Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OPC UA server not reachable from client #3580

Closed
MeranaTona opened this issue Aug 27, 2022 · 3 comments
Closed

OPC UA server not reachable from client #3580

MeranaTona opened this issue Aug 27, 2022 · 3 comments
Labels
status/stale

Comments

@MeranaTona
Copy link

Hi all,

I have setup a route sending Strings to an OPC UA Server. Unfortunately the server (exposed via nodeport) is not reachable for OPC UA clients.

Server component (producer): https://camel.apache.org/components/3.14.x/milo-server-component.html
https://github.com/apache/camel/tree/main/components/camel-milo/src/main/java/org/apache/camel/component/milo/server

route:

// camel-k: language=java
import org.apache.camel.CamelContext;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.component.milo.server.MiloServerComponent;
//import org.apache.camel.impl.DefaultCamelContext;
import org.apache.camel.main.Main;

import org.apache.camel.CamelContext;
import org.apache.camel.component.milo.server.MiloServerComponent;
import org.apache.camel.impl.DefaultCamelContext;

import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy;

public class ExampleServer extends RouteBuilder {

        @Override
        public void configure() throws Exception {
                final CamelContext context = getContext();

                MiloServerComponent miloServerComponent = ((MiloServerComponent) context.getComponent("milo-server"));
                miloServerComponent.setBindAddresses("0.0.0.0");
                miloServerComponent.setPort(4862);
                miloServerComponent.setUsernameSecurityPolicyUri(SecurityPolicy.None);
                miloServerComponent.setSecurityPoliciesById("None");

                from("timer:tick?period=3000")
                        .setBody().constant("Hello world from Camel K")
                .to("milo-server:itemId");
        }

        public static void main(String... args) throws Exception {
                Main main = new Main();

                main.configure().addRoutesBuilder(new ExampleServer());
                main.run(args);
        }
}

Seems like the server trait only allows http but no tcp, which is used for OPC: https://camel.apache.org/camel-k/1.8.x/traits/service.html . So I followed this advice, for setting up container and service via yaml: #2693

container-template.yaml:

containers:
  - name: integration
    ports:
      - containerPort: 4862
        protocol: TCP

service.yaml:

apiVersion: v1
kind: Service
metadata:
  name: service
  namespace: camel-k
spec:
  selector:
    camel.apache.org/integration: example-server
  ports:
    - protocol: TCP
      port: 4862
      targetPort: 4862

Then, finally my run.sh:

#!/bin/bash

namespace="camel-k"

kubectl delete -f network/service.yaml

kamel run --pod-template network/container-template.yaml ./ExampleServer.java --namespace $namespace
sleep 7
kubectl apply -f network/service.yaml
kubectl get po -n $namespace

ExampleServer pod logs:

ESC[38;5;145m2022-08-27 12:05:46,980ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.k.RuntimeESC[39m
ESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mApache Camel K Runtime 1.12.0ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:47,003ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.qua.cor.C
amelBootstrapRecorderESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mESC[39mBootstrap runtime: ESC[38;5;188morg
.apache.camel.quarkus.main.CamelMainRuntimeESC[39mESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:47,035ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.k.lis.Sou
rcesConfigurerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mLoading routes from: SourceDefinition{name='Examp
leServer', language='java', type='source', location='file:/etc/camel/sources/ExampleServer.java', }ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:47,974ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sdk.s
er.OpcUaServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mEclipse Milo OPC UA Stack version: 0.3.7ESC[39m
ESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:47,974ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sdk.s
er.OpcUaServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mEclipse Milo OPC UA Server SDK version: 0.3.7ESC[
39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,804ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sdk.s
er.nam.OpcUaNamespaceESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mLoaded nodes in 516ms.ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,840ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://example-server-76d99b79d9-pn6bw:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,929ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://example-server-76d99b79d9-pn6bw:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,929ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://localhost:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,929ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://localhost:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,930ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://10.42.7.112:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,930ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://10.42.7.112:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,931ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://127.0.0.1:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,931ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint opc.tcp://127.0.0.1:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,931ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://example-server-76d99b79d9-pn6bw:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,932ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://example-server-76d99b79d9-pn6bw:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,932ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://localhost:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,932ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://localhost:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,932ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://10.42.7.112:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,932ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://10.42.7.112:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,933ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://127.0.0.1:4862 to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,933ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.ecl.mil.opc.sta.ser.UaStackServerESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mBinding endpoint https://127.0.0.1:4862/discovery to 0.0.0.0:4862 [None/None]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,943ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.imp.eng.AbstractCamelContextESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mRoutes startup (total:1 started:1)ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,943ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.imp.eng.AbstractCamelContextESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151m    Started route1 (timer://tick)ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,944ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69morg.apa.cam.imp.eng.AbstractCamelContextESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mApache Camel 3.14.1 (camel-1) started in 1s211ms (build:0ms init:35ms start:1s176ms)ESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,947ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69mio.quarkusESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mESC[39mESC[38;5;188mcamel-k-integrationESC[39m ESC[38;5;188m1.8.2ESC[39m ESC[38;5;188mon JVMESC[39m (powered by Quarkus ESC[38;5;188m2.7.0.FinalESC[39m) started in ESC[38;5;188m2.676ESC[39ms. ESC[38;5;188mESC[39mESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,947ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69mio.quarkusESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mESC[39mProfile ESC[38;5;188mprodESC[39m activated.
ESC[38;5;188mESC[39mESC[39mESC[38;5;203mESC[39mESC[38;5;227m
ESC[39mESC[38;5;145m2022-08-27 12:05:48,947ESC[39mESC[38;5;188m ESC[39mESC[38;5;107mINFO ESC[39mESC[38;5;188m [ESC[39mESC[38;5;69mio.quarkusESC[39mESC[38;5;188m] (ESC[39mESC[38;5;71mmainESC[39mESC[38;5;188m) ESC[39mESC[38;5;151mESC[39mInstalled features: [ESC[38;5;188mcamel-bean, camel-core, camel-java-joor-dsl, camel-k-core, camel-k-runtime, camel-milo, camel-timer, cdiESC[39m]ESC[39mESC[38;5;203mESC[39mESC[38;5;227m

Service:

 kubectl get svc -n camel-k
NAME      TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
service   NodePort   10.43.83.204   <none>        4862:31185/TCP   20m

If I now try to connect a client outside of K8s to the server via opc.tcp://pod-hostname:31185, the client wont find the server.

Im not really sure what the problem is. Thank you in advance.

Greetings
@MeranaTona
Copy link
Author

Made it work by changing hostname from opc.tcp://pod-hostname:31185 to IP opc.tcp://pod-host-ip:31185

@MeranaTona
Copy link
Author

MeranaTona commented Aug 29, 2022
edited

Update: While the server is reachable over opc.tcp://pod-host-ip:31185, its endpoints (e.g. for reading node IDs) are exposed via unreachable addresses for OPC UA clients outside of the K8s cluster:
Pod name:
grafik
grafik
Pod IP?
grafik
grafik

Basically, while the OPC client from outside can reach the server over the defined nodeport opc.tcp://pod-hostname:nodeport, the OPC server returns a "second" stage of addresses (endpoints), which are unknown to the networks and clients outside of K8s.

@MeranaTona MeranaTona reopened this Aug 29, 2022
@MeranaTona MeranaTona changed the title OPC UA server not reachable not from client OPC UA server not reachable from client Aug 29, 2022
@github-actions
Copy link
Contributor

This issue has been automatically marked as stale due to 90 days of inactivity.
It will be closed if no further activity occurs within 15 days.
If you think that’s incorrect or the issue should never stale, please simply write any comment.
Thanks for your contributions!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MeranaTona