Onboard IEM-Pro¶
To onboard IEM-Pro use following commands:
Add IEHUB configuration¶
$ iectl config add iehub \
--user "email@siemens.com" \ # iehub username
--password "password" # iehub password
--url "https://iehub-url" \ # iehub url
--name "demoiehub" \ # iehub name
Create IEM-instance on IEHUB¶
$ iectl iehub instance-management create \
--name "demoiem-instance" \ # iem-instance name
--description \ # iem-instance description
Download config file of created IEM-instance¶
$ iectl iehub instance-management get-details \
--name "demoiem-instance" \ # IEM name
--filepath "./config.json" \ # Local file path to write the content in a file. Example ./config.json
Onboard IEM using download config file¶
$ iectl provision install \
"./config.json" \
--set global.hostname="IEM IP" \
--set global.iemAdminPassword="IEM password" \
--set global.iamAdminPassword="IEM password" \
--set central-auth.keycloak.initialUser.username="IEM username" \
--set central-auth.keycloak.initialUser.email="IME user email" \
--set global.certChain=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUdIVENDQkFXZ0F3SUJBZ0lVRHdGL3VPaTdZQ #update output of : cat /path/to/certChain.crt | base64 -w 0 \
--set kong.deployment.hostNetwork=true \
--set kong.dnsPolicy=ClusterFirstWithHostNet \
--set kong.proxy.tls.hostPort=443 \
--set kong.proxy.http.hostPort=80 \
--set kong.containerSecurityContext.capabilities.add={NET_BIND_SERVICE} \
--set kong.containerSecurityContext.runAsGroup=0 \
--set kong.containerSecurityContext.runAsNonRoot=false \
--set kong.containerSecurityContext.runAsUser=0 \
--set kong.proxy.http.containerPort=80 \
--set kong.proxy.tls.containerPort=443 \
--set kong.deployment.daemonset=true \
--set kong.env.SSL_CERT=/etc/secrets/kongcert/tls.crt \
--set kong.env.SSL_CERT_KEY=/etc/secrets/kongcert/tls.key \
--set kong.secretVolumes.kong-proxy-tls=kongcert \
--set device-catalog.workflowexecutor.enabled=true \
--set device-catalog.firmwaremanagement.enabled=true \