Getting Started with the Event Hub
Event Hub Setup
The following account access and software must be present before setting up the Event Hub.
Before you begin using Event Hub, obtain the following account access and software. It is also helpful to have a working knowledge of gRPC. For more information about gRPc, see https://github.com/google/protobuf#protocol-compiler-installation
Accounts
You should have the following accounts to use Predix services:- A Predix.io account. See t_registering_for_a_predix_account.html#task_a0b9d32e-24ff-4c84-a210-713527bce17c.
When you register for a Predix.io account, an org and space is created for you in Cloud Foundry.
- A Github account. Go to https://github.com/join.
Software
Software | Version | Description |
---|---|---|
Cloud Foundry CLI | Latest stable binary version | Use the Cloud Foundry CLI to deploy and manage applications and services. Download the latest stable binary from https://github.com/cloudfoundry/cli#downloads. |
Git | Latest | Download Git from https://git-scm.com/downloads. |
Maven | If you are developing with Java, you can use Maven to manage and organize dependencies for your project. You can download Maven from https://maven.apache.org/download.cgi. | |
Google Protocol Buffer Compiler | 3.0.0 | To publish and subscribe using gRPC, you need to compile a .proto file, which generates source code for the language you use to interact with the Event Hub service. You can download Protocol Compiler from https://github.com/google/protobuf#protocol-compiler-installation. |
Task Roadmap
The following table shows the steps for setting up the Event Hub service.
Step | |
---|---|
1. (Optional) Configure your proxy settings. | Depending on your location and network configuration, you may need to configure your proxy settings to access remote resources. See t_defining_proxy_connections_to_remote_resources.html#task_97cc6304-e168-459d-9952-a45708ff8361. |
2. Create a UAA service instance. | See uaas-get-started.html#task_y1l_vms_2s. |
3. Create the Event Hub service instance. | See ehs-getting-started.html#task_f427bba4-a466-4138-9a9d-b471907cb8c4. |
4. Bind your application to the Event Hub service instance. | See ehs-getting-started.html#task_dcw_5tr_rv . |
5. Create an OAuth2 client. | The OAuth 2.0 protocol establishes a client as an application that makes protected resource requests on behalf of the resource owner and with its authorization. See uaas-managing-clients.html#task_79a81b74-552e-4f74-abfc-bd37e6adac87. |
6. Update the OAuth2 client to use Event Hub. | See uaas-managing-clients.html#task_k3h_k2c_1x. |
7. Add the required Event Hub scopes. | See ehs-getting-started.html#task_9e08677f-d894-49bf-b34d-e376b44ca015. |
8. Add Predix zone token scopes to your application. | See ehs-getting-started.html#task_8e08b8fb-199c-418f-897e-f6be754c22e5. |
9. Set up a gRPC client. | See ehs-getting-started.html#task_79b3d83c-cc6d-4e11-bbb0-ee5c6b82afa1. |
Working With protobuf
Predix uses protocol buffers for publishing and subscribing to events.
Before You Begin
You should be familiar with gRPC and Google protocol buffers before using Event Hub. You can read about gRPC and protocol buffers at http://www.grpc.io/docs/guides/ and https://developers.google.com/protocol-buffers/docs/overview.
Procedure
Creating a UAA Service Instance
You can create multiple instances of the UAA service in your space.
About This Task
As a best practice, first delete any older unused instances before creating a new one.
Procedure
Results
Your UAA instance is created with the following specifications:
- A client identifier (
admin
).Note: Anadmin
client is required for bootstrap purposes. You can create additional clients to use with your application. - A client secret (that you specified while creating the service).
To retrieve additional details of your instance, you can bind an application to your instance.
Using the Command Line to Create a UAA Service Instance
Optional procedure for using the command line instead of the graphical user interface to create a UAA service instance.
About This Task
You can create up to 10 instances of UAA service in your space. If you need additional instances, you must delete an older unused instance and create a new one.
Procedure
Results
Your UAA instance is created with the following specification:
-
A client identifier (
admin
).Note: Anadmin
client is created for bootstrap purposes. You can create additional clients to use with your application. -
A client secret (that you specified while creating the service).
To retrieve additional details of your instance, you can bind an application to your instance.
Example
Create a predix-uaa service instance with client secret as admin and sub-domain as ge-digital:
cf cs predix-uaa tiered test-1 -c '{"adminClientSecret":"admin","subdomain":"ge-digital"}'
This is how it appears in VCAP SERVICES when using the cf env <app_name>
command:
"VCAP_SERVICES": {
"predix-uaa": [
{
"credentials": {
"dashboardUrl": "https://uaa-dashboard.run.asv-pr.ice.predix.io/#/login/04187eb1-e0cf-4874-8218-9fb77a8b4ed9",
"issuerId": "https://04187eb1-e0cf-4874-8218-9fb77a8b4ed9.predix-uaa.run.asv-pr.ice.predix.io/oauth/token",
"subdomain": "04187eb1-e0cf-4874-8218-9fb77a8b4ed9",
"uri": "https://04187eb1-e0cf-4874-8218-9fb77a8b4ed9.predix-uaa.run.asv-pr.ice.predix.io",
"zone": {
"http-header-name": "X-Identity-Zone-Id",
"http-header-value": "04187eb1-e0cf-4874-8218-9fb77a8b4ed9"
}
},
"label": "predix-uaa",
"name": "testuaa",
"plan": "Tiered",
"provider": null,
"syslog_drain_url": null,
"tags": [],
"volume_mounts": []
}
],
Creating an Event Hub Service Instance
You must create and configure an Event Hub service instance before you can bind an application to the service.
Before You Begin
Complete the ehs-getting-started.html#concept_8491b435-e6ab-48e9-b496-140fb2bcdf09.
Procedure
Binding an Application to the Event Hub Service Instance
About This Task
You must bind your application to your Event Hub service instance to provision its connection details in the VCAP_SERVICES environment variable. Cloud Foundry runtime uses the VCAP_SERVICES environment variables to communicate with a deployed application about its environment.
Procedure
Creating an OAuth2 Client
You can create OAuth2 clients with specific permissions for your application to work with Predix Platform services. Often this is the first step after creating an instance of a service.
About This Task
When you create an instance of UAA, the UAA Dashboard is available for configuring that instance of UAA. You can use the Client Management tab in the UAA Dashboard to create the OAuth2 clients.
If you are prefer using the UAA command-line interface (UAAC) instead of UAA Dashboard to create an OAuth2 client, see uaas-managing-clients.html#task_sp2_zvk_rdb
Procedure
What To Do Next
uaas-managing-clients.html#task_k3h_k2c_1x for your service specific information.
Updating the OAuth2 Client for Services
To use an OAuth2 client for secure access to your Predix Platform service instance from your application, you must update your OAuth2 client to add additional authorities or scopes that are specific to each service.
About This Task
To enable your application to access a platform service, your JSON Web Token (JWT) must contain the scopes required for a platform service. For example, some of the scope required for Access Control service are acs.policies.read acs.policies.write
.
The OAuth2 client uses an authorization grant to request an access token. Based on the type of authorization grant that you have used, you must update your OAuth2 client to generate the required JWT. For more information on how the OAuth2 client is created, see Creating OAuth2 client.
If you use the UAA Dashboard to create additional clients, the client is created for the default client_credentials
grant type. Some required authorities and scopes are automatically added to the client. You must add additional authorities or scopes that are specific to each service.
In addition, the admin client is not assigned the default authority to change the user password. To change the user password, you must add the uaa.admin
authority to your admin client.
Use the following procedure to update the OAuth2 client.
Procedure
What To Do Next
You can complete the following additional tasks in UAA Dashboard:
- If you are using authorization grant type as Authorization Code, Implicit, or Resource Owner Password, you can manage users in UAA.
- You can create password policies for user passwords.
- You can set up external identity provider or use UAA as an identity provider. See Managing Identity Providers.
If you have completed your OAuth2 client setup, you can bind your application to your service instance.
Adding the Required Authorities or Scopes for Event Hub
Enable applications to access Event Hub by adding the Predix zone scopes.
About This Task
When you create a new OAuth2 client, the client is assigned default scopes and authorities. You must add additional authorities or scopes that are specific to each service. To enable applications to access the Event Hub service, your JSON Web Token (JWT) must contain the correct Predix zone token scopes.
Procedure
Setting up Your Application to Access Event Hub
Procedure
Setting Up a gRPC Client
To publish or subscribe to messages in Event Hub by using gRPC, you must first create a client that can call the publishing and subscribing methods on Event Hub.
Procedure
Setting Up gRPC Clients With C++
To set up Event Hub integration with gRPC by using C++, you create separate publish and subscribe clients.
Before You Begin
Gather the following information:
- The Predix zone ID and URI for your Event Hub service instance.
You can find this information in the environment variables for your Event Hub service instance.
- The OAuth2 token for your UAA service instance.
For instructions on how to retrieve this information, see uaas-managing-tokens.html#task_fc103b60-f030-4e50-a965-9394c1f76cd0