Školenie
Certifikácia
Microsoft Certified: Identity and Access Administrator Associate - Certifications
Demonstrate the features of Microsoft Entra ID to modernize identity solutions, implement hybrid solutions, and implement identity governance.
Manage asset configurations remotely
An asset in Azure IoT Operations is a logical entity that you create to represent a real asset. An Azure IoT Operations asset can have properties, tags, and events that describe its behavior and characteristics.
OPC UA servers are software applications that communicate with assets. OPC UA servers expose OPC UA tags that represent data points. OPC UA tags provide real-time or historical data about the status, performance, quality, or condition of assets.
An asset endpoint is a custom resource in your Kubernetes cluster that connects OPC UA servers to connector for OPC UA modules. This connection enables a connector for OPC UA to access an asset's data points. Without an asset endpoint, data can't flow from an OPC UA server to the connector for OPC UA and MQTT broker. After you configure the custom resources in your cluster, a connection is established to the downstream OPC UA server and the server forwards telemetry to the connector for OPC UA.
A site is a collection of Azure IoT Operations instances. Sites typically group instances by physical location and make it easier for OT users to locate and manage assets. Your IT administrator creates sites and assigns Azure IoT Operations instances to them. To learn more, see What is Azure Arc site manager (preview)?.
In the operations experience web UI, an instance represents an Azure IoT Operations cluster. An instance can have one or more asset endpoints.
This article describes how to use the operations experience web UI and the Azure CLI to:
- Define the asset endpoints that connect assets to your Azure IoT Operations instance.
- Add assets, and define their tags and events to enable data flow from OPC UA servers to the MQTT broker.
These assets, tags, and events map inbound data from OPC UA servers to friendly names that you can use in the MQTT broker and data flows.
To configure an assets endpoint, you need a running instance of Azure IoT Operations.
To sign in to the operations experience web UI, you need a Microsoft Entra ID account with at least contributor permissions for the resource group that contains your Kubernetes - Azure Arc instance. You can't sign in with a Microsoft account (MSA). To create a suitable Microsoft Entra ID account in your Azure tenant:
- Sign in to the Azure portal with the same tenant and user name that you used to deploy Azure IoT Operations.
- In the Azure portal, go to the Microsoft Entra ID section, select Users > +New user > Create new user. Create a new user and make a note of the password, you need it to sign in later.
- In the Azure portal, go to the resource group that contains your Kubernetes - Azure Arc instance. On the Access control (IAM) page, select +Add > Add role assignment.
- On the Add role assignment page, select Privileged administrator roles. Then select Contributor and then select Next.
- On the Members page, add your new user to the role.
- Select Review and assign to complete setting up the new user.
You can now use the new user account to sign in to the Azure IoT Operations portal.
To sign in to the operations experience, go to the operations experience in your browser and sign in by using your Microsoft Entra ID credentials.
After you sign in, the operations experience displays a list of sites. Each site is a collection of Azure IoT Operations instances where you can configure and manage your assets. A site typically represents a physical location where you have physical assets deployed. Sites make it easier for you to locate and manage assets. Your IT administrator is responsible for grouping instances in to sites. Any Azure IoT Operations instances that aren't assigned to a site appear in the Unassigned instances node. Select the site that you want to use:
Prepitné
You can use the filter box to search for sites.
If you don't see any sites, you might not be in the right Azure Active Directory tenant. You can change the tenant from the top right menu in the operations experience. If you still don't see any sites that means you aren't added to any yet. Reach out to your IT administrator to request access.
After you select a site, the operations experience displays a list of the Azure IoT Operations instances that are part of the site. Select the instance that you want to use:
Prepitné
You can use the filter box to search for instances.
After you select your instance, the operations experience displays the Overview page for the instance. The Overview page shows the status of the instance and the resources, such as assets, that are associated with it:
An Azure IoT Operations deployment can include an optional built-in OPC PLC simulator. To create an asset endpoint that uses the built-in OPC PLC simulator:
Select Asset endpoints and then Create asset endpoint:
Prepitné
You can use the filter box to search for asset endpoints.
Enter the following endpoint information:
Field Value Name opc-ua-connector-0Connector for OPC UA URL opc.tcp://opcplc-000000:50000User authentication AnonymousTo save the definition, select Create.
This configuration deploys a new assetendpointprofile resource called opc-ua-connector-0 to the cluster. After you define an asset, a connector for OPC UA pod discovers it. The pod uses the asset endpoint that you specify in the asset definition to connect to an OPC UA server.
When the OPC PLC simulator is running, data flows from the simulator, to the connector for OPC UA, and then to the MQTT broker.
The previous example uses the Anonymous authentication mode. This mode doesn't require a username or password.
To use the UsernamePassword authentication mode, complete the following steps:
- Follow the steps in Configure OPC UA user authentication with username and password to add secrets for username and password in Azure Key Vault, and project them into Kubernetes cluster.
- In the operations experience, select Username password for the User authentication field to configure the asset endpoint to use these secrets. Then enter the following values for the Username reference and Password reference fields:
| Field | Value |
|---|---|
| Username reference | aio-opc-ua-broker-user-authentication/username |
| Password reference | aio-opc-ua-broker-user-authentication/password |
To add an asset in the operations experience:
Select the Assets tab. Before you create any assets, you see the following screen:
Prepitné
You can use the filter box to search for assets.
Select Create asset.
On the asset details screen, enter the following asset information:
- Asset endpoint. Select your asset endpoint from the list.
- Asset name
- Description
- The MQTT topic that the asset publishes to. The default is
<namespace>/data/<asset-name>.
Configure the set of properties that you want to associate with the asset. You can accept the default list of properties or add your own. The following properties are available by default:
- Manufacturer
- Manufacturer URI
- Model
- Product code
- Hardware version
- Software version
- Serial number
- Documentation URI
Select Next to go to the Add tags page.
Now you can define the tags associated with the asset. To add OPC UA tags:
Select Add tag or CSV > Add tag.
Enter your tag details:
- Node ID. This value is the node ID from the OPC UA server.
- Tag name (Optional). This value is the friendly name that you want to use for the tag. If you don't specify a tag name, the node ID is used as the tag name.
- Observability mode (Optional) with following choices:
- None
- Gauge
- Counter
- Histogram
- Log
- Sampling Interval (milliseconds). You can override the default value for this tag.
- Queue size. You can override the default value for this tag.
The following table shows some example tag values that you can use with the built-in OPC PLC simulator:
Node ID Tag name Observability mode ns=3;s=FastUInt10 Temperature None ns=3;s=FastUInt100 Humidity None Select Manage default settings to configure default telemetry settings for the asset. These settings apply to all the OPC UA tags that belong to the asset. You can override these settings for each tag that you add. Default telemetry settings include:
- Sampling interval (milliseconds): The sampling interval indicates the fastest rate at which the OPC UA server should sample its underlying source for data changes.
- Publishing interval (milliseconds): The rate at which OPC UA server should publish data.
- Queue size: The depth of the queue to hold the sampling data before publishing it.
You can import up to 1000 OPC UA tags at a time from a CSV file:
Create a CSV file that looks like the following example:
NodeID TagName QueueSize ObservabilityMode Sampling Interval Milliseconds ns=3;s=FastUInt1000 Tag 1000 5 None 1000 ns=3;s=FastUInt1001 Tag 1001 5 None 1000 ns=3;s=FastUInt1002 Tag 1002 10 None 5000 Select Add tag or CSV > Import CSV (.csv) file. Select the CSV file you created and select Open. The tags defined in the CSV file are imported:
If you import a CSV file that contains tags that are duplicates of existing tags, the operations experience displays the following message:
You can either replace the duplicate tags and add new tags from the import file, or you can cancel the import.
To export all the tags from an asset to a CSV file, select Export all and choose a location for the file:
On the Tags page, select Next to go to the Add events page.
Prepitné
You can use the filter box to search for tags.
Now you can define the events associated with the asset. To add OPC UA events:
Select Add event or CSV > Add event.
Enter your event details:
- Event notifier. This value is the event notifier from the OPC UA server.
- Event name (Optional). This value is the friendly name that you want to use for the event. If you don't specify an event name, the event notifier is used as the event name.
- Observability mode (Optional) with following choices:
- None
- Log
- Queue size. You can override the default value for this tag.
Select Manage default settings to configure default event settings for the asset. These settings apply to all the OPC UA events that belong to the asset. You can override these settings for each event that you add. Default event settings include:
- Publishing interval (milliseconds): The rate at which OPC UA server should publish data.
- Queue size: The depth of the queue to hold the sampling data before publishing it.
You can import up to 1000 OPC UA events at a time from a CSV file.
To export all the events from an asset to a CSV file, select Export all and choose a location for the file.
On the Events page, select Next to go to the Review page.
Prepitné
You can use the filter box to search for events.
Review your asset and OPC UA tag and event details and make any adjustments you need:
Find and select the asset you created previously. Use the Asset details, Tags, and Events tabs to make any changes:
On the Tags tab, you can add tags, update existing tags, or remove tags.
To update a tag, select an existing tag and update the tag information. Then select Update:
To remove tags, select one or more tags and then select Remove tags:
You can also add, update, and delete events and properties in the same way.
When you're finished making changes, select Save to save your changes.
To delete an asset, select the asset you want to delete. On the Asset details page, select Delete. Confirm your changes to delete the asset:
Whenever you make a change to asset in the operations experience, you see a notification that reports the status of the operation:
In the operations experience, you can view activity logs for each instance or each resource in an instance.
To view activity logs at the instance level, select the Activity logs tab. You can use the Timespan and Resource type filters to customize the view.
To view activity logs as the resource level, select the resource that you want to inspect. This resource can be an asset, asset endpoint, or data pipeline. In the resource overview, select View activity logs. You can use the Timespan filter to customize the view.
Ďalšie zdroje informácií
Dokumentácia
-
Asset management overview - Azure IoT Operations
Understand concepts and options needed to manage the assets that are part of your Azure IoT Operations solution.
-
Understand assets and asset endpoint profiles - Azure IoT Operations
Understand the Azure Device Registry resources that define assets and asset endpoint profiles.
-
Secure access to assets and asset endpoints - Azure IoT Operations
Use the Azure portal or CLI to secure access to your assets and asset endpoints by using Azure role-based access control.