Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Dec 09 14:54
    herdt-michael synchronize #920
  • Dec 09 09:57
    hawkbit-bot commented #920
  • Dec 09 09:55
    herdt-michael opened #920
  • Dec 06 09:19
    AnbazhakanSubramaniam commented #905
  • Dec 06 08:57
    AnbazhakanSubramaniam synchronize #905
  • Dec 05 12:43
    sebastian-firsching synchronize #919
  • Dec 04 17:49
    hawkbit-bot commented #919
  • Dec 04 17:49
    hawkbit-bot commented #919
  • Dec 04 17:43
    schabdo commented #919
  • Dec 04 17:43
    schabdo milestoned #919
  • Dec 04 17:42
    schabdo commented #918
  • Dec 04 17:39
    hawkbit-bot commented #918
  • Dec 04 17:39
    hawkbit-bot commented #918
  • Dec 04 17:36
    schabdo commented #918
  • Dec 04 17:35
    schabdo milestoned #918
  • Dec 04 16:07
    hawkbit-bot commented #918
  • Dec 04 16:07
    hawkbit-bot commented #919
  • Dec 04 16:05
    sebastian-firsching opened #919
  • Dec 04 16:03
    hawkbit[bot] commented #918
  • Dec 04 16:03
    sebastian-firsching opened #918
Dominic Schabel
@schabdo

@mdymov_gitlab a lot of questions :smile: Will try to answer all of them ...

how do we indicate partial progress to HawkBit? Say if 5 out of 8 devices got updates

For hawkBit an update is atomic per target by means it is either successful or failed but nothing in between. I can think of two approaches for your usecase described above:

  1. Report the status of each slave device via intermediate feedback so you can track it in hawkBit. But “success” or “failure" is still reported for the whole embedded host

2a. You promote all slave devices as targets to hawkBit since hawkBit does not care about the actual hardware. Than you would be able to assign a distribution set to a slave device and report status independently (all controlled by the same embedded host)

2b. You use DMF API and implement your own custom mapping

Dominic Schabel
@schabdo

Does that apply to Distribution Set as a whole?

Exactly. Update is represented by assinment of one distribution set. So feedback is given per assignment. Intermediate feedback could be like this:

"status" : {
        "result": {
            "finished": "none"
        },
        "execution": "proceeding",
        "details": [“5 out of 8 devices got updates"]
 }
"status" : {
        "result": {
            "finished": "none"
        },
        "execution": "proceeding",
        "details": [“7 out of 8 devices got updates"]
 }
Dominic Schabel
@schabdo

What about 'status.result.progress' object and it's fields "of' and 'cnt’?

Good question. Back in the days the client API was designed first and hawkBit implemented the API. The idea of these fields was indeed to be able to report some kind of progress. However fields never made their way into server implementation. So long story short, client can send them as part of the feedback but hawkBit ignore them

@mdymov_gitlab hope this helps
mangexl
@mangexl
Hi @xyklex, have you proceeded with running in clustered mode? Have you experienced any problems? I am in the process of running in clustered mode and I am now readin/going through code. Events and caching can be setup (although there will be some new components introduced in the architecture), but have you looked at Schedulers? How to make sure that is only runs on single node in cluster?
Murat Dymov
@mdymov_gitlab
@schabdo Dominic Thank you for the explanation, will take all of that in consideration. Problem for us that our host's environment is not fixed from the factory. Looks like we'll have to extend some code on server side, including database schema if we want to be able to relay per-component feedback. I am not a lawyer, does HawkBit's license allow us to do that?
Andreas Meichelboeck
@mei-tech_gitlab
Hello everyone! I'm currently extending hawkbit by using the S3 hawkbit-extension. Therefor I'm adding "org.eclipse.hawkbit.repository.s3.bucketName=ABC-prod-artifacts" to the application.properties before recompiling. Is it possible to also make the bucketname also available via the environment variables (as aws.accessKeyId and aws.secretKey)? Have I missed something?
Andreas Meichelboeck
@mei-tech_gitlab
Furthermore I am currently still managing the hawkbit users via the application.properties file. Do I already have an alternative by using openid for user management or another possibility?
thmai11
@thmai11
@mei-tech_gitlab Environment variable for AWS are the following: AWS_ACCESS_KEY AWS_SECRET_KEY
Andreas Meichelboeck
@mei-tech_gitlab
@thmai11 Thank for your reply. Oh yes, sorry I meant that. But I can't change the S3-bucket name, right?
thmai11
@thmai11
I don't understand, you can specify the bucket name in the application.properties with the value org.eclipse.hawkbit.repository.s3.bucketName
Andreas Meichelboeck
@mei-tech_gitlab
Ok, I try to clearify my point then. I have several hawkbit environments. Therefore each one need to have a seperate S3-bucket. I can set the aws access key and secret key over environment, but not the bucketname, right? So I have to compile hawkbit for each environment with different application.properties
thmai11
@thmai11
Are you running hawkbit directly on the machine or you are using docker?
Andreas Meichelboeck
@mei-tech_gitlab
docker
AWS ECS
thmai11
@thmai11
Is your docker image contain the application.properties file? Or you mount it?
Andreas Meichelboeck
@mei-tech_gitlab
I do not mount it. I try to set everything up over environment variables.
Dominic Schabel
@schabdo
@mdymov_gitlab well, I’m not a lawyer, too :wink: But if you use option 2b (DMF-API) your custom code will be outside of hawkBit
Dominic Schabel
@schabdo
@mei-tech_gitlab ORG_ECLIPSE_HAWKBIT_REPOSITORY_S3_BUCKETNAME=ABC-prod-artifacts should do the trick as env variable
Dominic Schabel
@schabdo

Do I already have an alternative by using openid for user management or another possibility?

Well, almost :smile: There is a pull request (eclipse/hawkbit#865) heading towards master. I think this is exactly what you’re asking for …

@thmai11 thanks for your support!
thmai11
@thmai11
Trying as much as I can :)
Dominic Schabel
@schabdo
:thumbsup:
Murat Dymov
@mdymov_gitlab
@schabdo Thank you, that's an option too.
Andreas Meichelboeck
@mei-tech_gitlab
@schabdo Awesome! Thanks!
akhil6095
@akhil6095
Hello
Can someone suggest how to disable RabbitMQ while installing hawkbit
Dominic Schabel
@schabdo
Just set the property hawkbit.dmf.rabbitmq.enabled=false in application.properties
akhil6095
@akhil6095
thanks @schabdo
akhil6095
@akhil6095
I've targets assigned with distributionSets and trying to fetch an update using DDI API but getting 401, I've configured "Allow targets to download artifacts without security credentials" to True but still getting 401
akhil6095
@akhil6095
is there a way to disable DDI authentication?
Jeroen Laverman
@laverman
Hi @akhil6095 - out of the box, hawkBit provides two ways to authenticate your target: target / security token or GatewayToken. For the first approach, you can find the token in the target’s detail window under ‘Security Token’ in the UI. The latter is one token, that can be used by several devices. You need to enabel either of these option in the System config. Allow targets to authenticate directly with their target security tokenor Allow a gateway to authenticate and manage multiple targets through a gateway security token. You can use Gateway token in the Auth header of the request, e.g. “Authorization : GatewayToken a56cacb7290a8d8a96a2f149ab2f23d1”. For the security token use: “Authorization : TargetToken a56cacb7290a8d8a96a2f149ab2f23d1”
akhil6095
@akhil6095
thanks a lot for the response, but can I somehow disable this altogether?
Jeroen Laverman
@laverman
There was a way to do this in code, not sure if it is available anymore. Let me check ...
akhil6095
@akhil6095
ideally it should be configurable via mgmt UI
Jeroen Laverman
@laverman
That’s not the case. Do you think this is really required? Of course it would make getting started with device provisioning a little bit easier, but apart from that, I can’t think of a scenario where this might be desired.
akhil6095
@akhil6095
I've million of devices and currently we are using a home brewed solution and evaluating Hawkbit majorly because of it's fancy feature "Rollouts"
so we do not want to update our clients to pass in security token for authentication
also, can you please point me to some page listing all configuration properties which can be overridden as per need?
Jeroen Laverman
@laverman
Understood, still I would discourage an unprotected access. Nevertheless, I double checked the code, and there is a configuration setting to enable anonymous acces: hawkbit.server.ddi.security.authentication.anonymous.enabled=true.
akhil6095
@akhil6095
I totally agree with you, but for the POC I'll disable it but will consider it while integrating it
thanks for the config :)
Jeroen Laverman
@laverman
in order to get a list of all config properties, you can leverage the Spring Boot actuator endpoint /configprops/.
To do so, you have to set the following configuration properties:
# URL path to actuator endpoints
management.endpoints.web.base-path=/system
management.endpoints.web.exposure.include=configprops
management.endpoint.configprops.enabled=true
akhil6095
@akhil6095
can we have a page documenting all these?
Jeroen Laverman
@laverman
I’m afraid, there is currently no such page.
akhil6095
@akhil6095
I can raise a PR with above information we discussed and we can contribute to it as when required
Jeroen Laverman
@laverman
I’d probably add it as one of the Guides https://github.com/eclipse/hawkbit/tree/master/docs/content/guides
akhil6095
@akhil6095
sure, will raise a PR for same
Dominic Schabel
@schabdo
This is Spring Boot Actuator feature so you’ll need additional maven dependency in order to get the view at runtime. Not sure if this should become part of hawkBit
Dominic Schabel
@schabdo
Appendix of Spring Boot contains overview of all properties. However maintaining such a list is a lot of effort