VMware Pulse IoT Center Administration Guide

VMware Pulse IoT Center 2.0.0

You can find the most up-to-date technical documentation on the VMware website at:

https://docs.vmware.com/

If you have comments about this documentation, submit your feedback to

docfeedback@vmware.com

VMware, Inc.3401 Hillview Ave.Palo Alto, CA 94304www.vmware.com

Copyright © 2019 VMware, Inc. All rights reserved. Copyright and trademark information.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 2

Contents

1 Introduction 4

2 Before You Begin 5

3 Deployment Topology 10Topology Diagram 10

Order of Deployment 12

4 Deploy the VMware Pulse IoT Center Load Balancer Node OVA 13

5 Set Up the VMware Pulse IoT Center Load Balancer Node 19

6 Deploy a VMware Pulse IoT Center Server Node OVA 21

7 Set Up the VMware Pulse IoT Center Server Node 27

8 Certificate Management 30Replace the Load Balancer Certificate 30

Replace the Server Node Certificate with a Custom Certificate Bundle 31

9 License Management 34

10 System Notification 35

11 Backup and Recovery 36

VMware, Inc. 3

Introduction 1The VMware Pulse IoT Center Server Administration Guide describes the prerequisites and steps to deploy the VMware Pulse IoT Center OVA on VMware vCenter.

This guide also describes how to configure the VMware Pulse IoT Center Node using the VMware Pulse IoT Center Administration console.

VMware, Inc. 4

Before You Begin 2Before you proceed, ensure that you have performed the following tasks:

n Create an Address Record (A Record) and a Pointer Record (PTR) for both forward and reverse resolution in the DNS using the hostname and IP address. VMware Pulse IoT Center generates a self-signed certificate based on this DNS.

VMware Pulse IoT Center recommends using host names that are resolvable through DNS. Select an appropriate hostname for your VMware Pulse IoT Center server and add it to the DNS record for both forward and reverse lookup. It involves creating an A Record that maps the hostname to the IP address of the VMware Pulse IoT Center server, and a PTR that maps the IP address to the hostname of the VMware Pulse IoT Center server. You can test the configuration using the nslookup command for Windows operating systems and dig command for Linux or Mac operating systems.

Example: Assuming that the hostname is pulse-iot-110-11.test.com and the corresponding IP address is 192.0.2.255, the following commands ensure that these records are set up correctly by your network administrator. You can test the setup from an existing Windows or Linux operating system in the vCenter Server environment where VMware Pulse IoT Center is being deployed.

On Windows operating system: Forward look up (Hostname to IP address).

>>> nslookup pulse-iot-110-11.test.com

Server: UnKnown

Address: 198.51.100.0

Name: pulse-iot-110-11.test.com.localdomain

Addresses: 192.0.2.255

192.0.2.255

On Windows operating system: Reverse look up (IP address to hostname).

>>> nslookup 192.0.2.255

Server: UnKnown

Address: 198.51.100.0

Name: pulse-iot-110-11.test.com

Address: 192.0.2.255

VMware, Inc. 5

On a Linux/Mac operating system: Forward look up (Hostname to IP address).

$ dig pulse-iot-110-11.test.com

; <<>> DiG 9.10.6 <<>> pulse-iot-110-11.test.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16081

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0,

ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;pulse-iot-110-11.test.com. IN A

;; ANSWER SECTION:

pulse-iot-110-11.test.com. 3600 IN A 192.0.2.255

;; Query time: 3 msec

;; SERVER: 10.112.64.1#53(10.112.64.1)

;; WHEN: Wed May 22 12:55:15 IST 2019

;; MSG SIZE rcvd: 76

On a Linux/Mac operating system: Reverse look up (IP address to hostname).

$ dig -x 192.0.2.255

; <<>> DiG 9.10.6 <<>> -x 10.196.177.90

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46182

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;90.177.196.10.in-addr.arpa. IN PTR

;; ANSWER SECTION:

90.177.196.10.in-addr.arpa. 3600 IN PTR pulse-

iot-110-11.test.com

;; Query time: 2 msec

;; SERVER: 10.112.64.1#53(10.112.64.1)

;; WHEN: Wed May 22 12:57:28 IST 2019

;; MSG SIZE rcvd: 100

n Ensure that the vCenter access is set up with at least 100 GB of hard disk space for a single node deployment. For information related to capacity, see the VMware Pulse IoT Center 2.0.0 Sizing Guide.

n Ensure that network objects are created and configured in vSphere to deploy the virtual machine. For ports exposed and to be controlled, refer to the Topology Diagram.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 6

n If you do not intend to use the default SSL certificates that the OVA generates during deployment, ensure that the SSL certificates from trusted certificate authorities (CAs) or private CAs are present. SSL certificates must be packaged in the PKCS12 format with the complete certificate chain in the order of intermediate to root, and must follow the signing hierarchy. It is recommended that a certificate is valid for at least two years.

n To access the VMware Pulse IoT Center console and the VMware Pulse IoT Administration console, you must enable port numbers 443 and 8443 in the network. VMware Pulse IoT Center instance consists of multiple nodes (VMs) where the application services are exposed on port 443 and the VMware Pulse IoT Center Administration console is exposed on the port 8443. The port 8443 is used only by administrators who are installing and configuring the VMware Pulse IoT Center and is not meant for users who are accessing features of VMware Pulse IoT Center.

n Ensure that port 25, the default SMTP port, is reachable from the VMware Pulse IoT Center server to the SMTP server, and the connections are TLS enabled.

n Ensure that you have a valid license key. Evaluation period is for 30 days.

Application-Specific OVF PropertiesThe following table lists the OVF properties used during deployment.

Property Name Description

Pulse IoTC Host Name The external host name for the Pulse IoTC Server as FQDN.

Admin Password for Node Management The node password for the VMware Pulse IoT Center Administration console. The user name is nodeadmin and is consistent across all nodes.

You can reset the nodeadmin password using the script /etc/bootstrap/utils/reset_nodeadmin_password.sh.

Initial root password The initial root password used to access the nodes shell through the SSH login.

Note The password cannot be recovered if lost. Ensure that you safeguard the password.

Join Pulse Instance For Node 1, leave this text box blank.For Node 2 and 3, enter the IP address or FQDN of Node 1.

Default Gateway The default gateway address for the virtual machine. Leave this text box blank if you prefer DHCP.

Domain Name The domain name of the virtual machine. Leave this text box blank if you prefer DHCP.

Domain Name Servers The comma-separated IP addresses of the domain name servers for the virtual machine. Leave this text box blank if you prefer DHCP.

Domain Search Path The comma separated or space separated domain search path for the virtual machine. Leave this text box blank if you prefer DHCP.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 7

Property Name Description

Network 1 IP Address The IP address for the interface. Leave this text box blank if you prefer DHCP.

Network 1 Netmask The netmask or prefix for the interface. Leave this text box blank if you prefer DHCP.

Supported VMware Pulse IoT Center Load Balancer PortThe VMware Pulse IoT Center load balancer currently exposes the following load balancer ports:

Table 2-1. Supported Load Balancer Ports

Port Description

8443 - Load balancer administration port Refers to the VMware Pulse IoT Center Administration console used to install or configure the VMWare Pulse IoT Center load balancer node (VM) post deployment.

Access is restricted only to administrators who own and maintain the VMware Pulse IoT Center and the VMWare Pulse IoT Center load balancers.

443 - The load balancer port Accepts all incoming requests to the VMware Pulse IoT Center console using browsers, APIs and VMware Pulse IoTC Agents, for a multi-node deployment. The request is SSL terminated and forwarded to the backend VMware Pulse IoT Center instances for high availability.

Supported VMware Pulse IoT Center Node PortsThe VMware Pulse IoT Center nodes currently expose the following ports:

VMware Pulse IoT Center Administration Guide

VMware, Inc. 8

Table 2-2. VMware Pulse IoT Center Node Ports

Port Description

8443 - VMware Pulse IoT Center administration console port The administration console port 8443 in the VMware Pulse IoT Center nodes refers to the VMware Pulse IoT Center Administration console. The port is used to install or configure the VMware Pulse IoT Center load balancer node (VM), console UI user name and password, and SMTP server details post deployment.

Access is restricted only to administrators who own and maintain the VMware Pulse IoT Center and the VMware Pulse IoT Center load balancers.

443 - VMware Pulse IoT Center console port Accepts all incoming requests to the VMware Pulse IoT Center console using browsers, APIs, VMware Pulse IoTC agents, for a single and a multi-node deployment.

The access to this port is limited for the traffic coming from the VMware Pulse IoT Center load balancers.

Note The Vmware Pulse IoT Center node also exposes additional port for database level clustering. But they are never exposed out side the internal network where the VMware Pulse IoT Center nodes are installed.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 9

Deployment Topology 3This chapter describes the VMware Pulse IoT Center load balancer topology and how it interacts with IoT gateways and external gateways.

This chapter includes the following topics:

n Topology Diagram

n Order of Deployment

Topology DiagramThe VMware Pulse IoT Center load balancer port accepts all incoming request for a multi-node VMware Pulse IoT Center deployment. The requests are for accessing the VMware Pulse IoT Center console using browsers, API requests, VMware Pulse IoTC Agent, and so on.

The load balancer accepts TCP or HTTPS requests on the virtual IP address and decides which server to use.

Basic deployment architecture of VMware Pulse IoT Center includes the following:

n An instance of VMware Pulse IoT Center - a multi-node (VM) having three VMware Pulse IoT Center server nodes and one load balancer node. The three VMware Pulse IoT Center server nodes cluster to form a HA deployment. The load balancer provides a single network route to all the three VMware Pulse IoT center nodes.

n To reach the VMware Pulse IoT Center, the IoT devices, VMware Pulse IoT Center browsers console, and VMware Pulse IoT Center APIs must use the load balancer URL. The load balancer only routes VMware Pulse IoT Center business traffic to each of the VMware Pulse IoT Center instances on port 443. The administrative interface on Port 8443 is not load balanced.

The following diagram illustrates how VMware Pulse IoT Center users and a load balancer interacts with IoT gateways and external gateways.

VMware, Inc. 10

Figure 3-1. Topology Diagram

Database

VMware Pulse IoT Center Node 1

Pulse Service 443

<<https>>

Management 8443

<<https>>

Database

VMware Pulse IoT Center Node 2

Management 8443

<<https>>

Database

VMware Pulse IoT Center Node 3

Management 8443

<<https>>

VMware Pulse IoT Center Load Balancer

IT and OT Admins IOT Gateways

IT and OT Admins IOT Gateways

Private Network

Corporate Network

DMZ Network

NAT Firewall

NAT

Pulse Load Balancer 443 <<https>>

Management 8443 <<https>>

System Administrators

data base clustering

Pulse Service 443

<<https>>

Pulse Service 443

<<https>>

The VMware Pulse IoT Center users and the IoT gateways can be connected to the VMware Pulse IoT Center from various networks depending on:

n Intranet Use - Users and gateways can access the VMware Pulse IoT Center from within the secure walls of the corporate network. To use this topology, users and gateways must access the VMware Pulse IoT Center load balancer on port 443.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 11

n Hybrid Use - Users and IoT gateways connect to the VMware Pulse IoT Center either from a corporate network or outside the corporate network. Connecting from outside a corporate network requires a unique DNS name that resolves to an external IP for accessing a public domain, and to an internal IP address for accessing within the internal network.

Note The certificate used for the VMware Pulse IoT Center load balancer contains a DNS name in the CN or SAN entry of the certificate.

Order of Deployment

The following steps describe the procedure to install the VMware Pulse IoT Center on multiple nodes. You must deploy a load balancer node initially and then set up three server nodes.

Procedure

1 Deploy a load balancer node. See Chapter 4 Deploy the VMware Pulse IoT Center Load Balancer Node OVA.

2 Set up a load balancer node. See Chapter 5 Set Up the VMware Pulse IoT Center Load Balancer Node.

3 Deploy a server node Node 1 using OVA. See Chapter 6 Deploy a VMware Pulse IoT Center Server Node OVA.

4 Set up a server node Node 1. See Chapter 7 Set Up the VMware Pulse IoT Center Server Node.

5 Set up the server nodes Node 2 and Node 3.

a To deploy Node 2 and Node 3, see Chapter 6 Deploy a VMware Pulse IoT Center Server Node OVA.

6 Manage Certificates. For more information, see Chapter 8 Certificate Management.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 12

Deploy the VMware Pulse IoT Center Load Balancer Node OVA 4VMware Pulse IoT Center is distributed as an Open Virtual Appliance (OVA) and can be deployed on a VMware vCenter instance through the vSphere Web Client. For supported versions of vSphere, see the VMware Product Interoperability Matrix at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#interop

Perform the following steps to deploy a load balancer node using the OVA deployed on a VMware vCenter instance through the vSphere Web Client.

Prerequisites

You must have a valid URL to the VMware Pulse IoT Center OVA.

Procedure

1 Log in to your vCenter environment with administrator privileges.

2 Right-click any inventory object that is a valid parent object of a virtual machine, such as a data center, folder, cluster, resource pool, or host, and select Deploy OVF Template

The Deploy OVF Template wizard opens.

3 On the Select an OVF template page, specify the location of the source OVA template and click Next. The options available are as described in the below table:

Option Action

URL Type a URL to the OVA template on the Internet. Supported URL sources are HTTP and HTTPS.

Local file Click Choose Files and select all the files associated with the OVA file. This includes files such as .ovf, .vmdk, and so on. If you do not select all the required files, a warning message is displayed.

4 On the Select a name and folder page, enter a unique name for your virtual machine, select a deployment location, and click Next.

Note The default name for the virtual appliance is the same as the name of the selected OVA template. The default deployment location is the inventory object where you started the wizard.

5 On the Select a compute resource page, select a resource where to run the deployed virtual appliance template, and click Next.

VMware, Inc. 13

6 On the Review details page, verify the version, required disk space on the datastore, and click Next.

7 On the Select storage page, define where and how to store the files for the deployed OVA template.

a Select a disk format for the virtual machine virtual disks.

Format Description

Thick Provision Lazy Zeroed Creates a virtual disk in a default thick format. Space required for the virtual disk is allocated when the virtual disk is created. Data remaining on the physical device is not erased during creation, but is zeroed out later, on demand, on first write from the virtual machine.

Thick Provision Eager Zeroed A type of thick virtual disk that supports clustering features such as Fault Tolerance. Space required for the virtual disk is allocated at the time of creation. In contrast to the flat format, the data remaining on the physical device is zeroed out when the virtual disk is created. It might take much longer to create disks in this format than to create other types of disks.

Thin Provision Note It is recommended to use the thin provision format.

Use this format to save hard disk space. For the thin disk, you provision as much datastore space as the disk requires based on the value that you enter for the disk size. However, the thin disk starts small and at first, uses only as much datastore space as the disk needs for its initial operations.

b Select a VM Storage Policy. This option is available only if storage policies are enabled on the destination resource.

c (Optional) Enable the show datastores from Storage DRS clusters check box to select individual datastores from Storage DRS clusters for the initial placement of the virtual machine.

d Select a datastore for storing the deployed OVA template.

The configuration file and virtual disk files are stored on the datastore. Select a datastore large enough to accommodate the virtual appliance and all associated virtual disk files.

8 Click Next.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 14

9 On the Select networks page, select a source network and map it to a destination network. Ensure that you select the correct virtual machine network to set up the static IP/DHCP as defined by your network administrator. Click Next.

10 On the Customize template page:

a Enter and confirm the Admin Password for Node Management and Initial root password. These text boxes are mandatory.

b If you select DHCP as your network type, leave the Pulse IoTC Hostname text box blank.

c If your network type is Static IP, scroll down to see the Network Properties.

d If you are deploying a load balancer node, leave the Join Pulse Instance text box empty.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 15

VMware Pulse IoT Center Administration Guide

VMware, Inc. 16

11 Scroll down and expand the Networking Properties drop-down menu and enter the details.

Figure 4-1. Deploy Customize Template

12 Click Next.

13 Ready to complete page, review the configuration details of your VMware Pulse IoT Center virtual appliance and click FINISH.

A new task for creating the virtual machine appears in the Recent Tasks pane. The deployment time depends on your network speed and infrastructure setup. After the task is complete, the new virtual machine is created on the selected resource.

Example:

What to do next

1 Power on the newly created node and start the web console.

2 After the virtual machine is powered on, refresh the page and note the IP address of the virtual appliance.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 17

3 Use this IP address or DNS name/FQDN (if configured) to access the VMware Pulse IoT Center console.

4 Log in to the VMware Pulse IoT Center Administration console to set up the load balancer node. See Chapter 5 Set Up the VMware Pulse IoT Center Load Balancer Node.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 18

Set Up the VMware Pulse IoT Center Load Balancer Node 5After deploying the VMware Pulse IoT Center load balancer node, go to the VMware Pulse IoT Center Administration console to complete the load balancer node setup.

Prerequisites

You must have deployed the VMware Pulse IoT Center Load Balancer Node OVA.

Procedure

1 Access the VMware Pulse IoT Center Administration console using the URL format: https://<IP/FQDN>:8443/ui

The VMware Pulse IoT Center Administration login page is displayed.

2 Enter the Node Admin user name and password. The user name is nodeadmin.The password is what you have set in the OVF properties, while deploying the OVA.

3 On the EULA page, read through the end-user license agreement, select Accept and click NEXT.

4 On the Select Deployment Role page, select Pulse IoT Center Load Balancer Node from the Deployment Roles drop-down menu and click Next.

The Node Setup wizard is displayed.

VMware, Inc. 19

5 On the First Organization page, enter the values of Pulse Nodes and Pulse Node Admin Password.

Note Add comma-separated FQDN or IP address values for all the three nodes. For example, we need to add FQDN values of Node 1, Node 2 and Node 3 in the Pulse Nodes text box. Password must be the same for all the three nodes.

6 Click Next.

7 On the Review page, review the information that you have entered. You can go back and make corrections if necessary. To initialize the node, click LAUNCH NODE.

The node initialization takes a while to complete. After the note setup is complete, a list of services that are started are displayed. The status indicates that the deployment is successfully completed.

You have set up the VMware Pulse IoT Center load balancer node successfully.

What to do next

n On the Nodes page, view the list of nodes in a particular cluster that you have added during setup.

n On the Updates page, search for updates if any, by setting up the repository URL.

n Deploy a server node. See Chapter 6 Deploy a VMware Pulse IoT Center Server Node OVA.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 20

Deploy a VMware Pulse IoT Center Server Node OVA 6VMware Pulse IoT Center is distributed as an Open Virtual Appliance (OVA) and can be deployed on a VMware vCenter instance through the vSphere Web Client. For supported versions of vSphere, see the VMware Product Interoperability Matrix at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#interop.

Perform the following steps to deploy a server node using the OVA deployed on a VMware vCenter instance through the vSphere Web Client.

Prerequisites

You must have a valid URL to the VMware Pulse IoT Center OVA.

Procedure

1 Log in to your vCenter environment with administrator privileges.

2 Right-click any inventory object that is a valid parent object of a virtual machine, such as a data center, folder, cluster, resource pool, or host, and select Deploy OVF Template.

The Deploy OVF Template wizard opens.

3 On the Select an OVF template page, specify the location of the source OVA template and click Next. The options available are as described in the following table:

Option Action

URL Type a URL to the OVA template on the Internet. Supported URL sources are HTTP and HTTPS.

Local file Click Choose Files and select all the files associated with the OVA file. This includes files such as .ovf, .vmdk, and so on. If you do not select all the required files, a warning message is displayed.

4 On the Select a name and folder page, enter a unique name for your virtual machine, select a deployment location, and click Next.

Note n The default name for the virtual appliance is the same as the name of the selected OVA template.

The default deployment location is the inventory object where you started the wizard.

n The names of multiple nodes are referred in chronological order (Node 1, Node 2, Node 3) throughout the guide.

VMware, Inc. 21

5 On the Select a compute resource page, select a resource where to run the deployed virtual appliance template, and click Next.

6 On the Review details page, verify the version, required disk space on the datastore, and click Next.

7 On the Select storage page, define where and how to store the files for the deployed OVA template.

a Select a disk format for the virtual machine virtual disks.

Format Description

Thick Provision Lazy Zeroed Creates a virtual disk in a default thick format. Space required for the virtual disk is allocated when the virtual disk is created. Data remaining on the physical device is not erased during creation, but is zeroed out later, on demand, on first write from the virtual machine.

Thick Provision Eager Zeroed A type of thick virtual disk that supports clustering features such as Fault Tolerance. Space required for the virtual disk is allocated at the time of creation. In contrast to the flat format, the data remaining on the physical device is zeroed out when the virtual disk is created. It might take much longer to create disks in this format than to create other types of disks.

Thin Provision Note It is recommended to use the thin provision format.

Use this format to save hard disk space. For the thin disk, you provision as much datastore space as the disk requires based on the value that you enter for the disk size. However, the thin disk starts small and at first, uses only as much datastore space as the disk needs for its initial operations.

b Select a VM Storage Policy. This option is available only if storage policies are enabled on the destination resource.

c (Optional) Enable the show datastores from Storage DRS clusters check box to select individual datastores from Storage DRS clusters for the initial placement of the virtual machine.

d Select a datastore for storing the deployed OVA template.

The configuration file and virtual disk files are stored on the datastore. Select a datastore large enough to accommodate the virtual appliance and all associated virtual disk files.

8 Click Next.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 22

9 On the Select networks page, select a source network and map it to a destination network. Ensure that you select the correct virtual machine network to set up the static IP/DHCP as defined by your network administrator. Click Next.

10 On the Customize template page:

a Enter and confirm the Admin Password for Node Management and Initial root password. These text boxes are mandatory.

b If you select DHCP as your network type, leave the Pulse IoTC Hostname text box blank.

c If your network type is Static IP, scroll down to see the Network Properties.

d If you are deploying Node 1, leave the Join Pulse Instance text box empty. If you are deploying Node 2 and Node 3, provide the FQDN name of Node 1 at the Join Pulse Instance text box.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 23

VMware Pulse IoT Center Administration Guide

VMware, Inc. 24

11 Scroll down and expand the Networking Properties drop-down menu and enter the details.

Figure 6-1. Deploy Customize Template

12 Click Next.

13 On the Ready to complete page, review the configuration details of your VMware Pulse IoT Center virtual appliance and click FINISH.

A new task for creating the virtual machine appears in the Recent Tasks pane. The deployment time depends on your network speed and infrastructure setup. After the task is complete, the new virtual machine is created on the selected resource.

What to do next

1 Power on the newly created node and start the web console.

2 After the virtual machine is powered on, refresh the page and note the IP address of the virtual appliance.

3 Use this IP address or DNS name/FQDN (if configured) to access the VMware Pulse IoT Center console.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 25

4 Log in to the VMware Pulse IoT Center console using SSH terminal with the root use name and password that you have set in the OVF properties, while deploying the OVA.

5 Set up the nodes. See Chapter 7 Set Up the VMware Pulse IoT Center Server Node.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 26

Set Up the VMware Pulse IoT Center Server Node 7After deploying the VMware Pulse IoT Center node, go to the VMware Pulse IoT Center Administration console to complete the node setup.

Procedure

1 Access the VMware Pulse IoT Center Administration console using the URL format: https://<IP/FQDN>:8443/ui

The VMware Pulse IoT Center Administration login page is displayed.

2 Enter the Node Admin user name and password. The user name is nodeadmin. The password is what you have set in the OVF properties, while deploying the OVA.

The Node Setup wizard is displayed.

3 On the EULA page, read through the end-user license agreement, select Accept and click NEXT.

4 On the Select Deployment Role page, select Pulse IoT Center Server Node from the Deployment Roles drop-down menu and click Next.

Note Do not select Pulse IoT Center - Zero Config Server as this option is not enabled and will be implemented during future releases.

VMware, Inc. 27

5 On the License Key page, enter the license key.

Note You can skip this step and add the license information post deployment.

6 On the First Organization page, enter the following information:

Field Description

Frontend Load Balancer (Mandatory for a multi-node setup) The host name or IP address of the front-end load balancer. For a single node, this is the same as the FQDN/IP of the node.

First Organization Name (Mandatory) The name of your organization.

Console Username (Mandatory) The user name to log in to the node console.

Console Password (Mandatory) The password for the console user name.

Console User Email ID The email id of the console user name.

Click Next.

7 On the SMTP Host Name page, enter the following information:

Field Description

SMTP Host Name (optional) The SMTP hostname to deliver alert notifications.

SMTP Port (optional) The SMTP port number.

SMTP User Name (optional) The SMTP user name.

SMTP Password (optional) The SMTP password.

Note To receive the welcome email and alert notifications, you must enter the SMTP details.

8 On the Review page, review the server node information and SMTP details you have entered. You can go back and make corrections if necessary. To initialize the node, click LAUNCH NODE.

The status of the node changes to Deployment is in Progress and a notification is displayed. The node initialization takes a while to complete. After the note setup is complete, a list of services that are started are displayed.

You have set up the VMware Pulse IoT Center node successfully.

What to do next

n Replace the load balancer certificate. See Replace the Load Balancer Certificate.

n (Optional) Replace the server certificate with a custom certificate bundle. See Replace the Server Node Certificate with a Custom Certificate Bundle.

n To verify if the node is set up, log in to the VMware Pulse IoT Center console using the IP/FQDN of the node in the URL format: https://<IP/FQDN>/ui.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 28

n Enter the console user name and password, and click Login.

Note n Do not repeat the steps for setting up Node 2 and Node 3, as these nodes gets the configuration

from Node 1 through cluster join.

n Do not power on Node 2 and Node 3 until the Node 1 is set up and services are up and running.

n From the VMware Pulse IoT Center UI, download the VMware Pulse IoTC Agent and install it on your gateway. For information about downloading and installing the IoTC Agent and working with the VMware Pulse IoT Center console, see the VMware Pulse IoT Center 2.0 User Guide at https://docs.vmware.com/en/VMware-Pulse-IoT-Center/

VMware Pulse IoT Center Administration Guide

VMware, Inc. 29

Certificate Management 8You can replace the VMware Pulse IoT Center Server certificate or the load balancer certificate using the Certificate Management tab. You can also download the certificates to your local repository from here.

This chapter includes the following topics:

n Replace the Load Balancer Certificate

n Replace the Server Node Certificate with a Custom Certificate Bundle

Replace the Load Balancer CertificateReplace the load balancer certificate with a custom certificate bundle that is packaged in the PKCS12 format with the complete certification chain. Do not perform these steps if you want to use the self-signed certificate that is provided by the OVA.

Procedure

1 Log in to the VMware Pulse IoT Center Administration console as nodeadmin.

2 On the Certificate Management page, in Load balancer/Node Management certificate, click REPLACE.

3 Click BROWSE to browse the password protected .p12 certificate from your local repository.

4 In the Select node(s) to upload the certificate, select the type of certificate.

Note The options available are:

n Load balancer certificate

n Replace VMware Pulse IoT Center Node Management Certificate.

You can select both the options. The certificates are replaced respectively depending on the selection. If you select both, enter the certificate alias details in the Alias text box.

5 Enter the certificate password.

6 Click Next and Review to review the information you have entered.

Note Your load balancer service will restart after you replace the certificate.

7 Click Replace.

You have successfully uploaded the load balancer certificate.

VMware, Inc. 30

8 Click Download to download the load balancer certificate to your local repository.

Note You have to upload this load balancer certificate in all the nodes you have set up. To upload a load balancer certificate, see Step 10 in Replace the Server Node Certificate with a Custom Certificate Bundle.

Replace the Server Node Certificate with a Custom Certificate BundlePerform the steps listed in this section to replace the server certificate with a custom certificate bundle that is packaged in the PKCS12 format with the complete certification chain. Do not perform these steps if you want to use the self-signed certificate that is provided by the OVA.

Procedure

1 Log in to the VMware Pulse IoT Center Administration console as nodeadmin.

2 On the Certificate Management page, click REPLACE to replace the existing server certificate.

3 In Server/ Node management certificate, click REPLACE and BROWSE.

4 Select a .p12 file from your repository that is password protected and contains the complete certificate chain.

5 Select Server Certificate or Replace VMware Pulse IoT Center Node Management Certificate check boxes or both to upload the certificate.

6 Enter the certificate password.

7 On the Replace Certificate page, you can select both the certificates in Select nodes(s) to upload the certificates. The certificates are replaced respectively depending on the selection. If you select both, enter the certificate alias details in the Alias text box.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 31

8 Enter the certificate password and click NEXT.

Figure 8-1. Replace a Server Certificate

9 On the Review page, review the details and click REPLACE.

Figure 8-2. Review Details

VMware Pulse IoT Center Administration Guide

VMware, Inc. 32

You have successfully replaced the existing server certificate with a custom certificate bundle. To download the server logs, goto Services page and select Download Log Bundle.

10 To upload a load balancer certificate using Rebundle VMware Pulse IoT Center Agent option, click REPLACE.

11 On the Select Certificate page, upload a load balancer certificate.

12 Click REPLACE.

You have successfully uploaded a .crt certificate.

13 Log in to the VMware Pulse IoT Center admin console.

14 On the Certificate Management page, click REPLACE on Rebundle Pulse IoT Agent.

15 On the Replace Certificate page, click BROWSE and upload the load balancer certificate.

16 Enter the host name and click NEXT.

17 Click REPLACE.

You have successfully rebundled the agent certificate.

Note For a multi-node setup, repeat the preceding steps for Node 2 and Node 3 respectively.

VMware Pulse IoT Center Administration Guide

VMware, Inc. 33

License Management 9VMware Pulse IoT Center provides a centralized license management and reporting system that is used to manage the licenses. Evaluation period is for 30 days. When the license is expired, access to VMware Pulse IoT Center is disabled and a notification is sent to all the users in the system. A grace period of 30 days from the date of expiry of the license is given to you.

Add a license key to the VMware Pulse IoT Center Administration console.

Prerequisites

You must have added the certificates and set up the VMware Pulse IoT Center nodes.

Procedure

1 On the License page, click ADD.

2 Enter a valid license key and click ADD.

You have successfully added a license key.

For any queries related to VMware Pulse IoT Center licenses, contact IoT_Specialist_Team@vmware.com.

VMware, Inc. 34

System Notification 10The VMware Pulse IoT Center Administration system notification is used to set any important notifications. This notification is displayed in the VMware Pulse IoT Center console.

Prerequisites

You must have a valid URL and credentials to the VMware Pulse IoT Center Administration.

Procedure

1 On the System Notification page, click CREATE.

Create Notification page is displayed.

2 On the Details page, enter the title of the notification in the Title text box.

3 Enter the content of the notification in Content text box and click NEXT.

4 On the Schedule page, enter the Start Time and End Time of the notification and click NEXT.

5 On the Review page, verify the details that you have entered and click FINISH.

You have created a system notification successfully.

Example:

What to do next

To verify the system notification, log in to the VMware Pulse IoT Center. If there is any system notification scheduled for that day, a notification banner is displayed.

VMware, Inc. 35

Backup and Recovery 11Use vSphere certified backup tool for the VMware Pulse IoT Center server at a VM level for backup and recovery tasks.

Note The backups can be hot. Ensure that all the three VMware Pulse IoT Center nodes must be backed up together.

VMware, Inc. 36