OPC-UA Connections and Settings
Connecting to a OPC Server
An OPC-UA Connection is used to communicate with an OPC-UA compliant server, such as the one the OPC-UA module provides.
The following steps walk-through connecting Ignition (as an OPC-UA client) to a OPC-UA server:
-
On the Configure page of the Gateway, go to OPC Connections > Servers.
The OPC Server Connections page is displayed. -
Click on the Create new OPC Server Connection link.
-
Select OPC-UA Connection from the list and click Next.
The Discover OPC-UA Endpoints page will appear. -
Type in a OPC-UA endpoint for the OPC-UA Server Ignition should connect to. The format should be as follows:
opc.tcp:
//IpAddress:Port
Ignition can connect to it's own OPC-UA server's endpoint by using localhost and the default port of 4096, or a hostname can be used:
opc.tcp:
//localhost:4096
opc.tcp:
//myhostname:4096
-
Once an endpoint has been entered, click the Discover button. A list of available Security Policies and Message Security options will appear.
-
Select a Security Policy and Message Security configuration to use when connecting to the endpoint. Basic128 SecurityPolicies and SignAndEncrypt MessageSecurity are more secure than None. If available, Basic256 should be selected.
Once an endpoint configuration has been selected, click the Next button. -
On the New OPC UA Connection Settings page, give the connection a name.
Some OPC-UA servers may require a Username and Password, but this is not always the case. Check with the OPC-UA server's documentation for more details.
By default, Ignition's OPC-UA server requires the following credentials:Username
opcuauser
Password
password
Once credentials have been entered, click the Create New OPC Server Connection button.
Ignition is now connected to the OPC-UA server.
OPC-UA Server Properties
Main |
|
Name |
A name used to identify this connection. |
Description |
Short description of this connection. |
Read-only |
Puts the connection into read-only mode. All writes sent to this server will fail. |
Enabled |
Disable the connection to the OPC server. |
Authentication |
|
Username and Password |
If a username and password are specified, they are used as a user identity token when connecting to the specified OPC-UA server. |
Change Password? |
Enable this property to change the configured password. |
Password |
Enter password |
Password |
Re-type password for verification. |
Advanced |
|
Host Override |
When specified, if the endpoint address returned by the OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname. Example: 192.168.1.10 |
Max Per Operation |
Specify the maximum number of nodes to read, write, subscribe, or unsubscribe to in any given UA server request. |
Request Timeout |
Maximum amount of time, in milliseconds, to wait for the response to a request. (default: 120,000) |
Secure Channel Re-authentication Enabled |
(default: true) |
Redundancy Settings |
|
Backup Discovery URL |
The discovery URL for the backup server's OPC-UA server. Expects the following format: opc.tcp://hostname:port |
Backup Endpoint URL |
The full endpoint URL for the backup Gateway, e.g. opc.tcp://10.20.1.100:4096/ia/opcua or opc.tcp://192.168.1.10:49320 |
Failover Enabled |
When enabled, if this OPC-UA server connection is faulted, requests will be sent to a failover OPC-UA server. |
Failover Endpoint |
The endpoint of the failover server. |
Failover Host Override |
When specified, if the endpoint address returned by the failover OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname. Example: 192.168.1.10 |
Failover Threshold |
The number of retry attempts before the failover connection is used. |
How do I determine the Endpoint for my backup?
See step 5 in the Connecting to a OPC-UA Server guide above. Clicking the Discover button will show a list of available endpoints to connect to.
Failover Versus Backup Properties
The Failover properties should be used when a single Ignition gateway needs to connect to a pair of redundant OPC-UA servers. The failover OPC-UA server will be used in the event the primary OPC server goes down. To enable failover, set the Failover Enabled property to true, and specify the Failover Endpoint. The Failover Threshold can be adjusted if desired.
The Backup properties should be used when a pair of redundant Ignition gateways are trying to look at the same OPC-server. Both the Backup Discovery URL and Backup Endpoint URL properties need to be configured.
OPC Quick Client
You can access the OPC Quick Client from under the OPC Connections section of the Ignition Gateway Config section. It allows for quick, simple testing of any devices connected to the server.
You can browse by expanding tree nodes and read/write to tags by clicking on the [r] and [w] buttons next to those tags.
Subscriptions can be made by clicking on the [s] button. Clicking on the enable live values link will automatically refresh subscriptions and show live value changes (if there are any).
Ignition OPC-UA Server
You can see the following OPC-UA Server Settings by going to the Configure section of the Gateway and then choosing OPC-UA Server > Settings.
Authentication |
|
Authentication Profile |
The User Source that the OPC-UA module will use to authenticate incoming connections against. By default, this is set to the opcua-module User Source. This profile is included in the default installation and has the following as its default settings: |
Allowed Roles |
Roles within the given User Source that are allowed to connect to the server. Multiple roles should be separated by a comma, for example, Administrator,user,manager. |
Allow Anonymous Access |
Allows users to connect whether or not they possess authentication credentials. Not checked by default. |
Server |
|
Server Port |
The port on the local machine of the OPC-UA server runs on. Requires a module restart to take effect. |
Endpoint Address |
This is the local address that the Ignition UA server will bind to. It is also the address that will be used in a GetEndpointResponse, so it is important that this be an address reachable by any clients that wish to connect. Requires a module restart to take effect. This is useful if the server machine has a VPN connection or multiple adapters and is returning the wrong address. |
Backup Endpoint Address |
This is the local address that the Ignition UA server will bind to *on the redundancy backup*. Leave blank if not using redundancy. |
Minimum Sampling Interval |
The fastest rate (in milliseconds) that the server will use to sample its underlying data sources. Requires a module restart to take effect. The default is 100. |
Expose Configured Tags |
|
Expose Tag Providers |
If enabled, Ignition tag providers will be exposed through the OPC-UA server, allowing third party clients to access the tags configured in the system. By default, the check box is not selected or False. |
Auditing Enabled |
Enables an Audit profile for OPC-UA server. (default: false) |
Audit Profile |
If enabled, writes to exposed tags will be audited to the selected profile. |
Other |
|
Stale Threshold |
The multiplier by which the server determines that updates from a driver have become stale. This period will be calculated as the fastest sampling rate for that node multiplied by this settings value. Default is 5. |
Allow Untrusted Certificates |
Whether or not to automatically accept incoming certificates or to rely upon them being placed into the trusted certificate list before allowing a connection. By default, the check box is selected or True. |
Auto-cast Writes |
Attempt to auto-cast incoming writes to the correct DataType before rejecting them with a Bad_InvalidType StatusCode. By default, the check box is selected or True. |
Read Only When Inactive |
Operate in read-only mode when this node is the inactive node of a redundant pair. |
A Frequently Asked Question
How to I get data from my PLC?
Getting data from your PLC into Ignition is a two step process:
-
Add a device, see Connecting to a Device.
-
Add some tags, see Creating Tags.
It requires you to touch both the Ignition Gateway and the Ignition Designer. There are also some limitations as to what kind of devices you can connect to Ignition and these are explained throughout the user manual, however included below is an overview of what you can expect when it comes to compatibility.
Brief summary of device connection in Ignition
-
Ignition can only connect directly to devices over Ethernet.
-
Ignition can only connect directly to devices for which there is an Ignition device driver. Included drivers are:
-
Allen Bradley - ControlLogix 5500, CompactLogix, MicroLogix 11/1400, PLC-5, SLC 505
-
Siemens - S7-300, S7-400, S7-1200
-
Modbus - The Modbus driver connects to any ethernet enabled device that uses the Modbus protoco
-
-
Ignition can connect to third party OPC servers via OPC-UA or OPC-DA (using the OPC-COM module) for devices that do not have a supported driver.
Adding a Device to Ignition
Ignition Supported OPC-UA Device
Most commonly you will be adding a device that is supported by one of the built-in device drivers. The first step is connecting your device to Ignition. This is done through the Ignition Gateway Configuration section under the OPC-UA -> Devices page.
-
Click "Add a device..."
-
Select the driver for the device you wish to add
-
When adding a device you will notice that there are some common settings that are shared by all devices. You can find an explanation of these settings here: Adding a New Device
-
Specify any of the required device specific settings for the device (For example, hostname, etc.)
-
Check the status of your device to see if it is connected.
As long as all the device information you entered was correct you should see your device in a "Connected" state. The only exception to this is if you chose to add a Siemens or Modbus device. Since these devices don't support the browsing of tags you will have to create and address some tags in the Ignition designer before the device will stop cycling from a connected to disconnected state.
If you need to address your tags for your Siemens or Modbus device you'll want to read about adding Tags in the Ignition Designer as well as how addressing works for the different protocols. You will have to first add a tag in the Ignition designer and then edit the OPC Item Path of the tag using the appropriate addressing scheme.
Adding Connection to 3rd Party OPC Server via OPC-UA
If your device does not have an Ignition driver, you can use a 3rd party OPC server to connect to your device and then have Ignition connect to the server as a client. If the OPC server talks OPC-UA, you can add a new OPC-UA server connection in the Ignition Gateway. Configuration will be different depending on what OPC server you are using but the following is an example of a popular solution, connecting to KEPServer via OPC-UA, see Connecting to Kepware OPC-UA.
Adding Connection to 3rd Party OPC-Server via OPC-COM
The following section provides a detailed walk-through on how to connect to an OPC server using the OPC-COM module. If Ignition doesn't have a driver for your device and you don't have an OPC server that talks OPC-UA, you have to connect using the OPC-COM module, see Connecting to OPC Classic (COM) .
Adding tags for Allen Bradley devices
Tags are how Ignition represents your PLC tags. You create Tags in the Ignition Designer and then you can use these tags to store history or display PLC data in your projects.
For the most part, Allen Bradley devices support browsing of tags in the PLC. There are a few exceptions like the MicroLogix 1200/1500 for which you have to manually address your tags. For now we will focus on creating tags from devices that support browsing.
-
Open the Ignition Designer.
-
Drag desired tags from the OPC Browser to the Tag Browser as described here: Creating Tags (if you don't know what Tag Provider means don't worry, merely drag them into the Tags folder). You should now see some tags in the Tag Browser that show the current values of the respective tags in your PLC. Don't stop here. You should read through the related links below so you can learn more about Tags and how they work.