Reviews run for a minimum of one week. The outcome of the review is decided on this date. This is the last day to make comments or ask questions about this review.
- Device Connectivity – Device connectivity services allow devices to establish a secure connection to Eclipse Kapua. In this release, Kapua 0.2.0 allows device to connect using the MQTT protocol over TCP or WebSocket. Related services include a Device Registry Service to track devices, their profiles, their connections and their lifecycle event services. Additional connectivity protocols will be supported in future releases.
- Device Management – Device Management Services allow to manage applications configurations, and resources installed on a remote gateway. The protocol used for managing remote devices is a pluggability layer for Eclipse Kapua. In Kapua 0.2.0, device management is enabled through the MQTT protocol, using the topic namespace conventions described in the Eclipse Kura project documentation. Future Eclipse Kapua releases may adopt additional device management protocols like the emerging LWM2M standard.
- Data Management – Data Management Services store and index the telemetry data published by IoT devices for analysis and visualization into dashboards. In Kapua 0.2.0, telemetry data is stored and index into an Elasticsearch NoSQL database. Telemetry data is indexed by timestamp, topic, originating device, and each telemetry metric can be queried and aggregated.
- Application Integration - Application Integration Services offers the ability to integrate Kapua services with IT applications through flexible message routing and REST API. The REST API exposes all the platform functionality, including device management and data management. The REST API also offers a "bridge" to the MQTT broker enabling the routing of commands from applications to devices without a specific connection to the message broker. Future Kapua releases will expand on these services adding more APIs and adding the ability of orchestrating Kapua Services and external applications through business events.
- Platform Administration and Security – Kapua foundation services maintain the security aspects of the IoT platform like the management of tenants, accounts and users. The account model supports a hierarchical access control structure. Following Role Based Access Control (RBAC), user identities can be defined and associated with one or more permissions guaranteeing the principle of "least privilege".
- Web Console – Eclipse Kapua features a web-based administration Web Console to perform all device and data management operations. The Kapua 0.2.0 Web Console can also be configured to leverage external authentication providers based on OpenID like the Red Hat Keycloak product
The current web console is based on GXT which is GPLv3 and thus cannot be provided by the project as a downloadable component. The re-write of the console using Patternfly did not make it into the 0.2.0 release and is scheduled for a later release. At the moment it is unknown which release this will be.
Database cleanup. Propagation of deletes across service domain boundaries is still under development. Deletion of upstream service entities currently doesn’t trigger the deletion of downstream related entities.
There are no known security issues.
In this release the following issues got fixed:
- The single sign-on integration is not production ready and disabled by default.
- SHA1 for hashing passwords support was dropped in the initial release in favor of SHA512.
- Mandatory GZIP compression of HTTP requests was removed to mitigate the BREACH exploit.
- commons-fileupload was updated to 1.3.2 to fix CVE-2016-3092
While the project is in the incubation phase there is no end-of-life policy.
Kapua makes use of:
- Kapua is part of the Eclipse IoT testbed effort
- The project attracted two Google Summer of Code students.