Azure IoT Hub - Implement key rollover using the C SDK - azure-iot-hub

Are about to implement support for key rollover, swapping primary/secondary key up on connection failure related to bad credentials.
The plan is to use the ConnectionStatusCallback and check the "IOTHUB_CLIENT_CONNECTION_STATUS_REASON_VALUES" for "IOTHUB_CLIENT_CONNECTION_BAD_CREDENTIAL" and then trigger a swap.
But to swap the key, do i need to tear-down the IoTHubClient or can the key be swapped on the fly?
We are using the latest C SDK tagged "2018-07-11" and the LL APIs.

Main reson is to move devices between IoT Hubs remote.
I assume you are talking about remote move devices from one hub to another hub without edit code on devices.
The simplest case is that the destination iot hub has the same name with source iot hub. Otherwise, you need send the destination hub name to the devices. Of course, two hubs has the same name can't exist in the same subscription.
I describe what I think about working steps:
I assume there are two hubs, one is hub1 that is source hub and another is hub2 that is the destination hub. Take device1 for example, it has the primary key: key1 and secondary key: key2.

Related

How to send a measurement from Cumulocity IoT to a registered device using MQTT

I am able to register a device on Cumulocity IoT and send measurements from the device to Cumuloicty via MQTT. Now I want to send measurement from Cumulocity to that registered device using MQTT. How can I achieve this ?
I tried going through all the documents available on cumulocity but its not mentioned clearly in those docs how we can achieve this flow. I tried the control tab in device which lets us send some single and bulk operations but did not get to a solution.
All communication from Cumulocity IoT to devices is technically covered through operations. Even if maybe in your case the content of the operation is a measurement value, set point or something like this.
The structure of the operation doesn't matter for Cumulocity IoT. Your device in the end needs to understand it.
If you have for example a case where device A sends a measurement (to Cumulocity IoT) and you want device B to receive this measurement you will need to create an operation for device B out of the measurement of device A.
This can be quite easily achieved utilizing the built-in streaming analytics in Cumulocity IoT (see https://cumulocity.com/guides/apama/overview-analytics/). Fastest approach would be the Analytics Builder.

Using Azure IoT - telemetry from a Windows desktop application

I work for a company that manufactures large scientific instruments, with a single instrument having 100+ components: pumps, temperature sensors, valves, switches and so on. I write the WPF desktop software that customers use to control their instrument, which is connected to the PC via a serial or TCP connection. The concept is the same though - to change a pump's speed for example, I would send a "command" to the instrument, where an FPGA and custom firmware would take care of handling that command. The desktop software also needs to display dozens of "readback" values (temperatures, pressures, valve states, etc.), and are again retrieved by issuing a "command" to request a particular readback value from the instrument.
We're considering implementing some kind of telemetry service, whereby the desktop application will record maybe a couple of dozen readback values, each having its own interval - weekly, daily, hourly, per minute or per second.
Now, I could write my own telemetry solution, whereby I record the data locally to disk then upload to a server (say) once a week, but I've been wondering if I could utilise Azure IoT for collecting the data instead. After wading through the documentation and concepts I'm still none the wiser! I get the feeling it is designed for "physical" IoT devices that are directly connected to the internet, rather than data being sent from a desktop application?
Assuming this is feasible, I'd be grateful for any pointers to the relevant areas of Azure IoT. Also, how would I map a single instrument and all its components (valves, pumps, etc) to an Azure IoT "device"? I'm assuming each component would be a device, in which case is it possible to group multiple devices together to represent one customer instrument?
Finally, how is the collected data reported on? Is there something built-in to Azure, or is it essentially a glorified database that would require bespoke software to analyse the recorded data?
Azure IoT would give you:
Device SDKs for connecting (MQTT or AMQP), sending telemetry, receiving commands, receiving messages, reporting properties, and receiving property update requests.
An HA/DR service (IoT Hub) for managing devices and their authentication, configuring telemetry routes (where to route the incoming messages).
Service SDKs for managing devices, sending commands, requesting property updates, and sending messages.
If it matches your solution, you could also make use of the Device Provisioning Service, where devices connect and are assigned an IoT hub. This would make sense, for instance, if you have devices around the world and wish to have them connect to the closest IoT hub you have deployed.
Those are the building blocks. You'd integrate the device SDK into your WPF app. It doesn't have to be a physical device, but the fact it has access to sensor data makes it behave like one and that seems like a good fit. Then you'd build a service app using the Service SDKs to manage the fleet of WPF apps (that represent an instrument with components, right?). For monitoring telemetry, it would depend on how you choose to route it. By default, it goes to an EventHub instance created for you. You'd use the EventHub SDK to subscribe to those messages. Alternatively, or in addition to, those telemetry messages could be routed to Azure Storage where you could perform historical analysis. There are other routing options.
Does that help?

What's the etag in IoT Hub device twins for?

I'm developing a web application in .NET Core 3 and I'm using the Microsoft.Azure.Devices.RegistryManager to access an Azure Iot hub.
When I call registryManager.UpdateTwinAsync(), I have to send in the "etag". And sometimes the etag changes and I get errors stating that there is an etag mismatch.
I basically don't understand what the etag's purpose is and how I can update device twins in a safe manner. Anyone?
I tried catching those exceptions and fetching the etag from the device twin and retrying up to 15 times in a row with 2 seconds wait in between and that helps, but this error pops up every now and then. I would think that applying the device id would be enough to update a device twin but apparently not
Please help!
So in a simple terms we can say that ETag - Entity tag will keep changing when ever we see there is a change in device status or any other updates.
A string representing a weak ETag for the device identity, as per RFC7232 Section 2.3 Etag.
An entity-tag is an opaque validator for
differentiating between multiple representations of the same
resource, regardless of whether those multiple representations are
due to resource state changes over time
For example: Enable and Disable an IoT Device and check the 'Get device Info' from Visual Studio Code (Azure IoT Hub Extension)
Step 1) I have an initial IoT device with status Enabled and I can see an Etag value.
Step 2) When I disabled the device on IoT Hub portal, and then did second query 'Get Device Info' call, I see a different value on ETag.
Step 3) Now when I queried for the second time (like after 5 mins interval), I see the Etag value remains same for the same disabled state of device.
**For more info please visit Device identity properties, Module identity properties
**Please let us know if you need more help on this!
My understanding is that the ETag is used to ensure consistency on the device twin when you're updating it. It's read-only so you would get it from your device twin and pass it back to UpdateTwinAsync() with your changes. Link
I'm not sure what you mean when you say the ETag is changing - can you provide some code of what you are doing (or clarify when the ETag is changing)?
I created a video on YouTube that demos how to read/write Azure Device Twins, so feel free to check it out, hopefully it helps you! Link
For some additional information about how device twins use optimistic concurrency to ensure consistency when there are potentially multiple updates from different users, see Understand and use device twins in IoT Hub > Optimistic concurrency on Microsoft Docs.

iot edge best practise

We have around 9000 devices in field.
This devices are at groups of 1-100 at customers on prem.
The devices are not capable of azure-iot-sdk integration.
The devices have a webservice API.
The devices should appear as first-class devices in azure.
We like the iot edge module provisiong feature.
We want to evaluate if modules could gather data from the devices and send them to IoTHub for further processing.
We found this feature overview of IoTEdge: https://learn.microsoft.com/de-de/azure/iot-edge/iot-edge-as-gateway
Pattern Transparent and Protocol translation are out of scope due to above facts. Pattern Identity translation seems to fit.
We want a 1 to 1 relationship between module and real device.
Therefor we assume the following POC with the hope of clarification and best practise:
we implement a iot edge module (azure-iot-sdk-java)
we open module connection to iotedge and suscribe to desired properties
the module identity gets as desired property the ip of the real device and the azure device identitiy connection string.
we open device connection to iotedge by adding GatewayHostName to the device connection string as described here https://learn.microsoft.com/de-de/azure/iot-edge/iot-edge-as-gateway
we request data from the real device and send them via azure device identity.
This somewho mixes up two patterns and seems kind of odd to us.
Can you point out best practises and risks with this approach?
Yes, I agree with that Pattern Identity translation could fit your scenario.
There are three patterns for using an IoT Edge device as a gateway: transparent, protocol translation, and identity translation, you can refer to this link to get more introduction about these three pattern.

Cumulocity tracker-agent stuck at "Start bootstraping"

I have trouble with one of my devices (Tracker dongle) communicating with Cumulocity. I used the Device Registration interface to register its IMEI. Then I accepted it in the same interface when it first connected. But now the tracker-agent I deployed is continually logging:
c.t.d.DeviceBootstrapProcessor : Start bootstrapping:
(DEVICE_IMEI)
And I got nothing arriving on Cumulocity. So I'm guessing it's stuck trying to retreive the device credentials? (Cf. DeviceBootstrapProcessor.tryAccessDeviceCredentials). I have another device of the same type which worcks just fine in the same configuration and I can't tell what's the difference between the two. Is there a step I'm missing to correctly register a device?
The tracker-agent has an additional registration for itself. It is once per tenant and automatically triggers after registering the first tracker device.
What you need to do is register the agent (via device registration) with the following ID:
tracker-agent-{tenant}
(replace {tenant} with the tenant you want do register the agent). This needs do be done once per tenant to allow the tracker agent to create devices and data.