Missing iot-agent-proxy and referenced in fiware/tutorials.context-provider in northport.yml

[cxzero]

Hi,

When looking at the yml configurations I saw the northport.yml (https://github.com/FIWARE/tutorials.PEP-Proxy#securing-an-iot-agent-north-port) in its "fiware/tutorials.context-provider" image declaration is referencing these environmental variables.

• "IOTA_HTTP_HOST=iot-agent-proxy"
• "IOTA_HTTP_PORT=7897"

If I understood well, I think above variables should be (as the south port of the IoT Agent is not being secured):

• "IOTA_HTTP_HOST=iot-agent"
• "IOTA_HTTP_PORT=7896"

Besides, I would like to confirm that the topic "Securing an IoT Agent North Port" aims to secure traffic from IoT Agent to Orion Context Broker (IoT Agent => Orion). Is that correct? Or am I missing something?

In case that traffic to be secured from Orion Context Broker to IoT Agent (Orion => IoT Agent), should an additional PEP proxy be added listening on port 4042 and forwarding traffic to 4041 (PEP proxy for IoT Agent northport)?

Thanks, Juan

[jason-fox]

Yes, that was a typo - the correct configuration is:

• "IOTA_HTTP_HOST=iot-agent"
• "IOTA_HTTP_PORT=7896"

The tutorial does not aim to be a realistic real-world scenario. It would be usual to add a PEP proxy between the context broker and anything else (either an app or an IoT Agent). The Southport PEP Proxy is more artificial - it is more likely you would configure using HTTPS or MQTTS or be using something like NGINX as the Gateway between your devices on the edge and the components in the cloud.