Identifier
"Thermometer_Temperature" and NamespaceIndex
2 as specified in the OPC UA Configuration. The server will publish any time the value of that variable changes.client_certificate
, client_key
, ca_certificate
, and ca_crl
). Specify the file paths such that they point to the credentials made in the previous section.--set opcua.configuration.mountCertificates='true'
, the secret named opcua-broker-credentials
will be mounted into the OPC UA monitoring brokers. It is mounted to the volume credentials
at the mountPath
/etc/opcua-certs/client-pki, as shown in the OPC UA Configuration Helm template. This is the path where the brokers expect to find the certificates.Quickstarts.ReferenceServer.Config.xml
. This application configuration file is where many features can be configured, such as the application description (application name, uri, etc), security configuration, and base address. Only the latter needs to be modified if using no security. On lines 76 and 77, modify the address of the server, by replacing localhost
with the IP address of the machine the server is running on. If left as localhost
the application will automatically replace it with the hostname of the machine which will be unreachable to the broker pod. On the same lines, modify the ports if they are already taken. Akri will preference using the tcp endpoint, since according to the OPC UA Security Specification, secure channels over HTTPS do not provide application authentication.Quickstarts.Reference.Config.xml
to point to those certificates. After using the OPC UA certificate generator application, your first Server's certificate store folder should be named SomeServer0. In line 17, change the StorePath
to be /path/to/SomeServer0/own
. Do the same in lines 24, 30, and 36, replacing %LocalApplicationData%/OPC Foundation/pki/
with /path/to/SomeServer0
. Finally, change the subject name in line 18 to be CN=SomeServer0
.CreateAddressSpace
on line 174 of ReferenceNodeManager.cs
that creates the AddressSpace of the OPC UA Server. To review some terms, OPC UA specification defines AddressSpace as the "collection of information that a Server makes visible to its Clients", a Node as "a fundamental component of an AddressSpace", and a Variable as a "Node that contains a value". Let create a thermometer Node which has a temperature variable. On line 195, insert the following:root
folder as the parent of the Thermometer node, which is the CTT
folder created in line 185. The path to our Thermometer node is Server/CTT/Thermometer, making the NamespaceIndex of the Thermometer Node (and its variables) 2. We care about the NamespaceIndex
because it along with Identifier
, are the two fields to a NodeId
. If you inspect the CreateDynamicVariable
function, you will see that it creates an OPC UA variable, using the path
parameter ("Thermometer_Temperature") as the Identifier
when creating the NodeID for that variable. It then adds the variable to the m_dynamicNodes
list. At the bottom of CreateAddressSpace
the following line initializes a simulation that will periodically change the value of all the variables in m_dynamicNodes
:DoSimulation
function. Replace variable.Value = GetNewValue(variable);
with the followingopcua.discovery.enabled=true
. We also specify that we want to create an OPC UA Configuration with --set opcua.configuration.enabled=true
. In the Configuration, any values that should be set as environment variables in brokers can be set in opcua.configuration.brokerProperties
. In this scenario, we will specify the Identifier
and NamespaceIndex
of the NodeID we want the brokers to monitor. In our case that is our temperature variable we made earlier, which has an Identifier
of Thermometer_Temperature
and NamespaceIndex
of 2
. Finally, since we did not set up a Local Discovery Server -- see Setting up and using a Local Discovery Server in the Extensions section at the bottom of this document to use a LDS -- we must specify the DiscoveryURLs of the OPC UA Servers we want Agent to discover. Those are the tcp addresses that we modified in step 3 of Creating OPC UA Servers. Be sure to set the appropriate IP address and port number for the DiscoveryURLs in the Helm command below. If using security, uncomment --set opcua.configuration.mountCertificates='true'
.Note: See the cluster setup steps for information on how to set the crictl configuration variableAKRI_HELM_CRICTL_CONFIGURATION
kubectl get crd
, and you should see the CRDs listed.kubectl get akric
, and you should see akri-opcua-monitoring
.kubectl get akrii
andkubectl get akrii akri-opcua-monitoring-<ID> -o yaml
DoSimulation
function in the OPC UA Servers.<anomaly-app-port>
with the port number outputted in the previous step.Note we've noticed issues with port forwarding with WSL 2. Please use a different terminal.
http://localhost:50000/
. It takes 3 seconds for the site to load, after which, you should see a log of the temperature values, which updates every few seconds. Note how the values are coming from two different DiscoveryURLs, namely the ones for each of the two OPC UA Servers.microk8s add-node
. In your new VM, run one of the join commands outputted in the previous step.capacity
for OPC UA is 1, so by default only one Node is allowed to utilize a device via a broker.helm upgrade
command to modify our OPC UA Monitoring Configuration such that the capacity is 2. On the control plane node, run the following, once again uncommenting --set opcua.configuration.mountCertificates='true'
if using security. Watch as the broker terminates and then fourmicrok8s kubectl get no
):opc.tcp://localhost:4840/
. This is seen on line 205 of Quickstarts.ReferenceServer.xml
.applicationName
property of a server's ApplicationDescription
as specified by UA Specification 12). For example, to discover all servers registered with the default LDS except for the server named "SomeServer0", do the following.Note: See the cluster setup steps for information on how to set the crictl configuration variableAKRI_HELM_CRICTL_CONFIGURATION
Identifier
and NamespaceIndex
as environment variables may still suit your needs; however, if targeting one NodeID is too limiting or irrelevant, instead of passing a specific NodeID to your broker Pods, you could specify any other environment variables via --set opcua.configuration.brokerProperties.KEY='VALUE'
. Or, your broker may not need additional information passed to it at all. Decide whether to pass environment variables, what servers to discover, and set the broker pod image to be your container image, say ghcr.io/<USERNAME>/opcua-broker
.Note: setopcua.configuration.brokerPod.image.tag
to specify an image tag (defaults tolatest
).
helm inspect values akri-helm-charts/akri
to see what values of the generic OPC UA Configuration can be customized, such as the Configuration and Instance ServiceSpec
s, capacity
, and broker PodSpec
. We saw in the previous section how broker Pod environment variables can be specified via --set opcua.configuration.brokerProperties.KEY='VALUE'
. For more advanced configuration changes that are not aided by the generic OPC UA Configuration Helm chart, such as credentials naming, we suggest downloading the OPC UA Configuration file using Helm and then manually modifying it. See the documentation on customizing an Akri installation for more details.