Setting Up Azure IoT Edge on Windows EFLOW: OPC Publisher 2.9.6 & KepwareEX

Introduction

This article presents a comprehensive walkthrough for establishing Azure IoT Edge on the Windows platform, enabling it to run Linux-based containers. Additionally, it delves into the setup of a standalone OPC UA Publisher module, designed to subscribe to tags on a demonstration Kepware OPC UA server. This guide covers the latest version 2.9.6, of the OPC Publisher module.

To streamline your experience and eliminate on-premises requirements, we’ll leverage virtual machines on the Azure platform. While our demonstration simplifies the process, in actual factory settings, this VM-based setup could also be implemented at the factory level in real-world scenarios.

Note - In the below diagram, you can see two separate virtual machines: one for the Kepware OPC UA Server and another for the edge VM (EFLOW) running the OPC Publisher. However, in practice, we streamline our setup by using just one Azure VM. This single VM hosts both Kepware and the IoT Edge gateway (EFLOW) with the OPC Publisher. This consolidation makes things more efficient and easier to manage, simplifying our system architecture.

Pre-requisites

• Azure Subscription
• Azure CLI
• Industrial connectivity software supports OPC UA.

Industrial connectivity software

In this example, we’re using KepwareEX for our industrial connectivity needs. But keep in mind that there are plenty of other options out there that support OPC UA as well.

Create virtual machine

• az login
• az group create: name rg_iiotsample — location west Europe
• az vm create: Location west Europe — resource-group rg_iiotsample — name edgevm — image MicrosoftWindowsServer:WindowsServer:2019-Datacenter-gen second:latest — size Standard_D2s_v3 — public-ip-sku Standard — admin-username avikas: security-type Standard

Install KepwareEX

• Download the KepServerEx Demo and install it using default settings.
• Make sure to remember the password, as we will need this later.

Configure KepServerEx

• After installation, right-click on KepServerEx on the System Tray.
• Click OPC UA Configuration Manager in KepWare Administration.
• Enter Credentials: The username is ‘Administrator’. Password is what was entered during installation.
• On the Server Endpoints tab, click Add and add a new endpoint opc.tcp://<PrivateIP>:49320 and make sure it's enabled as illustrated below
  
• Close the OPC UA Configuration Manager.
• Right-click again on KepServerEx on the System Tray and click Configuration.
• On the File Menu bar, Click ‘Open’.
• Select LineSimulationDemo.json (You will need this file installed locally on the Windows Machine).
• On the left panel, Navigate to Project -> Connectivity -> Simulator. You will see 4 lines, each with 3 tags as illustrated below.
  

Configure firewall

• New-NetFirewallRule: DisplayName "Allow EdgeVM to connect to KepServer" -Direction Inbound -LocalPort 49320 -Protocol TCP -Action Allow

IoT Edge gateway

In this example, we’re utilizing Azure IoT Edge for Linux on Windows (EFLOW). This platform allows the execution of containerized Linux workloads alongside Windows applications. This approach is beneficial for manufacturing environments accustomed to managing Windows infrastructure. It empowers customers to seamlessly run production Linux-based cloud-native workloads on Windows. You can find more information about Azure IoT Edge for Linux on Windows here.

Create Edge device

We’ll set up just one IoT Hub and a single edge device using Symmetric Key attestation.

• az IOT hub create: Location west Europe — resource-group rg_iiotsample — name iiotmfghub — sku S1
• az IOT hub device: Identity create -n iiotmfghub -d edgevmdevice — ee
• az IOT hub device: Identity connection-string show -n iiotmfghub -d edgevmdevice
• copy the edge connection string as we will need this later

Deploy EFLOW onto the Windows-based VM

To Deploy EFLOW, First enable Hyper-V if it's not enabled. You can follow below the steps.

Once Hyper-V is enabled then to deploy EFLOW, it’s essential to check the requirements outlined here: EFLOW Deployment Requirements and follow the steps to deploy EFLOW. Remember, for Azure VMs, you’ll require nested virtualization support.

Enable the Hyper-V role through Settings

• Right-click on the Windows button and select ‘Apps and Features’.
• Select Programs and Features on the right under related settings.
• Select Turn Windows Features on or off.
• Select Hyper-V and click OK.
  

When the installation has completed you are prompted to restart your computer.

• Run Create_VirtualSwitch.ps1 — This file configures Virtual Switch and DHCP. It’s a prerequisite for running EFLOW on Windows Server 2019.

Configure OPCPublisher module

OPC Publisher is an open-source module from Microsoft that runs on Azure IoT Edge and bridges the gap between industrial assets and the Microsoft Azure cloud. It connects to OPC UA server systems and publishes telemetry data to Azure IoT Hub in various formats, including IEC62541 OPC UA PubSub standard format.

• Update the EndpointUrl, OpcAuthenticationUsername, and OpcAuthenticationPassword in the opcconfig.json file.
• Run Copy_OPCConfig.ps1, This script copies the opc config JSON file (opcconfig.json) from the host Windows Sserver 2019 to the nested EFLOW vm. Run this on the Edge Virtual Machine.
• You can download the moduleContent.json file here and update the OPC Publisher version from 2.8.0 to 2.9.6. This will be used in the below command.

Deploy OPCPublisher module in Edge device

• az iot edge set-modules — device-id edgevmdevice — hub-name iiotmfghub — content ./moduleContent.json

Validate deployment in Edge virtual machine, using PowerShell

• Connect-EflowVm
• sudo IoT edge list
  
• sudo IoT edge logs OPCPublisher
• The OPCPublisher logs should show a certificate error, which we will fix in the next step.
  
• Click Reinitialize in Kepware Administration

Validate OPC publisher in Edge Virtual machine, using PowerShell

• Connect-EflowVm
• sudo IoT edge restart OPCPublisher
• sudo IoT edge logs OPCPublisher
  

Disclaimer

Some content in this post draws inspiration and adaptation from the resources available at the Microsoft GitHub repository Azure-Samples/industrial-iot-patterns. Gratitude to the contributors for their valuable insights and resources.