Ubuntu 22 Runtime installation and configuration
NOTE:
See Runtime Web UI overview for an overview of the Runtime Web UI.
Requirements
For the installation of Runtime on Ubuntu 22 make sure of the following:
- The kernel version running on your device or the linux-headers of the current kernel version shall be up to date.
- The .NET Runtime 8 shall be installed. If it is not installed yet and the device connects to the Internet, it will automatically be downloaded and installed during the Runtime installation.
- TheRemote Desktopfeature requires the installation of the X11 Window System. Instead, if Wayland is installed and enabled, disable it by editing the file:
/etc/gdm3/custom.conf
or
/etc/gdm3/daemon.conf
uncommenting the following line:
#WaylandEnable=false
- The user of the default session (that is not SSH) must be a root folder user or a sudoers group user and shall havesbinfolders in theirPATHenvironment variable. To add a user to the sudoers group, use the following commands:
su -l
usermod -aG sudo <UserToAdd>
- Selectand enable theAutomatic Logintoggle switch.
Runtime Installation
Download the FactoryTalk Remote Access Runtime package related to the Ubuntu 22 distribution on the remote device and run the installation command:
sudo apt install ./factorytalkremoteaccessruntime_<version>_Ubuntu_22_x64.deb
NOTE:
The FactoryTalk Remote Access Runtime package includes a
config.template.xml
template configuration file.Replace the
<version>
with the actual version:sudo apt install ./factorytalkremoteaccessruntime_ 13.4.014_Ubuntu_22_x64.deb
NOTE:
See Tools to download Runtime.
NOTE:
The Runtime binaries will be installed in the folder:
/opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/bin
And Runtime logs will be available in the folder:
/opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/log
Runtime Startup
Once the Runtime is installed, it can be executed manually or started as a service.
- Execute Runtime manually: Login to the default session (not the SSH session) with a root user or with a user that belongs to the sudoers group and execute the commands:cd /opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/bin sudo mono FactoryTalkRemoteAccessRuntimeService.exe
- Start Runtime as a service (systemd): Create a configuration file with a ".service" extension that includes all the information needed to control and supervise the process by systemd.Open any text editor, then copy and paste the following configuration:[Unit] Description=FactoryTalk Remote Access Runtime service [Service] ExecStart=/opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/bin/FactoryTalkRemoteAccessRuntimeService Environment="DISPLAY=:0" Environment="RDP_USERNAME=<username>" Restart=on-failure [Install] WantedBy=multi-user.targetReplace the<username>field inRDP_USERNAMEwith the name of the authorized user accessing the X11 server. An authorized user is a user who can run thexhostcommand and see their username in the output of the command.Save the configuration file in/etc/systemd/system/using the ".service" extension (for example,FactoryTalkRemoteAccessRuntimeService.service).Enable automatic process startup with:systemctl enable FactoryTalkRemoteAccessRuntimeServiceThe service can be started with:systemctl start FactoryTalkRemoteAccessRuntimeServiceThe service can be stopped with:systemctl stop FactoryTalkRemoteAccessRuntimeService
Connecting the Runtime to the FactoryTalk Remote Access network infrastructure
When the Runtime is running, it is necessary to connect to the FactoryTalk Remote Access network infrastructure by executing the following commands:
cd /opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/bin FactoryTalkRemoteAccessRuntimeCli --connect
If the Runtime needs to join an organization/domain, once the Runtime is connected to the FactoryTalk Remote Access network infrastructure run the command:
FactoryTalkRemoteAccessRuntimeCli --getAnonymousID
The ID and the password used to join the organization/domain will be displayed.
Runtime Configuration
The Runtime can be configured by editing the file:
/opt/Rockwell_Automation/FactoryTalk_Remote_Access/Runtime/data/config.xml
and by adding any parameters, as follows:
- The file should be edited when the Runtime is not running.
- Enter<Params>to create a scope and insert all the desired parameters therein:<Params> <Param Name="" /> <Param Name="" /> <Param Name="" /> </Params>
You will obtain a Config.xml file including a scope similar to the following:
<?xml version='1.0' encoding='UTF-8'?> <Config> <Version>1.0> <Params> <Param Name="ConnectOnServiceStart" Value="1" /> <Param Name="ForcePort" Value="0" /> <Param Name="ProxyType" Value="1" /> <Param Name="VPNAdapterNameList" Value="eth0;eth1" /> <Param Name="VPNStaticIpPoolEnabled" Value="0" /> </Params> </Config>
ConnectOnServiceStart configuration
<Param Name="ConnectOnServiceStart" Value="<value>" />
The
<value>
can be 0 or 1:- 0: Runtime does not connect to the server at startup (default).
- 1: Runtime connects to the network infrastructure at startup avoiding the usage of the --connect command.
Server port configuration
<Param Name="ForcePort" Value="<value>" />
The
<value>
can be 0, 80, 443, 5935:- 0: auto (the application automatically chooses a port between 80, 443, 5935) (default)
- 80: the application connects to the server port 80
- 443: the application connects to the server port 443
- 5935: the application connects to the server port 5935
Proxy configuration
<Param Name="ProxyType" Value="<value>" />
The
<value>
can be 1, 2, 3:- 1: proxy not used (default)
- 2: SOCKS5
- 3: HTTP
and if a Proxy address is also set, configure the port, username and password as follows:
<Param Name="ProxyAddress" Value="<value>" /> <Param Name="ProxyPort" Value="> <Param Name="ProxyPort" Value="> <Param Name="ProxyUserName" Value="> <Param Name="ProxyPassword" Value=">
VPN Adapter configuration
The<Param Name="VPNAdapterNameList" Value="<value>" />
<value>
consists of a list of network interfaces separated by semicolons.Example:
<Param Name="VPNAdapterNameList" Value="eth0;eth1" />
VPN Static IP pool configuration
<Param Name="VPNStaticIpPoolEnabled" Value="<value>" />
The
<value>
can be 0 or 1:- 0: pool not used (default).
- 1: use the IP address pool specified by the parameter.
<Param Name="VPNStaticIpPool" Value="<value>" />
The
<value>
consists of a list of starting IP address, ending IP address and masks separated by semicolons.Example:
<Param Name="VPNStaticIpPoolEnabled" Value="1" /> <ParamName="VPNStaticIpPool"Value="192.168.0.1;192.168.0.255;255.255.255.0;172.19.17.0;172.19.17.255;255.255.255.0"/>
Serial passthrough configuration
NOTE:
This feature is currently not supported on Ubuntu 22.
To enable the remote use of a serial port, add a symlink to the interface in the path
/dev/serial<interface number>
.Example:
In a system equipped with a serial interface
/dev/ttyS0
, execute the following command:ln -s /dev/ttyS0 /dev/serial0
Password setup
To restrict access to the Runtime Web UI to authorized users only, you can set up or change a password. After setting up a password, a browser authentication page will open when you start the Runtime Web UI application.
To start the application, click on the Runtime Web UI icon on the
Windows taskbar and then select
Login
.
NOTE:
To set up a password, you need to have .sudo privileges.
NOTE:
If you do not set up a password to access the Runtime Web UI access, every user can access the Runtime Web UI application and landing directly onto the
Home
page.- Entersudo FactoryTalkRemoteAccessRuntimeCli --setRuntimePassword --password.
- Enter a password.NOTE:Create a strong password to reduce cybersecurity risk.Your password must:
- Be at least 8 characters long
- Include at least three of the following requirements:
- at least one uppercase character
- at least one lowercase character
- at least one numeric character
- at least one symbolic character
Use passphrases longer than 8 characters to enhance password strength. Strong passwords increase the time needed to guess them.
NOTE:
To change the password, edit the
sudo FactoryTalkRemoteAccessRuntimeCli --setRuntimePassword --password
command line again.Provide Feedback