[#486] [#432] Update Ditto in cloud2edge chart, document creating Kafka connection in c2e tour

homepage/_packages/cloud2edge/scripts/setCloud2EdgeEnv.sh

@@ -36,9 +36,16 @@ function getPorts {
     PORT=$(kubectl get service $SERVICENAME -n $NS -o jsonpath='{.spec.ports[?(@.name=='"'$NAME'"')].'$TYPE'}' 2> /dev/null)
     if [ $? -eq 0 ] && [ "$PORT" != '' ]; then
       NAME=${NAME/secure-mqtt/mqtts}
+      NAME=${NAME/query-http/http}
       UPPERCASE_PORT_NAME=$(echo $NAME | tr [a-z\-] [A-Z_])
       echo "export ${ENV_VAR_PREFIX}_PORT_${UPPERCASE_PORT_NAME}=\"$PORT\""
-      echo "export ${ENV_VAR_PREFIX}_BASE_URL=\"$NAME://$IP:$PORT\""
+      if [ "$PORT" = '80' ]; then
+        echo "export ${ENV_VAR_PREFIX}_BASE_URL=\"$NAME://$IP\""
+        declare -g ${ENV_VAR_PREFIX}_BASE_URL="$NAME://$IP"
+      else
+        echo "export ${ENV_VAR_PREFIX}_BASE_URL=\"$NAME://$IP:$PORT\""
+        declare -g ${ENV_VAR_PREFIX}_BASE_URL="$NAME://$IP:$PORT"
+      fi
     fi
   done
 
@@ -74,6 +81,11 @@ getService adapter-coap "coap coaps" COAP_ADAPTER
 getService adapter-http "http https" HTTP_ADAPTER
 getService adapter-mqtt "mqtt secure-mqtt" MQTT_ADAPTER
 getService ditto-nginx "http" DITTO_API
+getService jaeger-query "query-http" JAEGER_QUERY
+
+DITTO_DEVOPS_PWD=$(kubectl --namespace ${NS} get secret ${RELEASE}-ditto-gateway-secret -o jsonpath="{.data.devops-password}" | base64 --decode)
+echo "export DITTO_DEVOPS_PWD=\"$DITTO_DEVOPS_PWD\""
+echo "export DITTO_UI_ENV_JSON=\"{\\\"api_uri\\\":\\\"${DITTO_API_BASE_URL}\\\",\\\"defaultUsernamePassword\\\":\\\"ditto:ditto\\\",\\\"defaultDittoPreAuthenticatedUsername\\\":null,\\\"defaultUsernamePasswordDevOps\\\":\\\"devops:${DITTO_DEVOPS_PWD}\\\",\\\"mainAuth\\\":\\\"basic\\\",\\\"devopsAuth\\\":\\\"basic\\\"}\""
 
 echo
 echo "# Run this command to populate environment variables"

homepage/_packages/cloud2edge/tour.md

@@ -35,7 +35,8 @@ Download the [setCloud2EdgeEnv script](../scripts/setCloud2EdgeEnv.sh) and use i
 to set environment variables for the Cloud2Edge package's service endpoints.
 
 {% clipboard %}
-curl https://www.eclipse.org/packages/packages/cloud2edge/scripts/setCloud2EdgeEnv.sh --output setCloud2EdgeEnv.sh
+curl https://www.eclipse.org/packages/packages/cloud2edge/scripts/setCloud2EdgeEnv.sh \
+  --output setCloud2EdgeEnv.sh
 chmod u+x setCloud2EdgeEnv.sh
 
 RELEASE=c2e
@@ -56,6 +57,23 @@ HTTP_ADAPTER_PORT=443
 
 {% endvariants %}
 
+## Accessing the Ditto Explorer User Interface
+
+The browser based [Ditto Explorer UI](https://eclipse.dev/ditto/user-interface.html) shows Ditto things, policies and connections.
+On Kubernetes, the above-mentioned `setCloud2EdgeEnv` script provides environment variables to access and configure it.
+The command
+{% clipboard %}
+echo $DITTO_API_BASE_URL
+{% endclipboard %}
+prints out the URL where to access the Ditto UI and Ditto API documentation.
+
+In the Ditto UI, click on the `Environments` link at the top and then the `Environment JSON` tab. Clicking on "Edit" lets you enter an arbitrary Name (e.g. `default`)
+and below a JSON value, to be taken from the output of the following command.
+{% clipboard %}
+echo $DITTO_UI_ENV_JSON
+{% endclipboard %}
+Clicking on `Create` and switching to the created environment in the top bar `Environment` dropdown completes the configuration.
+
 ## Publishing telemetry data
 
 The Cloud2Edge package comes with a pre-provisioned example device that we will use to publish
@@ -197,7 +215,7 @@ This should return a result of `201 Created`.
     etag: be547a07-4a03-4c43-a274-d02f63f8d467
     location: /v1/tenants/my-tenant
     content-type: application/json; charset=utf-8
-    content-length: 12
+    content-length: 18
 
     {"id":"my-tenant"}
 {% enddetails %}
@@ -215,9 +233,9 @@ This should return a result of `201 Created`.
 {% details Example of a successful result %}
     HTTP/1.1 201 Created
     etag: d48f4e13-b398-4c73-bbc3-5ac97a81b3e8
-    location: /v1/devices/iot/org.acme:my-device-1
+    location: /v1/devices/my-tenant/org.acme:my-device-1
     content-type: application/json; charset=utf-8
-    content-length: 17
+    content-length: 29
 
     {"id":"org.acme:my-device-1"}
 {% enddetails %}
@@ -279,7 +297,191 @@ HONO_TENANT=my-tenant
 DITTO_DEVOPS_PWD=$(kubectl --namespace ${NS} get secret ${RELEASE}-ditto-gateway-secret -o jsonpath="{.data.devops-password}" | base64 --decode)
 {% endclipboard %}
 
-Now, create the connection:
+Now, the connection can be created. By default, a Kafka based connection is to be used. If the cloud2edge chart has been deployed with the
+[AMQP messaging profile](https://github.com/eclipse/packages/blob/master/packages/cloud2edge/profileAmqpMessaging.yaml), a connection of type `amqp-10` needs to be created.
+
+{% variants %}
+
+{% variant Kafka %}
+The deployed Kafka instance uses a self-signed certificate. To let the Ditto connection perform certificate validation, the certificate can be obtained and converted into the format expected by the Ditto API call with the following command:
+
+{% clipboard %}
+KAFKA_CERT=$(kubectl --namespace ${NS} get secret ${RELEASE}-kafka-example-keys -o jsonpath="{.data.tls\.crt}" | base64 --decode | tr -d '\n' | sed 's/E-----/E-----\\n/g' | sed 's/-----END/\\n-----END/g')
+{% endclipboard %}
+
+Then, create the connection:
+
+{% clipboard %}
+curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json' --data '{
+  "targetActorSelection": "/system/sharding/connection",
+  "headers": {
+    "aggregate": false
+  },
+  "piggybackCommand": {
+    "type": "connectivity.commands:createConnection",
+    "connection": {
+      "id": "hono-kafka-connection-for-'"${HONO_TENANT/./_}"'",
+      "name": "[Hono/Kafka] '"${HONO_TENANT}"'",
+      "connectionType": "kafka",
+      "connectionStatus": "open",
+      "uri": "ssl://ditto-c2e:verysecret@'"${RELEASE}"'-kafka:9092",
+      "ca": "'"${KAFKA_CERT}"'",
+      "failoverEnabled": true,
+      "sources": [
+        {
+          "addresses": [
+            "hono.telemetry.'"${HONO_TENANT}"'"
+          ],
+          "consumerCount": 1,
+          "authorizationContext": [
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
+          ],
+          "qos": 0,
+          "enforcement": {
+            "input": "{{ header:device_id }}",
+            "filters": [
+              "{{ entity:id }}"
+            ]
+          },
+          "headerMapping": {},
+          "payloadMapping": [],
+          "replyTarget": {
+            "enabled": true,
+            "address": "hono.command.'"${HONO_TENANT}"'/{{ thing:id }}",
+            "headerMapping": {
+              "device_id": "{{ thing:id }}",
+              "subject": "{{ header:subject | fn:default(topic:action-subject) | fn:default(topic:criterion) }}-response",
+              "correlation-id": "{{ header:correlation-id }}"
+            },
+            "expectedResponseTypes": [
+              "response",
+              "error"
+            ]
+          },
+          "acknowledgementRequests": {
+            "includes": [],
+            "filter": "fn:delete()"
+          },
+          "declaredAcks": []
+        },
+        {
+          "addresses": [
+            "hono.event.'"${HONO_TENANT}"'"
+          ],
+          "consumerCount": 1,
+          "authorizationContext": [
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
+          ],
+          "qos": 1,
+          "enforcement": {
+            "input": "{{ header:device_id }}",
+            "filters": [
+              "{{ entity:id }}"
+            ]
+          },
+          "headerMapping": {},
+          "payloadMapping": [],
+          "replyTarget": {
+            "enabled": true,
+            "address": "hono.command.'"${HONO_TENANT}"'/{{ thing:id }}",
+            "headerMapping": {
+              "device_id": "{{ thing:id }}",
+              "subject": "{{ header:subject | fn:default(topic:action-subject) | fn:default(topic:criterion) }}-response",
+              "correlation-id": "{{ header:correlation-id }}"
+            },
+            "expectedResponseTypes": [
+              "response",
+              "error"
+            ]
+          },
+          "acknowledgementRequests": {
+            "includes": []
+          },
+          "declaredAcks": []
+        },
+        {
+          "addresses": [
+            "hono.command_response.'"${HONO_TENANT}"'"
+          ],
+          "consumerCount": 1,
+          "authorizationContext": [
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
+          ],
+          "qos": 0,
+          "enforcement": {
+            "input": "{{ header:device_id }}",
+            "filters": [
+              "{{ entity:id }}"
+            ]
+          },
+          "headerMapping": {
+            "correlation-id": "{{ header:correlation-id }}",
+            "status": "{{ header:status }}"
+          },
+          "payloadMapping": [],
+          "replyTarget": {
+            "enabled": false,
+            "expectedResponseTypes": [
+              "response",
+              "error"
+            ]
+          },
+          "acknowledgementRequests": {
+            "includes": [],
+            "filter": "fn:delete()"
+          },
+          "declaredAcks": []
+        }
+      ],
+      "targets": [
+        {
+          "address": "hono.command.'"${HONO_TENANT}"'/{{ thing:id }}",
+          "authorizationContext": [
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
+          ],
+          "headerMapping": {
+            "device_id": "{{ thing:id }}",
+            "subject": "{{ header:subject | fn:default(topic:action-subject) }}",
+            "correlation-id": "{{ header:correlation-id }}",
+            "response-required": "{{ header:response-required }}"
+          },
+          "topics": [
+            "_/_/things/live/commands",
+            "_/_/things/live/messages"
+          ]
+        },
+        {
+          "address": "hono.command.'"${HONO_TENANT}"'/{{thing:id}}",
+          "authorizationContext": [
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
+          ],
+          "topics": [
+            "_/_/things/twin/events",
+            "_/_/things/live/events"
+          ],
+          "headerMapping": {
+            "device_id": "{{ thing:id }}",
+            "subject": "{{ header:subject | fn:default(topic:action-subject) }}",
+            "correlation-id": "{{ header:correlation-id }}"
+          }
+        }
+      ],
+      "specificConfig": {
+        "saslMechanism": "plain",
+        "bootstrapServers": "'"${RELEASE}"'-kafka:9092",
+        "groupId": "'"${HONO_TENANT}"'_{{ connection:id }}"
+      },
+      "clientCount": 1,
+      "failoverEnabled": true,
+      "validateCertificates": true
+    }
+  }
+}' ${DITTO_API_BASE_URL:?}/devops/piggyback/connectivity
+{% endclipboard %}
+
+{% endvariant %}
+
+{% variant AMQP Messaging %}
 
 {% clipboard %}
 curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json' --data '{
@@ -290,7 +492,8 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
   "piggybackCommand": {
     "type": "connectivity.commands:createConnection",
     "connection": {
-      "id": "hono-connection-for-'"${HONO_TENANT}"'",
+      "id": "hono-amqp-connection-for-'"${HONO_TENANT/./_}"'",
+      "name": "[Hono/AMQP1.0] '"${HONO_TENANT}"'",
       "connectionType": "amqp-10",
       "connectionStatus": "open",
       "uri": "amqp://consumer%40HONO:verysecret@'"${RELEASE}"'-dispatch-router-ext:15672",
@@ -302,7 +505,7 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
             "event/'"${HONO_TENANT}"'"
           ],
           "authorizationContext": [
-            "pre-authenticated:hono-connection"
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
           ],
           "enforcement": {
             "input": "{%raw%}{{ header:device_id }}{%endraw%}",
@@ -338,7 +541,7 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
             "command_response/'"${HONO_TENANT}"'/replies"
           ],
           "authorizationContext": [
-            "pre-authenticated:hono-connection"
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
           ],
           "headerMapping": {
             "content-type": "{%raw%}{{ header:content-type }}{%endraw%}",
@@ -358,7 +561,7 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
         {
           "address": "command/'"${HONO_TENANT}"'",
           "authorizationContext": [
-            "pre-authenticated:hono-connection"
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
           ],
           "topics": [
             "_/_/things/live/commands",
@@ -375,7 +578,7 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
         {
           "address": "command/'"${HONO_TENANT}"'",
           "authorizationContext": [
-            "pre-authenticated:hono-connection"
+            "pre-authenticated:hono-connection-'"${HONO_TENANT}"'"
           ],
           "topics": [
             "_/_/things/twin/events",
@@ -394,6 +597,10 @@ curl -i -X POST -u devops:${DITTO_DEVOPS_PWD} -H 'Content-Type: application/json
 }' ${DITTO_API_BASE_URL:?}/devops/piggyback/connectivity
 {% endclipboard %}
 
+{% endvariant %}
+
+{% endvariants %}
+
 
 ### Create the digital twin
 
@@ -430,7 +637,7 @@ curl -i -X PUT -u ditto:ditto -H 'Content-Type: application/json' --data '{
     },
     "HONO": {
       "subjects": {
-        "pre-authenticated:hono-connection": {
+        "pre-authenticated:hono-connection-'"${HONO_TENANT}"'": {
           "type": "Connection to Eclipse Hono"
         }
       },
@@ -488,6 +695,20 @@ In order to add more twins, we simply create additional devices via ["Register a
 and add twins for them with the above snippet by simply adjusting the *device id* and *thing id* in the URL of both
 HTTP requests.
 
+#### Publish telemetry data
+
+To send a telemetry message via Hono's HTTP protocol adapter and thereby update the device's twin representation, the
+following command can be used:
+
+{% clipboard %}
+curl -i -k -u my-auth-id-1@my-tenant:my-password -H 'application/json' --data-binary '{
+  "topic": "org.acme/my-device-1/things/twin/commands/modify",
+  "headers": {},
+  "path": "/features/temperature/properties/value",
+  "value": 45
+}' ${HTTP_ADAPTER_BASE_URL:?}/telemetry
+{% endclipboard %}
+
 ## Next Steps
 
 * Check out the [User Guides of Hono's protocol adapters](https://www.eclipse.org/hono/docs/user-guide/) to learn more about

homepage/prereqs.md

@@ -327,7 +327,7 @@ minikube start ... --addons ingress
 You will need an installation of Helm on the machine which is used to deploy the packages. You can find
 installation instructions for Helm in the Helm documentation under [Installing Helm](https://helm.sh/docs/using_helm/#installing-helm).
 
-The required Helm version is 3.4 or later.
+The required Helm version is 3.8 or later.
 
 ### Repository
 

packages/cloud2edge/Chart.yaml

@@ -11,8 +11,8 @@
 # SPDX-License-Identifier: EPL-2.0
 #
 apiVersion: v1
-version: 0.4.2
-appVersion: 0.4.2
+version: 0.5.0
+appVersion: 0.5.0
 name: cloud2edge
 description: |
   Eclipse IoT Cloud2Edge (C2E) is an integrated suite of services developers can use to build IoT applications

packages/cloud2edge/post-install/thing-definition.json → packages/cloud2edge/post-install/demo-device-thing.json

@@ -24,7 +24,7 @@
             },
             "HONO": {
                 "subjects": {
-                    "pre-authenticated:hono-connection": {
+                    "pre-authenticated:hono-connection-{{ .Values.demoDevice.tenant }}": {
                         "type": "Connection to Eclipse Hono"
                     }
                 },