso2.com" \
    -Diot.apimpublisher.https.port="443" \
    -Diot.apimstore.host="gateway.iots310.wso2.com" \
    -Diot.apimstore.https.port="443" \
  3. The publisher and store of the app manager run on manager node. Configuring the app manager:

    1. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/store/config/store.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

      • identityProviderURL

      • storeAcs
      "ssoConfiguration":{
            "enabled":true,
            "issuer":"store",
            "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
            "keyStorePassword":"wso2carbon",
            "identityAlias":"wso2carbon",
            "responseSigningEnabled":"true",
            "storeAcs":"https://mgt.iots310.wso2.com/store/acs",
            "keyStoreName":"/repository/resources/security/wso2carbon.jks",
            "validateAssertionValidityPeriod":true,
            "validateAudienceRestriction":true,
            "assertionSigningEnabled":true
      },
    2. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/publisher/config/publisher.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

      • identityProviderURL

      • publishereAcs
      "ssoConfiguration":{
            "enabled":true,
            "issuer":"publisher",
            "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
            "keyStorePassword":"wso2carbon",
            "identityAlias":"wso2carbon",
            "responseSigningEnabled":"true",
            "publisherAcs":"https://mgt.iots310.wso2.com/publisher/sso",
            "keyStoreName":"/repository/resources/security/wso2carbon.jks",
            "validateAssertionValidityPeriod":true,
            "validateAudienceRestriction":true,
            "assertionSigningEnabled":true
       }
    3. Configure the AppDownloadURLHost property in the <IOTS_HOME>/conf/app-manager.xml to point to http://mgt.iots310.wso2.com.

      <Config name="AppDownloadURLHost">http://mgt.iots310.wso2.com</Config>
  4. Configure the following properties in the <IOTS_HOME>/repository/deployment/server/jaggeryapps/api-store/site/conf/site.json file for SSO by replacing https://localhost:9443 with https://keymgt.iots310.wso2.com.

    "ssoConfiguration":{
          "enabled":"true",
          "issuer":"API_STORE",
          "identityProviderURL":"https://keymgt.iots310.wso2.com/samlsso",
          "keyStorePassword":"",
          "identityAlias":"",
          "responseSigningEnabled":"true",
          "assertionSigningEnabled":"true",
          "keyStoreName":"",
          "passive":"false",
          "signRequests":"true",
          "assertionEncryptionEnabled":"false"
    },
  5. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/android-web-agent/app/conf/config.json file to update the Android agent download URL.

    "generalConfig":{
          "host":"https://mgt.iots310.wso2.com",
          "companyName":"WSO2 IoT Server",
          "browserTitle":"WSO2 IoT Server",
          "copyrightText":"\u00A9 %date-year%, WSO2 Inc. (http://www.wso2.org) All Rights Reserved."
    },
  6. Configure the <IOTS_HOME>/repository/deployment/server/jaggeryapps/devicemgt/app/conf/config.json file to update the URL of the QR code, which will be used to enroll a device by scanning the QR code.
    "generalConfig":{
          "host":"https://mgt.iots310.wso2.com",
          "companyName":"WSO2 Carbon Device Manager",
          "browserTitle":"WSO2 Device Manager",
          "copyrightPrefix":"\u00A9 %date-year%, ",
          "copyrightOwner":"WSO2 Inc.",
          "copyrightOwnersSite":"http://www.wso2.org",
          "copyrightSuffix":" All Rights Reserved."
    },
  7. Start the core profile of WSO2 IoT Server.
    cd <IOTS_HOME>/bin
    ./iot-server.sh
  8. Optionally, enable the device status monitoring task on the manager node and disable it on the other nodes. Open the <IOTS_HOME>/conf/cdm-config.xml file and make sure the DeviceStatusTaskConfig is enabled. This configuration is enabled by default. For more information, see Monitoring the Device Status.

    In a clustered environment make sure to enable this task only in the manager node and not the worker nodes. Else, the server crashes when the worker nodes start pushing notifications along with the manager node. 

  9. Optionally, open the <IOTS_HOME>/conf/cdm-config.xml file and make sure the SchedulerTaskEnabled that is under PushNotificationConfiguration is enabled. This configuration is enabled by default. For more information, see Scheduling the Push Notification Task.

    In a clustered environment make sure to enable this task only in the manager node and not the worker nodes. Else, the server crashes when the worker nodes start pushing notifications along with the manager node. 

What's next?

Next, let's configure the worker nodes.

  • No labels