Managing the Message VPN

Developers can manage the Message VPN associated with a service instance by using the Dashboard URL of the service and by connecting to the Solace PubSub+ Event Broker via the PubSub+ Broker Manager web browser based interface.

Solace PubSub+ Service Dashboard

The Solace PubSub+ Service Dashboard offers the following functionality:

  • A link to the Solace PubSub+ Broker Manager.
  • Manage Client Profiles and their configuration.
  • Capture a backup of basic service configuration and subsequently restore it.
  • Elect to receive an upgrade when an upgrade is available if user controlled upgrades are enabled. This includes the option to opt-in to automatically receive upgrades when they become availabe.

Retrieve Dashboard Information

  1. Look for the Dashboard by getting details about the created service.

    $ cf service solace-pubsub-instance-IoT

Service instance: solace-pubsub-instance-IoT Service: solace-pubsub Bound apps: Tags: Plan: enterprise-shared Description: Solace PubSub+ Event Broker for real-time, multi-protocol data distribution Documentation url: http<span>:</span>//docs.solace.com Dashboard: https<span>:</span>//solace-service-dashboard.YOUR-SYSTEM-DOMAIN/service-dashboard/f5d6bf5b-e84f-416b-8c08-4a0e782a51d2/

Last Operation Status: create succeeded Message: Started: 2020-01-01T00:00:00Z Started: 2020-01-01T00:00:00Z

  2. Use the provided URL in a browser. As of Solace PubSub+ version 2.8.0, the dashboard support Single Sign On using VMware Tanzu accounts. When navigating to the URL provided, users will be asked to authorize Solace PubSub+ to read basic information about their VMware Tanzu account. Users with manage access will be able to utilize the features of the service dashboard such as Client Profile management, Backup and Restore, Service Management, and Upgrade Management. Users with only read access will see basic information such as the vpn name and broker version.

    alt-text=""

Client Profile Management

Client profiles are assigned to client usernames so that a common configuration can be applied to groups of clients.

The Client Profile Management section displays existing client profiles and offers the ability to create, update, and delete client profiles on the message VPN. While creating and updating client profiles, select the client profile capabilities to turn ON/OFF. For more information about client profiles, see Clients Profiles and Configuring Clients with Client Profiles

The client profile highlighted in light green is the selected default client profile. New client usernames created through Cloud Foundry are automatically assigned this client profile. To select a different default client profile, use the dropdown menu that can be found at the bottom of the client profile table. Changing the default client profile does not modify existing client usernames, the change only applies to new client usernames.

Note that updating a client profile affects all clients using the client profile.

Also note that the client profile named ‘default’ as well as the selected default client profile (the highlighted client profile) can’t be deleted.

Solace PubSub+ Configuration Backup and Restore

It provides the ability to capture a backup of service configuration only and to restore to a newly created service.

At this point it is not intended to do a full backup and restore on the same service. It should only be used to transfer limited configuration to a new service when data retention is not needed.

Note that performing a restore will delete all persisted messages and will leave the VPN with only the objects that existed when the backup was performed.

Solace PubSub+ Broker Manager

The PubSub+ Event Broker includes a browser based management interface for the Solace PubSub+ services. The PubSub+ Broker Manager is accessible when a service is created from a link in the Solace PubSub+ Service Dashboard.

Sample PubSub+ Broker Manager

alt-text=""

Restrictions on the Use of the PubSub+ Broker Manager

There are some actions that you must not perform in the PubSub+ Broker Manager:

  1. Do not change anything on the Message VPN/Services page. Settings such as TLS configuration must be managed through the tile.
  2. On the Message VPN/Replication page, do not change the Replication Role. This causes the deployment to fail.
  3. Do not change anything on the Access Control/Client Authentication page. Settings such as Authentication type must be managed through the tile. Likewise, client usernames should be created by binding services through VMware Tanzu.

Managing with SolAdmin

This section describes how to connect to the Solace PubSub+ Event Broker with the SolAdmin legacy administration tool to manage the Message VPN associated with a service instance.

Retrieve Information From a Bound App

To retrieve the information required to connect to the Solace PubSub+ Event Broker from a bound app, do the following:

  1. Log in to your deployment and choose the org and space where your Solace PubSub+ service instance and bound app exists.

    $ cf login
API endpoint: <span>https:</span>//api.YOUR-SYSTEM-DOMAIN
Email> user<span>@</span>example.com
Password>

  2. View the VCAP_SERVICES environment variable by retrieving the environment variables associated with your bound app:

    $ cf env YOUR-APP

Retrieve Information from a Service Key

To retrieve the information required to connect to the Solace PubSub+ Event Broker from a service key, do the following:

  1. Log in to your deployment and choose the org and space where your Solace PubSub+ service instance and service key exists.

    $ cf login
API endpoint: <span>https:</span>//api.YOUR-SYSTEM-DOMAIN
Email> user<span>@</span>example.com
Password>

  2. View the service key:

    $ cf service-key solace-pubsub-instance my-service-key

Locate the Management Host and Credentials

  1. Both the VCAP_SERVICES and service key contain the same information, look for and record the following fields:
    • managementHostnames: The Solace PubSub+ Event Broker’s management hostnames. There will be multiple entries for Services on HA Plans.
    • activeManagementHostname: A single entry that is dynamically routed to the active node for an HA service. Will always be the same as managementHostnames for non-HA plans.
    • When Management Access is set to Event Broker Internal:
      • managementUsername: The service instance’s management username
      • managementPassword: The service instance’s management password
    • When Management Access is set to LDAP Server:
      • The management username and password are to be provided by the LDAP Administrator.
        For more information about the VCAP_SERVICES fields, see the Understanding Credentials topic.

Connect to the Solace PubSub+ Event Broker

The managementHostnames and activeManagementHostname are externally accessible FQDNs and can be used directly from within SolAdmin using standard ports for HTTP (80) and HTTPS (443). The procedure is as follows:

  1. Download and install the SolAdmin administration tool from the Solace Downloads page.

  2. Start SolAdmin.

  3. Click Manage to open the Manage Appliance window.

    alt-text=""

  4. Under Management Host, enter the active management hostname of the Solace PubSub+ Event Broker recorded above.

  5. Under User Name and Password, enter the management username and password recorded above.

  6. Click Ok. The Solace PubSub+ Event Broker should now appear in the Managed Appliances list.

    alt-text=""

  7. To learn how to use SolAdmin to manage your Message VPN, see the included context specific tool help within the SolAdmin tool itself.

Create a pull request or raise an issue on the source for this page in GitHub