eclipse/hawkbit

Yong Cong Sin

@ycsin

Anyone knows what might cause this to happen?

2021-08-11 08:39:56.966 WARN 1 --- [qtp178604517-18] o.e.h.r.e.ResponseExceptionHandler : File streaming failed: fullfileRequest zephyr.signed.bin

What Im seeing at my client is that the download might still happen after I read this message at the server, but it is extremely slow. It isn't like the 1 bytes per second that kind of slow, it is just that the transfer of the firmware chunks happens in a pretty long interval (2 min, ie every 2 mins the device will receive a chunk of 650 bytes, out of 251 KiB)

axelroy

@axelroy

Hi @KOTTIRAMSAI,

For the OpenId auth with KeyCloak, I've posted on your issue : eclipse/hawkbit#1147. Hope it helps.

xTrinitySky

@xTrinitySky

Hello, may I know does hawkbit supports mssql as well? Since the guide I found from official website doesn't mention mssql yet there is mssql dependencies from the hawkbit source code. Can I have confirmation on this? Thanks.

Alexander Dobler

@dobleralex

@xTrinitySky The main page of the repository has DB compatibilities mentioned (see here).

Aswin-png

@Aswin-png

Hey guys, I have got hawkbit and SWupdate to talk to each other : meaning I can rollout updates to a device (in my case a RPi) but the problem is this, somehow the software artifact i have created for my Pi is worng/not compatible etc.. But i followed a guide to do this https://pelux.io/software-factory/PELUX-3.0/chapters/architecture/subsystems/SOTA/getting-started-SOTA.html
Does anyone have a software/firmware i can test with on my Pi

KOTTIRAMSAI

@KOTTIRAMSAI

Hi @axelroy Thanks you

KOTTIRAMSAI

@KOTTIRAMSAI

Hi Can Any One Help me! How can we get the count when we assign distrubution set for targets can we have any Rest api related to that

sheikajith

@sheikajith

Hi @sbabic We are planning to use hawkbit server to deploy artifacts in IoT devices in production(for ex: more than 1000 iot devices). Is Hawkbit server is capable of deploying more than 1000 devices in production level or is there any implications in server side? Please let me know asap

Stefano Babic

@sbabic

Of course Hawkbit can manage 1000+ devices (and more). And there are several ways to balance load if required.

Florian Ruschbaschan

@floruschbaschan

@KOTTIRAMSAI, the Hawkbit UI makes use of countByRsqlAndNonDS which is not accessible by REST. But you could use GET /rest/v1/targetfilters/{targetFilterQueryId} to retrieve your targetFilter and the query value itself and put it as parameter q to GET /rest/v1/targets. Of course if the query value is already known you can skip the first GET request.

sheikajith

@sheikajith

@sbabic Could you please explain those ways to balance load? Also please confirm whether this server is completely open source or we have to pay for managing this server to deploy more than 1000 devices

KOTTIRAMSAI

@KOTTIRAMSAI

@floruschbaschan Thanks for your valuable time spending on us! I have a doubt then how can we get the count we are using rest api for integarting?

sheikajith

@sheikajith

@sbabic Could you please explain those ways to balance load? Also please confirm whether this server is completely open source or we have to pay for managing this server to deploy more than 1000 devices

@sbabic Awaiting for your reply. Please confirm this because it is higher priority for us

Diego Rondini

@diegorondini

@sheikajith hawkBit is an open source software, but deploying it is to scale is not an overnight effort. You can either do it the hard way by deploying everything on your own (months and months of work I would say), or go with one of the cloud platforms mentioned in:
https://www.eclipse.org/hawkbit/gettingstarted/

Diego Rondini

@diegorondini

there's no artificial limitation in hawkBit (guaranteed by the fact it's an Eclipse Foundation project), but don't confuse "open source" with "everything is free". Servers, infrastructures, devops development time, etc have a cost. Yet hawkBit is fully open source.

sheikajith

@sheikajith

@sheikajith hawkBit is an open source software, but deploying it is to scale is not an overnight effort. You can either do it the hard way by deploying everything on your own (months and months of work I would say), or go with one of the cloud platforms mentioned in:
https://www.eclipse.org/hawkbit/gettingstarted/

Can you please elaborate on the effort to deploy bulk clients in server side? Do we have to implement and handle this deployment process in hawkbit server open source available, if so could you help us in implementing this.

Does any one here used hawkbit open source for deploying bulk clients. It would be helpful if anyone suggest some ideas because I am new bee to this

Diego Rondini

@diegorondini

what do you mean for "bulk clients"?

sheikajith

@sheikajith

what do you mean for "bulk clients"?

We are planning to use hawkbit server for production, mainly deploying thousands of clients. Whether hawkbit server supports that? With this particular plan, what is available for free and what features will have a cost? Whether testing OTA update with hawkbit server is free?

Aswin-png

@Aswin-png

Hi guys,
Amateur question: I am using docker to run hawkbit and i want to change the GUI of it, put company logo change the colors a bit etc..
Is it possible to do that through docker or do i have to do it through java compile it again etc..
if there is a specific way to do it through docker could someone show me/ tell me how it is done
thank you

Bondar Bogdan

@bogdan-bondar

@Aswin-png instructions on how to use the custom theme are given here: https://www.eclipse.org/hawkbit/guides/customtheme/ with the example app under https://github.com/eclipse/hawkbit-examples/tree/master/hawkbit-custom-theme-example
You would need to build it and adapt Dockerfile to reference the resulting jar

3 replies

Diego Rondini

@diegorondini

what do you mean for "bulk clients"?

We are planning to use hawkbit server for production, mainly deploying thousands of clients. Whether hawkbit server supports that? With this particular plan, what is available for free and what features will have a cost? Whether testing OTA update with hawkbit server is free?

Again: hawkBit is a software, not a service. To have a hawkBit service you need to run it on a server. You can either run it on your own server or pay companies that provide hawkBit as a service. Wheter it scales depends on the features of the server or the service selected (e.g. servers performences, use of CDN, load balancing, etc). There's no "free plan" or "paid plain": hawkBit is an open source software.

sheikajith

@sheikajith

@diegorondini Can we use hawkbit through docker? Do we need to maintain any database if we use it through docker?

Diego Rondini

@diegorondini

@diegorondini Can we use hawkbit through docker? Do we need to maintain any database if we use it through docker?

https://gitter.im/eclipse/hawkbit?at=5a0bff5271ad3f8736e7baa2

Aswin-png

@Aswin-png

Hey guys is there a way to clear the Database on eclipse hawkbit? Because when I use the same software module, Distribution, rollout or assigning a new device the same name for these cannot be reused. hawkbit tells me that the device already exists or the rollout already exists etc.. how do i clear it ???

Aswin-png

@Aswin-png

as you guys can see here even though the update was successful hawkbit says otherwise. Why is this happening

Aswin-png

@Aswin-png

Why cant i see that the update is finished on hawkbit

Stefano Babic

@sbabic

@Aswin-png this is NOT related to Hawkbit, you have to set up SWUpdate to send the feedback message to Hawkbit, and this is generally done after rebooting the device (see suricatta command line parameters), or using the sendtohawkbit utility. The topic was raised several times on SWUpdate's ML, just use the archives.

DominikDSSchneider

@DominikDSSchneider

Hello guys,
Has anyone experience with Docker images from this tutorial?
https://stefbehl.github.io/hawkbit-101/#/1
It seemed to me as the easiest way to try out a hawkBit environment. Unfortunately I start the docker swarm and see nothing on port 8080.
It also seems as there is no replica of a mySQL database.
Thank you for sharing!

Alexander Dobler

@dobleralex

@DominikDSSchneider Hi, the referenced stack in the tutorial (similar to the stacks in the official hawkbit repo) suffer from recent changes to both the official mysql and rabbitmq containers. They discourage usage of certain environment variables and as a consequence fail to start. As hawkbit then cannot connect to the database it fails to start fully too.

See Hawkbit PR for stack changes for RabbitMQ and MySQL

To shorten it, you have to delete the following lines in the environment entry of the mysql respectively the rabbitmq service in the stack file:

- RABBITMQ_DEFAULT_VHOST: "/"
- MYSQL_USER: "root"

DominikDSSchneider

@DominikDSSchneider

Thank you very much @dobleralex , works now :-)

mdymov-hayward

@mdymov-hayward

Hi all,
ran into issue after upgrading successfully running M6 Hawkbit to M7, after initial login into Hawkbit UI with all proper information (devices, distribution sets, etc) initially displayed, there are multiple errors "An Authentication object was not found in the SecurityContext". I created an issue #1171 in GitHub eclipse/hawkbit#1171 for this.
Anyone else seeing this after the upgrade?

mdymov-hayward

@mdymov-hayward

#1171

Diego Rondini

@diegorondini

@mdymov-hayward are you using a custom theme?

sounds somehow similar to:
eclipse/hawkbit-examples#56

mdymov-hayward

@mdymov-hayward

@diegorondini We do use some customization but its limited; however, the Transport.WEBSOCKET difference looks spot on as we have it set to Transport.WEBSOCKET instead of Transport.WEBSOCKET_XHR. We have Hawkbit running before the eclipse/hawkbit-examples#56 and I wanted to minimize the changes when moving from M6 to M7.
I am rebuilding docker image right now with Transport.WEBSOCKET_XHR.

mdymov-hayward

@mdymov-hayward

That was it - changing from Transport.WEBSOCKET to Transport.WEBSOCKET_XHR resolved the issue! I can now access all devices/distribution sets/rollouts as usual. This is running in local docker container, next step will be to push the change to Google Cloud Run and see if this works in GCP K8 cluster too. Thank you guys!

1 reply

Aswin-png

@Aswin-png

Hey guys, I just wanted to share with you on how I changed the GUI of hawkbit, the recommended way on this site also worked for me https://www.eclipse.org/hawkbit/guides/customtheme/
But i did it like this i cloned hawkbit seperately(Not the usual place i run hawkbit from but an extra) to a folder and then I went to hawkbit-ui /src/main/resources/VAADIN/themes/hawkbit/customstyles and then opened "hawkbitvariables.scss" and then made the changes i wanted and then went to my original hawkbit folder deleted the hawkbit-ui folder and replaced it with the new one(alwayshave a backup of the original hawkbit-ui folder). Finally i compiled everything together and run hawkbit. Worked like a charm. I do not know if this is reccommended but if it not please do tell me
Thank you very much

Cameron Miller

@cameron.miller:matrix.org

[m]

Hey everyone, I had a quick question about configuring API ports. Ideally I'd like to only publicly expose the DDI endpoint and limit access to the Management API/UI to clients within our VPC, so I was wondering if it's possible to separate which ports the Management API/UI and DDI API run on

mangexl

@mangexl

Hello, I'm upgrading to hawkbit 0.3.0M7 and configuring to use oauth2. But I have problems with oauth2. I am fetching a token using autorization_code, and I see that I get a valid token back. But it seems that the org.springframework.security.web.authentication.AnonymousAuthenticationFilter is triggered in the filterChain, setting the authentication to Anonymous. And this results in that the token-response is not processed (at least it looks like). Do you know if there is any running example of hawkbit running oauth2 which I can look at an compare? Or have you seen any problem like this before? Most probably I miss some config..

mdymov-hayward

@mdymov-hayward

@All,

In case anyone downgrades from 0.3.0M7 to 0.3.0M6 with MySQL as data backend... However rare that may be.

The upgrade to M7 alters 2 tables in database definition used by M6. This is fine for upgrade path M6->M7 but when reverted/downgraded back to M6 the new data table definitions prevent any Distribution Set to be assigned to any target. Effectively the OTA service is not functional at that point even though UI is accessible and shows all previously assigned Distribution Sets info correctly.

There is no error produced by UI when new Distribution Set fails to be assigned via UI. Clue to root cause was found in Hawkbit container logs where JDBC SQL exception was logged for "Field 'initiated_by' doesn't have a default value;".

In order to restore ability to assign new Distribution Sets to targets you'll need to DROP COLUMNS in MySQL database used by Hawkbit as follows:

drop column 'initiated_by' from table 'sp_action';
drop column 'auto_assign_initiated_by' from table 'sp_target_filter_query'.

This can be done on live database. Of course create copies of both tables just in case or backup the database before altering anything in database.

Hope this helps.

axelroy

@axelroy

Hello,
I've implemented an hawkbit amqp client, which receives correctly the download instruction, download the files to local storage, and verify the hashes. However, in the dmf documentation, there's only modules id, never a name : https://www.eclipse.org/hawkbit/apis/dmf_api/

Which is not exactly usefull to give meaning to the modules directory. Can we retrieve the modules name directly from a target ?

BigPandaWithBanano

@BigPandaWithBanano

Hi everyone,
currently i try to implement a Open Id Connect authentication via Azure AD. I followed the description on the subject Open Id Connect in the documentary. Unfortunately i got the following error :

2021-09-24 10:17:05.654 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : GET "/", parameters={},
2021-09-24 10:17:06.346 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : Exiting from "ERROR" dispatch, status 404,
2021-09-24 10:17:05.655 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.view.RedirectView        : View name 'redirect:', model {},
2021-09-24 10:17:05.654 DEBUG 1 --- [qtp634638280-26] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.eclipse.hawkbit.autoconfigure.mgmt.ui.RedirectController#home(),
2021-09-24 10:17:05.655 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : Completed 302 FOUND,
2021-09-24 10:17:05.857 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : HTTP POST https://login.microsoftonline.com/06846365-0bcb-4951-b004-9ace50ff7b85/oauth2/v2.0/token,
2021-09-24 10:17:05.858 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Accept=[application/json, application/*+json],
2021-09-24 10:17:05.858 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Writing [{grant_type=[authorization_code], code=[0.AS8AZWOEBssLUUmwBJrOUP97hXO6B[.....]HXUw9S7xL5q2Kd4sTbbJJsh_OC1PgDJp8T-G70yJikguICqkgQ5MyAA], redirect_uri=[http://localhost:8080/login/oauth2/code/oidc]}] as "application/x-www-form-urlencoded;charset=UTF-8",
2021-09-24 10:17:06.076 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Reading to [org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] as "application/json;charset=utf-8",
2021-09-24 10:17:06.075 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Response 200 OK,
2021-09-24 10:17:06.084 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : HTTP GET https://graph.microsoft.com/oidc/userinfo,
2021-09-24 10:17:06.084 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Accept=[application/json, application/cbor, application/*+json],
2021-09-24 10:17:06.252 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Response 200 OK,
2021-09-24 10:17:06.253 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Reading to [java.util.Map<java.lang.String, java.lang.Object>],
2021-09-24 10:17:06.265 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : HTTP GET https://login.microsoftonline.com/06846365-0bcb-4951-b004-9ace50ff7b85/discovery/v2.0/keys,
2021-09-24 10:17:06.266 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Accept=[text/plain, application/json, application/cbor, application/*+json, */*],
2021-09-24 10:17:06.336 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Response 200 OK,
2021-09-24 10:17:06.336 DEBUG 1 --- [qtp634638280-25] o.s.web.client.RestTemplate              : Reading to [java.lang.String] as "application/json;charset=utf-8",
2021-09-24 10:17:06.342 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : GET "/login?error", parameters={masked},
2021-09-24 10:17:06.343 DEBUG 1 --- [qtp634638280-26] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped to ResourceHttpRequestHandler ["classpath:/META-INF/resources/", "classpath:/resources/", "classpath:/static/", "classpath:/public/", "/"],
2021-09-24 10:17:06.344 DEBUG 1 --- [qtp634638280-26] o.s.w.s.r.ResourceHttpRequestHandler     : Resource not found,
2021-09-24 10:17:06.344 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : Completed 404 NOT_FOUND,
2021-09-24 10:17:06.345 DEBUG 1 --- [qtp634638280-26] o.s.web.servlet.DispatcherServlet        : "ERROR" dispatch for GET "/error?error", parameters={masked},

is anyone fimilar with this topic and can help me ?

Sahaya cyril

@sahaya_cyril:matrix.org

[m]

Hello Everyone,
I'm trying to set up a reverse proxy to allow certificate authentication.
For testing purpose I'm using self signed certificate. Client and Server are kept at same local network.

I'm using swupdate from client side, when trying to connect the hawkbit server, I get the following error.

Client logs:

ERROR: Channel operation returned HTTP error code 401.
- Connected to 192.168.1.121 (192.168.1.121) port 8443 (#2)
- found 1 certificates in /root/caroot.cer
- found 592 certificates in /etc/ssl/certs
- ALPN, offering http/1.1
- SSL re-using session ID
- SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
- server certificate verification OK
- server certificate status verification SKIPPED
- common name: 192.168.1.121 (matched)
- server certificate expiration date OK
- server certificate activation date OK
- certificate public key: RSA
- certificate version: #1
- subject: C=IN,ST=MH,L=MU,O=Test,OU=Development,CN=192.168.1.121,EMAIL=test@gmail.com
- start date: Mon, 27 Sep 2021 09:51:04 GMT
- expire date: Tue, 27 Sep 2022 09:51:04 GMT
- issuer: C=IN,ST=MH,L=MU,O=Test,OU=Development,CN=192.168.1.121,EMAIL=test@gmail.com
- compression: NULL
- ALPN, server did not agree to a protocol
> GET /DEFAULT/controller/v1/scv HTTP/1.1

Hawkbit server logs:

2021-09-27 18:47:00.907  INFO 52737 --- [           main] o.e.jetty.server.AbstractConnector       : Started SslValidatingServerConnector@2e34384c{SSL, (ssl, alpn, h2, http/1.1)}{0.0.0.0:8443}
2021-09-27 18:47:00.909  INFO 52737 --- [           main] o.s.b.web.embedded.jetty.JettyWebServer  : Jetty started on port(s) 8443 (ssl, alpn, h2, http/1.1) with context path '/'

Can anyone please confirm this is failing just because of ALPN offering http/1.1, If yes please guide me.

Is there any documentation available for allowing targets to authenticate via a certificate authenticated by a reverse proxy?

Where communities thrive

People

Repo info

Activity