To integrate the NSP and NFM-P
Purpose
Perform this procedure to add an existing NFM-P system as an integrated component of an NSP deployment.
Note: When the NSP is integrated with an NFM-P system, the NSP UI is accessible only when the NFM-P is operational.
Note: release-ID in a file path has the following format:
R.r.p-rel.version
where
R.r.p is the NSP release, in the form MAJOR.minor.patch
version is a numeric value
Steps
Start PKI server | |
1 |
If you intend to use the PKI server, start the PKI server.
|
Configure NFM-P | |
2 |
Perform Step 4 to Step 13 on each NFM-P main server station. Note: If the NFM-P system is redundant, you must perform the steps on the standby main server station first. |
3 |
Go to Step 14. |
Configure main server | |
4 |
Log in as the nsp user on the NFM-P main server station. |
5 |
Open a console window. |
6 |
Stop the main server, if it is running.
|
7 |
Enter the following: # samconfig -m main ↵ The following is displayed: Start processing command line inputs... <main> |
8 |
Configure the NFM-P to use the NSP nspOs instance.
|
9 |
If you are using the PKI server, perform the following steps.
|
10 |
Enter the following: <main> apply ↵ The configuration is applied. Note: Applying the configuration may take up to ten minutes. |
11 |
Enter the following: <main> exit ↵ The samconfig utility closes. |
12 |
Enter the following to switch back to the nsp user: # exit ↵ |
13 |
If you want to enable mTLS for internal Kafka authentication using two-way TLS, perform the following steps. Note: Enabling mTLS for internal Kafka authentication is supported only in an NSP deployment that uses separate interfaces for internal and client communication. Note: The parameter you must configure is displayed only: Note: The parameter is configurable only if the secure and internal-certs parameters in the nspos section are set to true.
|
Start main servers | |
14 |
Perform the following steps on each main server to start the server. Note: If the NFM-P system is redundant, you must perform the steps on the primary main server first.
|
Stop PKI server | |
15 |
If the PKI server is running, press Ctrl+C in the NSP deployer host console window to stop the PKI server. |
Add NFM-P to NSP configuration | |
16 |
Log in as the root user on the NSP deployer host. |
17 |
Open the following file using a plain-text editor such as vi: /opt/nsp/NSP-CN-DEP-release-ID/NSP-CN-release-ID/config/nsp-config.yml |
18 |
Configure the parameters in the integration section, nfmp subsection, as shown below: Note: If the NFM-P system is standalone, you do not need to configure the standbyIp parameter. Note: In the client section of samconfig on the NFM-P main servers, if the address for client access is set using the hostname parameter, the primaryIp and standbyIp values in the nfmp section of the NSP configuration file, nsp-config.yml, must be set to hostnames. Likewise, if the public-ip parameter in the client section is configured on the main servefr, the primaryIp and standbyIp values in the nsp-config.yml file must be set to IP addresses. integrations: nfmp: primaryIp: "server_1_address" standbyIp: "server_2_address" tlsEnabled: value where server_1_address is the IP address of the standalone main server, or the primary main server in a redundant NFM-P system server_2_address is the IP address of the standby main server in a redundant NFM-P system value is true or false |
19 |
If all of the following are true, configure the following parameters in the integrations section:
nfmpDB: primaryIp: "" standbyIp: "" |
20 |
If both of the following are true, configure the following parameters in the integrations section: auxServer: primaryIpList: "" standbyIpList: "" |
21 |
Save and close the file. |
Redeploy NSP | |
22 |
Enter the following: # /opt/nsp/NSP-CN-DEP-release-ID/bin/nspdeployerctl install --config --deploy ↵ |
23 |
Close the open console windows. End of steps |