suite-connector
License: Other
The suite connector is the main coordination center which forwards the local and remote messages. Messages processed by the suite connector will typically be related to telemetry data from the devices or command & control from the cloud. Additionally, the connector is responsible for announcing the provisioning thing information to the local MQTT broker subscribers.
Suite-connector's integration test must fail if the Thing Configuration cannot be initialized.
Pick up the fix for eclipse-kanto/kanto#183 .
It has to be incorporated as it's described in:
The error message is panic: close of closed channel with this stack-trace:
goroutine 303142 [running]:
github.com/eclipse/paho%2emqtt%2egolang.(*baseToken).flowComplete(0x1736b80)
github.com/eclipse/[email protected]/token.go:101 +0x44
github.com/eclipse/paho%2emqtt%2egolang.(*messageIds).claimID(0x11c2030, {0x3539bc, 0x1743b40}, 0x5862)
github.com/eclipse/[email protected]/messageids.go:73 +0xbc
github.com/eclipse/paho%2emqtt%2egolang.(*client).resume(0x11c2000, 0x1, 0x1755200)
github.com/eclipse/[email protected]/client.go:943 +0x430
github.com/eclipse/paho%2emqtt%2egolang.(*client).reconnect(0x11c2000)
github.com/eclipse/[email protected]/client.go:353 +0x478
created by github.com/eclipse/paho%2emqtt%2egolang.(*client).internalConnLost.func1
github.com/eclipse/[email protected]/client.go:510 +0x17
TLS ALPN extension setting is needed to connect to cloud MQTT brokers through firewalls on port 443 and proxies which support HTTP/2
Currently, the credentials are static i.e. if they have to be changed, the suite connector has to be reinitialized. A new credentials provider can be introduced for a dynamic change. It'll be used when the connector is going to initiate a connection to the MQTT endpoint.
An example use case, the Azure connector is going to use SAS tokens. They are limited in time validity and have to be regenerated. This will require a credentials update where the new provider can help.
Update source in NOTICE.md to https://github.com/golang/sync/tree/036812b2e83c0ddf193dd5a34e034151da389d09
The last Go version is set in the parent feature. Based on it, these steps have to be executed:
We need to upgrade the integration test to use the latest testing util code and it should use the new UnsubscribeFromWSMessages().
After the release of Kanto M3 wildcard subscription support for commands command//+/req/# and events no longer works.
The current version of github.com/google/go-tpm includes some dependencies that are under GPL v2.0 license: https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/12309#note_1701453
The version of this library must be updated to the latest one.
The topic for events should be:
event/tenantID/deviceID
and for telemetry:
telemetry/tenantID/deviceID
This is needed to simplify back-end logic for routing events and telemetry.
The github/workflow should also include builds for the tests in all packages that incudes local_integration tag. The integration directory could be used as a target directory for the binaries.
e.g go test --tags=local_integration ./cmd/connector -c -o ./integration/cmd-test
These files use the integration build tag:
which is used to run local integration tests inside docker.
I suggest changing this tag to local_integration, so that the integration build tag can be used by the new integration tests which use a backend.
We can also remove the old-style +build tagging, because go 1.17.2 supports the new-style tagging via go:build.
The integration tests are separated from the unit tests by using the golang build tag. As a result the workflow builds and runs only the integration test. It is need to update this workflow to build also integration tests.
At minimum, the test should cover:
The link to the failed job.
2022-10-28T12:11:30.0390301Z tests_1 | === RUN TestLogHandlerAccept
2022-10-28T12:11:30.0391132Z tests_1 | logger.go:41: [subscription] INFO Forwarded new subscription {"clientId":"dummy","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0392165Z tests_1 | logger.go:41: [subscription] INFO The same subscription exists {"clientId":"dummy","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}, no action
2022-10-28T12:11:30.0393131Z tests_1 | logger.go:41: [subscription] INFO Forwarded unsubscribe {"clientId":"dummy","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0394433Z tests_1 | logger.go:41: [subscription] INFO Forwarded new subscription {"clientId":"dummy1","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0395467Z tests_1 | logger.go:41: [subscription] INFO Forward unsubscribe {"clientId":"dummy1","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"} due to 3
2022-10-28T12:11:30.0396439Z tests_1 | logger.go:41: [subscription] INFO Forwarded new subscription {"clientId":"dummy2","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0397415Z tests_1 | logger.go:41: [subscription] INFO Forward unsubscribe {"clientId":"dummy2","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"} due to 2
2022-10-28T12:11:30.0398368Z tests_1 | logger.go:41: [subscription] INFO Forwarded new subscription {"clientId":"dummy3","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0399928Z tests_1 | logger.go:41: [subscription] INFO Subscription with different format or client exist {"clientId":"dummy3","timestamp":"2021-11-03T19:04:23Z","topicId":"c//Testing:Logs/q/#","topicReal":"command//Testing:Logs/req/#"}, replaced and forwarded the new routing.SubscriptionItem{ClientID:"dummy4", Timestamp:time.Date(2021, time.November, 3, 19, 4, 23, 0, time.Local), TopicID:"c//Testing:Logs/q/#", TopicReal:"command//Testing:Logs/req/#"}
2022-10-28T12:11:30.0401200Z tests_1 | --- PASS: TestLogHandlerAccept (0.00s)
2022-10-28T12:11:30.0401552Z tests_1 | === RUN TestLogHandlerReject
2022-10-28T12:11:30.0401977Z tests_1 | --- PASS: TestLogHandlerReject (0.00s)
2022-10-28T12:11:30.0402255Z tests_1 | PASS
2022-10-28T12:11:30.0416836Z tests_1 | panic: Log in goroutine after TestServiceRouter has completed: [testing] INFO Connected clean_session=true client_id=KcF8ShTdRU4xA5pzveD5CB mqtt_url=tcp://mosquitto:1883
2022-10-28T12:11:30.0417349Z tests_1 |
2022-10-28T12:11:30.0417580Z tests_1 |
2022-10-28T12:11:30.0417827Z tests_1 | goroutine 93 [running]:
2022-10-28T12:11:30.0418194Z tests_1 | testing.(*common).logDepth(0xc0001af040, {0xc00011fdc0, 0x6e}, 0x3)
2022-10-28T12:11:30.0418600Z tests_1 | /usr/local/go/src/testing/testing.go:779 +0x4c9
2022-10-28T12:11:30.0418919Z tests_1 | testing.(*common).log(...)
2022-10-28T12:11:30.0419261Z tests_1 | /usr/local/go/src/testing/testing.go:761
2022-10-28T12:11:30.0419636Z tests_1 | testing.(*common).Log(0x40ab07, {0xc0002864e0, 0x78f480, 0x1})
2022-10-28T12:11:30.0420018Z tests_1 | /usr/local/go/src/testing/testing.go:800 +0x45
2022-10-28T12:11:30.0420742Z tests_1 | github.com/eclipse-kanto/suite-connector/testutil.(*testExporter).Export(0xc0001fd200, 0x20, {0xc00019cc00, 0x78f640})
2022-10-28T12:11:30.0421186Z tests_1 | /src/testutil/logger.go:41 +0x1bf
2022-10-28T12:11:30.0421852Z tests_1 | github.com/eclipse-kanto/suite-connector/logger.(*loggerExt).log(0xc0001fd220, 0x40ab07, {0x7ffb1a, 0x78f480}, 0xc0001bbd40)
2022-10-28T12:11:30.0422290Z tests_1 | /src/logger/logger.go:182 +0x4b9
2022-10-28T12:11:30.0422870Z tests_1 | github.com/eclipse-kanto/suite-connector/logger.(*loggerExt).Info(0x7bb1e0, {0x7ffb1a, 0x8015f6}, 0xd)
2022-10-28T12:11:30.0423292Z tests_1 | /src/logger/logger.go:102 +0x51
2022-10-28T12:11:30.0423897Z tests_1 | github.com/eclipse-kanto/suite-connector/connector.(*MQTTConnection).onConnected(0xc0001038c0, {0x0, 0x0})
2022-10-28T12:11:30.0424337Z tests_1 | /src/connector/connection.go:340 +0x1b4
2022-10-28T12:11:30.0424795Z tests_1 | created by github.com/eclipse/paho%2emqtt%2egolang.(*client).startCommsWorkers
2022-10-28T12:11:30.0425275Z tests_1 | /go/pkg/mod/github.com/eclipse/[email protected]/client.go:573 +0x4a5
2022-10-28T12:11:30.0512749Z tests_1 | FAIL github.com/eclipse-kanto/suite-connector/routing 0.024s
2022-10-28T12:11:30.0513396Z tests_1 | FAIL
2022-10-28T12:11:30.3094054Z tests_1 | exit status 1docker_tests_1 exited with code 1
It's possible to run docker container based integration test in this test environment.
This is will result in data loss in slow and unstable networks.
As of now the suite-connector doesn't seem to support establishing a MQTTS connection with the local MQTT broker in the current implementation:
It would be nice, if a support for enabling MQTTS connection can be added. Also adding the corresponding properties in the suite-connector's configuration:
Thank you in advance!
This makes paho logger output difficult to read.
We should change the badge and the logo as to how they are in the other repo's e.g. update-manager:
Hi,
looks like like there have been quite some commits since the last release in Sep 2022. Are you going to do a new release any time soon that contains the latest fixes/enhancements?
testing.T.Setenv should be used instead of os.Setenv.
Security vulnerability is found in golang.org/x/net - CVE-2022-27664 . Bump golang.org/x/net to version 0.7.0 or later.
The last Go version is set in the parent feature. Based on it, these steps have to be executed:
go mod tidyFor legacy reasons Go uses by default both secure and insecure ciphers. Because of various regulations and penetration tests results we need to filter them out. We however do not want to mess with the crypto package definitions and include or exclude specific cyphers.
Therefore we have to take the list of secure ones from the crypto package and pass them to TLS configuration unmodified. Likely there are functions that return both sets - tls.CipherSuites() and tls.InsecureCipherSuites() and we can use the former.
There is a new TPM Direct API that was proposed in 2022 as "TPMDirect", which maps TPM commands to Go structs instead of funcs, allowing greater composability. We need to investigate what would be the benefits and of that and eventually change our implementation to adopt it.
Currently, the suite connector binary artifact is expected to be located in usr/local/bin after a Kanto installation on an edge device.
Given the general goal to have all Kanto building blocks managed by a standard Linux packages manager, it is needed to reconfigure the relevant systemd service to refer the executable binaries from /usr/bin.
Now its generated from authId and tenantId but this is very inconvenient.
In our gateway environment we have an agent application subscribing to Hono command topics via the Suite-Connector. Depending on which application is started first i.e. our agent or the Suite Connector (the local Mosquito broker is always started first) we observe a difference in the the way how the topic are forwarded to the agent application:
When both agent and Suite-Connector are started in parallel, once a Hono command topic is received then it gets forwarded by the Suite connector without including the gateway device Id:
07/29/2022 16:55:19 - command///req/224301d4f26-ade1-4738-bc83-ab9458f19511/install - 1393
Topic: namespace/gwThingId/things/live/messages/install
Path: /features/SoftwareUpdatable/inbox/messages/install
But if we delay the startup of the Suite Connector by for example 2 minutes, then the received topic is forwarded with the gateway device Id included:
07/31/2022 19:42:35 - command//namespace:gwThingId/req/2247c2d2fae-f495-4086-ab6b-c474e1b637f2/install - 1393
Topic: namespace/gwThingId/things/live/messages/install
Path: /features/SoftwareUpdatable/inbox/messages/install
From the Suite-Conenctor logs we see no difference in how the command topic subscriptions from our agent application are forwarded by the Suite-Connector to the Hono instance.
Here the log without delay:
2022/07/29 16:46:53.152829 [agent] INFO Connected clientid=agent mqtt_url=tcp://localhost:1883
2022/07/29 16:46:53.233828 [agent] INFO Adding handler handler_name=logs_bus topic=$SYS/broker/log/#
2022/07/29 16:46:53.245827 [agent] INFO Starting messages router...
2022/07/29 16:46:53.291830 [agent] INFO Sending subscribe packet clientid=agent mqtt_url=tcp://localhost:1883 qos=0 topics=[$SYS/broker/log/#]
2022/07/29 16:46:53.292830 [agent] INFO Starting handler subscriber_name=logs_bus topic=$SYS/broker/log/#
2022/07/29 16:46:53.533828 [agent] INFO Adding handler handler_name=params_bus topic=edge/thing/request
2022/07/29 16:46:53.534828 [agent] INFO Adding handler handler_name=commands_response_bus topic=command//+/res/#,c//+/s/#
2022/07/29 16:46:53.534828 [agent] INFO Adding handler handler_name=events_bus topic=event/#,e/#,telemetry/#,t/#
2022/07/29 16:46:53.534828 [agent] INFO Adding handler handler_name=commands_request_bus topic=command//+/req/#
2022/07/29 16:46:53.604828 [agent] INFO Starting handler subscriber_name=params_bus topic=edge/thing/request
2022/07/29 16:46:53.604828 [agent] INFO Starting handler subscriber_name=events_bus topic=event/#,e/#,telemetry/#,t/#
2022/07/29 16:46:53.604828 [agent] INFO Starting handler subscriber_name=commands_response_bus topic=command//+/res/#,c//+/s/#
2022/07/29 16:46:53.604828 [agent] INFO Starting handler subscriber_name=commands_request_bus topic=command//+/req/#
2022/07/29 16:46:54.211820 [agent] INFO Connected clientid=GMSGkZVvH2ADmsYcQbwSzd mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883
2022/07/29 16:46:54.211820 [agent] INFO Sending subscribe packet clientid=GMSGkZVvH2ADmsYcQbwSzd mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883 qos=0 topics=[command//+/req/#]
2022/07/29 16:46:54.417821 [agent] INFO Subscription done clientid=GMSGkZVvH2ADmsYcQbwSzd mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883 qos=0 topics=[command//+/req/#]
2022/07/29 16:46:54.421819 [agent] INFO Connected clientid=cloud mqtt_url=tcp://localhost:1883
2022/07/29 16:46:54.421819 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[event/# e/# telemetry/# t/#]"
2022/07/29 16:46:54.422819 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[event/# e/# telemetry/# t/#]"
2022/07/29 16:46:54.422819 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=0 topics=[edge/thing/request]
2022/07/29 16:46:54.423822 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=0 topics=[edge/thing/request]
2022/07/29 16:46:54.423822 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[command//+/res/# c//+/s/#]"
2022/07/29 16:46:54.423822 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[command//+/res/# c//+/s/#]"
2022/07/29 16:46:54.423822 [agent] INFO Connection status {"connected":true,"timestamp":1659106014}
2022/07/29 16:46:54.423822 [agent] INFO Config parameters Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
2022/07/29 16:46:54.744820 [agent] INFO Config parameters Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
2022/07/29 16:46:54.771819 [agent] INFO Sending subscribe packet clientid=GMSGkZVvH2ADmsYcQbwSzd mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883 qos=0 topics=[command//namespace:gwThingId/req/#]
2022/07/29 16:46:54.771819 [agent] INFO Forwarded new subscription {"clientId":"ClientAgent","timestamp":"2022-07-29T16:46:54+02:00","topicId":"c//namespace:gwThingId/q/#","topicReal":"command//namespace:gwThingId/req/#"}
2022/07/29 16:46:54.822821 [agent] INFO Config parameters Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
And the log where the Suite-Connector startup is delayed by 2 minutes:
2022/07/31 19:36:41.775656 [agent] INFO Connected clientid=agent mqtt_url=tcp://localhost:1883
2022/07/31 19:36:41.775656 [agent] INFO Adding handler handler_name=logs_bus topic=$SYS/broker/log/#
2022/07/31 19:36:41.777656 [agent] INFO Sending subscribe packet clientid=agent mqtt_url=tcp://localhost:1883 qos=0 topics=[$SYS/broker/log/#]
2022/07/31 19:36:41.777656 [agent] INFO Starting handler subscriber_name=logs_bus topic=$SYS/broker/log/#
2022/07/31 19:36:41.782656 [agent] INFO Starting messages router...
2022/07/31 19:36:41.782656 [agent] INFO Adding handler handler_name=params_bus topic=edge/thing/request
2022/07/31 19:36:41.782656 [agent] INFO Adding handler handler_name=commands_response_bus topic=command//+/res/#,c//+/s/#
2022/07/31 19:36:41.782656 [agent] INFO Adding handler handler_name=events_bus topic=event/#,e/#,telemetry/#,t/#
2022/07/31 19:36:41.782656 [agent] INFO Adding handler handler_name=commands_request_bus topic=command//+/req/#
2022/07/31 19:36:41.782656 [agent] INFO Starting handler subscriber_name=params_bus topic=edge/thing/request
2022/07/31 19:36:41.782656 [agent] INFO Starting handler subscriber_name=commands_request_bus topic=command//+/req/#
2022/07/31 19:36:41.782656 [agent] INFO Starting handler subscriber_name=events_bus topic=event/#,e/#,telemetry/#,t/#
2022/07/31 19:36:41.782656 [agent] INFO Starting handler subscriber_name=commands_response_bus topic=command//+/res/#,c//+/s/#
2022/07/31 19:36:41.899670 [agent] INFO Connected clientid=cloud mqtt_url=tcp://localhost:1883
2022/07/31 19:36:41.899670 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[event/# e/# telemetry/# t/#]"
2022/07/31 19:36:41.899670 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[event/# e/# telemetry/# t/#]"
2022/07/31 19:36:41.899670 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=0 topics=[edge/thing/request]
2022/07/31 19:36:41.900670 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=0 topics=[edge/thing/request]
2022/07/31 19:36:41.900670 [agent] INFO Sending subscribe packet clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[command//+/res/# c//+/s/#]"
2022/07/31 19:36:41.900670 [agent] INFO Subscription done clientid=cloud mqtt_url=tcp://localhost:1883 qos=1 topics="[command//+/res/# c//+/s/#]"
2022/07/31 19:36:41.900670 [agent] INFO Connection status {"connected":true,"timestamp":1659289001}
2022/07/31 19:36:41.900670 [agent] INFO Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
2022/07/31 19:36:41.901676 [agent] INFO Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
2022/07/31 19:36:42.201709 [agent] INFO Sending subscribe packet clientid=mjqQB4drAAGRbuVabPE24N mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883 qos=0 topics=[command//namespace:gwThingId/req/#]
2022/07/31 19:36:42.201709 [agent] INFO Forwarded new subscription {"clientId":"ClientAgent","timestamp":"2022-07-31T19:36:42+02:00","topicId":"c//namespace:gwThingId/q/#","topicReal":"command//namespace:gwThingId/req/#"}
2022/07/31 19:36:42.201709 [agent] INFO Config parameters {"deviceId":"namespace:gwThingId","tenantId":"t123456789_hub","policyId":"namespace:gwThingId"}
Thank you in advance!
The references in go.mod and go.sum should be updated(to commit 56b32f6) in order to use the fix, provided for eclipse-kanto/kanto#183.
It would be great if we have an overview of the coverage visible in the Repo startup page.
Link to the failed job.
2022-10-28T11:34:51.8162211Z tests_1 | === RUN TestConnectionEvents
2022-10-28T11:34:51.8170673Z tests_1 | pubsub_test.go:717:
2022-10-28T11:34:51.8171099Z tests_1 | Error Trace: pubsub_test.go:717
2022-10-28T11:34:51.8171555Z tests_1 | Error: Should be true
2022-10-28T11:34:51.8172213Z tests_1 | Test: TestConnectionEvents
2022-10-28T11:34:51.8177765Z tests_1 | pubsub_test.go:719:
2022-10-28T11:34:51.8180530Z tests_1 | Error Trace: pubsub_test.go:719
2022-10-28T11:34:51.8183306Z tests_1 | Error: Should be false
2022-10-28T11:34:51.8186166Z tests_1 | Test: TestConnectionEvents
2022-10-28T11:34:51.8186939Z tests_1 | --- FAIL: TestConnectionEvents (0.00s)
It has to be updated to version v0.17.0 to fix 2 vulnerabilities.
This is very helpful for diagnosing problems with device provisioning.
Currently, suite-connector cannot start if remote MQTT endpoint CA certificate file is not set. It's not a typical use case but there are some demo setups where plain connection can be used. For example, Kanto, Explore via Eclipse Hono
Steps to reproduce:
The service start will fail. As it's a configuration validity check, there is no log message. The console dump is:
04 10:55:25.166334 Cannot run suite connector: settings validation error: failed to read CA certificate file
It has to be incorporated as it's described in:
This will help discard very old log files.
Obscure test timeout failures happen if there's no broker running.
As we applied a temporary workaround and reported a new issue to Watermill project. It's a reminder, to monitor for the fix and to switch to the last version when it's ready. Details are in:
This will simplify method usage with local signal handler.
The Eclipse Kanto project is currently restructuring its license scheme - from Eclipse Public License 2.0 only to dual licensing under Eclipse Public License 2.0 and Apache License 2.0 (you can read more about it here).
The following changes must be applied to all project repositories:
// Copyright (c) {year} Contributors to the Eclipse Foundation
//
// See the NOTICE file(s) distributed with this work for additional
// information regarding copyright ownership.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
This program and the accompanying materials are made available under the
terms of the Eclipse Public License 2.0 which is available at
https://www.eclipse.org/legal/epl-2.0, or the Apache Software License
2.0 which is available at https://www.apache.org/licenses/LICENSE-2.0.
... Text of the Eclipse Public License 2.0 ...
... Text of the Apache Software License 2.0 ...
This program and the accompanying materials are made available under the terms
of the Eclipse Public License 2.0 which is available at
https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 which
is available at https://www.apache.org/licenses/LICENSE-2.0.
SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
Dear Suite Connector experts, we have gateway devices running the M2 release of Kanto's Suite Connector, which in turn connects to the Bosch IoT Hub using a X.509 certificate based authentication.
From time to time we observe an issue where a valid device certificate is refused by the IoT Hub. This happens during the maintenance windows of the IoT Hub deployments. Here for example is the log from the Kanto Suite-Connector in such a situation:
2023/04/10 21:40:15.155418 [connector] ERROR Connection to mqtt lost client_id=55nKP4YbSRGVF9CfAPXFwk err=EOF mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883
2023/04/10 21:40:15.155418 [connector] INFO Connection was closed client_id=cloud mqtt_url=tcp://localhost:1883
2023/04/10 21:40:15.155418 [connector] INFO Connection status {"connected":false,"timestamp":1681155615,"cause":"CONNECTION_ERROR"}
2023/04/10 21:41:13.369447 [connector] ERROR Reconnect failed client_id=55nKP4YbSRGVF9CfAPXFwk err="server Unavailable" mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883
2023/04/10 21:43:25.357770 [connector] ERROR Reconnect failed client_id=55nKP4YbSRGVF9CfAPXFwk err="bad user name or password" mqtt_url=mqtts://mqtt.bosch-iot-hub.com:8883
2023/04/10 21:43:25.357770 [connector] INFO Connection status {"connected":false,"timestamp":1681155805,"cause":"CONNECTION_NOT_AUTHENTICATED"}
IMHO there is probably a race condition here where the IoT Hub has its MQTT adapter already running and accepting connections, but hasn't yet loaded the CAs for the tenant used by our gateway devices. Thus at that point of time the reconnect attempt made by the Suite-Connector succeeds while authenticating with the valid device certificate is still not possible. Unfortunately after receiving the "CONNECTION_NOT_AUTHENTICATED" error the Suite-Connector itself stops retrying to reconnect, and the only option left for us is to restart it shortly after to get it connected again.
A possible workaround would be to conditionally retry here as well to give IoT Hub the time needed for loading the tenant CAs?
Thank you in advance!
This will help reduce too much information logged by tests execution.
Currently, all configuration properties/flags are camelCase with this one exception: cacert. It should be fixed to: caCert. Identified dependencies:
For all dependencies, we need issues and all of them will be closed at the same time.
There's a problem with messages reordering after client reconnect which is fixed in this version
Add timestamp to each event message as they arrive in suite connector event bus.
The idea is to ignore out of order messages or fix message order when messages are reordered by the cloud back-end.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.