Search code examples
volttron

Cross-platform Agent VIP Authentication Error

I am having trouble getting two agents to communicate across platforms.

I have two virtual machines running on an internal network and one of the VM's has an agent that attempts to connect and publish to the platform on the other VM. The code for the connection and send is the same as in examples like the ForwarderAgent. I know the agents can see each other, and attempt to connect, but the authentication fails.

On the platform I am trying to connect to, I can see the credentials that the publishing agent is presenting itself with. However, the presented credentials are a private key that is generated in 

$VOLTTRONHOME/keystores/

every time I start the agent. So the credentials change every time i start the agent.

I am unsure how I can add the agent as a known identity beforehand if I don't know the credentials it will try to use.

I have added the different addresses as known_hosts, and attempted to register the agents between the two platforms using the public keys associated with their agent installations with

volttron-ctl auth add

but the sending agent still presents itself with new credentials. Is there a configuration step I am missing so that the agent will publish with its consistent public key?

Solution

  • When creating an agent to connect to the external platform from an installed agent you should use the following as a guideline of how to do it

    ````

    import gevent
from volttron.platform.vip.agent import Agent

destination_vip="tcp://127.0.0.5:22916?serverkey=dafn..&publickey=adf&secretkey=afafdf"


event = gevent.event.Event()
# Note by specifying the identity, the remote platform will use the same
# keystore to authenticate the agent.  Otherwise a guid is used which 
# changes keys each time.
agent = Agent(address=destination_vip, enable_store=False, identity="remote_identity")
gevent.spawn(agent.core.run)
if not event.wait(timeout=10):
    print("Unable to start agent!"

    ````

    Note this was from https://github.com/VOLTTRON/volttron/blob/master/services/core/ForwardHistorian/forwarder/agent.py#L317, however there is a different mechanism that doesn't require the destination_vip address to be included public and secret keys within it that is in develop.

    In addition, the publickey that you mention in the above code does need to be in the auth.json file and/or you need to allow all connections via /.*/ in the auth.json file.

    I hope this helps!