Kyma OneConnect Platform — Complete Deployment Guide
Overview
This manual guides you through the fully private deployment of OneConnect on SAP BTP Kyma (AWS EKS). All access is routed through SAP Cloud Connector — no services are exposed to the public internet.
Installation Flow Overview
Follow the steps below in order.
| Step | Section | What you will do |
|---|---|---|
| 0 | Prerequisites | Verify tools, cluster access, and Docker credentials |
| 1 | Section 2 | Install the Strimzi Kafka Operator |
| 2 | Section 3 | Deploy the full Kafka Stack |
| 3 | Section 4 | Deploy the OneConnect Platform (Cloud Connector mode) |
| 4 | Section 5 | Deploy the Observability Stack (monitoring & logging) |
| 5 | Section 6 | Enable Istio Sidecar Injection |
| 6 | Section 7 | Activate all required Kyma Modules |
| 7 | Section 8 | Configure SAP Cloud Connector |
| ✓ | Section 9 | Verification & Health Checks |
0. Prerequisites
It is necessary to install kubectl and Helm v3. For detailed instructions, please refer to the documentation:
How to connect Kubectl to BTP Kyma environment using AWS EC2
0.1 SAP Cloud Connector Host Information
You must have the information of the server where SAP Cloud Connector (SCC) is installed and running.
Required information:
- IP address, DNS name, or hostname of the SCC server
- Confirmation that the server is reachable from the systems that will consume the published services
- Access to the SCC administration interface for configuration and validation
0.2 Required Network Access
The machine where SAP Cloud Connector (SCC) is installed must have the required connectivity to reach the published OneConnect services.
Ensure that the following ports are allowed and properly reachable from the corresponding path to the SCC host:
Service | Port | Purpose |
OneConnect Frontend | 5050 | Frontend application access |
OneConnect API Gateway | 9000 | Backend/API communication |
AKHQ / additional web service | 8080 | Administrative or service access, when applicable |
1. Install Strimzi Operator
Strimzi is the Kubernetes operator that manages Kafka clusters declaratively. It must b
e installed and running before any Kafka resources are applied.
Step 1.1 — Install via Helm
| helm install strimzi-operator strimzi-kafka-operator \ --repo https://strimzi.io/charts/ \ --namespace kafka \ --create-namespace |
Step 1.2 — Verify Operator Health
| kubectl get pods -n kafka | grep strimzi-cluster-operator # Expected result: # strimzi-cluster-operator-xxxx 1/1 Running |
strimzi-cluster-operator pod shows 1/1 Running. The operator must be healthy before it can process Kafka resources.2. Deploy Kafka Stack
Deploy the full Kafka stack: Kafka 4.2 in KRaft mode (not compatible with ZooKeeper), Confluent Schema Registry 7.6.0, and Kafka Connect.
Kafka Connect is the component that runs connectors to external databases and platforms such as MySQL and DataBricks.
Phase 1 — Deploy the Kafka Cluster
Replace [your-docker-token] with your Docker Hub personal access token before running this command.
| Placeholder | Description |
|---|---|
[Docker-token] | Your Docker Hub personal access token (e.g. dckr_pat_xxxxxxxxxxxx) |
| [SUBACCOUNT_ID] | SAP BTP Subaccount ID — e.g. 6c7a9dbc-8590-479e-9cec-69bf38a9a822 |
[LOCATION_ID] | Cloud Connector Location ID — e.g. onibex-1 |
cd helm/oneconnect-helmdeployment cd kafka-platform/ # Deploy kafka
helm install kafka-platform ./kafka-platform \
--namespace kafka \
--values kafka-platform/values.yaml \
--set dockerHub.token=[Docker-token] \
--set akhq.serviceMapping.enabled=true \
--set akhq.serviceMapping.subaccountId="[SUBACCOUNT-ID]" \
--set akhq.serviceMapping.locationId="[LOCATION-ID]"
# Create akhq service
kubectl apply -f - <<EOF
apiVersion: v1
kind: Service
metadata:
name: akhq
namespace: kafka
spec:
selector:
app: akhq
ports:
- port: 8080
targetPort: 8080
type: ClusterIP
EOF |
Wait until all four pods are Running before moving to Phase 2:
| kubectl get pods -n kafka -w # All four pods must show 1/1 Running: # kafka-cluster-main-pool-0 1/1 Running # kafka-cluster-main-pool-1 1/1 Running # kafka-cluster-main-pool-2 1/1 Running # kafka-cluster-entity-operator-xxx 1/1 Running |
Phase 2 — Verify Kafka Health
| # Schema Registry check — expected result: [] kubectl exec -it \ $(kubectl get pod -l app=schema-registry -n kafka -o name) \ -n kafka -- curl http://localhost:8081/subjects # Kafka Connect check — expected result: [] kubectl exec -it connect-cluster-connect-0 -n kafka -- \ curl http://localhost:8083/connectors # Strimzi resource status — READY must be True for both kubectl get kafka,kafkaconnect -n kafka |
Key Files
| File | Purpose |
|---|---|
kafka-platform/values.yaml | Helm values for the Kafka platform chart |
3. Deploy OneConnect Platform
Deploy all OneConnect application services in Cloud Connector mode. No services are exposed to the public internet — all access flows through SAP Cloud Connector.
Step 3.1 — Install
You will need the three values below. Replace each label with your actual value before running the command:
| Placeholder | Description |
|---|---|
[LOCATION-ID] | Cloud Connector Location ID — e.g. onibex-1 (must match the value you set when configuring Cloud Connector in Section 8) |
[DOCKER-TOKEN] | Your Docker Hub personal access token |
[SUBACCOUNT-ID] | SAP BTP Subaccount ID — e.g. 6c7a9dbc-8590-479e-9cec-69bf38a9a822 (found in BTP Cockpit → Subaccount overview) |
| helm install oneconnect . \ --namespace oneconnect \ --create-namespace \ --values values-aws.yaml \ --set dockerHub.token=[DOCKER-TOKEN] \ --set cloudConnector.enabled=true \ --set cloudConnector.locationId="[LOCATION-ID]" \ --set cloudConnector.subaccountId="[SUBACCOUNT-ID]" |
locationId and subaccountId flags are both required. If either is missing, the Helm chart will display a clear error message.Step 3.2 — Resources Created by This Deployment
| Resource | Name | Details |
|---|---|---|
| ServiceMapping | apigateway-mapping | Maps apigateway.oneconnect.svc.cluster.local:9000 |
| ServiceMapping | frontend-mapping | Maps frontendoneconnect.oneconnect.svc.cluster.local:5050 |
| ServiceMapping | akhq-mapping | Maps akhq.kafka.svc.cluster.local:8080 |
| Frontend Env | NEXT_PUBLIC_API_BASE | Automatically set to http://localhost:9000 (no manual update) |
| LoadBalancers | — | No LoadBalancer services are created in this mode |
Step 3.3 — (Optional) Use Custom Service IDs
Service IDs default to apigateway-oneconnect and frontend-oneconnect. Change them only if your Cloud Connector setup requires different names:
| --set cloudConnector.serviceIdApigateway="my-apigateway" \ --set cloudConnector.serviceIdFrontend="my-frontend" |
Step 3.4 — Retrieve ServiceMapping Endpoints
After installation, retrieve the tunnel endpoints. You will need these in Section 8 when configuring the Cloud Connector service channels.
| # apigateway endpoint kubectl get servicemappings.connectivityproxy.sap.com apigateway-mapping \ -n oneconnect -ojsonpath='{.status.endpoint}' # frontend endpoint kubectl get servicemappings.connectivityproxy.sap.com frontend-mapping \ -n oneconnect -ojsonpath='{.status.endpoint}' # Result format: # tcp://cp.c-XXXXX.kyma.ondemand.com:443/[service-id] # Save both values — you will need them in Section 8. |
4. Deploy Observability Stack
The Observability Stack provides monitoring, log aggregation, and distributed tracing for the OneConnect platform.
Step 4.1 — Install
| cd helm/one_source-oneconnect-observability-*/ helm install oneconnect-observability . \ --namespace observability \ --create-namespace \ --values values-aws.yaml |
Step 4.2 — Verify Pods
| kubectl get pods -n observability |
Step 4.3 — Access the Monitoring Dashboard (Local Port-Forward)
| kubectl port-forward svc/grafana 3000:3000 -n observability # Open in your browser: http://localhost:3000 |
5. Enable Istio Sidecar Injection
The Cloud Connector tunnel uses Istio mTLS to authenticate traffic between services. Without the Istio sidecar running inside each pod, the Connectivity Proxy will reject all connections.
Think of the Istio sidecar as a security co-pilot alongside each pod — it handles encrypted routing automatically. After enabling it, each pod will show 2/2 READY (app container + Istio sidecar).
Step 5.1 — Activate the Istio Module in Kyma
- Log in to BTP Cockpit → navigate to your Subaccount → Kyma Environment → Dashboard URL.
- Go to Modules → Modify Modules → Add.
- Select "istio" and click Add / Save.
- Wait until the module status shows Ready.
Activating the Istio module in Kyma Dashboard is a key step to enable sidecar injection and ensure mTLS authentication in the Cloud Connector. Each pod displays 2/2 READY once the application container and the security sidecar are running together.
Step 5.2 — Label the Namespaces for Sidecar Injection
Run for the oneconnect namespace:
| Placeholder | Description |
|---|---|
Namespace |
Kubernetes namespace — oneconnect, kafka |
| kubectl label namespace oneconnect istio-injection=enabled kubectl rollout restart deployment -n oneconnect # Wait until all pods show 2/2 READY: kubectl get pods -n oneconnect |
1/1 after the restart, verify the label was applied: kubectl get namespace oneconnect --show-labels | grep istio6. Activate Kyma Modules
The Connectivity Proxy manages the secure tunnel from Cloud Connector to your cluster. The Transparent Proxy exposes BTP destinations as internal Kubernetes services. Both components depend on Istio (Step 5).
Step 6.1 — Activate All Five Required Modules
In Kyma Dashboard → Modules → Modify Modules → Add, add all five modules listed below:
| Module | Namespace | Purpose |
|---|---|---|
api-gateway | — | API gateway for Kyma services |
btp-operator | kyma-system | SAP BTP service operator |
connectivity-proxy | kyma-system | Secure tunnel between Cloud Connector and the cluster |
istio | kyma-system | Service mesh and mTLS (activated in Step 5) |
transparent-proxy | sap-transp-proxy-system | Exposes BTP destinations as Kubernetes services |
Step 6.2 — Verify All Modules are Ready
| # Transparent Proxy namespace must exist kubectl get ns sap-transp-proxy-system # Transparent Proxy pods must be Running kubectl -n sap-transp-proxy-system get deploy,pod # Connectivity Proxy must be Running kubectl get pods -n kyma-system | grep connectivity |
7. Configure SAP Cloud Connector
The SAP Cloud Connector is an agent you install in your on-premise network. It opens a secure outbound tunnel to SAP BTP — no inbound firewall ports are required.
Traffic flow:
| SAP ECC / S4HANA → http://[cc-server-host]:[local-port] → Cloud Connector (Service Channel) → Connectivity Proxy (kyma-system) → service.oneconnect.svc.cluster.local:[port] |
Step 7.1 — Create the Connectivity Service Instance & Binding
The Connectivity Proxy needs BTP credentials. Run the command below to create them. Use kubectl — do NOT use the BTP Cockpit Service Marketplace for this step.
| Placeholder | Description |
|---|---|
[NAMESPACE] |
Kubernetes namespace — use: oneconnect, kafka |
| kubectl apply -f - <<EOF apiVersion: services.cloud.sap.com/v1 kind: ServiceInstance metadata: name: connectivity-instance namespace: oneconnect spec: serviceOfferingName: connectivity servicePlanName: connectivity_proxy --- apiVersion: services.cloud.sap.com/v1 kind: ServiceBinding metadata: name: connectivity-binding namespace: oneconnect spec: serviceInstanceName: connectivity-instance EOF # Verify both reach Ready / Created status: kubectl get serviceinstances,servicebindings -n oneconnect |
Step 7.2 — Retrieve ServiceMapping Endpoints
If you already ran Step 3.4, skip this. Otherwise retrieve the endpoints now:
| kubectl get servicemappings.connectivityproxy.sap.com apigateway-mapping \
-n oneconnect -ojsonpath='{.status.endpoint}'
kubectl get servicemappings.connectivityproxy.sap.com frontend-mapping \
-n oneconnect -ojsonpath='{.status.endpoint}' kubectl get servicemappings.connectivityproxy.sap.com akhq-mapping \
-n oneconnect -ojsonpath='{.status.endpoint}'
# Result format: tcp://cp.c-XXXXX.kyma.ondemand.com:443/[service-id]
# Save both values — needed in Step 7.5. |
Step 7.3 — Install SAP Cloud Connector
- Download the installer from: https://tools.hana.ondemand.com — search for "Cloud Connector" on the page (Ctrl+F). Download the Windows MSI installer. If the MSI fails, use the Portable version as a fallback.
- Install on a server that has network access to your SAP on-premise system.
- Open the admin UI at:
https://localhost:8443 - Log in with default credentials:
Administrator / manage— change your password immediately.
Step 7.4 — Connect Cloud Connector to the BTP Subaccount
In the Cloud Connector admin UI, go to Subaccounts → + (Add) and fill in:
| Field | Value |
|---|---|
| Region | Your BTP subaccount region |
| Subaccount | Your BTP Subaccount ID |
| Location ID | Must exactly match the value used in Step 3.1 |
| Login | Your BTP email address |
| Password | Your BTP password |
| Placeholder | Description |
|---|---|
[your-btp-region] | BTP subaccount region — e.g. cf-us10 |
[SUBACCOUNT-ID] | SAP BTP Subaccount ID — found in BTP Cockpit → Subaccount overview |
[LOCATION-ID] | Must be the exact same value you used in Step 3.1 (case-sensitive) |
Step 7.5 — Create Service Channels
Create one service channel per ServiceMapping. In the Cloud Connector admin UI, go to On-Premise to Cloud → + (Add).
Channel 1: apigateway
| Placeholder | Description |
|---|---|
[apigateway-endpoint] | The endpoint retrieved in Step 7.2 — remove the tcp:// prefix before pasting |
[local-port] | A free port on your CC server — e.g. 9000 |
| Field | Value |
|---|---|
| Type | K8s Cluster |
| Endpoint | apigateway endpoint from Step 7.2 — remove the tcp:// prefix |
| Local Port | 9000 (or another free port) |
| Enabled | Yes |
Channel 2: frontend
| Placeholder | Description |
|---|---|
[frontend-endpoint] | The endpoint retrieved in Step 7.2 — remove the tcp:// prefix before pasting |
[local-port] | A different free port — e.g. 5050 (must differ from Channel 1) |
| Field | Value |
|---|---|
| Type | K8s Cluster |
| Endpoint | frontend endpoint from Step 7.2 — remove the tcp:// prefix |
| Local Port | 5050 (must be different from Channel 1) |
| Enabled | Yes |
Channel 3: AKHQ (only if you completed Step 3.5)
| Field | Value |
|---|---|
| Type | K8s Cluster |
| Endpoint | AKHQ endpoint from Step 3.5 — remove the tcp:// prefix |
| Local Port | 8080 (must differ from Channels 1 and 2) |
| Enabled | Yes |
1/1 connections. If it shows 0/1, see the Troubleshooting section.Step 7.6 — Configure SAP Connection (SM59)
With the service channels active, create an HTTP destination in your SAP system:
| Placeholder | Description |
|---|---|
[cc-server-host] | IP address or hostname of the Cloud Connector server |
[local-port] | The local port you set in the service channel (e.g. 9000) |
| Field | Value |
|---|---|
| Connection Type | HTTP Connection to External Server (type G) |
| Host | [cc-server-host] |
| Port | [local-port] |
| Protocol | HTTP |
| Path Prefix | /your-endpoint-path |
Step 7.7 — Test the Tunnel
Before going live, test connectivity from the Cloud Connector server. The Host header is required for the Connectivity Proxy to route requests correctly.
| Placeholder | Description |
|---|---|
[local-port] | The local port of the apigateway service channel (e.g. 9000) |
[local-port-frontend] | The local port of the frontend service channel (e.g. 5050) |
[local-port-akhq] | The local port of the AKHQ service channel (e.g. 8080) |
| # Test apigateway tunnel curl -vvv http://localhost:[local-port]/ \ -H "Host: apigateway.oneconnect.svc.cluster.local" # Test frontend tunnel curl -vvv http://localhost:[local-port-frontend]/ \ -H "Host: frontendoneconnect.oneconnect.svc.cluster.local" # Test AKHQ tunnel (if configured) curl -vvv http://localhost:[local-port-akhq]/ \ -H "Host: akhq.kafka.svc.cluster.local" # Any HTTP response (including 404 or 302) = tunnel is working. # "Empty reply from server" = tunnel is NOT working. See Troubleshooting. |
✓ Verification & Health Checks
Use the commands below to confirm every component is running correctly.
Platform Pods
| kubectl get pods -n oneconnect # All pods must show 2/2 READY (app + Istio sidecar) |
Services
| kubectl get services -n oneconnect # You should see only ClusterIP services — no LoadBalancer entries |
Kafka
| kubectl get kafka,deployment -n kafka # READY must be True for both resources kubectl get pods -n kafka # 3 pool nodes + entity-operator must all be Running |
ServiceMappings
| kubectl get servicemappings.connectivityproxy.sap.com -n oneconnect |
AKHQ Kafka UI
| kubectl get pods,svc -n kafka | grep akhq # akhq shows type=ClusterIP — access is through Cloud Connector only # Local access via port-forward: kubectl port-forward svc/akhq 8080:8080 -n kafka # Open: http://localhost:8080 (default login: admin / admin123) |
Istio Sidecar
| kubectl get namespace oneconnect --show-labels | grep istio kubectl get pods -n oneconnect # All pods must show 2/2 READY |
Observability Stack
| kubectl get pods -n observability |
Troubleshooting
"Empty reply from server" when testing the tunnel
- Verify Istio sidecar is injected — all pods must show
2/2 READY. - Restart the Connectivity Proxy:
| kubectl rollout restart statefulset connectivity-proxy -n kyma-system |
- Check proxy logs:
| kubectl logs -n kyma-system -l app=connectivity-proxy --tail=50 |
ACCESS_DENIED in Connectivity Proxy logs
- Confirm the
istio-injection=enabledlabel is set on the namespace. - Verify the Location ID matches exactly between Cloud Connector and your Helm install (case-sensitive).
- Restart deployments:
| kubectl rollout restart deployment -n oneconnect |
Cloud Connector cannot connect to the BTP Subaccount
- Verify the BTP region exactly matches your subaccount region.
- Check your BTP credentials (email and password).
- Confirm the CC server has outbound internet access to
*.ondemand.com.
Service Channel shows 0/1 connections
- Verify the endpoint was copied without the
tcp://prefix. - Verify the CC is connected to the correct subaccount.
- Re-retrieve the endpoint:
| kubectl get servicemappings.connectivityproxy.sap.com apigateway-mapping \ -n oneconnect -ojsonpath='{.status.endpoint}' |
Kafka pods not starting
- Ensure the Strimzi operator shows
1/1 Runningbefore applying Kafka resources (Step 1). - Check operator logs:
| kubectl logs -n kafka -l strimzi.io/kind=cluster-operator --tail=100 |
Cloud Connector services are timing out / not resolving
Istio is preventing all traffic that is not configured as mTLS. Apply a PERMISSIVE mode policy:
| kubectl apply -f - <<EOF apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: istio-system spec: mtls: mode: PERMISSIVE EOF |
Helm install fails — missing cloudConnector values
Re-run with all required flags:
| helm upgrade oneconnect . \ --namespace oneconnect \ --values values-aws.yaml \ --set dockerHub.token=[your-docker-token] \ --set cloudConnector.enabled=true \ --set cloudConnector.locationId="[LOCATION-ID]" \ --set cloudConnector.subaccountId="[SUBACCOUNT-ID]" |
Quick Reference — Useful Commands
Platform Pods & Services
| kubectl get pods -n oneconnect kubectl get services -n oneconnect |
Connectivity Proxy
| kubectl get pods -n kyma-system | grep connectivity kubectl logs -n kyma-system -l app=connectivity-proxy --tail=50 kubectl rollout restart statefulset connectivity-proxy -n kyma-system |
ServiceMappings
| kubectl get servicemappings.connectivityproxy.sap.com -n oneconnect kubectl get servicemappings.connectivityproxy.sap.com apigateway-mapping \ -n oneconnect -ojsonpath='{.status.endpoint}' |
Service Instances
| kubectl get serviceinstances,servicebindings -n oneconnect |
Kafka Connection
| kafka-cluster-kafka-brokers.kafka.svc.cluster.local:9092
http://schema-registry.kafka.svc.cluster.local:8081 |
Observability
| kubectl get pods -n observability kubectl port-forward svc/grafana 3000:3000 -n observability |
Key Concepts & Glossary
| Term | What it means |
|---|---|
| Kubernetes (K8s) | System for running and managing containerized applications — the orchestrator for your app containers. |
| Kyma | SAP-managed Kubernetes environment running in SAP BTP (Business Technology Platform). |
| Namespace | A logical partition inside Kubernetes — like a separate workspace. e.g. kafka, oneconnect, observability. |
| Strimzi | A Kubernetes operator that makes it easy to deploy and manage Apache Kafka clusters. |
| Kafka | A distributed messaging system that enables data streaming between services. |
| Helm | A package manager for Kubernetes. Installs a full app with one command instead of many YAML files. |
| Pod | A running container inside Kubernetes. Like a lightweight virtual machine. |
| SAP Cloud Connector | A secure tunnel agent installed in your on-premise network. Bridges local SAP systems to SAP BTP without opening inbound firewall ports. |
| Istio | A service mesh that adds encrypted traffic control between pods. Required for Cloud Connector access. |
| ServiceMapping | A Kyma resource that links a Kubernetes service to the Cloud Connector tunnel. |
| Observability | A monitoring stack providing dashboards, logs, and distributed tracing. |
| Docker Hub | Container image registry. An "app store" for Docker images. Requires an access token. |
| AKHQ | A web-based dashboard for Kafka — browse topics, inspect messages, monitor consumers. |
| Kafka Connect | A Kafka component that runs connectors to external systems such as databases. |
Frequently Asked Questions
What if pods do not start?
Always verify that Strimzi is running (1/1) before installing Kafka. For other pods, check logs with kubectl logs [pod-name] -n [NAMESPACE]. Common causes: Docker token is wrong or expired, or a previous Helm release was not properly uninstalled.
Why am I getting ACCESS_DENIED?
The Istio sidecar is either not injected or the Location ID does not match between your Helm install and the Cloud Connector configuration. Check that the namespace has the istio-injection=enabled label and that the Location ID is identical in both places (case-sensitive).
How do I know the tunnel is working?
Run a curl command from the CC server to the local port with the appropriate Host header. Any HTTP response — even a 404 or 302 — confirms the tunnel is active. "Empty reply from server" means the tunnel is not working.
Is the Observability stack mandatory?
It is optional from a technical standpoint, but highly recommended for production deployments. It consumes additional cluster resources, so confirm with the customer whether to include it.
Where do I find the Subaccount ID?
Log in to the SAP BTP Cockpit and navigate to your Subaccount overview page. The Subaccount ID (a UUID) is displayed in the header area of the subaccount page.
How do I test if the tunnel is working end to end?
Run the curl test in Step 7.7 from the CC server. Any HTTP response (even 404) confirms the tunnel is active. Then create the SM59 destination in SAP and call a known OneConnect endpoint to confirm application-level connectivity.
Related Articles
OneConnect - Docker Deployment Guide
OneConnect – Docker Deployment Guide This article explains how to deploy OneConnect using Docker on a Linux virtual machine. 1) Prerequisites Before starting the deployment, make sure you meet the following requirements: Download the compressed files ...Azure - OneConnect Deployment and Configuration
One Connect Platform: Kubernetes Azure Deployment Manual for Private Network This manual outlines the steps required to deploy the One Connect system on a Kubernetes cluster within a Private Network (meaning the OneConnect Platform will not be ...How to Provision SAP BTP Services: AI Core · AI Launchpad · HANA · Kyma
How to Provision SAP BTP Services: AI Core · AI Launchpad · HANA · Kyma This guide provides step-by-step instructions for provisioning the following SAP Business Technology Platform (SAP BTP) services: SAP AI Core – The runtime environment for AI ...Azure - One Connect Deployment Prerequisites
Before you Begin: The following deployment manuals assumes a basic understanding of Kubernetes concepts. For more information, refer to Kubernetes core concepts for Azure Kubernetes Service (AKS). Before you begin: If you don't have an Azure account, ...One Connect Platform - Functionalities
Introduction The table below outlines key features of the OneConnect platform, showcasing out of the box functionalities that support user management, system monitoring, SAP connectivity, and real-time data operations. No Function Description 1 ...