VOLTTRON updating edge device and central? - volttron

If I have a VOLTTRON central instance running 7.x and updated my 1 VOLTTRON edge device to 8.1.3 where I can see data flow, do I need to update my VOLTTRON central instance if it is working?
Edge device is running the ForwardHistorian and the VOLTTRON Central is running the SQL agent.
Just curious if there would be any negative impacts of not updating the Central instance.


VOLTTRON Central behind a firewall

If there is a VOLTTRON central deployment on ZMQ, would I need to have network ports on a firewall opened up if the actual VOLTTRON central instance is behind a firewall?
Basically I am looking at deploying an edge device in a building to collect some BACnet data (temporary research deployment) and hoping to aim this edge device instance to our central VOLTTRON instance that runs a SQL historian that is behind a firewall.
Does ZMQ run on port 5555? And I would I need to have our firewall opened up or port forwarding on this port to handle the bi-directional ZMQ bus?
VOLTTRON itself by default is on port 22916 (this is the zmq port volttron uses). This is configured independently from the web port. When initializing a web instance there are some more dependencies that are required than just the initial bootstrap.py so you will want to use bootstrap.py --web to make sure those are added.
If the edge devices will have a web server on them, then there must be an inbound connection from browser or code to reach that end device. In order for a volttron central agent to connect to an edge device, the edge device instance must have the vip-address of the central instance in its $VOLTTRON_HOME/config file or within the platform agent's config file. Edge devices should have the volttroncentralplatform agent installed on it for this scenario.
ZMQ could run on whatever port you configure it to. To configure volttron to use it specify the vip-address in the ~/.volttron/config file to whatever port you would like i.e. vip-address=tcp:// (only bound to ip address).

Restrict database connection to application running from a network share using TNSNames

I have a somewhat unique(though probably not) situation. I have users that access a 3rd party application over a network share. This application connects to an Oracle database. The problem is, we have Production, QA, Test, and Dev databases and separate shares/applications for each, but the application doesn't care what database it connects to. So I have users launching the Test application for testing and they log into the Production database. This causes major issues.
Is there any way to restrict what database they log into by network share?
I tried using TNSNames on each server that houses each version of the application and that works great...if they are running it on the server, but since all users have Oracle installed on their local machines and they run the application from a network share, their Oracle takes over and allows them to connect to any database (using LDAP).

Connecting to sql database from a different PC

I am implementing a simple POS (Point of Sale) application using C#/WPF. The scenario I am working on is that there will be multiple cashiers running the application in the same physical store. I need to have a centeralized database so that both users connect to the same database to lookup the products and for other operations.
I worked with a company and done the same but all network connectivity and servers were ready at that rime.
How do I connect the two PCs so that one can connect to the main PC which hosts the database. Do I need to install sql on wvery client PC to connect or .NET frame work on client will suffice. What are the options (LAN vs Wireless).

How to connect a volttron platform to one on a remote server

I would like to connect a volttron platform running on a raspberry pi connected to the local network of a building to a second volttron platform running on a virtual personal server.
I know that two volttron platforms can interact with each other using the Volttron Central Management Agent or using the ForwardAgent. However, it is not clear to me what security method is used. Our ICT manager only agrees to set up a connection if the information is exchanged through https.
Could you help me formulating an answer to ICT regarding the security issue? And give me some pratical tips on how to set up the volttron configuration files? I'm not very familiar with network/security technologies. Maybe important to know: the server has a proxy and a reverse-proxy security.
Your security person is correct. You should only set the platform up in a "real" environment through https. Since you have a proxy, that should be forwarded to the volttron central agent.
internet (443) -> proxy ->
The proxy in this case is on the same machine as the volttron central platform.
This is how we are doing it with apache as our proxy. One could do the same thing with a different web server such as nginx.
Hopefully that helps
If you are indeed trying to connect from a single instance to another instance (e.g. the way the forwarder does). Then the answer is the security is using public/private key pairs with curve mq providing perfect forward security. All traffic between platforms is 100% encrypted and only authorized agents can transmit across the instances bus.

Using volttron-cfg to configure volttron central (VC)

While using volttron-cfg, I was asked some questions:
Include volttron central platform agent on volttron central? [Y] Is VC platform agent is the backend agent and VC is the frontend?
What is port 22916 (vip port)? The content returned from
"localhost:22916" is not readable.
The VOLTTRON central agent(VC) connects to the individual VOLTTRON instances through the VOLTTRON central platform agent(VCP).
Both the VC and VCP agents are not considered platform agents because they aren't started up when you start VOLTTRON by default.
When using the volttron-cfg command the question is asking you do you want to have a VCP as well as a VC installed on whatever instance you are setting up.
The port 22916 is the VIP (VOLTTRON Interconnect Protocol) port that allows all of the VOLTTRON agents to connect with the VOLTTRON router. If you have a VOLTTRON instance running (and left as the default port), you can telnet to it and see that it is indeed running. You will not be able to browse to it however as it is not serving http requests from that port.