Update userguide.md

[ramaraosrikakulapu]

Posting the initial feedback given on 12/06 on user guide here -

12/06/2021: Attendees: Rama chandra, Saurabh, Akhil, Sukesh and Puja MoM:

• Gone through the initial draft version
• Table of Contents is good
• Requested following changes -
  • Introduction to EC - Highlight the EC features in the starting and platform details can be followed
  • What is EC - EC is a connectivity tool to establish connectivity b/w any 2 network. Not just 'Predix Cloud' and 'enterprise resources'
  • Characteristics - 'Is a system that contains many smaller software systems (self-contained microservice)' - have to confirm with @ayasuda-ge
  • 'Cloud Foundry Marketplace' - Change the heading name related to EC
  • 'Components of EC' - EC service, Agent (types - gateway, server, client, gw:client, gw:server) and Plugin types
  • Most of the times Oracle DB mentioned as target system. Requested to give generic information instead of specific type of DB
• Shared the wiki link to get more details about product. Team was following GE digital doc for user guide
• Shared the 'EC first glance' to Rama chandra after the meeting
  • Ram (EC) have to come up with table of contents for 'Developer Guide'

[ramaraosrikakulapu]

Updates for 12/17 to 12/20:

• Shared the EC demo video with Ram chandra
• Sent the EC FEMA file to the documentation team to update the 'Common issues and remediations' section in 'EC developer guide'

[RamChReddy]

https://github.com/RamChReddy/sdk/blob/wiki/Enterprise%20Connect%20Developer%20Guide_V1.docx The above is the link to my work:

Here are some questions that I have in my mind. Please let me know your answers.

1. How do we ensure security of Enterprise Connect (EC)? Is it through the TLS (Transport Layer Security) protocol? What are the other measures that you take to keep the EC service secure?
2. Elastic Kubernetes Service (EKS) and Azure Kubernetes Service (AKS) have been mentioned as the deployment options for EC. Could you shed some light on these options?
3. I would like to know more about the 'Binary Process' as one of the deployment options. You may please shed some light on the topic in one of the knowledge transfer sessions.
4. Want to know more about 'Health Page'.
5. We want to know more about how to connect EC to multiple targets through VLAN and how to connect to multiple Linux and Windows clients?
6. We also want to know more about some of the common issues (as mentioned in the document shared by Mr. Rama Rao). We have many smaller questions regarding the topic.
7. Is the Fuse mode opposed to the traditional mode? What to know more about the two modes.

[ramaraosrikakulapu]

12/22/2021: Attendees: Rama Chandra, Akhil, Saurabh and Ram(EC) MoM:

• Shared knowledge on TLS, Linux VLAN, Windows VLAN and Fuse mode
• High level understanding on EKS
• Answered questions mentioned above.
• Meeting record is available here and shared access to Rama chandra and Kamal Ramnath

Notes: TLS Plugin - https://github.com/EC-Release/sdk/tree/v1/plugins/tls VLAN(Linux) Plugin - https://github.com/EC-Release/sdk/tree/v1/plugins/vln VLAN(Windows) - https://github.com/EC-Release/sdk/wiki/Windows-VLAN Sample gateway health - https://agent-213-x1-gateway.run.aws-usw02-pr.ice.predix.io/health

[ayasuda-ge]

FYI the Q&A @RamChReddy

https://github.com/RamChReddy/sdk/blob/wiki/Enterprise%20Connect%20Developer%20Guide_V1.docx The above is the link to my work:

Here are some questions that I have in my mind. Please let me know your answers.

1. How do we ensure security of Enterprise Connect (EC)? Is it through the TLS (Transport Layer Security) protocol? What are the other measures that you take to keep the EC service secure?

For data/tcp streaming protocols one like ssh, EC provides Mutual-TLS to maintain the data integrity. Addtionally, EC Connectivity-as-a-service introduces a complex security flow/model to enhance the app security described here.

2. Elastic Kubernetes Service (EKS) and Azure Kubernetes Service (AKS) have been mentioned as the deployment options for EC. Could you shed some light on these options?

Refer to @ramaraosrikakulapu KT sessions and comments/links

3. I would like to know more about the 'Binary Process' as one of the deployment options. You may please shed some light on the topic in one of the knowledge transfer sessions.

For the user guide, optional to have knowledge coverage over EC streaming technique/protocols described here

4. Want to know more about 'Health Page'.

Following an agent deployment. E.g. AWS Gateway each agent runtime instance provide a live HTTP endpoint for health check/status reporting purpose in this format https://<gateway-url>/health. Also optional to secure the health endpoint with basic authentication if -shc flag is presented as indicated here

5. We want to know more about how to connect EC to multiple targets through VLAN and how to connect to multiple Linux and Windows clients?

Refer to @ramaraosrikakulapu KT sessions and comments/links

6. We also want to know more about some of the common issues (as mentioned in the document shared by Mr. Rama Rao). We have many smaller questions regarding the topic.

Refer to @ramaraosrikakulapu troubleshooting kits

7. Is the Fuse mode opposed to the traditional mode? What to know more about the two modes.

A Fuse-mode agent combines the connectivity flow in between Gateway-to-Server or Gateway-to-Client together in one single system process as illustrated in wiki

[RamChReddy]

Thank you @ayasuda-ge and @ramaraosrikakulapu for your inputs. Yesterday's knowledge transfer session was very useful. I'm working on adding more content to the document on the basis of the inputs received.

[ramaraosrikakulapu]

12/23/2021: MoM:

• Tech writers team continue to work on developer guide and user guide based on KT session
• Below points were requested to share -
• Screenshot for 'Add EC scopes to UAA'

• Steps for 'Create EC Service' - https://github.com/EC-Release/sdk/wiki/Create-EC-Service#step-through-commands
• Samples for 'Fuse mode - Gateway with server' -
  • gw:server -

    agent -mod gw:server -gpt 8787 \
    -aid {agent_id} -grp {group_name} \
    -zon {subscription_uuid} \
    -sst {ec_service_url} \
    -tkn {ec_service_admin_token} \
    -hst ws(s)://{ip_dns_gw}:8787/agent \
    -cid {uaa_client_id}-csc {uaa_client_secret} \
    -oa2 {uaa_oa2_url} \
    -dur 1200 -rht {target_system_ip_host} -rpt {target_system_port} -dbg

  • client -

    agent -mod client -aid {agent_id} -tid {target_agent_id} -grp {group_name} \
    -hst ws(s)://{ip_dns_gw}:8787/agent \
    -cid {uaa_client_id}-csc {uaa_client_secret}  \
    -oa2 {uaa_oa2_url} \
    -dur 1200 -lpt {local_port} -dbg

• Samples for 'Fuse mode - Gateway with client' -
  • server -

    agent -mod server -aid {agent_id} \
    -grp {group_name} \
    -cid {uaa_client_id}-csc {uaa_client_secret} -dur 1200 \
    -oa2 {uaa_oa2_url} \
    -hst ws(s)://{ip_dns_gw}:8787/agent \
    -sst {ec_service_url} \
    -zon {subscription_uuid} \
    -rht {target_system_ip_host} -rpt {target_system_port} -dbg

  • gw:client -

    agent -mod gw:client \
    -gpt 8787 -zon {subscription_uuid}  \
    -sst {ec_service_url}  \
    -tkn {ec_service_admin_token} \
    -aid {agent_id} -tid {target_agent_id} -grp {group_name} \
    -sst {ec_service_url} \
    -hst ws(s)://{ip_dns_gw}:8787/agent \
    -cid {uaa_client_id}-csc {uaa_client_secret} \
    -oa2 oa2 {uaa_oa2_url} \
    -hca {health_port} -dur 1200 -lpt {local_port} -dbg

[ayasuda-ge]

close for duplicate