QuickStart Guide
Install / Upgrade Manufacturing Connect
34min
for upgrading manufacturing connect (mc), refer to the "upgrading manufacturing connect" section below (at the end of this article) for details you can install the manufacturing connect in the google cloud platform (gcp) this process includes the following procedures pre installation tasks prepare gcp project deploy the manufacturing connect through the google cloud marketplace post installation tasks set up google authentication (optional) before you begin for google cloud platform (gcp) ensure you have access to a project (with respective project id) for the manufacturing connect instance for google cloud platform (gcp) ensure you have a zone and a respective region for the manufacturing connect instance to use (optional) install google manufacturing data engine (mde) to simplify some of the following incoming installation steps step 1 pre deployment tasks you can create the necessary gcp infrastructure and deploy the manufacturing connect dependencies step by step step 1a access the google cloud shell you will first need to access the google cloud shell to configure the environment to access the google cloud shell access google cloud shell https //cloud google com/shell/docs/launching cloud shell or install gcloud cli using the instructions within install the gcloud cli https //cloud google com/sdk/docs/install launch google cloud shell or a local command line terminal gcloud cli to execute the following incoming commands note when asked for any type of permissions, always click enable refer to the following commands to set up the environment step 1b define initial environment variables use the following commands to define the initial environment variables export gcp project id='your gcp project id' export region='us central1' export zone='us central1 c' export network name="sfp private network" export subnet name="sfp subnet" export gkecluster="mc cluster" step 1c enable gcp services use the following command to enable gcp services gcloud services enable project=${gcp project id} container googleapis com step 1d (optional) install network when manufacturing data engine (mde) is not installed, a network can be instead installed by entering the following command note installing manufacturing data engine (mde) automatically sets up a network gcloud compute networks create "$network name" project="$gcp project id" \\ 	 \ description="mde private network" \\ 	 \ subnet mode=custom \\ 	 \ mtu=1460 \\ 	 \ bgp routing mode=regional gcloud compute networks subnets create "$subnet name" project="$gcp project id" \\ 	 \ range=10 154 0 0/20 \\ 	 \ network="$network name" \\ 	 \ region="$region" \\ 	 \ enable private ip google access step 1e create gke cluster to create a gke cluster, enter one of the two gke cluster deployment methods important manufacturing connect's services are deployed into a kubernetes cluster the cluster must be created before deploying the manufacturing connect from the google cloud marketplace ubuntu containerd is the only supported image type for gke nodes the manufacturing connect can be either deployed into a public or private gke cluster the cluster network where manufacturing connect(mc) and google manufacturing data engine (mde) are located should be the same to ensure communication between the two public gke cluster deployment to deploy manufacturing connect to a public gke cluster, enter the following command linux gcloud beta container project "${gcp project id}" clusters create $gkecluster zone "${zone}" \\ 	 \ no enable basic auth release channel "regular" machine type "e2 standard 2" image type "ubuntu containerd" \\ 	 \ disk type "pd standard" disk size "100" metadata disable legacy endpoints=true \\ 	 \ scopes "https //www googleapis com/auth/devstorage read only","https //www googleapis com/auth/logging write","https //www googleapis com/auth/monitoring","https //www googleapis com/auth/servicecontrol","https //www googleapis com/auth/service management readonly","https //www googleapis com/auth/trace append" \\ 	 \ max pods per node "110" num nodes "3" logging=system,workload monitoring=system \\ 	 \ enable ip alias no enable intra node visibility default max pods per node "110" \\ 	 \ no enable master authorized networks addons horizontalpodautoscaling,httploadbalancing,gcepersistentdiskcsidriver \\ 	 \ enable autoupgrade enable autorepair max surge upgrade 1 max unavailable upgrade 0 \\ 	 \ maintenance window start "2022 05 21t02 00 00z" maintenance window end "2022 05 22t02 00 00z" \\ 	 \ maintenance window recurrence "freq=weekly;byday=mo,tu,we,th,fr,sa,su" \\ 	 \ workload pool "${gcp project id} svc id goog" enable shielded nodes node locations "${zone}" \\ 	 \ network "${network name}" subnetwork "${subnet name}" labels "goog packaged solution=mfg mde" private gke cluster deployment to deploy manufacturing connect to a private gke cluster, enter the following command modify kubernetes control nodes cidr master ipv4 cidr 10 155 1 0/28 for your network setup gcloud beta container clusters create $gkecluster project "$gcp project id" zone "$zone" \\ \ no enable basic auth release channel "regular" machine type "e2 standard 2" image type "ubuntu containerd" \\ \ disk type "pd standard" disk size "100" metadata disable legacy endpoints=true \\ \ scopes "https //www googleapis com/auth/devstorage read only","https //www googleapis com/auth/logging write","https //www googleapis com/auth/monitoring","https //www googleapis com/auth/servicecontrol","https //www googleapis com/auth/service management readonly","https //www googleapis com/auth/trace append" \\ \ max pods per node "110" num nodes "3" logging=system,workload monitoring=system \\ \ enable ip alias no enable intra node visibility default max pods per node "110" \\ \ enable master authorized networks addons horizontalpodautoscaling,httploadbalancing,gcepersistentdiskcsidriver \\ \ enable autoupgrade enable autorepair max surge upgrade 1 max unavailable upgrade 0 \\ \ maintenance window start "2022 11 21t02 00 00z" maintenance window end "2022 11 22t02 00 00z" \\ \ maintenance window recurrence "freq=weekly;byday=mo,tu,we,th,fr,sa,su" \\ \ workload pool "$gcp project id svc id goog" enable shielded nodes node locations "$zone" \\ \ network "$network name" subnetwork "$subnet name" labels "goog packaged solution=mfg mde" \\ \ enable private nodes enable private endpoint master ipv4 cidr 10 155 1 0/28 step 2 prepare gcp project follow this guide managing billing for cloud marketplace products https //cloud google com/marketplace/docs/manage billing#before you begin step 3 deploy manufacturing connect through the google cloud marketplace to purchase the manufacturing connect for a billing account using a google cloud provider billing admin role, open manufacturing connect from the google marketplace page https //console cloud google com/kubernetes/application(cameo\ product/litmus public/intelligent manufacturing connect) click purchase click the manage accounts button link the service account that was created in the previous step prepare gcp project it is advisable to create the service account in the same project where manufacturing connect will be deployed deleting the service account will disrupt gcp marketplace billing and may remove the product license to deploy the manufacturing connect to a particular gcp project after you've created a kubernetes cluster, you can deploy the manufacturing connect from the google cloud marketplace https //console cloud google com/kubernetes/application(cameo\ product/litmus public/intelligent manufacturing connect) log into the google cloud marketplace click the configure button in dropdown list reporting service account , select the service account name that was created in the previous step prepare gcp project if the manufacturing connect is deployed to a private gke cluster, then select the internal load balancer option refer to the following table to learn more about gcp parameters parameter description existing kubernetes cluster select the name of the gke cluster that was deployed in step 1 pre installation tasks you can also select or create new cluster to specify a different gke cluster, if needed namespace this is the namespace where the manufacturing connect will be deployed to you cannot have two identical namespaces in the same google kubernetes engine (gke) cluster create a new namespace see kubernetes namespaces for more details app instance name this is the application name of the manufacturing connect instance in most situations, it can be left as the default value intelligent manufacturing con 1 however, if you have multiple manufacturing connect instances or multiple applications in your gke cluster, changing this value will help you uniquely identify each instance while you could have identical names, this is not recommended to prevent confusion use internal tcp/udp load balancer if the manufacturing connect will be deployed to a private gke cluster, select yes select no otherwise when yes is selected, then frontend load balancer static ip address and remote access load balancer static ip address will only be accessible within the virtual private cloud (vpc) network where the private gke cluster is located these two addresses will not be connected to the internet frontend load balancer static ip address this is the load balancer for tcp based protocols such as https and mqtt when specified, it will provide a consistent endpoint for manufacturing connect edge to connect to this eliminates the need for manufacturing connect edge reactivation in the case of manufacturing connect redeployment both frontend load balancer static ip address and remote access load balancer static ip address must be specified to eliminate the need for manufacturing connect edge reactivation this value cannot be identical to remote access load balancer static ip address when an ip address is not specified, manufacturing connect will automatically specify a dynamic ip address for this parameter instead if manufacturing connect has to be redeployed, you can obtain the dynamic ip address and specify it as the new frontend load balancer static ip address otherwise, any manufacturing connect edge connected to the redeployed manufacturing connect will have to be create a configuration and activate an edge device docid\ jala8oa1dtk8bdvoenawa remote access load balancer static ip address this is the load balancer for udp based protocols when specified, it will provide a consistent endpoint for manufacturing connect edge to connect to this eliminates the need for manufacturing connect edge reactivation in the case of manufacturing connect redeployment both frontend load balancer static ip address and remote access load balancer static ip address must be specified to eliminate the need for manufacturing connect edge reactivation this value cannot be identical to frontend load balancer static ip address when an ip address is not specified, manufacturing connect will automatically specify a dynamic ip address for this parameter instead if manufacturing connect has to be redeployed, you can obtain the dynamic ip address and specify it as the new remote access load balancer static ip address otherwise, any manufacturing connect edge connected to the redeployed manufacturing connect will have to be create a configuration and activate an edge device docid\ jala8oa1dtk8bdvoenawa remoteaccess network for edge devices this is the network range used for communication between manufacturing connect and manufacturing connect edge by default, this range is 192 168 127 0/24 if your internal network uses this same range, then there is a potential for conflict you may not be able to access a manufacturing connect edge remotely from manufacturing connect likewise, if you have third party software (for example, an mqtt server) located in this ip range, your manufacturing connect edge will not be able to access the software (in this case, fail to connect to the mqtt server) specify a different range to avoid ip address conflict mde integration topic by default, this is input messages when you deploy mde (and the pub/sub topic was changed), change this value to the equivalent mde deployment pub/sub topic create new service account select the service account name that was created in step 2 prepare gcp project after the project is successfully deployed, you will receive an ip address on where the manufacturing connect is located note after manufacturing connect is deployed, it will automatically attempt to activate the license server docid\ bdtzor5azx0yafvh9jtcp and receive a site license from the license server this site license will be later used to activate manufacturing connect edge instances that use the site license if the manufacturing connect is located on a private network, then you must activate the license server docid\ bdtzor5azx0yafvh9jtcp manually step 4 post deployment tasks refer to the following post deployment tasks verify site license installation log in to manufacturing connect admin console see the access the admin console section of access to manufacturing connect docid\ my eu8gulswcsytrr5ziv for details from the navigation panel, select license server the license server management pane appears from core license list , verify there is a license if no license exists, you must activate the license server docid\ bdtzor5azx0yafvh9jtcp change initial credentials (mandatory) open gke applications list https //console cloud google com/kubernetes/application in your gcp project click the kubernetes application which was just installed click the show info panel from the show info panel, follow instructions to get the application urls and initial credentials change the mc admin password change the mc keycloak admin password upload gcp credentials (mandatory) open the mc admin console click settings/cloud settings see cloud settings docid 5qmrck sodaavkptb58kn for more details follow instructions for generate key in the cloud credentials section set gcs bucket (optional) open mc admin console click settings/cloud settings select google cloud storage in storage settings to create a bucket, follow instructions for create bucket set bucket name click save associate a domain name with mc instance this is mandatory only if google authorization is needed for the mc instance associate mc external ip address with a domain name open the mc admin console open settings/entrypoints set the new domain name click save step 5 setup google authentication (optional) if google authentication is desired for the manufacturing connect instance, a domain name must be associated with the manufacturing connect instance oauth consent screen open the apis & services oauth consent https //console cloud google com/apis/credentials/consent screen select external type note in testing mode, external allows add up to 100 google accounts from any organization internal type allows only users within the current organization 3\ on the next screen set mandatory attributes app name user support email add authorized domain example if for manufacturing connect we use domain name test mc domain com , then use domain com as an authorized domain developer contact information create oauth 2 0 credentials open the apis & services oauth credentials https //console cloud google com/apis/credentials screen create oauth client id with the following field value pairs application type web application authorized redirect url https //\<your domain>/auth/realms/standalone/broker/google/endpoint set up manufacturing connect keycloak open the keycloak admin console click identity providers select google from the list set client id and secret id values from the previous step create oauth 2 0 credentials set first login flow to google login click save grant permissions to your email accounts open the mc admin console click users add a new user (set up your google email or another email account ) enable the user grant admin role if required upgrade manufacturing connect refer to the following steps to upgrade manufacturing connect (mc) see the manufacturing connect installation guide from github to learn more step 1 retrieve the git repository git clone https //github com/litmusautomation/mc gcp marketplace git step 2 enter the retrieved repository cd mc gcp marketplace step 3 run upgrade script /upgrade mc sh $gcp project id $zone $gkecluster $namespace $target version specify the following parameters $gcp project id is the google cloud platform (gcp) project id $zone is the zone where gke cluster is deployed $gkecluster is the gke cluster name $namespace is the kubernetes namespace where manufacturing connect is deployed $target version is the required manufacturing connect target version, for example 2 8 0 120