In the previous instruction, we've activate the Edge Integration Cell in the SAP Integration Suite, and grant user the access to the Edge Lifecycle Management UI. Well done!
Now it is the time for us to add the Edge Node in the SAP Integration Suite - Edge Integration Cell. The Edge Node is an abstraction of the hosting Kubernetes cluster, which will grant us the ability to deploy and initiate Edge Lifecycle Management.
Once the Edge Node has been added, the next step is to run the Edge Lifecycle Management Bridge to establish the connection between the Edge Lifecycle Management and the Edge Node using the Cloud Connector.
In this instruction, we will walk you through the steps of adding Edge Node into your Edge Integration Cell in SAP Integration Suite, and the steps of establish the connection between the Edge Lifecycle Management and the Edge Node.
- Prerequisites
- Step 1. Create technical user (P-User) in SAP BTP and Assign Role Collection
- Step 2. Create a technical user in SAP Repositories Management
- Step 3. Obtain the latest Kubernetes configuration file of your Amazon EKS cluster
- Step 4. Configure SSO for Logging and Monitoring Group for SAP Edge Integration Cell
- Step 5. Add edge node in the SAP Edge Lifecycle Management UI
- Step 6. Bootstrapping Kubernetes cluster on the Edge Node
- Conclusion
- References
- You've finished the previous instruction Deploy SAP Edge Integration Cell on Amazon Elastic Kubernetes Service (EKS) - Activate Edge Integration Cell
- You've finished all required AWS instructions, and have a Amazon EKS configured handy.
- You've the access to the Edge Lifecycle Management UI
-
Please follow the SAP official instruction below to create a technical user.
Important
Please note down your technical user P-number and password.
-
Go back to the SAP BTP Subaccount. Go to Security -> Users, then click Create button to register your SAP BTP technical user on your BTP subaccount.
-
In the Create User pop-up screen, enter your technical user email, then click Create to add technical user to your SAP BTP subaccount.
-
Go to the user details page, and then assign role collections below to your technical user.
- Cloud Connector Administrator
- Role Collection created in the previous step of Activate Edge Integration Cell
-
Please follow the SAP official instruction below to create a technical user in SAP Repositories Management.
Important
Please note down your technical user username and basic auth string.
Managing Technical Users in Repository-Based Shipment Channel
-
Let's first execute command below to install the Kubernetes Metrics Server to your Amazon EKS cluster.
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
-
Execute command below to obtain the updated kubeconfig file of EKS cluster.
- Replace
region-codewith the AWS Region that you created your cluster in. - Replace
my-clusterwith the name of your cluster.
aws eks update-kubeconfig --region region-code --name my-clusterOnce you executed the command successfully, it will output the directory where the kubeconfig file located on your local machine.
- Replace
If you are following Quick Setup guide, you may skip monitoring and logging configuration and proceed to creating an edge node.
🔗 Quick setup: Add edge node in ELM UI
-
Open your SAP BTP subaccount administration console for Identity Authentication. Choose User & Authorization -> Groups, then click + Create button to create a new user group.
-
In the Create Group pop-up screen, enter an unique name and display name for this new user group.
Important
Please note down the group name your give, we will need it later.
-
Go to the group details page. Assign the user into this new group who will need access to see the log file of the SAP Edge Integration Cell.
-
Expand the Applications & Resources menu, choose Applications. Then click + Create button to create a new application.
-
In the Create Application pop-up screen, do the following, then click + Create button to create the new application.
- Display Name: Enter a read-friendly name.
- Type: Choose Other SAP cloud solution.
- Protocol Type: Choose OpenID Connect.
-
Once your application has been created, please note down the application ID of your application.
Important
Please note down the application ID from the browser URL!!
-
Now let's create a new client secret of your application. In the application details page, click Client Authentication, then click Add button under the Secrets section.
-
In the Add Secret pop-up screen, enter a proper description of the new secret. Leave everything as default, and click Save to create new client secret.
-
Note done the Client ID and Client Secret. We will need it in the following step.
-
Click Attributes in the application details page, then click Add button to add one more assertion attribute for the single sign-on.
-
In the add new attributes page, do the following and then click Save to create new assertion attribute for the single sign-on.
- Name: Enter groups.
- Source: Choose Identity Directory
- Value: Choose Groups
-
Click OpenID Connect Configuration in the application details page. Give a Name to your configuration then click Save button to save the changes.
-
On the SAP Integration Suite homepage, choose the URL for accessing Edge Lifecycle Management UI.
-
Choose Add Edge Node to start the configuration wizard.
-
In the Prerequisite Validation Procedures screen, check all the checkboxes then click Continue.
-
In the Provide Edge Node Details screen, do following then click Step 2.
- Edge Node Name: Enter a read-friendly name to your edge node.
- If you are following Quick setup guide, DO NOT check the High Availability Mode.
- If you are following HA Setup guide, Check High Availability Mode.
-
In the Provide SAP Credentials screen, do following:
-
SAP Business Technology Platform
- User ID: Enter your SAP BTP technical user P-number.
- Email: Enter your SAP BTP technical email address.
- Password: Enter your SAP BTP technical user password.
- click Test Connection
-
Repository-Based Shipment Channel (Container Registry)
- Username: Enter your technical user name in SAP Repositories Management.
- Password: Enter your technical user password in SAP Repositories Management.
- click Test Connection
If all the connection testing pass, click Save and then click Step 3.
-
-
In the Enable Monitoring and Logging screen, do following:
- If you are following Quick Setup guide, DO NOT check Deploy the Monitoring and Logging components on the Edge Node check box.
- If you are following HA Setup guide, Check Deploy the Monitoring and Logging components on the Edge Node check box.
- Single Sign-On Configuration
- FQDN for Identity Authentication: Enter the host name of your SAP BTP subaccount administration console.
- Group Name: Enter the user group name that you created in previous step.
- Application ID: Enter the applicationID that you obtained in previous step.
- Client ID: Enter the Client ID of your application that created in the previous step.
- Client Secret: Enter the Client Secret of your application that created in the previous step.
-
In the Enable Local Container Registry screen, click Step 5 directly.
-
In the Provide HTTP Proxy Details screen, click Review directly. Review your edge node configuration details in the next page, then click Add Edge Node.
-
Now you are redirected to the Edge Nodes tab where the newly added Edge Node is selected and you can view its details. The status of the Edge Node is Not Initialized.
-
Execute command below to obtain an updated kubeconfig file of your Amazon EKS cluster.
- Replace
region-codewith the AWS Region that you created your cluster in. - Replace
my-clusterwith the name of your cluster.
aws eks update-kubeconfig --region region-code --name my-clusterOnce you executed the command successfully, it will output the directory where the kubeconfig file located on your local machine.
- Replace
-
Go back to your Edge Node details tab. Under the Setup Cloud Connector section, upload your EKS cluster kubeconfig file by clicking the Upload button, and setup a strong password. Then click Download Bootstrapping File button.
Important
- Multiple Amazon EKS cluster ARN will be store in your kubeconfig file.
- Use drop down in the Context field to select the correct Amazon EKS Cluster.
-
Still under the Set Up Cloud Connector tab, click on the tab based on your local machine to download the Edge Lifecycle Management Bridge.
Important
- Make sure to put both Edge Lifecycle Management Bridge executable and Bootstrapping File under the same directory in your local machine.
-
Open your terminal and go to the directory you used to store both Edge Lifecycle Management Bridge executable and Bootstrapping File. Execute the command to execute the Edge Lifecycle Management Bridge executable.
-
You are prompted to enter the Context Password you defined previously.
-
You will be ask to choose the storage class then, please choose the EBS type storage class that we created previously.
-
Follow the instructions display in the terminal to finish the Edge Lifecycle Management. Once it finished, you should see the Status of your Edge Node will change to Available.
After running the Edge Lifecycle Management Bridge successfully, you have accomplished the following:
-
You see the new Edge Node displayed in Edge Lifecycle Management UI.
-
Additional Kubernetes resources are deployed automatically before the status of the Edge Node shows Available.