Tetra IoT Layer Prerequisites and Pre-Deployment Tasks

The Tetra IoT Layer for Multi-Tenant and Single Tenant configurations are deployed using the Service Catalog in the respective AWS accounts. Deployment, you'll need to do the things addressed in this topic.

📘

NOTE:

The Tetra Data Platform should have already been deployed before you complete this procedure. For more information, see this topic.

Prerequisites

Ensure the following items are available to install the stack.

  • If the IoT agent is connecting to the portal through the internet, make sure there is at least one public subnet.
  • There should be at least two private subnets.
  • You'll also need a valid SSL certificate imported into the AWS certificate manager.
  • Note that VPC and Subnets can be used where TDP is installed.

Pre-Deployment Tasks

Before launching the stack, complete the following tasks.

IoT Layer and Service Catalog Portfolio

TetraScience creates the Tetra IoT Layer product and adds it to the service catalog portfolio. Contact TetraScience for details.

MKS (Kafka)

Complete the following steps.

  1. In the AWS console, go to Amazon MSK --> Cluster configurations
  2. Click Create cluster configuration and fill in the following fields:
  • Configuration name: iot-<environment>-config
  • Configuration properties for revision 1:
    auto.create.topics.enable=true
    default.replication.factor=1
    min.insync.replicas=2
    num.io.threads=8
    num.network.threads=5
    num.partitions=1
    num.replica.fetchers=2
    replica.lag.time.max.ms=30000
    socket.receive.buffer.bytes=102400
    socket.request.max.bytes=104857600
    socket.send.buffer.bytes=102400
    unclean.leader.election.enable=true
    zookeeper.session.timeout.ms=18000
  1. Once created, copy the Configuration ARN needed to add in MSKConfigurationArn parameter.
    (For example: i.e. arn:aws:kafka:us-east-{x:xxxxxxxxxxxx}:configuration/iot-dev-config/{account number})

EIP

If Tetra IoT Layer is allowed in public and devices connect through the internet, an EIP needs to be created.

  1. In AWS console, go to EC2 --> Elastic IPs.
  2. Click Allocate Elastic IP address and click Allocate.
  3. Note the allocation ID (eipalloc-xxxxxx).

Obtain SSL Certificate

Obtain an SSL certificate as iot.<platform URL> and install it into the Amazon Certificate Manager.

SSL Certificate and SSM Parameters

We need to add SSM parameters for the three cloudformation parameters. A certificate should match the subdomain iot.<platform URL>.

  • WebCert1SSMName (certificate)
  • WebCert2SSMName (intermediate certificate)
  • WebPrivateKeySSMName

Cert 1

  1. In AWS console, go to Systems Manager > Parameter Store.
  2. Click Create parameter and enter the following:

Name: /iot-<environment>/web_cert1
Value:


1. -----BEGIN CERTIFICATE-----
2. xxxxxxxxxxx
3. -----END CERTIFICATE-----
4. 

📘

NOTE:

Make sure to add a new line at the end of the certificate context.

Cert 2

  1. In AWS console, go to Systems Manager > Parameter Store.
  2. Click Create parameter and enter the following:

Name: /iot-<environment>/web_cert2
Value:


1. -----BEGIN CERTIFICATE-----
2. xxxxxxxxxxx
3. -----END CERTIFICATE-----
4. 

📘

NOTE:

Make sure to add a new line at the end of the certificate context. Also, if it's a self-signed certificate, use the same value from web_cert1.

Cert private key

  1. In the AWS console, go to Systems Manager > Parameter Store.
  2. Click Create parameter and enter the following:

Name: /iot-<environment>/web_cert_key
Value:


1. -----BEGIN RSA PRIVATE KEY----- 
2. xxxxxxxxxxx
3. -----END RSA PRIVATE KEY----- 

License

  1. In the AWS console, go to Systems Manager > Parameter Store.
  2. Click Create parameter and enter the following:

Name: /iot-<environment>/license

Value:
Get the value from TetraScience.

Private key

  1. In the AWS console, go to Systems Manager > Parameter Store
  2. Click Create parameter and enter the following:

Name: /iot-<environment>/rsa_key

Value:
Get the value from TetraScience.


What’s Next