Performing pre-installation tasks

This section lists the tasks that are required to be performed before installing IMPACT IoT.

Mandatory pre-requisites

Before you deploy IMPACT IoT, following components must be in place:

Ensure that the software requirements are met as per the section Software requirements.
Ensure that the Kubernetes 1.21 (or later versions) cluster with helm is installed.
Ensure that the Kubernetes cluster has a default storage configured.
Ensure that the Cassandra is installed. For more information, see Cassandra installation and administration section in this document.
Ensure that the MariaDB is installed. For more information, see MariaDB installation and administration section in this document.
Note: The supporting components such as, Ingress Traffic Manager, RabbitMQ, Prometheus and Grafana run on NCS cluster. Whereas, on a non-NCS cluster, nodes have to be labelled explicitly with is_edge=true and/or is_worker=true.

Ensure that the Ingress Traffic Manager is installed. For more information, see Installing Ingress Traffic Manager and configuring SSL certificate.

Achieving session stickiness

A sticky session results in completing scheduled operations successfully. When there are multiple pods of IMPACT IoT, when a device connects for management, a sticky session is achieved using upstream-hash-by function.

Note: Each client connecting to IMPACT IoT application must have unique IPs. Otherwise, all the traffic is routed to the same pod and load balance is not achieved even with multiple pods.

IMPACT IoT provides the required changes to the IP Traffic Manager out-of-the-box. So you must use the IP Traffic Manager provided with the IMPACT IoT software distribution.
Ensure that the RabbitMq is installed. For more information, see Installing RabbitMq.
Ensure that the IMPACT IoT helm chart (example, impact-xxxx.x.x.tgz/impact-2202.0.0.gz) is downloaded and available in a helm repository that is accessible by the helm client.
See the section Creating secrets for IMPACT IoT for more information on creating the secrets for all the IMPACT IoT components.

Creating secrets for IMPACT IoT

All the individual IMPACT IoT components helm charts and Umbrella helm charts contain the README.md file for creating the secrets.

Before you run the helm installation, ensure to create the secrets.

You can execute the following commands specific to each component before the deployment.

Note: Secrets are to be created based on the components to be deployed.

CDP

kubectl create secret generic "cdpsecrets" \
	--from-literal=db_system_password="motive" \
	--from-literal=db_password="motive" \
	--from-literal=BROKER_PASSWORD="impact123" \
	\
	--from-literal=redis_password="motive" \
	\
	--from-literal=reporting_password="cdp" \
	--from-literal=reporting_system_password="mysql" \
	--from-literal=emg_password="secret" \
	--from-literal=usagecontrol_password="password" \
	--from-literal=oauth_admin_password="motive"

MQTT

kubectl create secret generic "mqtt-secrets" \
  --from-literal=BROKER_PASSWORD="impact123" \
  --from-literal=CDP_PASS="superadmin" \
  --from-literal=CAS_PASSWORD="impactdb" \
  --from-literal=CAS_ADMIN_PASSWORD="motive" \
  --from-literal=REDIS_PASSWORD_USAGE_CONTROL="guest" \
  --from-literal=SUBSCRIBER_REPO_PASS="password" \
  --from-literal=MQTT_BROKER_DEFAULT_PASSWORD="guest" \
  --from-literal=MQTTADAPTER_CLIENT_PASSWORD="guest"

CIG server

kubectl create secret generic "cig-secrets" \
  --from-literal=BROKER_PASSWORD="impact123" \
  --from-literal=CAS_ADMIN_PASSWORD="motive" \
  --from-literal=CAS_PASSWORD="impact123" \
  --from-literal=CDP_PASS="superadmin" \
  --from-literal=REDIS_PASSWORD_USAGE_CONTROL="password" \
  --from-literal=OMA2_KEYSTORE_PASSWORD="hW02jGRdpBxXsZPFSxxRXA==" \
  --from-literal=OMA2_KEYSTORE_MANAGER_PASSWORD="hW02jGRdpBxXsZPFSxxRXA=="

SMS controller

kubectl create secret generic "sms-secrets" \
--from-literal=BROKER_PASSWORD=impact123 \
--from-literal=EMG_PASSWORD=secret \
--from-literal=SUBSCRIBER_REPO_PASS=password \
--from-literal=CDP_PASS=superadmin

LWM2M server

kubectl create secret generic "lwm2m-secrets" \
--from-literal=BROKER_PASSWORD="impact123" \
--from-literal=CAS_PASSWORD="impact123" \
--from-literal=CAS_ADMIN_PASSWORD="motive" \
--from-literal=LWM2M_SERVER_CERT_PASS="d1slDKY4B3TaSzXqYlGjxw==" \
--from-literal=LWM2M_SERVER_CERT_PRIV_KEY_PASS="d1slDKY4B3TaSzXqYlGjxw==" \
--from-literal=SCEF_USER_PASSWORD="nidduser" \
--from-literal=SCEF_TRUST_STORE_PASSWORD="" \
--from-literal=SUBSCRIBER_REPO_PASS='Admin123!' \
--from-literal=REDIS_DB_PASSWORD="password" \
--from-literal=REDIS_PASSWORD_USAGE_CONTROL="password"

IMPACT billing

kubectl create secret generic "impactbilling-secrets" \
--from-literal=BROKER_PASSWORD="impact123" \
--from-literal=FTP_PASSWORD="ftppassword" \
--from-literal=FTP_PASSPHRASE=""

IMPACT DC (ImpactAPI, Agentserver, Onem2mserver)

Note:

The following command creates the secret for ImpactAPI, Agentserver, and Onem2mserver.

Some secrets keys are common and will overlap for onem2mserver, for example, DB_PASSWORD in ImpactAPI is equivalent to org.eclipse.om2m.dbPassword in Onem2m.

All similar keys are grouped for easier editing.

kubectl create secret generic "impactdc-secrets" \
--from-literal=DB_ADMIN_PASSWORD="motive" \
--from-literal=BROKER_PASSWORD="impact123" \
\
--from-literal=CDP_PASS="superadmin" \
--from-literal=com.nokia.impact.api.password="superadmin" \
--from-literal=com.nokia.om2m.cdp.callback.password="superadmin" \
--from-literal=com.nokia.om2m.dm.password="superadmin" \
\
--from-literal=DB_PASSWORD="motive" \
--from-literal=org.eclipse.om2m.dbPassword="motive" \
\
--from-literal=org.eclipse.om2m.adminRequestingEntity="admin:admin" \
--from-literal=com.nokia.om2m.gpp.t8.trust.password="changeit" \
--from-literal=com.nokia.om2m.gpp.t8.password="dummyPass" \
--from-literal=com.nokia.subscriber.password="password"

Subscription repository

kubectl create secret generic "subscriptionrepo-secrets" \
--from-literal=BROKER_PASSWORD="impact123" \
--from-literal=INTERNAL_AUTH_PASSWORD="password" \
--from-literal=CAS_PASSWORD="impactdb" \
--from-literal=CAS_ADMIN_PASSWORD="motive"

SGI

kubectl create secret generic "sgi-secrets" \
--from-literal=BROKER_PASSWORD="impact123" \
--from-literal=SUBSCRIBER_REPO_PASS="password"

Radius server

kubectl create secret generic "radiusserver-secrets" \
        --from-literal=BROKER_PASSWORD="impact123" \
        --from-literal=CAS_PASSWORD="impact123" \
        --from-literal=CAS_ADMIN_PASSWORD="motive"

JSMS

kubectl create secret generic "jsms-secrets" \
        --from-literal=BROKER_PASSWORD="impact123" \
        --from-literal=SMSC_PROFILE1_PASSWORD="smscpassword"

IDS

kubectl create secret generic "impact-ids-secrets"\
        --from-literal=CASSANDRA_ADMIN_PASSWORD="motive"\
        --from-literal=CASSANDRA_USER_PASSWORD="motive"\
        --from-literal=RABBITMQ_PASSWORD="impact123"\
        --from-literal=IMPACT_SERVER_PASSWORD="superadmin"\
        --from-literal=IMPACT_SERVER_USER="superadmin"\
        --from-literal=AWS_ACCESS_KEY="adminpwd"\
        --from-literal=AWS_ACCESS_KEY_ID="admin"\
        --from-literal=AWS_CREDENTIALS="[default]\nadmin\nadminpwd"\
        --from-literal=VISUALIZATION_GRAFANA_ADMIN_PASSWORD="admin"\

Optional pre-requisites

Following are the optional components to be in place before you deploy IMPACT IoT:

Pre-requisite configuration in IMPACT IoT values.yaml file:

Set the external flag to true in the agentserver section to install Intelligent Data Store (IDS). For more information on IDS deployment, see Intelligent Data Store and Connect Deployment Guide.
Ensure that the Keycloak is installed. For more information, see Installing and configuring the Web Single Sign-On (Keycloak) section.