EdgeX Foundry Project
Help with Azure Iot Hub cloud export mqtt #281
-
|
I am trying to connect to azure iot hub via mqtt, and am struggling to get it connected. My guess that I am missing where or how to add the certificate, but havn't been able to come up with a solution on my own. I'll include my configuration files below I am attempting to run the sample device-rest with the example cloud-export-mqtt. Service start command ./app-service -p azureI am attempting to test with with a simple curl command: curl --header "Content-Type: application/json" \
--request POST \
--data '{"test": "edgex"}' \
http://localhost:59986/api/v3/resource/sample-json/jsonres/azure/configuration.yaml Writable:
LogLevel: "DEBUG"
StoreAndForward:
Enabled: false
InsecureSecrets:
mqtt:
SecretName: "mqtt"
SecretData:
username: ""
password: ""
cacert: ""
clientcert: ""
clientkey: ""
ioth:
SecretName: "ioth"
SecretData:
username: "my-iot-hub.azure-devices.net/<device-id>/?api-version=2021-04-12"
password: "<SaS Token>"
Pipeline:
ExecutionOrder: "Transform, MQTTExport"
Functions:
FilterByProfileName:
Parameters:
ProfileNames: ""
FilterOut: "false"
FilterByDeviceName:
Parameters:
DeviceNames: ""
FilterOut: "false"
FilterBySourceName:
Parameters:
SourceNames: ""
FilterOut: "false"
FilterByResourceName:
Parameters:
ResourceNames: ""
FilterOut: "false"
Transform:
Parameters:
Type: "json"
Compress:
Parameters:
Algorithm: "gzip"
# Encrypt:
# Parameters:
# Algorithm: "aes256"
# SecretName: "aes"
# SecretValueKey: "key"
Batch:
Parameters:
Mode: "bytimecount" # can be "bycount", "bytime" or "bytimecount"
BatchThreshold: "30"
TimeInterval: "60s"
MergeOnSend: "false"
AddTags:
Parameters:
Tags: ""
MQTTExport:
Parameters:
BrokerAddress: "mqtts://my-iot-hub.azure-devices.net:8883"
Topic: "edgex-export"
SecretName: "mqtt"
ClientId: "MQTT-Export"
QOS: "0"
AutoReconnect: "false"
KeepAlive: "" # Empty indicates to use default value
ConnectTimeout: "" # Empty indicates to use default value
Retain: "false"
SkipVerify: "false"
AuthMode: "none"
PersistOnError: "false"
WillEnabled: "false"
WillPayload: ""
WillQos: "0"
WillRetained: "false"
WillTopic: ""
# aes:
# SecretName: "aes"
# SecretData:
# key: "217A24432646294A404E635266556A586E3272357538782F413F442A472D4B6150645367566B59703373367639792442264529482B4D6251655468576D5A7134"
MessageBus:
Protocol: "redis"
Host: "localhost"
Port: 6379
Type: "redis"
AuthMode: "usernamepassword" # required for redis MessageBus (secure or insecure).
SecretName: "mqtt"
BaseTopicPrefix: "edgex" # prepended to all topics as "edgex/<additional topic levels>
Optional:
# Default MQTT Specific options that need to be here to enable environment variable overrides of them
Qos: "0" # Quality of Service values are 0 (At most once), 1 (At least once) or 2 (Exactly once)
KeepAlive: "10" # Seconds (must be 2 or greater)
Retained: "false"
AutoReconnect: "true"
ConnectTimeout: "5" # Seconds
SkipCertVerify: "false"
# Additional Default NATS Specific options that need to be here to enable environment variable overrides of them
Format: "nats"
RetryOnFailedConnect: "true"
QueueGroup: ""
Durable: ""
AutoProvision: "true"
Deliver: "new"
DefaultPubRetryAttempts: "2"
Subject: "edgex/#" # Required for NATS JetStream only for stream auto-provisioning
Service:
Host: "localhost"
Port: 59703
StartupMsg: "app-mqtt-export has Started"
RequestTimeout: "30s"
MqttExportConfig:
BrokerAddress: "mqtts://my-iot-hub.azure-devices.net:8883"
ClientId: "<device-id>"
AutoReconnect: true
Topic: "devices/<device-id>/messages/events/" # iot device name MUST match client ID
SkipCertVerify: false
AuthMode: "usernamepassword" # Change if auth required. See https://docs.edgexfoundry.org/latest/microservices/application/BuiltIn/#mqtt-export for details
SecretName: "ioth"
Trigger:
Type: "edgex-messagebus"
SubscribeTopics: "events/#*"
PublishTopic: "azure" # Base topic is prepended to this topic when using edgex-messagebus
dockercompose.yml name: edgex
services:
# app-mqtt-export:
# container_name: edgex-app-mqtt-export
# depends_on:
# consul:
# condition: service_started
# required: true
# core-data:
# condition: service_started
# required: true
# environment:
# EDGEX_PROFILE: mqtt-export
# EDGEX_SECURITY_SECRET_STORE: "false"
# SERVICE_HOST: edgex-app-mqtt-export
# WRITABLE_LOGLEVEL: DEBUG
# WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: my-iot-hub.azure-devices.net
# WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events
# hostname: edgex-app-mqtt-export
# image: edgexfoundry/app-service-configurable-arm64:3.1.0
# networks:
# edgex-network: null
# ports:
# - mode: ingress
# host_ip: 127.0.0.1
# target: 59703
# published: "59703"
# protocol: tcp
# read_only: true
# restart: always
# security_opt:
# - no-new-privileges:true
# user: 2002:2001
# volumes:
# - type: bind
# source: /etc/localtime
# target: /etc/localtime
# read_only: true
# bind:
# create_host_path: true
app-rules-engine:
container_name: edgex-app-rules-engine
depends_on:
consul:
condition: service_started
required: true
core-data:
condition: service_started
required: true
environment:
EDGEX_PROFILE: rules-engine
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-app-rules-engine
hostname: edgex-app-rules-engine
image: edgexfoundry/app-service-configurable-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59701
published: "59701"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
consul:
command:
- agent
- -ui
- -bootstrap
- -server
- -client
- 0.0.0.0
container_name: edgex-core-consul
hostname: edgex-core-consul
image: hashicorp/consul:1.16.2
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 8500
published: "8500"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: root:root
volumes:
- type: volume
source: consul-config
target: /consul/config
volume: {}
- type: volume
source: consul-data
target: /consul/data
volume: {}
core-command:
container_name: edgex-core-command
depends_on:
consul:
condition: service_started
required: true
core-metadata:
condition: service_started
required: true
database:
condition: service_started
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883
SERVICE_HOST: edgex-core-command
hostname: edgex-core-command
image: edgexfoundry/core-command-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59882
published: "59882"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
core-common-config-bootstrapper:
container_name: edgex-core-common-config-bootstrapper
depends_on:
consul:
condition: service_started
required: true
environment:
ALL_SERVICES_DATABASE_HOST: edgex-redis
ALL_SERVICES_MESSAGEBUS_HOST: edgex-redis
ALL_SERVICES_REGISTRY_HOST: edgex-core-consul
APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata
DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata
EDGEX_SECURITY_SECRET_STORE: "false"
hostname: edgex-core-common-config-bootstrapper
image: edgexfoundry/core-common-config-bootstrapper-arm64:3.1.0
networks:
edgex-network: null
read_only: true
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
core-data:
container_name: edgex-core-data
depends_on:
consul:
condition: service_started
required: true
core-metadata:
condition: service_started
required: true
database:
condition: service_started
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-core-data
hostname: edgex-core-data
image: edgexfoundry/core-data-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59880
published: "59880"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
core-metadata:
container_name: edgex-core-metadata
depends_on:
consul:
condition: service_started
required: true
database:
condition: service_started
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-core-metadata
hostname: edgex-core-metadata
image: edgexfoundry/core-metadata-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59881
published: "59881"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
database:
container_name: edgex-redis
hostname: edgex-redis
image: redis:7.0.14-alpine
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 6379
published: "6379"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: root:root
volumes:
- type: volume
source: db-data
target: /data
volume: {}
device-rest:
container_name: edgex-device-rest
depends_on:
consul:
condition: service_started
required: true
core-data:
condition: service_started
required: true
core-metadata:
condition: service_started
required: true
environment:
LOG_LEVEL: DEBUG
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-device-rest
hostname: edgex-device-rest
image: edgexfoundry/device-rest-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59986
published: "59986"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
rules-engine:
container_name: edgex-kuiper
depends_on:
database:
condition: service_started
required: true
environment:
CONNECTION__EDGEX__REDISMSGBUS__PORT: "6379"
CONNECTION__EDGEX__REDISMSGBUS__PROTOCOL: redis
CONNECTION__EDGEX__REDISMSGBUS__SERVER: edgex-redis
CONNECTION__EDGEX__REDISMSGBUS__TYPE: redis
EDGEX__DEFAULT__PORT: "6379"
EDGEX__DEFAULT__PROTOCOL: redis
EDGEX__DEFAULT__SERVER: edgex-redis
EDGEX__DEFAULT__TOPIC: edgex/rules-events
EDGEX__DEFAULT__TYPE: redis
KUIPER__BASIC__CONSOLELOG: "true"
KUIPER__BASIC__RESTPORT: "59720"
hostname: edgex-kuiper
image: lfedge/ekuiper:1.11.4-alpine
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59720
published: "59720"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: kuiper:kuiper
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
- type: volume
source: kuiper-data
target: /kuiper/data
volume: {}
- type: volume
source: kuiper-etc
target: /kuiper/etc
volume: {}
- type: volume
source: kuiper-log
target: /kuiper/log
volume: {}
- type: volume
source: kuiper-plugins
target: /kuiper/plugins
volume: {}
support-notifications:
container_name: edgex-support-notifications
depends_on:
consul:
condition: service_started
required: true
database:
condition: service_started
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-support-notifications
hostname: edgex-support-notifications
image: edgexfoundry/support-notifications-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59860
published: "59860"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
support-scheduler:
container_name: edgex-support-scheduler
depends_on:
consul:
condition: service_started
required: true
database:
condition: service_started
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
INTERVALACTIONS_SCRUBAGED_HOST: edgex-core-data
INTERVALACTIONS_SCRUBPUSHED_HOST: edgex-core-data
SERVICE_HOST: edgex-support-scheduler
hostname: edgex-support-scheduler
image: edgexfoundry/support-scheduler-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
host_ip: 127.0.0.1
target: 59861
published: "59861"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
ui:
container_name: edgex-ui-go
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
SERVICE_HOST: edgex-ui-go
hostname: edgex-ui-go
image: edgexfoundry/edgex-ui-arm64:3.1.0
networks:
edgex-network: null
ports:
- mode: ingress
target: 4000
published: "4000"
protocol: tcp
read_only: true
restart: always
security_opt:
- no-new-privileges:true
user: 2002:2001
volumes:
- type: bind
source: /etc/localtime
target: /etc/localtime
read_only: true
bind:
create_host_path: true
networks:
edgex-network:
name: edgex_edgex-network
driver: bridge
volumes:
consul-config:
name: edgex_consul-config
consul-data:
name: edgex_consul-data
db-data:
name: edgex_db-data
kuiper-data:
name: edgex_kuiper-data
kuiper-etc:
name: edgex_kuiper-etc
kuiper-log:
name: edgex_kuiper-log
kuiper-plugins:
name: edgex_kuiper-plugins |
Beta Was this translation helpful? Give feedback.
Answered by
griffinsteffy19
Jun 5, 2024
Replies: 1 comment
-
|
I am no expert by any means, but I did get this working right after I reached out for help... At one point I realized that my SaS token had expired, and the last change I remeber making was turning off certificate verification. This is now a good starting point to building. service run cmd ./app-service -p azurefinal config looks like this: Writable:
LogLevel: "DEBUG"
StoreAndForward:
Enabled: false
InsecureSecrets:
mqtt:
SecretName: "mqtt"
SecretData:
username: ""
password: ""
cacert: ""
clientcert: ""
clientkey: ""
ioth:
SecretName: "ioth"
SecretData:
username: "my-iot-hub.azure-devices.net/<device-id>/?api-version=2021-04-12"
password: "<NON Expired SaS Token>"
Pipeline:
ExecutionOrder: "Transform, MQTTExport"
Functions:
FilterByProfileName:
Parameters:
ProfileNames: ""
FilterOut: "false"
FilterByDeviceName:
Parameters:
DeviceNames: ""
FilterOut: "false"
FilterBySourceName:
Parameters:
SourceNames: ""
FilterOut: "false"
FilterByResourceName:
Parameters:
ResourceNames: ""
FilterOut: "false"
Transform:
Parameters:
Type: "json"
Compress:
Parameters:
Algorithm: "gzip"
Batch:
Parameters:
Mode: "bytimecount" # can be "bycount", "bytime" or "bytimecount"
BatchThreshold: "30"
TimeInterval: "60s"
MergeOnSend: "false"
AddTags:
Parameters:
Tags: ""
MQTTExport:
Parameters:
BrokerAddress: "mqtts://my-iot-hub.azure-devices.net:8883"
Topic: "edgex-export"
SecretName: "mqtt"
ClientId: "MQTT-Export"
QOS: "0"
AutoReconnect: "false"
KeepAlive: "" # Empty indicates to use default value
ConnectTimeout: "" # Empty indicates to use default value
Retain: "false"
SkipVerify: "false"
AuthMode: "none"
PersistOnError: "false"
WillEnabled: "false"
WillPayload: ""
WillQos: "0"
WillRetained: "false"
WillTopic: ""
MessageBus:
Protocol: "redis"
Host: "localhost"
Port: 6379
Type: "redis"
AuthMode: "usernamepassword" # required for redis MessageBus (secure or insecure).
SecretName: "mqtt"
BaseTopicPrefix: "edgex" # prepended to all topics as "edgex/<additional topic levels>
Optional:
# Default MQTT Specific options that need to be here to enable environment variable overrides of them
Qos: "0" # Quality of Service values are 0 (At most once), 1 (At least once) or 2 (Exactly once)
KeepAlive: "10" # Seconds (must be 2 or greater)
Retained: "false"
AutoReconnect: "true"
ConnectTimeout: "5" # Seconds
SkipCertVerify: "false"
# Additional Default NATS Specific options that need to be here to enable environment variable overrides of them
Format: "nats"
RetryOnFailedConnect: "true"
QueueGroup: ""
Durable: ""
AutoProvision: "true"
Deliver: "new"
DefaultPubRetryAttempts: "2"
Subject: "edgex/#" # Required for NATS JetStream only for stream auto-provisioning
Service:
Host: "localhost"
Port: 59703
StartupMsg: "app-mqtt-export has Started"
RequestTimeout: "30s"
MqttExportConfig:
BrokerAddress: "mqtts://my-iot-hub.azure-devices.net:8883"
ClientId: "<device-id>"
AutoReconnect: true
Topic: "devices/<device-id>/messages/events/" # iot device name MUST match client ID
SkipCertVerify: true
AuthMode: "usernamepassword" # Change if auth required. See https://docs.edgexfoundry.org/latest/microservices/application/BuiltIn/#mqtt-export for details
SecretName: "ioth"
Trigger:
Type: "edgex-messagebus"
SubscribeTopics: "events/#*"
PublishTopic: "azure" # Base topic is prepended to this topic when using edgex-messagebus |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
griffinsteffy19
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am no expert by any means, but I did get this working right after I reached out for help...
At one point I realized that my SaS token had expired, and the last change I remeber making was turning off certificate verification. This is now a good starting point to building.
service run cmd
final config looks like this:
res/azure/configuration.yaml