Overview
The OPC UA Integration with Cumulocity, short OPC UA Gateway, allows connecting any OPC UA Server which can have various majority levels and address space sizes. In order to detect performance issues or connection problems. It is recommended to monitor software components in a productive environment. In that article, I will talk about the possibilities to monitor the OPC UA Gateway.
The OPC UA Gateway is written in Java using the Spring framework. This framework provides a wide variety of features for monitoring. The OPC UA Gateway is using the standard Java Management Extensions JMX and I will show you how to run your OPC UA gateway with JMX and additional Prometheus endpoint.
Furthermore, the gateway populates different metrics to the Cumulocity IoT platform as well which I’m starting with.
Cumulocity
As already mentioned, the gateway internally measures different metrics and populates them to the platform as measurements, events and alarms.
It also checks if a server connection is active and working by regularly browsing the root node of an OPC UA server. This is certainly the easiest way and working out of the box, without network configuration like port opening etc. The downside is that only a few metrics are available.
However, I will not go into detail, this is already well documented at:
There are two configuration you can set in the OPC UA Gateway:
monitoring:
# The interval below in milliseconds configures the frequency of this monitoring task.
interval: 10000
# The interval below in milliseconds configures how often we investigate the thread executor queue sizes to prevent overflow
checkQueueSizes: 10000
For more information please check the documentation.
JMX
Java Management Extensions (JMX ) is also an out of the box functionality to monitor the JVM and also the beans provided by the component.
JMX beans can easily accessed by jconsole.
You have to enable jmx by adding following to your configuration application-{profile}.yaml file of your OPC UA Gateway instance. This enables jmx for Spring and all additional specific added MBeans.
spring:
jmx:
enabled: true
Spring publishes production ready endpoints as JMX.
https://docs.spring.io/spring-boot/docs/2.1.1.RELEASE/reference/html/production-ready-endpoints.html
and additional OPC UA specific MBeans:
I am going to focus on customActionMBean
which was introduced recently. If you are using custom actions, these values are worth mentioning.
As you can see in the screenshot, the MBeans stores a map of all http requests, return code and retry count. The key contains all three information:
<endpoint URI>_<http code>_<retry count>
Example:
Key: http://localhost/api/test_200_2
Value: 15
This means the REST endpoint (resource) http://localhost/api/test was successful (200, Ok) on the second retry, and this happened 15 times at runtime. The counter is stored in-memory, which means it is reset after restart. This helps to identify which endpoints are not performing well.
Important! If you want to configure OPC UA Gateway to access the JMX remotely you have to setup security, see this guide
Prometheus
It is important to know that the OPC UA Gateway doesn’t have a web server included which means REST endpoints like actuator etc. can’t be used out of the box.
Fortunatly there is an additional agent available as open source which can be used to export MBeans as prometheus endpoint:
https://github.com/prometheus/jmx_exporter
Steps prometheus exporter
-
Start the OPC UA Gateway with Prometheus exporter:
java -javaagent:./jmx_prometheus_javaagent-0.17.0.jar=12345:config.yaml -Dspring.profiles.active=default,test1 -Dlogging.config=opcua-device-gateway-logging.xml -jar opcua-device-gateway-1015.x.x.jar
-
Open the browser, if you use default config: http://localhost:12345/metrics
You can see above described CustomActionMBean:
Conclusion
Monitoring is very important for your infrastructure when operating a productive OPC UA gateway. This article guided you through the monitoring capabilities of the OPC UA Gateway. Be aware that enabling remote access comes always with more security risk and need special security measures.