This topic describes installing VMware Tanzu GemFire Management Console.
Prerequisites
To run the Tanzu GemFire Management Console, you must have the following:
-
A Broadcom Customer Support Portal account.
-
Operating System:
- macOS
- Windows 10, Windows 11
-
If installing from a JAR file, JDK 11 or JDK 17.
Java 8 is not supported.
When using Java 17, the Tanzu GemFire Management Console requires the following access flags (in the example below we use version 1.3.0 of the Management Console):
java --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED \ -jar gemfire-management-console-1.3.0.jar --server.port=7077 -
Browser:
- Chrome
- Firefox
- Safari
-
A running VMware Tanzu GemFire environment (Tanzu GemFire 9.15.x, 10.0.x, 10.1.x, Tanzu GemFire for Cloud Foundry 1.14.5+. Tanzu GemFire on Kubernetes 2.1+)
Access to the VMware Tanzu GemFire Documentation.
Installation
Install Tanzu GemFire Management Console from a JAR, an OVA, or as an OCI Image.
JAR File Installation
To run Tanzu GemFire Management Console JAR file:
- Log in to Broadcom Customer Support Portal with your customer credentials. For more information, see the Download Broadcom products and software article.
- Go to the VMware Tanzu GemFire Management Console downloads page. Select VMware Tanzu GemFire Management Console, and select a version.
- Click I agree to Terms and Conditions. Click the HTTPS Download icon next to VMware Tanzu GemFire Management Console.
- After the download has completed, move the JAR file into the file directory from which you intend to run it. The application creates a folder called
VMware_GemFire_Management_Consolein the directory where the application is started. -
In a terminal window, run the JAR file. For example, run:
java -jar /Path/to/jar/file/gemfire-management-console-1.3.0.jarBy default, the app starts at
http://localhost:8080. If you use SSL/TLS for the Management Console, use the--server.portproperty to change the port number to443when starting the app.java -jar /Path/to/jar/file/gemfire-management-console-1.3.0.jar --server.port=443 - After you run this command, output is displayed in your terminal that shows the Spring Boot app starting.
- After the Spring Boot app has started, open a web browser and navigate to the host and port that you defined when you started the app.
OVA Installation
To use the Tanzu GemFire Management Console OVA:
- Log in to Broadcom Customer Support Portal with your customer credentials. For more information, see the Download Broadcom products and software article.
- Go to the VMware Tanzu GemFire Management Console downloads page. Select VMware Tanzu GemFire Management Console, and select a version.
- Click I agree to Terms and Conditions. Click the HTTPS Download icon next to VMware Tanzu GemFire Management Console OVA.
- To deploy the downloaded OVA, follow the instructions in Deploy an OVF or OVA Template in the VMware vSphere product documentation.
OCI Image Installation on Docker
To run the Tanzu GemFire Management Console OCI Image on Docker:
-
In a terminal window, run the
docker logincommand. Enter your customer credentials when prompted:docker login registry.packages.broadcom.com -
Pull the image from the Tanzu Network by running the following command:
docker pull registry.packages.broadcom.com/gemfire-management-console/gemfire-management-console:1.3.0 -
Run the image that you pulled from Docker by using the
docker runcommand and map the port for the web browser to8080. For example, the command below maps the host’s port8080to the container’s8080port, where the app is running. If you use SSL/TLS for the Management Console, set the port number to443docker run -p 8080:8080 registry.packages.broadcom.com/gemfire-management-console/gemfire-management-console:1.3.0 -
After the Spring Boot app has started, open a web browser and navigate to the host and port that you defined when you started the app. For the example above, navigate to
http://localhost:8080.
OCI Image Installation on Kubernetes
To run the Tanzu GemFire Management Console OCI Image on Kubernetes, use the following example yml file which creates a namespace, service, and stateful set for Tanzu GemFire Management Console.
---
apiVersion: v1
kind: Namespace
metadata:
name: gemfire-management-console
labels:
name: gemfire-management-console
---
apiVersion: v1
kind: Service
metadata:
name: gmc-service
namespace: gemfire-management-console
spec:
selector:
app: gmc
ports:
- name: http
port: 8080
targetPort: 8080
protocol: TCP
type: LoadBalancer
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: gmc
namespace: gemfire-management-console
spec:
selector:
matchLabels:
app: gmc
serviceName: "gmc-service"
replicas: 1
template:
metadata:
labels:
app: gmc
spec:
terminationGracePeriodSeconds: 10
securityContext:
fsGroup: 1000
containers:
- name: gmc
image: gemfire/gemfire-management-console:1.3.0
ports:
- containerPort: 8080
name: gmc
volumeMounts:
- name: gmc
mountPath: /opt/gemfire/VMware_GemFire_Management_Console
env:
- name: server.port
value: "8080"
- name: GMC_WEBSOCKET_SENDBUFFERSIZELIMIT
value: "5120000"
- name: PROMETHEUS_SCRAPE_INTERVAL
value: "2s"
volumeClaimTemplates:
- metadata:
name: gmc
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName:
resources:
requests:
storage: 4Gi
Enabling SSL/TLS for Tanzu GemFire Management Console
It is recommended that you encrypt the traffic between your user’s browsers and the Tanzu GemFire Management Console using SSL/TLS. Tanzu GemFire Management Console builds on Spring Boot, and the SSL/TLS configuration follows the same patterns as for any Spring Boot application.
If you enable SSL/TLS for Tanzu GemFire Management Console, set the server port to 443.
server.port=443
If you leave the server port set to
8080, the Management Console runs onhttps://HOSTNAME:8080, and when logging out in LDAP and OAuth, Spring redirects the logout to port8443. If you set the server port to443, the logout redirection works as expected.
The other relevant server properties are in Server Properties in Common Application Properties in the Spring Boot product documentation. They are namespaced under server.ssl.*. You can save an application.properties file in the same directory as the Tanzu GemFire Management Console JAR file and the Java process will pick it up automatically.
Example application.properties:
server.port=443
server.ssl.enabled=true
server.ssl.key-store=file:./keystore.p12
server.ssl.key-store-type=PKCS12
server.ssl.key-store-password=password123
server.ssl.key-alias=gmc
Enable/Disable Hostname Verification
To connect to TLS-enabled GemFire clusters, you must upload keystore and truststore files and passwords. By default, Tanzu GemFire Management Console verifies that the cluster host is present in the Subject Alternative Names. However, for specific use cases where you need to disable hostname verification in your keystore and truststore files for all clusters, follow the instructions below.
-
JAR File Deployment:
- Configure the property
gmc.ssl-hostname-verification-enabled=falsein theapplication.propertiesfile. - Place the
application.propertiesfile in the same directory as the JAR file. - Restart the JAR.
- Configure the property
-
OVA Deployment:
- Configure the property
gmc.ssl-hostname-verification-enabled=falsein theapplication.propertiesfile. - Place the
application.propertiesfile in the/opt/gemfiredirectory. - Restart the VM.
- Configure the property
-
OCI Image Deployment:
- Configure the property
gmc.ssl-hostname-verification-enabled=falsein theapplication.propertiesfile. - Mount the
application.propertiesfile when starting the container. - Example command:
docker run -it -v ./application.properties:/opt/gemfire/application.properties -p 8080:8080 gemfire-management-console:1.3.0
- Configure the property
Content feedback and comments