Tetra IoT Layer Prerequisites and Pre-Deployment Tasks

For both multi- and single-tenant configurations, the Tetra IoT Layer is deployed by using the AWS Service Catalog in each respective AWS account. Before deploying the Tetra IoT Layer, you must complete the following prerequisites and pre-deployment tasks.

📘

NOTE:

Before completing the following procedure, you must first deploy the Tetra Data Platform (TDP). For more information, see Customer Hosted Deployment Overview.

Prerequisites

Make sure that the following resources are available to install the Tetra IoT Layer stack:

  • For IoT agents connecting to the portal through the internet, make sure there is at least one public subnet
  • At least two private subnets
  • A valid Secure Sockets Layer (SSL) certificate imported into AWS Certificate Manager

📘

NOTE

You can use Virtual Private Clouds (VPCs) and subnets where TDP is installed.

Pre-Deployment Tasks

Before deploying the Tetra IoT Layer stack, you must do the following.

Create the Tetra IoT Layer and Service Catalog Portfolio

TetraScience creates the Tetra IoT Layer product and adds it to the service catalog portfolio. Contact your customer success manager (ACM) or account executive for details.

Configure Amazon Managed Streaming for Apache Kafka (Amazon MSK)

  1. Sign in to the AWS Management Console. Then, open the Amazon MSK console and choose Cluster configurations.
  2. Choose Create cluster configuration. Then, fill in the following fields:
  • For Configuration name, enter iot-<environment>-config
  • For Configuration properties for revision 1, enter the following:
auto.create.topics.enable=true  
default.replication.factor=1  
min.insync.replicas=2  
num.io.threads=8  
num.network.threads=5  
num.partitions=1  
num.replica.fetchers=2  
replica.lag.time.max.ms=30000  
socket.receive.buffer.bytes=102400  
socket.request.max.bytes=104857600  
socket.send.buffer.bytes=102400  
unclean.leader.election.enable=true  
zookeeper.session.timeout.ms=18000
  1. Once created, copy and save the Configuration Amazon Resource Name (ARN). The Configuration ARN is needed to add the MSKConfigurationArnparameter.

Configuration ARN Example

arn:aws:kafka:us-east-{x:xxxxxxxxxxxx}:configuration/iot-dev-config/{account number})

Get an SSL Certificate

Get an SSL certificate asiot.<platform URL>and import it into Amazon Certificate Manager, or request a certificate from AWS Certificate Manager (ACM).

Create a Self-Signed SSL Certificate and SSM Parameters

Create a self-signed SSL certificate to put in the AWS Systems Manager (SSM) parameter with the iot.<platform URL> domain.

For Certificate 1

  1. Sign in to the AWS Management Console. Then, open the AWS Systems Manager console and choose Parameter Store.
  2. Choose Create parameter. Then, enter the following:
  • For Name, enter /iot-<environment>/web_cert1
  • For Value, enter the following:
-----BEGIN CERTIFICATE-----
xxxxxxxxxxx
-----END CERTIFICATE-----
<blank line>

📘

NOTE:

Make sure that you add a new line at the end of the certificate context.

For Certificate 2

  1. Sign in to the AWS Management Console. Then, open the AWS Systems Manager console and choose Parameter Store.
  2. Choose Create parameter. Then, enter the following:
  • For Name, enter /iot-<environment>/web_cert2
  • For Value, enter the same value that you used for Certificate 1:
-----BEGIN CERTIFICATE-----
xxxxxxxxxxx
-----END CERTIFICATE-----
<blank line>

📘

NOTE:

Make sure that you add a new line at the end of the certificate context.

Certificate Private Key

  1. Sign in to the AWS Management Console. Then, open the AWS Systems Manager console and choose Parameter Store.
  2. Choose Create parameter. Then, enter the following:
  • For Name, enter /iot-<environment>/web_cert_key
  • For Value, enter the following:
-----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxx
-----END RSA PRIVATE KEY-----

License

  1. Sign in to the AWS Management Console. Then, open the AWS Systems Manager console and choose Parameter Store.
  2. Choose Create parameter. Then, enter the following:
  • For Name, enter /iot-<environment>/license
  • For Value, enter the license value provided to you by your customer success manager (CSM) or account executive.

Private key

  1. Sign in to the AWS Management Console. Then, open the AWS Systems Manager console and choose Parameter Store.
  2. Choose Create parameter. Then, enter the following:
  • For Name, enter /iot-<environment>/rsa_key
  • For Value, enter the private key value provided to you by your customer success manager (CSM) or account executive.

What’s Next