Post-Installation Configuration of the IGEL UMS Server
This article covers the tasks that should be performed after installing a new IGEL Universal Management Suite (UMS) server.
Set the Correct Public Address and Public Web Port for each UMS server
It is required to set the public address for your UMS servers in order for OS 12 devices to properly locate them. Thee steps below will need to be performed once for each UMS server in your cluster:
Open the IGEL UMS Console, and go to the UMS Administration section.
Navigate to UMS Network > Server.
Right-click the UMS server you wish to adjust, and select the Edit... button.
Enter a unique identifier into the Display Name field (this does not impact functionality, just how it appears in the UMS Console).
Enter the Fully Qualified Domain Name of your UMS server that the IGEL will connect to on from your local network into the Public Address field.
You can either leave the Public Web Port field empty, or enter 8443.
If you are using a reverse proxy, load balancer, or individual VIPs with Unique Addresses for your UMS servers that go through that proxy, you will need to make sure you have the correct port defined for that proxy, and that the Public Address is the URL of said VIP or reverse proxy server.
Validate UMS and ICG Certificates
In order for the new Unified Protocol and UMS Web App to function properly, your UMS Web Certificates must contain either a list of all your UMS server public addresses in the SAN, or use a wild card certificate.
List of UMS Server SANs
If you use any other URL's to access the UMS Web App, or an external load balancer/reverse proxy address, these will need to be added as well (i.e umsconsole.igel-lab.local).
Wild Card Certificate
Individual Certificates
If you have multiple domains, it is possible to generate certificates from UMS containing multiple domain names.
Configure Recommended Administrative Tasks
There are some recommended Administrative Tasks that should be deployed in all IGEL UMS environments:
Open the IGEL UMS Console, and go to the UMS Administration section.
Navigate to Global Configuration > Administrative Tasks.
Configure the Administrative Tasks described below.
Backup
The first item that should be configured is a daily backup of the UMS database. If you are using the embedded database, this can be configured via a UMS Administrative Task. If you are using an external database, then please refer to the documentation of that database to configure this.
Backup Best Practices
Backups should be run daily, and schedule 2 hours before any other UMS Administrative Tasks are scheduled to run.
Backups should be stored on separate storage than where your UMS server is running, or in accordance to your companies backup policies.
For the embedded database, it is recommended to mount external storage which you can then point to as your backup location. Please refer to your operating systems instructions on how to create a local mount for remote storage.
Additional Administrative Tasks
The following tasks should be configured to run one night a week, staggered by 24 hours, and scheduled to run 2 hours after your backup task or process is started:
Delete Logging Data
Delete Job Execution Data
Delete Administrative Task Execution Data
Delete Process Events
Delete Asset Info History
Example
Backup is scheduled to run nightly at 09:00 PM
Monday @ 11:59pm - Delete logging data
Tuesday @ 11:59pm - Delete Job Execution Data
Wednesday @ 11:59pm - Delete Administrative Task Execution Data
Thursday @ 11:59pm - Delete Process Events
Friday @ 11:59pm - Delete Asset Info History
Optional: Additional Administrative Tasks
Remove Unused Firmware (OS 11 Only)
If you have IGEL OS 11 in your environment, you can schedule a task to remove old update files and database entries.
Further tasks for performance optimization and maintenance are described in: