Deploy HiveMQ Edge on Azure ARC-Enabled Kubernetes Cluster with GitOps
Deploying HiveMQ Edge on a Kubernetes cluster represents a significant step forward for organizations looking to enhance their IoT messaging infrastructure. HiveMQ Edge is an industrial protocol gateway including a lightweight MQTT broker designed specifically for edge computing environments, enabling efficient and reliable communication between IoT devices and the cloud.
By deploying HiveMQ Edge on Kubernetes, businesses can leverage the scalability, flexibility, and resilience of containerized environments to manage their IoT workloads more effectively. This approach not only simplifies the deployment and management of HiveMQ Edge but also ensures high availability and fault tolerance, critical for mission-critical IoT applications.
Integrating Azure Arc into this deployment further amplifies the benefits by extending Azure's management and governance capabilities to Kubernetes clusters, regardless of their location. Azure Arc enables organizations to manage their Kubernetes clusters seamlessly across on-premises, multi-cloud, and edge environments from a single control plane. This integration provides a unified management experience, allowing IT teams to apply consistent policies, monitor cluster health, and deploy configurations effortlessly.
In this blog post, we will explore the step-by-step process of deploying HiveMQ Edge on a Kubernetes cluster with Azure Arc, highlighting the advantages and best practices to help you optimize your IoT infrastructure.
Prerequisites to Deploy HiveMQ Edge on Azure ARC
This walkthrough assumes you have the following prerequisites in place:
You have a virtual machine running the latest version of Ubuntu Server.
The virtual machine can connect to the Internet without any limitation (if you are using firewalls, you will need to open a specific network flow).
You have a valid Azure subscription with Owner permissions.
Preparing Kubernetes Cluster on Ubuntu Server
Assuming that you have a fresh installation of Ubuntu Server 24.04, you can use the following steps to deploy a single node cluster on it:
1. Install the K8s snap:
sudo snap install k8s --classic2. Bootstrap the cluster:
sudo k8s bootstrap3. View the status of your installation:
sudo k8s status4. The status will become ready only after CNI goes up.
5. Start using Kubernetes:
sudo k8s kubectl get all --all-namespaces6. Export kubeconfig:
mkdir -p $HOME/.kube
sudo k8s kubectl config view --raw > $HOME/.kube/configIf you want to deploy more workers, you can follow the official documentation from Ubuntu: https://ubuntu.com/kubernetes/install.
Setting Up Your Azure Environment
Go to your Azure portal and create a new “Resource Group” in your favorite location. In this article, we use SE-ARC-DEMO.
Inside the Resource Group, click on Create to access the marketplace. You can filter the rich catalog by filtering on “ARC” and publisher “Microsoft”.
As you can see, there are a bunch of available solutions under ARC. We focus today on Kubernetes - Azure ARC. Click on Create to access the next page.
As part of the integration, you need to fulfill a few prerequisites:
A new or existing Kubernetes cluster: The cluster must use Kubernetes version 1.13 or later (including OpenShift 4.2 or later and other Kubernetes derivatives).
Access to ports 443 and 9418: Make sure the cluster has access to these ports, and the required outbound URLs.
Connectivity method: You can connect to the internet over a public endpoint, through a proxy server, or over a private endpoint. An Azure Arc Private link scope is required to connect over a private endpoint.
Azure CLI: An Azure CLI script will be generated that you will run locally to connect your cluster. On Ubuntu or Debian, you can run the following command. (For other operating systems, go to Learn how to install the Azure CLI on your local machine.)
curl -sL <https://aka.ms/InstallAzureCLIDeb> | sudo bashCLI Extensions setup: Install the latest connectedk8s and k8s-configuration, k8s-extension, customlocation CLI extensions. In your existing k8s node, run the following commands to install the prerequisites:
az extension add --name connectedk8s
az login
az provider register --namespace Microsoft.Kubernetes
az provider register --namespace Microsoft.KubernetesConfiguration
az provider register --namespace Microsoft.ExtendedLocationMonitor the deployment of the extension via the following commands:
az provider show -n Microsoft.Kubernetes -o table
az provider show -n Microsoft.KubernetesConfiguration -o table
az provider show -n Microsoft.ExtendedLocation -o tableFor the full instructions, go to Learn how to install these extensions.
Kubeconfig file with cluster admin permissions: The file should be accessible via your CLI tooling. If you followed this article from the beginning, you should have your config file under .kube/config in the main home folder of your user.
Once ready, click on “Next” to define your cluster settings.
Attach the Subscription to a Resource group, give it a name, and select the region. On the connectivity side, pick the most relevant. In our demo, we pick the Public endpoint—in a real-world context, you might choose to go via Private endpoint to align with your company’s cybersecurity rules.
On the next page, you can set the value of some predefined Tags for your Kubernetes cluster. We leave it blank for this demo, but it’s better to fill it to help govern your resources.
Once ready, you need to execute a little script generated by Azure in order to connect your Kubernetes cluster to Azure and attach it to the resource you’ve just created in the portal:
# This script creates an Azure Arc resource to connect a Kubernetes cluster to Azure
# Documentation: <https://aka.ms/AzureArcK8sDocs>
# Log into Azure
az login --use-device-code
# Set Azure subscription
az account set --subscription "b280c7e8-d1be-42d3-abb5-acb87956b0a0"
# Create connected cluster
az connectedk8s connect --name "se-arc-demo-001" --resource-group "SE-ARC-DEMO" --location "northeurope" --correlation-id "c18ab9d0-685e-48e7-ab55-12588447b0ed"When you execute the script on the k8s node, you will be asked to authenticate in your browser in order to start the installation process. Once the execution is finalized, you can go back to your Azure portal and click Next in order to validate the connectivity.
Navigating back to your Resource Group, you should be able to see your newly attached K8s cluster.
You can now see all the details of the cluster.
In order to fully get access and manage your resources, you have a last step to go through: creating a service account on your K8s cluster and copying the access token.
Run the following commands to create a service account and get the token (if you are not using the Canonical Kubernetes version, you can remove the sudo k8s from all commands):
sudo k8s kubectl create serviceaccount se-arc-demo-user -n default
sudo k8s kubectl create clusterrolebinding demo-user-binding --clusterrole cluster-admin --serviceaccount default:se-arc-demo-userApply the following manifest to generate the token:
sudo k8s kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: se-arc-demo-user-secret
annotations:
kubernetes.io/service-account.name: se-arc-demo-user
type: kubernetes.io/service-account-token
EOFGet the token:
TOKEN=$(sudo k8s kubectl get secret se-arc-demo-user-secret -o jsonpath='{$.data.token}' | base64 -d | sed 's/$/\\n/g')
echo $TOKENGo to your cluster workloads and paste the token:
If you didn’t make any mistakes, you should finally see your pods.
Deploy HiveMQ Edge with GitOps in Azure ARC
You can go to Settings > GitOps and then add a new configuration:
Then, configure the GitHub repository that will host the configuration which will be deployed on the remote K8s Cluster. In our case, that’s HiveMQ Edge.
You can configure Kustomizations if it is required by your project. We add one that will match HiveMQ Edge.
Review and create your deployment:
Once finalized, you should be able to see the deployment:
Create Your Flux Deployment
You can use different techniques to create your Flux deployment, using the flux cli or building from scratch your manifests in your repository.
We will create our own manifest in order to easily understand how it works, but if you are more into CLI, you can read this article from Microsoft.
Start by cloning your GitHub repository to your local machine. If you need an example, you can view the blog post repository.
Then create a first file called “kustomization.yaml” with the following content:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- hivemq-edge-deployment.yamlAdd a second file called “hivemq-edge-deployment.yaml” with the following content:
apiVersion: v1
kind: Namespace
metadata:
name: edge
labels:
name: edge
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: edge
namespace: edge
spec:
replicas: 1
selector:
matchLabels:
app: hivemq-edge
template:
metadata:
labels:
app: hivemq-edge
spec:
containers:
- name: hivemq-edge
image: hivemq/hivemq-edge:latest
ports:
- containerPort: 1883
- containerPort: 8080
env:
- name: HIVEMQ_CONTROL_CENTER_USER
value: "admin"
- name: HIVEMQ_CONTROL_CENTER_PASSWORD
value: "password"
---
apiVersion: v1
kind: Service
metadata:
name: hivemq-edge
namespace: edge
spec:
type: NodePort
selector:
app: hivemq-edge
ports:
- protocol: TCP
name: mqtt
port: 1883
targetPort: 1883
- protocol: TCP
name: ui
port: 8080
targetPort: 8080Push your newly created files to your repository, wait around 5 minutes, and have a look at the Azure portal. Your GitOps configuration should become compliant.
You can also have a look at the resources created under your namespace; you should see a deployment with one HiveMQ Edge instance.
You can play with the files in order to add configurations, or use a dedicated container image with your own extensions, protocol adapters, or advanced configurations.
Wrap-Up
Deploying HiveMQ Edge on a Kubernetes cluster with Azure Arc offers a robust solution for managing and scaling your MQTT-based IoT infrastructure. By leveraging Azure Arc, you can extend Azure management capabilities to your Kubernetes clusters, regardless of where they are hosted. This integration not only simplifies the management of your Kubernetes resources but also ensures that your HiveMQ Edge deployment is consistent, secure, and scalable. With Azure Arc, you can take advantage of Azure's monitoring, governance, and compliance features, making it easier to maintain a reliable and efficient IoT messaging platform.
In this blog post, we walked through the steps to deploy HiveMQ Edge on a Kubernetes cluster using Azure Arc. From setting up your Kubernetes environment to configuring HiveMQ Edge and integrating it with Azure Arc, each step was designed to ensure a seamless deployment process.
Whether you are looking to streamline your IoT infrastructure or improve your operational efficiency, deploying HiveMQ Edge on Kubernetes with Azure Arc is a strategic move that can drive significant value for your organization.
Anthony Olazabal
Anthony is part of the Solutions Engineering team at HiveMQ. He is a technology enthusiast with many years of experience working in infrastructures and development around Azure cloud architectures. His expertise extends to development, cloud technologies, and a keen interest in IaaS, PaaS, and SaaS services with a keen interest in writing about MQTT and IoT.
