Explore an industrial IoT scenario with IoT Central

The solution shows how to use Azure IoT Central to ingest industrial IoT data from edge resources and then export the data to Azure Data Explorer for further analysis. The sample deploys and configures resources such as:

• An Azure virtual machine to host the Azure IoT Edge runtime.
• An IoT Central application to ingest OPC-UA data, transform it, and then export it to Azure Data Explorer.
• An Azure Data Explorer environment to store, manipulate, and explore the OPC-UA data.

The following diagram shows the data flow in the scenario and highlights the key capabilities of IoT Central relevant to industrial solutions:

The sample uses a custom tool to deploy and configure all of the resources. The tool shows you what resources it deploys and provides links to further information.

In this tutorial, you learn how to:

• Deploy an end-to-end industrial IoT solution
• Use the IoT Central Solution Builder tool to deploy a solution
• Create a customized deployment

Prerequisites

• Azure subscription that you access using a work or school account. Currently, you can't use a Microsoft account to deploy the solution with the IoT Central Solution Builder tool.
• Local machine to run the IoT Central Solution Builder tool. Prebuilt binaries are available for Windows and macOS.
• If you need to build the IoT Central Solution Builder tool instead of using one of the prebuilt binaries, you need a local Git installation.
• Text editor. If you want to edit the configuration file to customize your solution.

In this tutorial, you use the Azure CLI to create an app registration in Microsoft Entra ID:

• Use the Bash environment in Azure Cloud Shell. For more information, see Quickstart for Bash in Azure Cloud Shell.

  

• If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.

  • If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.

  • When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.

  • Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.

Setup

Complete the following tasks to prepare the tool to deploy your solution:

• Create a Microsoft Entra app registration
• Install the IoT Central Solution Builder tool
• Configure the IoT Central Solution Builder tool

To create an Active Directory app registration in your Azure subscription:

• If you're running the Azure CLI on your local machine, sign in to your Azure tenant:

  az login
  

  Tip

  If you're using the Azure Cloud Shell, you're signed in automatically. If you want to use a different subscription, use the az account command.

• Make a note of the id value from the previous command. This value is your subscription ID. You use this value later in the tutorial.

• Make a note of the tenantId value from the previous command. This value is your tenant ID. You use this value later in the tutorial.

• To create an Active Directory app registration, run the following command:

  az ad app create \
  --display-name "IoT Central Solution Builder" \
  --enable-access-token-issuance false \
  --enable-id-token-issuance false \
  --is-fallback-public-client false \
  --public-client-redirect-uris "msald38cef1a-9200-449d-9ce5-3198067beaa5://auth" \
  --required-resource-accesses "[{\"resourceAccess\":[{\"id\":\"00d678f0-da44-4b12-a6d6-c98bcfd1c5fe\",\"type\":\"Scope\"}],\"resourceAppId\":\"2746ea77-4702-4b45-80ca-3c97e680e8b7\"},{\"resourceAccess\":[{\"id\":\"73792908-5709-46da-9a68-098589599db6\",\"type\":\"Scope\"}],\"resourceAppId\":\"9edfcdd9-0bc5-4bd4-b287-c3afc716aac7\"},{\"resourceAccess\":[{\"id\":\"41094075-9dad-400e-a0bd-54e686782033\",\"type\":\"Scope\"}],\"resourceAppId\":\"797f4846-ba00-4fd7-ba43-dac1f8f63013\"},{\"resourceAccess\":[{\"id\":\"e1fe6dd8-ba31-4d61-89e7-88639da4683d\",\"type\":\"Scope\"}],\"resourceAppId\":\"00000003-0000-0000-c000-000000000000\"}]" \
  --sign-in-audience "AzureADandPersonalMicrosoftAccount"
  

  Note

  The display name must be unique in your subscription.

• Make a note of the appId value from the output of the previous command. This value is your application (client) ID. You use this value later in the tutorial.

To install the IoT Central Solution Builder tool:

• If you're using Windows, download and run the latest setup file from the releases page.
• For other platforms, clone the iotc-solution-builder GitHub repository and follow the instructions in the readme file to build the tool.

To configure the IoT Central Solution Builder tool:

• Run the IoT Central Solution Builder tool.

• Select Action > Edit Azure config:

  

• Enter the application ID, subscription ID, and tenant ID that you made a note of previously. Select OK.

• Select Action > Sign in. Sign in with the same credentials you used to create the Active Directory app registration.

The IoT Central Solution Builder tool is now ready to use to deploy your industrial IoT solution.

Deploy the solution

Use the IoT Central Solution Builder tool to deploy the Azure resources for the solution. The tool deploys and configures the resources to create a running solution.

Download the adxconfig-opcpub.json configuration file. This configuration file deploys the required resources.

To load the configuration file for the solution to deploy:

• In the tool, select Open Configuration.

• Select the adxconfig-opcpub.json file you download.

• The tool displays the deployment steps:

  

  Tip

  Select any step to view relevant documentation.

Each step uses either an ARM template or REST API call to deploy or configure resources. Open the adxconfig-opcpub.json to see the details of each step.

To deploy the solution:

• Select Start Provisioning.

• Optionally, change the suffix and Azure location to use. The suffix is appended to the name of all the resources the tool creates to help you identify them in the Azure portal.

• Select Configure.

• The tool shows its progress as it deploys the solution.

  Tip

  The tool takes about 15 minutes to deploy and configure all the resources.

• Navigate to the Azure portal and sign in with the same credentials you used to sign in to the tool.

• Find the resource group the tool created. The name of the resource group is iotc-rg-{suffix from tool}. In the following screenshot, the suffix used by the tool is iotcsb29472:

  

To customize the deployed solution, you can edit the adxconfig-opcpub.json configuration file and then run the tool.

Walk through the solution

The configuration file run by the tool defines the Azure resources to deploy and any required configuration. The tool runs the steps in the configuration file in sequence. Some steps are dependent on previous steps.

The following sections describe the resources you deployed and what they do. The order here follows the device data as it flows from the IoT Edge device to IoT Central, and then on to Azure Data Explorer:

IoT Edge

The tool deploys the IoT Edge 1.2 runtime to an Azure virtual machine. The installation script that the tool runs edits the IoT Edge config.toml file to add the following values from IoT Central:

• Id scope for the IoT Central app.
• Device Id for the gateway device registered in the IoT Central app.
• Symmetric key for the gateway device registered in the IoT Central app.

The IoT Edge deployment manifest defines four custom modules:

• azuremetricscollector - sends metrics from the IoT Edge device to the IoT Central application.
• opcplc - generates simulated OPC-UA data.
• opcpublisher - forwards OPC-UA data from an OPC-UA server to the miabgateway.
• miabgateway - gateway to send OPC-UA data to your IoT Central app and handle commands sent from your IoT Central app.

You can see the deployment manifest in the tool configuration file. The tool assigns the deployment manifest to the IoT Edge device it registers in your IoT Central application.

To learn more about how to use the REST API to deploy and configure the IoT Edge runtime, see Run Azure IoT Edge on Ubuntu Virtual Machines.

Simulated OPC-UA telemetry

The opcplc module on the IoT Edge device generates simulated OPC-UA data for the solution. This module implements an OPC-UA server with multiple nodes that generate random data and anomalies. The module also lets you configure user defined nodes.

The opcpublisher module on the IoT Edge device forwards OPC-UA data from an OPC-UA server to the miabgateway module.

IoT Central application

The IoT Central application in the solution:

• Provides a cloud-hosted endpoint to receive OPC-UA data from the IoT Edge device.
• Lets you manage and control the connected devices and gateways.
• Transforms the OPC-UA data it receives and exports it to Azure Data Explorer.

The configuration file uses a control plane REST API to create and manage IoT Central applications.

Device templates and devices

The solution uses a single device template called Manufacturing In A Box Gateway in your IoT Central application. The device template models the IoT Edge gateway and includes the Manufacturing In A Box Gateway and Azure Metrics Collector modules.

The Manufacturing In A Box Gateway module includes the following interfaces:

• Manufacturing In A Box Gateway Device Interface. This interface defines read-only properties and events such as Processor architecture, Operating system, Software version, and Module Started that the device reports to IoT Central. The interface also defines a Restart Gateway Module command and a writable Debug Telemetry property.
• Manufacturing In A Box Gateway Module Interface. This interface lets you manage the downstream OPC-UA servers connected to the gateway. The interface includes commands such as the Provision OPC Device command that the tool calls during the configuration process.

There are two devices registered in your IoT Central application:

• opc-anomaly-device. This device isn't assigned to a device template. The device represents the OPC-UA server implemented in the opcplc IoT Edge module. This OPC-UA server generates simulated OPC-UA data. Because the device isn't associated with a device template, IoT Central marks the telemetry as Unmodeled.
• industrial-connect-gw. This device is assigned to the Manufacturing In A Box Gateway device template. Use this device to monitor the health of the gateway and manage the downstream OPC-UA servers. The configuration file run by the tool calls the Provision OPC Device command to provision the downstream OPC-UA server.

The configuration file uses the following data plane REST APIs to add the device templates and devices to the IoT Central application, register the devices, and retrieve the device provisioning authentication keys:

• How to use the IoT Central REST API to manage device templates.
• How to use the IoT Central REST API to control devices.

You can also use the IoT Central UI or CLI to manage the devices and gateways in your solution. For example, to check the opc-anomaly-device is sending data, navigate to the Raw data view for the device in the IoT Central application. If the device is sending telemetry, you see telemetry messages in the Raw data view. If there are no telemetry messages, restart the Azure virtual machine in the Azure portal.

Tip

You can find the Azure virtual machine with IoT Edge runtime in the resource group created by the configuration tool.

Data export configuration

The solution uses the IoT Central data export capability to export OPC-UA data. IoT Central data export continuously sends filtered telemetry received from the OPC-UA server to an Azure Data Explorer environment. The filter ensures that only data from the OPC-UA is exported. The data export uses a transformation to map the raw telemetry into a tabular structure suitable for Azure Data Explorer to ingest. The following snippet shows the transformation query:

{
  applicationId: .applicationId,
  deviceId: .device.id,
  deviceName: .device.name,
  templateName: .device.templateName,
  enqueuedTime: .enqueuedTime,
  telemetry: .telemetry | map({ key: .name, value: .value }) | from_entries,
 }

The configuration file uses the data plane REST API to create the data export configuration in IoT Central. To learn more, see How to use the IoT Central REST API to manage data exports.

Azure Data Explorer

The solution uses Azure Data Explore to store and analyze the OPC-UA telemetry. The solution uses two tables and a function to process the data as it arrives:

• The rawOpcData table receives the data from the IoT Central data export. The solution configures this table for streaming ingestion.
• The opcDeviceData table stores the transformed data.
• The extractOpcTagData function processes the data as it arrives in the rawOpcData table and adds transformed records to the opcDeviceData table.

You can query the transformed data in the opcDeviceData table. For example:

opcDeviceData
| where enqueuedTime > ago(1d)
| where tag=="DipData"
| summarize avgValue = avg(value) by deviceId, bin(sourceTimestamp, 15m)
| render timechart

The configuration file uses a control plane REST API to deploy the Azure Data Explorer cluster and data plane REST APIS to create and configure the database.

Customize the solution

The IoT Central Solution Builder tool uses a JSON configuration file to define the sequence of steps to run. To customize the solution, edit the configuration file. You can't modify an existing solution with the tool, you can only deploy a new solution.

The example configuration file adds all the resources to the same resource group in your solution. To remove a deployed solution, delete the resource group.

Each step in the configuration file defines one of the following actions:

• Use an Azure Resource Manager template to deploy an Azure resource. For example, the sample configuration file uses a Resource Manager template to deploy the Azure virtual machine that hosts the IoT Edge runtime.
• Make a REST API call to deploy or configure a resource. For example, the sample configuration file uses REST APIs to create and configure the IoT Central application.

Tidy up

To avoid unnecessary charges, delete the resource group created by the tool when you've finished exploring the solution.

Next steps

In this tutorial, you learned how to deploy an end-to-end industrial IoT scenario that uses IoT Central. To learn more about industrial IoT solutions with IoT Central, see:

Industrial IoT patterns with Azure IoT Central