Running Eclipse HONO and Ditto on Google Cloud (1)
Eclipse HONO is an open sourced IoT backend that connects large numbers of IoT devices to a back end. Eclipse Ditto is an open sourced Digital Twins service. Connecting Eclipse HONO and Ditto together helps to facility end-to-end Device to/from Cloud communication for the IoT application.
This blog post series is to record my learnings when configuring and running Eclipse HONO and Ditto on Google Cloud. The end goal is to
- Have a device simulator sending telemetry to Eclipse HONO, and ingest them into Google Cloud services with simple configurations.
- Allows devices to receive commands from the Cloud and respond to them.
- Look into how to securely integrate Eclipse Ditto with Google Cloud.
This blog assumes that you have a billing enabled Google Cloud Project and is familiar with Cloud Shell. Below commands are executed in Cloud Shell.
Create a VPC network
First create an auto-mode VPC network to run our Eclipse cluster. I also created default firewall rules to allow SSH/ICMP traffic from external for testing.
export PROJECT_ID=<YOUR PROJECT ID>
export VPC_NAME=eclipse-vpc
gcloud compute networks create $VPC_NAME — project=$PROJECT_ID — subnet-mode=auto — mtu=1460 — bgp-routing-mode=regionalgcloud compute firewall-rules create ${VPC_NAME}-allow-custom \
--project=${PROJECT_ID} \
--network=projects/${PROJECT_ID}/global/networks/${VPC_NAME} \
--direction=INGRESS — priority=65534 \
--source-ranges=10.128.0.0/9 — action=ALLOW — rules=allgcloud compute firewall-rules create ${VPC_NAME}-allow-icmp \
--project=${PROJECT_ID} \
--network=projects/${PROJECT_ID}/global/networks/${VPC_NAME} \
--direction=INGRESS — priority=65534 \
--source-ranges=0.0.0.0/0 — action=ALLOW — rules=icmpgcloud compute firewall-rules create ${VPC_NAME}-allow-ssh \
--project=${PROJECT_ID} \
--network=projects/${PROJECT_ID}/global/networks/${VPC_NAME} \
--direction=INGRESS — priority=65534 \
--source-ranges=0.0.0.0/0 — action=ALLOW — rules=tcp:22
I will create a private GKE cluster, in order to allow the cluster to talk to the internet so it can pull images from external container registry such as DockerHub, I need to create a Cloud NAT and Cloud Router in the VPC.
export ROUTER_NAME=eclipse-router
export NAT_NAME=eclipse-nat
export VPC_NAME=eclipse-vpcgcloud compute routers create ${ROUTER_NAME} \
--project=${PROJECT_ID} — region=asia-east1 \
--network=${VPC_NAME}gcloud compute routers nats create ${NAT_NAME} \
--router=${ROUTER_NAME} \
--auto-allocate-nat-external-ips \
--nat-all-subnet-ip-ranges \
--enable-logging — region asia-east1 — project ${PROJECT_ID}
Create a GKE cluster
Here I enabled cluster auto-scaling and node auto-provisioning to allows the GKE cluster scales out when required.
gcloud beta container — project ${PROJECT_ID} clusters create “eclipse-cluster” \
--zone “asia-east1-a” \
--machine-type “e2-standard-4” \
--image-type “COS_CONTAINERD” \
--disk-type “pd-standard” — disk-size “500” \
--scopes "https://www.googleapis.com/auth/cloud-platform" \
--logging=SYSTEM,WORKLOAD — monitoring=SYSTEM \
--enable-private-nodes \
--master-ipv4-cidr “172.16.200.0/28” \
--enable-master-global-access \
--enable-ip-alias --network “projects/${PROJECT_ID}/global/networks/${VPC_NAME}” \
--subnetwork “projects/${PROJECT_ID}/regions/asia-east1/subnetworks/${VPC_NAME}” \
--no-enable-master-authorized-networks \
--addons HorizontalPodAutoscaling,HttpLoadBalancing,GcePersistentDiskCsiDriver \
--enable-autoprovisioning \
--min-cpu 1 — max-cpu 64 \
--min-memory 1 — max-memory 512 \
--autoprovisioning-scopes=https://www.googleapis.com/auth/cloud-platform \
--enable-autoprovisioning-autorepair \
--enable-autoprovisioning-autoupgrade — autoprovisioning-max-surge-upgrade 1 — autoprovisioning-max-unavailable-upgrade 0 \
--enable-vertical-pod-autoscaling \
--enable-shielded-nodes \
--tags “http-server”,”https-server” \
--node-locations “asia-east1-a”Set up Eclipse HONO and Ditto
Now that we have our GKE ready and running, we can install and set up Eclipse HONO and Ditto.
First connect to the newly created GKE cluster.
gcloud container clusters get-credentials eclipse-cluster — zone asia-east1-a — project ${PROJECT_ID}Follow this installation guide to install HONO and Ditto
NS=cloud2edge
RELEASE=c2e
kubectl create namespace $NShelm install -n $NS --wait --timeout 15m --set hono.useLoadBalancer=true --set ditto.nginx.service.type=LoadBalancer \
$RELEASE eclipse-iot/cloud2edge
Wait for the installation completed, you should see similar outputs.
Now we have our GKE cluster ready, in the next episode I will set up connection between HONO and Ditto, and create a device in a HONO tenant to verify integration between HONO and Ditto.
