Skip to content

Onboard IEM-OS

Use the following commands to boot the IEM-OS:

Add IE Hub Configuration

To onboard an IEM, you must first add the IE Hub configuration. To add the IE Hub configuration, use the following command:

$ cat ~/my_password.txt | iectl config add iehub \
         --name "configname" \                            # name of the configuration being added in lower case
         --url "https://iehub.eu1.edge.siemens.cloud/" \  # Url of IEHUB on which you want to perform operations
         --user "email_address" \                         # email address used for IE Hub login  
         --password "password"                            # password of the IEHUB user

NOTICE

We recommend using the --password-stdin option instead of --password, as it allows you to securely pass a password to a command through standard input (stdin) rather than typing it directly in the command. This prevents the password from being exposed in shell history or process lists, enhancing security. For more information, refer to the guide: "How to use --password-stdin".

Add IEM Configuration

To onboard an IED, you must also add the IEM configuration of the IEM in which the IED will be onboarded. To add the IEM configuration, use the following command:

$ cat ~/my_password.txt | iectl config add iem \
             --name "iem-config-dev" \                         # name of the config
             --url "https://portaldev7.siemenspx.us" \         # your IEM url 
             --user email@siemens.com \                        # email address registered on IEM
             --password "password"                             # password of the IEM user

NOTICE

We recommend using the --password-stdin option instead of --password, as it allows you to securely pass a password to a command through standard input (stdin) rather than typing it directly in the command. This prevents the password from being exposed in shell history or process lists, enhancing security. For more information, refer to the guide: "How to use --password-stdin".

System Onboard

To onboard the IEM, use the following command:

NOTICE

This provisioning command only works with IEM-OS, to provision other flavors of IEM please use the "iectl provision" command.

$ iectl iem system onboard \
          --username "email@siemens.com" \              # Initial username, will be set for IEM and IEM-Appliance
          --password "password" \                       # Initial password, will be set for IEM and IEM-Appliance
          --iem-url "https://portaldev7.siemenspx.us" \ # Url of the IEM-Appliance    
          --cn "public.siemens.com" \                   # Common Name for initial certificate/ca creation: CN
          --country "US" \                              # Country for initial certificate/ca creation, e.g. DE, AU, US (default "DE")
          --loc "Oberdiessbach" \                       # Locality for initial certificate/ca creation, e.g. Munich
          --name "demoiem" \                            # Unique iem name
          --org "Siemens" \                             # Org for initial certificate/ca creation: O
          --ou "Information Technology" \               # OrgUnit for initial certificate/ca creation: OU
          --street "street" \                           # Street for initial certificate/ca creation, e.g. Broad st.
          --province "Bern" \                           # Province for initial certificate/ca creation, e.g. Bavaria
          --pod-cidr "10.0.0.0/12" \                    # [Optional] CIDR to be used for Kubernetes Pod Network (default "10.0.0.0/12")
          --svc-cidr "10.96.0.0/12" \                   # [Optional] CIDR to be used for Kubernetes Service Network (default "10.96.0.0/12")
          --cert-path "./MW_Cloud.crt" \                # [Optional] path to the cert used for the IEM (if you omit this, the cluster creation will be done with self-signed certs)
          --iem-domain "iems-domain" \                  # [Optional] domain name under which the IEM shall be accessible (if you omit this, the cluster creation will be done with self-signed certs)
          --key-path "./MW_Cloud.key" \                 # [Optional] path to the key used for the IEM (if you omit this, the cluster creation will be done with self-signed certs)
          --reg-domain "onboarding-iehub-domain" \      # [Optional] domain name under which the IEM Docker registry shall be accessible (if you omit this, the cluster creation will be done with self-signed certs)    
          --proxy-host "host.domain.com" \              #[Optional] name of the configuration being added in lower case
          --proxy-port "8080" \                         #[Optional] proxy-port
          --proxy-user "proxy-user" \                   #[Optional] proxy-user
          --proxy-password "password" \                 #[Optional] proxy-password
          --follow \                                    #[Optional] to track the cluster creation process

This command onboards your IEM and returns IEM statistics, but does not track the status of cluster creation.