Docker Container Support#
A Docker image is provided with support for x64 and Arm64 architectures.
Info
This and other images are available only through the DevOps Center section of the Customer Portal and require proper authorization to be accessed. For more information, visit https://portal.criticalmanufacturing.com/ ⧉.
Variables to set#
| Name | Type | Possible Values | Default | Description |
|---|---|---|---|---|
| CONNECT_IOT_MANAGER_NAME | String | Automation Manager Id | ||
| CONNECT_IOT_MONITOR_HOSTNAME | String | localhost | Name of the server where the manager is running. Only necessary when driver and controller are running in different managers | |
| CONNECT_IOT_REPOSITORY_TYPE | String | NpmDirectory | Npm | Type of repository to use to retrieve binary packages |
| CONNECT_IOT_REPOSITORY_LOCATION | String | Location of the repository (url or directory path) | ||
| CONNECT_IOT_STORAGE_RETENTION_TIME | Integer\String | 30d | Time to retain the persisted values | |
| DISCOVERY_SERVICES_URL_SUFFIX | String | Suffix of the load balancer | ||
| DISCOVERY_SERVICES_ENABLED | Boolean | false | Is load balancing running | |
| TENANT_NAME | String | Tenant of the Host | ||
| APPLICATION_PUBLIC_HTTP_ADDRESS | String | Address where the host is listening | ||
| APPLICATION_PUBLIC_HTTP_PORT | Integer | 80 | Port of the host | |
| APPLICATION_PUBLIC_HTTP_TIMEOUT | Integer | 60000 | Timeout to use for system calls | |
| APPLICATION_AUTHENTICATION_TYPE | String | PasswordSecurityPortal | Password | Authentication mode to access host |
| APPLICATION_AUTHENTICATION_DOMAIN | String | When in Password mode, the domain of the user | ||
| APPLICATION_AUTHENTICATION_USERNAME | String | When in Password mode, the username | ||
| APPLICATION_AUTHENTICATION_PASSWORD | String | When in Password mode, the password | ||
| APPLICATION_ACCESS_TOKEN | String | When in SecurityPortal mode, the access token | ||
| APPLICATION_PUBLIC_HTTP_TLS_ENABLED | Boolean | false | Is the host running in SSL mode | |
| SECURITY_PORTAL_CLIENT_ID | String | When in SecurityPortal mode, the id of the client | ||
| SECURITY_PORTAL_PUBLIC_URL | String | When in SecurityPortal mode ,the public url |
Special Paths#
The following paths are hard-coded in the container, but can be overridden by the creation of the image if you wish to better control the behavior.
| Path | Description |
|---|---|
| /usr/iot/ | Connect IoT Root directory. |
| /usr/iot/manager/config.json | Configuration file generated using the environment variables defined. |
| /usr/iot/cache | Location of the cache (downloaded and validated runtime packages). |
| /usr/iot/persistency | Location of the persisted data. |
| /usr/iot/logs | Location of the written logs. |
Table: Connect IoT Special Paths for Docker
Note
The entire content will be lost if kept inside the container when the container is removed.
Configuration File Included#
This is the raw configuration file. Will be automatically pre-processed to include the values of the placeholders, using the corresponding values defined as environment variables.
{
"id": "${CONNECT_IOT_MANAGER_NAME}",
"cache": "/usr/iot/cache",
"hostName": "${CONNECT_IOT_MONITOR_HOSTNAME}",
"monitorApplication": "${pwd}/monitor.js",
"repository": {
"type": "${CONNECT_IOT_REPOSITORY_TYPE}",
"settings": {
"url": "${CONNECT_IOT_REPOSITORY_LOCATION}",
"path": "${CONNECT_IOT_REPOSITORY_LOCATION}"
}
},
"system": {
"tenantName": "${TENANT_NAME}",
"address": "${APPLICATION_PUBLIC_HTTP_ADDRESS}",
"port": "${APPLICATION_PUBLIC_HTTP_PORT}",
"timeout": "${APPLICATION_PUBLIC_HTTP_TIMEOUT}",
"useSsl": "${APPLICATION_PUBLIC_HTTP_TLS_ENABLED}",
"urlSuffix": "${DISCOVERY_SERVICES_URL_SUFFIX}",
"authentication": {
"type": "${APPLICATION_AUTHENTICATION_TYPE}",
"settings": {
"domain": "${APPLICATION_AUTHENTICATION_DOMAIN}",
"username": "${APPLICATION_AUTHENTICATION_USERNAME}",
"password": "${APPLICATION_AUTHENTICATION_PASSWORD}",
"clientId": "${SECURITY_PORTAL_CLIENT_ID}",
"accessToken": "${APPLICATION_ACCESS_TOKEN}",
"openIdConfiguration": "${SECURITY_PORTAL_PUBLIC_URL}/.well-known/openid-configuration"
}
}
},
"storage": {
"type": "Directory",
"settings": {
"path": "/usr/iot/persistency",
"retentionTime": "${STORAGE_RETENTION_TIME}"
}
},
"logging": [
{
"type": "Console",
"options": {
"level": "debug",
"prettyPrint": true,
"colorizeMessage": true
},
"applications": [ "*" ]
},
{
"id": "ControllersAndDrivers",
"type": "File",
"options": {
"filename": "${applicationName}_${date}.log",
"dirname": "/usr/iot/logs/Instances/${entityNameNormalized}/${componentId}",
"level": "debug",
"timestampFormat": "HH:mm:ss.SSSSS",
"maxSize": "10m",
"maxFiles": "30d"
},
"applications": [ "AutomationController", "Driver*" ]
},
{
"id": "ManagerAndMonitor",
"type": "File",
"options": {
"filename": "${applicationName}_${date}.log",
"dirname": "/usr/iot/logs/${applicationName}",
"level": "debug",
"timestampFormat": "HH:mm:ss.SSSSS",
"maxSize": "10m",
"maxFiles": "30d"
},
"applications": [ "AutomationMonitor", "AutomationManager" ]
},
{
"id": "Jobs",
"type": "File",
"options": {
"filename": "Job_${jobId}_${date}.log",
"dirname": "/usr/iot/logs/jobs",
"auditFile": "/usr/iot/logs/jobs/.audit.json",
"level": "debug",
"timestampFormat": "HH:mm:ss.SSSSS",
"maxSize": "10m",
"maxFiles": "30d"
},
"applications": [
"AutomationJob"
]
}
]
}
Examples#
The following examples explain what to to under some special scenarios. The command lines provided are to be used as an example only. They must be adapted to match you operating system, directory locations, versions, etc.
Use a shared directory as directory repository#
Assuming the directory to be in \\10.24.14.17\public\jpsantos\Repository and it is protected by user/password.
docker volume create --driver local --opt type=cifs --opt device=//10.24.14.17/public/jpsantos/Repository --opt o=user=cmfsu,domain=cmf.criticalmanufacturing.com,password="ThIsMyPaSsWoRd" repositoryVolume
docker run -it --env-file C:\docker\envVariables.txt --name iot --volume repositoryVolume:/usr/iot/repository criticalmanufacturing.io/criticalmanufacturing/connectiot:8.0.0
The main entries of the envVariables.txt file:
Attach a USB Barcode Reader for KeyboardWedge driver#
Assuming the USB reader is connected and detected by the system (used a Raspberry Pi Linux Arm for the example, so Raspbian OS), mounted as /dev/hidraw0.
First step, to avoid using docker image in privileged mode, is to allow access to the device by any user.
- List USB devices
pi@raspberrypi:~/iot $ lsusb
Bus 002 Device 002: ID 090c:1000 Silicon Motion, Inc. - Taiwan (formerly Feiya Technology Corp.) Flash Drive
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 007: ID ffff:0035
Bus 001 Device 002: ID 2109:3431 VIA Labs, Inc. Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
-
Having identified the device (
Bus 001 Device 007: ID ffff:0035), create a rules file to allow the usage by anyone that has access to the system. -
Reboot the system to apply the rules
The final step is to start the container and forward the access to the device
docker run -it --device /dev/hidraw0:/dev/hidraw0 --env-file /home/pi/iot/env.txt --name iot criticalmanufacturing.io/criticalmanufacturing/connectiot:8.0.0
Note: In the workflow, Equipment Setup task, you must set the location of the device to the mapped location of the device as defined in the image. In this example, the device was kept as /dev/hidraw0
Attach a serial device#
Some automations require access to serial devices. As with the previous example, it is necessary to allow access from the container to the physical device, but in the case of the serial, it is not necessary to provide special access rules.
docker run -it --device /dev/serial0:/dev/serial0 --env-file /home/pi/iot/env.txt --name iot criticalmanufacturing.io/criticalmanufacturing/connectiot:8.0.0
Use a mounted location to access with a file driver#
Assuming the location /home/pi/iot/device is pointing out to and external location where a device places files to be processed by Connect IoT.
docker run -it --volume /home/pi/iot/device:/usr/iot/toolDirectory --env-file /home/pi/iot/env.txt --name iot criticalmanufacturing.io/criticalmanufacturing/connectiot:8.0.0
Note: In the workflow, Equipment Setup task, you must set the location of the mapped location of the device as defined in the image. In this example, the device was set as /usr/iot/toolDirectory
Use Raspberry Pi included Bluetooth device#
Note: This is not yet working 100%, but it already allows to scan the existing devices. Connecting to them sometimes causes an error and needs to retry several times. Until a solution is found, it is not recommended to use the BLE driver inside a container.
docker run -it --cap-add=SYS_ADMIN --cap-add=NET_ADMIN --net=host --env-file /home/pi/iot/env.txt --name iot --device /dev/ttyAMA0 criticalmanufacturing.io/criticalmanufacturing/connectiot:8.0.0
Install Docker in Raspberry pi#
The following instructions were tested, based on the tutorial from https://phoenixnap.com/kb/docker-on-raspberry-pi ⧉.