The purpose of this solution is to deploy resources necessary for an IoT Solution
PreRequisites
Requires the use of direnv.
Requires the use of Azure CLI.
Requires the use of OpenSSL.
- iot-resources - Deploying IoT Resources and x509 Management
- iot-cluster-iac - Kubernetes Cluster for running Simulators (Option 1)
- iot-swarm-iac - Docker Swarm Cluster for running Simulators (Option 2)
- iot-device-edge - Simple Edge Testing
- iot-device-js - Simple Device Testing (NodeJS)
- iot-device-net - Simple Device Testing (C#)
- iot-consumer-net - Simple Event Processor (C#)
- iot-control-js - Simple Control Testing
This script will generate the following resources in Azure.
-
Key Vault
-
Storage Account
-
IoT Hub
-
Device Provisioning Service
-
Log Analytics
-
Application Insights
-
Stream Analytics
-
Time Series Insights
# Provision the ARM Resources
./provision.sh
The script creates an .envrc file to set environment variables used in creating the x509 certs.
# Azure Resources
export VAULT="<key_vault>"
export HUB="<iot_hub>"
export DPS="<iot_dps>"
export DPS_GROUP="<resource_group>"
# Certificate Authority
export ORGANIZATION="<organization>"
export ROOT_CA_PASSWORD="<password>"
export INT_CA_PASSWORD="<password>"
The default ORGANIZATION name is
testonly
. These files have the reference to the organization.
- .envrc
- root_ca.dnf
- intermediate_ca.dnf
This script initializes a Root and Intermediate CA for use.
-
Creates x509 Certificates and Authorities in
./src/pki
-
Upload the Certificates, Keys, and Passwords used to the KeyVault.
-
Uploads and Validates the Root and Intermediate CA certificates to the IoT Hub.
-
Uploads and Validates the Root and Intermediate CA certificates to the IoT DPS.
# Initializes a Root and Intermediate CA for use.
./init-ca.sh
This script creates device certificates for use.
-
Creates an iot hub identity using a self signed certificate.
-
Creates device certificates signed by the Intermediate CA
-
Creates edge certificates signed by the Intermediate CA
-
Creates leaf certificates signed by the Intermediate CA
# Usage <type> <name>
./device-cert.sh self self-signed-device
./device-cert.sh device device deploy (optional)
./device-cert.sh edge edge
EDGE_GATEWAY="edge" ./device-cert.sh leaf leaf
Devices
COUNT=1
until [ $COUNT -gt 10 ]; do
./device-cert.sh device device$COUNT deploy
let COUNT+=1
done
Downstream Devices
COUNT=1
until [ $COUNT -gt 10 ]; do
EDGE_GATEWAY="edge" ./device-cert.sh leaf leaf$COUNT deploy
let COUNT+=1
done