OPC UA Client

The OPC UA Client origin processes data from an OPC UA server. The OPC UA Client origin can poll the server at regular intervals, returning the latest data from all specified nodes. Or it can subscribe to specific nodes and receive messages from the server each time a change related to a specified node occurs.

The origin can also browse all available nodes to provide the node details that you need to configure the origin.

When you configure the OPC UA Client origin, you specify connection information and tag information to associate with each client request. You select the processing mode for the origin and specify the NodeIds for the nodes you want to use. You can use one of several different methods to provide the NodeIds.

You can configure channel properties, such as the maximum chunk or message size. You can optionally configure the security policy that you want to use, related TLS properties, and an optional client private key alias.

Processing Mode

The OPC UA Client origin processes data differently depending on the mode that you choose. The origin can use the following processing modes:
Polling
The origin polls the OPC UA server at regular user-defined intervals, returning the current status of every specified node.
In polling mode, each record contains data from each specified node as a field. As soon as the origin generates a record, it passes the record to the pipeline to avoid delays in processing.
For example, say you set the OPC UA Client to poll the server every minute, and you specify five NodeIds. When the pipeline runs, the origin generates a record every minute, with the status of each of the five NodeIds in each record, regardless of whether any changes occurred since the last poll.
Subscribe
The origin subscribes to the specified nodes. The OPC UA server sends an update each time a change occurs with one of the specified nodes. When node changes occur, the server sends each change to the origin separately.
In subscribe mode, each record contains a single node change. As soon as the origin generates a record, it passes the record to the pipeline to avoid delays in processing.
For example, say you set the OPC UA Client origin to subscribe to ten nodes. After you start the pipeline, the pipeline sits idly until the OPC UA server sends data about a change to a subscribed node.
Browse nodes
Browse nodes mode is a tool to aid pipeline development. In browse nodes mode, the origin connects to the OPC UA server to retrieve all available node details, such as the node identifier and namespace index.
This mode provides easy access to the node details that you need to configure the NodeIds in the origin.
You can use browse nodes mode in data preview to view node details and then configure the origin. Or, you can run a pipeline in browse nodes mode to write node details to a file. You can alternatively use external methods to retrieve node details from the OPC UA server.
For example, say previewing your OPC UA server in browse nodes mode returns the following information:

You can then use this information to configure the nodes that you want to subscribe to, as follows:

Providing NodeIds

The OPC UA Client origin provides several ways to specify the nodeIds for the nodes that you want to use:
Manual
Manually enter the NodeId information. Use this method when you have a specific set and low volume of nodes that you want to use. You can use simple or bulk edit mode.
File
Provide a file of NodeId information. Use this method when you have a relatively static set of nodes that you want to use. You can update the file as needed, but will need to restart the pipeline to capture the latest nodes.
The file must be in a directory local to Data Collector. By default, the origin expects you to secure the information in a runtime resource file.
Enter the NodeId information in the file using the following JSON format:
[
	{
		"identifierType": "<NUMERIC | STRING | UUID | OPAQUE>",
		"namespaceIndex": <namespaceIndex>,
		"field": "<field name>",
		"identifier": "<node identifier>"
	},
	{
		"identifierType": "<NUMERIC | STRING | UUID | OPAQUE>",
		"namespaceIndex": <namespaceIndex>,
		"field": "<field name>",
		"identifier": "<node identifier>"
	}
]
Tip: This is the same format used when entering node information manually in bulk edit mode. To verify the format, you can enter two NodeIds manually in simple format, then switch to bulk edit mode.
Browse Nodes
Specify a root NodeId, allowing the origin to browse for all available nodes under the root node. Use this method when you want to process data from a dynamic set of nodes that are under a single root node.
When you browse nodes, you specify an refresh interval. The refresh interval indicates how long the origin should wait before browsing again for an updated list of nodes to process.

Security

You can optionally configure the OPC UA Client origin to use one of the following standard OPC UA security policies:
  • Basic128Rsa15
  • Basic 256
  • Basic256Sha256
  • None

For more information about OPC UA security policies, see the OPC UA documentation.

When using a security policy, you must configure the associated TLS properties. When necessary, you can specify a private key alias.

Configuring an OPC UA Client Origin

Configure an OPC UA Client origin to process data from an OPC UA server.

  1. In the Properties panel, on the General tab, configure the following properties:
    General Property Description
    Name Stage name.
    Description Optional description.
    On Record Error Error record handling for the stage:
    • Discard - Discards the record.
    • Send to Error - Sends the record to the pipeline for error handling.
    • Stop Pipeline - Stops the pipeline.
  2. On the OPC UA tab, configure the following properties:
    OPC UA Property Description
    Resource URL OPC UA resource URL to use.
    Application Name Application name to use for contact with the OPC UA server. This name can appear in reporting tools to identify the application that sent a request.
    Application URI Application URI to use for contact with the OPC UA server. Enter a unique ID that begins with "urn" as follows:
    urn:<application URI>
    This name can appear in reporting tools to identify the application that sent a request.
    Request Timeout Milliseconds to wait for a response before timing out.
    Processing Mode Mode to use to retrieve data from the OPC UA server:
    • Polling - Use to request data at regular intervals.
    • Subscribe - Use to receive data only when changes occur for subscribed nodes.
    • Browse Nodes - Use during pipeline development to provide node details for configuring Node IDs. Do not use in production.

    For more information about mode types and the data returned in each mode, see Processing Mode.

    Polling Interval (ms) Milliseconds to wait between polling. Used with the polling mode only.
  3. On the NodeIds tab, select the NodeId Fetch Mode.
    For more information about the different ways you can provide node information, see Providing NodeIds.
  4. When using the Manual mode, use simple or bulk edit mode to enter the nodes that you want to use. Click the Add icon to add additional nodes.
    Node Property Description
    Field Name The name of the node.
    Identifier The identifier for the node within the OPC UA Server address space.
    Identifier Type The format and data type of the identifier. Use one of the following types:
    • Numeric
    • String
    • UUID
    • Opaque
    Namespace Index The index that the OPC UA Server uses for a namespace URI.
  5. When using the File mode, configure the following property:
    File Property Description
    NodeId File Path Path to the file that contains NodeId information for the nodes that you want to process. Use a file local to Data Collector that includes the NodeId information in the appropriate format. For more information, see Providing NodeIds.

    Default is ${runtime:loadResource('nodeIdConfigs.json', false)}, which assumes you are using a runtime resource file named nodeIdConfigs.json.

  6. When using Browse mode, configure the following properties:
    Browse Property Description
    Root Node Identifier The identifier for the root node within the OPC UA Server address space. The origin processes data from all nodes under the root node.

    For more information about browsing nodes, see Providing NodeIds.

    Root Node Identifier Type The format and data type of the root node identifier. Use one of the following types:
    • Numeric
    • String
    • UUID
    • Opaque
    Root Node Namespace Index The index that the OPC UA Server uses for a namespace URI.
    NodeId Refresh Interval (sec) Seconds to wait before browsing the root node for an updated list of nodes to use.
  7. On the Channel Config tab, you can configure the following properties:
    Channel Configuration Property Description
    Max Chunk Size Maximum size of a single chunk. Must be set to 8192 or larger.

    Default is 65536.

    Max Chunk Count Maximum number of chunks in a message.

    Default is 32.

    Max Message Size Maximum size of a message after all chunks are assembled.

    The default is 2097152, which is <Max Chunk Size> * <Max Chunk Count>.

    Max Array Length Maximum length of an array. Default is 65536.
    Max String Length Maximum string length. Default is 65536.
  8. On the Security tab, optionally configure the following properties:
    Security Property Description
    Security Policy The security policy to use. Select one of the following policies:
    • Basic128Rsa15
    • Basic 256
    • Basic256Sha256
    • None

    When using a security policy, enable TLS and configure the associated properties.

    Client Private Key Alias Optional private key alias to use.
    Enable TLS

    Enables the use of TLS.

    Keystore File The path to the keystore file. Enter an absolute path to the file or a path relative to the Data Collector resources directory: $SDC_RESOURCES.

    For more information about environment variables, see Data Collector Environment Configuration.

    By default, no keystore is used.

    Keystore Type Type of keystore to use. Use one of the following types:
    • Java Keystore File (JKS)
    • PKCS-12 (p12 file)

    Default is Java Keystore File (JKS).

    Keystore Password Password to the keystore file. A password is optional, but recommended.
    Tip: To secure sensitive information such as passwords, you can use Hashicorp Vault secrets or runtime resources.
    Keystore Key Algorithm The algorithm used to manage the keystore.

    Default is SunX509.

    Use Default Protocols Determines the transport layer security (TLS) protocol to use. The default protocol is TLSv1.2. To use a different protocol, clear this option.
    Transport Protocols The TLS protocols to use. To use a protocol other than the default TLSv1.2, click the Add icon and enter the protocol name. You can use simple or bulk edit mode to add protocols.
    Note: Older protocols are not as secure as TLSv1.2.
    Use Default Cipher Suites Determines the cipher suite to use when performing the SSL/TLS handshake.

    Data Collector provides a set of cipher suites that it can use by default. For a full list, see Cipher Suites.

    Cipher Suites Cipher suites to use. To use a cipher suite that is not a part of the default set, click the Add icon and enter the name of the cipher suite. You can use simple or bulk edit mode to add cipher suites.

    Enter the Java Secure Socket Extension (JSSE) name for the additional cipher suites that you want to use.