Last active
June 3, 2024 00:14
-
-
Save danuw/37c931341d5cde145564a5bfe05cc4c7 to your computer and use it in GitHub Desktop.
AIO setup script for IoT Operations (in progress)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Edit before running | |
echo "Setting up environment variables" | |
export SUBSCRIPTION_ID=... | |
export LOCATION="westeurope" | |
export RESOURCE_GROUP=we-aio-rg | |
export CLUSTER_NAME=we-aio-arck # https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations#compute-and-web | |
export KEYVAULT_NAME=we-aio-kv | |
#export KEYVAULT_NAME_RG=we-uciotop-rg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "Checking for azure-cli availability" | |
# check if cli is installed | |
# and otherwise install it using this command | |
if command -v az >/dev/null 2>&1; then | |
echo "Azure CLI is installed" | |
else | |
echo "Azure CLI is not installed and will be installed now" | |
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | |
fi | |
echo "Ensure latest azure extensions for AIO are installed and up to date" | |
az extension add --upgrade --name azure-iot-ops | |
az extension add --upgrade --name connectedk8s | |
az extension add --upgrade --name k8s-extension | |
az extension add --upgrade --name customlocation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "installing k3s" | |
curl -sfL https://get.k3s.io | sh - | |
echo "setting up kubectl" | |
mkdir ~/.kube | |
sudo KUBECONFIG=~/.kube/config:/etc/rancher/k3s/k3s.yaml kubectl config view --flatten > ~/.kube/merged | |
mv ~/.kube/merged ~/.kube/config | |
chmod 0600 ~/.kube/config | |
export KUBECONFIG=~/.kube/config | |
#switch to k3s context | |
kubectl config use-context default | |
sudo apt install nfs-common | |
echo "setting up sysctl" | |
echo fs.inotify.max_user_instances=8192 | sudo tee -a /etc/sysctl.conf | |
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf | |
echo fs.file-max = 100000 | sudo tee -a /etc/sysctl.conf | |
sudo sysctl -p |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Make sure to first run `az login --use-device-code` in the right browser to sign in to your Azure Account | |
# To ensure your user can access the AIO UI, make sure to specify you iot ops user email with `export USER_EMAIL=<your-email>` - remember that user needs to be a member of the tenat | |
if [ -z "$SUBSCRIPTION_ID" ]; then | |
echo "SUBSCRIPTION_ID is not set" | |
exit 1 | |
fi | |
# you may also want to check that your $RESOURCE_GROUP variable is set correctly override with `export RESOURCE_GROUP=aio-codespace-rg` | |
echo "set the azure subscription" | |
az account set -s $SUBSCRIPTION_ID | |
az config set extension.use_dynamic_install=yes_without_prompt | |
echo "install azure providers" | |
az provider register -n "Microsoft.ExtendedLocation" | |
az provider register -n "Microsoft.Kubernetes" | |
az provider register -n "Microsoft.KubernetesConfiguration" | |
az provider register -n "Microsoft.IoTOperationsOrchestrator" | |
az provider register -n "Microsoft.IoTOperationsMQ" | |
az provider register -n "Microsoft.IoTOperationsDataProcessor" | |
az provider register -n "Microsoft.DeviceRegistry" | |
echo "create the resource group" | |
az group create --location $LOCATION --resource-group $RESOURCE_GROUP --subscription $SUBSCRIPTION_ID | |
echo "connect the cluster" | |
az connectedk8s connect -n $CLUSTER_NAME -l $LOCATION -g $RESOURCE_GROUP --subscription $SUBSCRIPTION_ID | |
echo "extract the service principal" | |
export OBJECT_ID=$(az ad sp show --id bc313c14-388c-4e7d-a58e-70017303ee3b --query id -o tsv) | |
echo "enable custom locations" | |
az connectedk8s enable-features -n $CLUSTER_NAME -g $RESOURCE_GROUP --custom-locations-oid $OBJECT_ID --features cluster-connect custom-locations | |
echo "verify host - check everything is set up correctly" | |
az iot ops verify-host | |
#az connectedk8s show -n $CLUSTER_NAME -g $RESOURCE_GROUP --query id -o tsv | |
echo "Current custom locations:" | |
az customlocation list -g $RESOURCE_GROUP --query "[].{Name:name, ID:id}" | |
# Make sure to specify you iot ops user email with `export USER_EMAIL=<your-email>` | |
echo "Create the keyvault" | |
az keyvault create --enable-rbac-authorization false --name ${CLUSTER_NAME:0:24} --resource-group $RESOURCE_GROUP | |
echo "Get the keyvault name into an environment variable" | |
export KEYVAULT_NAME=$(az keyvault list --resource-group $RESOURCE_GROUP --query "[0].name" -o tsv) | |
echo "Initialize the IoT Operations instance" | |
az iot ops init --simulate-plc --cluster $CLUSTER_NAME --resource-group $RESOURCE_GROUP --kv-id $(az keyvault show --name ${CLUSTER_NAME:0:24} -o tsv --query id) | |
kubectl get assetendpointprofile -n azure-iot-operations | |
kubectl get pods -n azure-iot-operations | |
export userObjectId=$(az ad user show --id $USER_EMAIL --query id -o tsv) | |
az role assignment create --role Contributor --assignee-object-id $userObjectId --scope /subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP | |
echo "#### Set up OPC UA ####" | |
echo "Create an asset endpoint" | |
az iot ops asset endpoint create --name opc-ua-connector-0 --target-address opc.tcp://opcplc-000000:50000 -g $RESOURCE_GROUP --cluster $CLUSTER_NAME | |
echo "Add an asset, tags, and events" | |
az iot ops asset create --name thermostat -g $RESOURCE_GROUP --cluster $CLUSTER_NAME --endpoint opc-ua-connector-0 --description 'A simulated thermostat asset' --data data_source='ns=3;s=FastUInt10', name=temperature --data data_source='ns=3;s=FastUInt100', name='Tag 10' | |
# TODO | |
# Look into creation using sp-id https://learn.microsoft.com/en-us/cli/azure/iot/ops?view=azure-cli-latest#az-iot-ops-init |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment