Weintek Webinar Cloud Data Centering MQTT to Cloud
Weintek Webinar Cloud Data Centering -MQTT to Cloud
MQTT to Cloud 1. MQTT - Standard MQTT - Io. T Hub Connectivity 2. Sending MQTT to. . - Microsoft Azure Io. T - IBM Watson Io. T - AWS Io. T 3. AWS Io. T Device Shadow
MQTT • • Lightweight, Publish/Subscribe protocol Message exchange based on topics Message content format is arbitrary (JSON…etc) De facto Io. T standard c Topi be cri Subs Tem e t a pd U Subs c Update Temp. Upd ribe Publisher MQTT Server • HMI MQTT server • Self-hosted server • Cloud server ate T emp p. Subscriber Topi c . Subscriber
MQTT • Internet of Things with Cloud service providers Device MQTT Io. T Hub
Io. T Hub What’s Io. T Hub? Definition varies slightly from one to another, but – Io. T Hub is a managed cloud platform – Let connected devices easily interact with cloud applications and other devices. – Supports a very large scale, billions of devices and trillions of messages – Supports routing functionality to control where data go – All done with industry-standard security measure The primary task is to efficiently get data up into the Io. T Hub; once there, user may utilize functions provided by each Io. T platform to make use of data to its fullest: storage, analysis, AI computation…etc – Io. T Hub are usually not full-featured MQTT Broker, but instead support receiving data by MQTT (or variation)
Io. T Hub HMI generally works as a device (or equivalent name for that platform), and we can accomplish with MQTT A DEVICE Io. T Hub
MQTT to Cloud 1. MQTT - Standard MQTT - Io. T Hub Connectivity 2. Sending MQTT to. . - Microsoft Azure Io. T - IBM Watson Io. T - AWS Io. T 3. AWS Io. T Device Shadow
Azure Io. T Hub • In Azure, Create an Io. T hub and a device https: //portal. azure. com
Azure Io. T Hub • Device Explorer – Helper utility that interfaces with Azure Io. T Hub, to manage devices on Azure. – You will need the connection string, found in [SETTINGS]>[Shared access policies]. • iothubowner should have full access. Copy its Connection string-primary key to use it in the Device Explorer. – You can manage devices, monitor messages received from device , and send messages to device. (from the perspective of the Io. T hub) https: //github. com/Azure/azure-iot-sdk-csharp/tree/master/tools/Device. Explorer
Azure Io. T Hub https: //github. com/Azure/azure-iot-sdk-csharp/tree/master/tools/Device. Explorer
HMI to Azure • Azure MQTT capability that can be utilized – Azure Io. T Hub enables devices to communicate with the Io. T Hub device endpoints using: MQTT v 3. 1. 1 on port 8883 – A device can use the MQTT protocol to connect to an Io. T hub using: either the libraries in the Azure Io. T SDKs. (in Java, Node. js, C, C#, Python), or the MQTT protocol directly. – HMI will use the MQTT protocol directly https: //docs. microsoft. com/en-us/azure/iot-hub-mqtt-support
HMI to Azure – making the connection Server Setting Cloud service Normal Protocol MQTT v 3. 1. 1 Customized length Enabled Domain name {iothubhostname}. azuredevices. net Port 8883 Client ID {device. Id} Username {iothubhostname}/{device_id} Password ‘SAS’ – more on this later in TLS/SSL Enabled System Topic ALL Disabled {iothubhostname}: Name of your Io. T hub {device_id}: Device ID of your device in Io. T hub https: //docs. microsoft. com/en-us/azure/iot-hub-mqtt-support
Azure Io. T Hub • SAS Token from Device Explorer SAS token is the part AFTER “Shared. Access Signature=” til the end Caution: mind the extra space at the end. DO NOT include it.
Azure Io. T Hub • Microsoft Azure Io. T Publishing Topic – After making a successful connection, a device can send messages to Io. T Hub “as events” using the following as a Topic Name. • devices/{device_id}/messages/events/{property_bag} – Azure Io. T hub’s web interface does not provide message/telemetry viewing at this moment…. related tasks are more easily verified by one’s application or with Device Explorer • Under [Data] tab, you can monitor event messages received for a device event Device to Cloud device
Azure Io. T Hub • Receiving Messages in Device Explorer
Azure Io. T Hub • Microsoft Azure Io. T Subscribing Topic – After making a successful connection, a device can receive messages from Io. T Hub using the following as a Topic Name. • devices/p 1/messages/devicebound/+ – You can send message in Azure Io. T hub’s web interface or with Device Explorer. Of course, you can also do so with an app using SDK in one of the available languages. • Under [Message to Device] tab, you can send messages to a device Cloud to Device device
Azure Io. T Hub • Sending compatible JSON data to device so that HMI can get it
MQTT to Cloud 1. MQTT - Standard MQTT - Io. T Hub Connectivity 2. Sending MQTT to. . - Microsoft Azure Io. T - IBM Watson Io. T - AWS Io. T 3. AWS Io. T Device Shadow
Watson Io. T • Get an account for IBM Watson Io. T Platform(formerly Bluemix) – Define a device type, and then add a Device – Use token auth, keep note of the Authentication Token, whether auto-generated or self-provided (copy and save it somewhere. Or once it’s gone, it’s gone!) https: //internetofthings. ibmcloud. com/
HMI to Watson Io. T – making the connection Server Setting –IBM Bluemix Watson Io. T Hub {org. Id}: Organization Id of registration Cloud service Normal Protocol MQTT v 3. 1. 1 Customized length Not necessary Domain name {org. Id}. messaging. internetofthings. i bmcloud. com Port 8883 Client ID d: {org. Id}: {Device. Type}: {Device. Id} Username use-token-auth Password “Authentication Token” TLS/SSL Enabled System Topic ALL Disabled - when registering {Device. Type}: Device Type {Device. Id}: Device Id Connecting as device the device https: //console. bluemix. net/docs/services/Io. T/devices/mqtt. html#mqtt
Watson Io. T
Watson Io. T • Watson Io. T publish Publishing Topic – After making a successful connection, a device can send messages “as events” to Io. T Hub using Topic Name. • • iot-2/evt/{evt. Id}/fmt/json where {evt. Id} is the event Id; any valid string is fine fmt/json indicates that our message is in JSON format Qo. S 0, 1, 2 – Device data will publish to cloud as an event, identified by event Id. • and it should appear as such
Watson Io. T - Bonus • IBM has a rather easy-to-configure board for viewing data
Watson IBM - Bonus • HMI as a device can receive message as a “command”. How? – Similarly, the topic is iot-2/cmd/{cmd. Id}/fmt/json – However, command are only issued by an “application”. – An application uses API key to access Watson Io. T platform. • Deep integration with Node-Red , the Io. T Development Tool by IBM – In Node-RED, there are IBM Io. T nodes, for access to Io. T platform as “device” or “application”. – In contrast, connected HMI by MQTT is a device (instead of an application).
Watson IBM - Bonus • Node-RED example #1 – Device(HMI) to cloud, as an event – and then Cloud to device (HMI), as a command Just changing object name ibmiot input node Input node that can be used with Watson Io. T Platform to receive events sent from devices, receive commands sent to devices, or receive status updates concerning devices or applications. device 2 cloud(d 2 c) cloud 2 d evice(c 2 d) ibmiot output node Output node that can be used with Watson Io. T Platform to send a commands to a device or send an event on behalf of a device Tip: get API key on the web
Watson IBM - Bonus • Node-RED example #2 – Cloud to device(HMI) – Cloud data is from arbitrary source(human input from the dashboard in Node-RED in this example) Dashboard : Control elements Constructing the json data document send a commands to a device
MQTT to Cloud 1. MQTT - Standard MQTT - Io. T Hub Connectivity 2. Sending MQTT to. . - Microsoft Azure Io. T - IBM Watson Io. T - AWS Io. T 3. AWS Io. T Device Shadow
AWS Io. T • Get an account for AWS Io. T Core
AWS Io. T • AWS Io. T Core as MQTT Message Broker – Avoid topics beginning with $, which are reserved for specific functions – Most functions should be what one expects from an MQTT server – No Qo. S 2 pic o T e crib Subs Upd Subs c Update Temp. ribe Upd Publisher p. m e T ate MQTT Server ate T emp Subscriber Topi c . Subscriber
HMI to AWS Io. T– making the connection MQTT Server Setting –AWS Io. T Cloud service Normal Protocol MQTT v 3. 1. 1 Customized length Not necessary Domain name Endpoint (found in [Settings]>>[Custom endpoint]) Port 8883 Client ID Any; as long as not duplicated System Topic ALL DISABLED TLS/SSL Enabled Server verification Import Root CA Certificate Client verification Certificate: import client certificate (xxxcert#xxx-certificate. pen. crt) Private key: import private key (xxxcert#xxx-private. pem. key) Usename? Password?
AWS Io. T - Security • AWS Io. T security requires the use of X. 509 authentication • Certificate – for authentication – A certificate identifies the connected device/application • Policy – for authorization – Policy allow/deny certain functions for particular certificate holder
AWS Io. T -Authentication • Certificate – let AWS Io. T generate one for you – [Secure] –> [Certificates] –>[Create] https: //docs. aws. amazon. com/iot/latest/developerguide/create-device-certificate. html
AWS Io. T -Authentication • Certificate – let AWS Io. T generate one for you – Download and save the certificate, public key, private key, and AWS Io. T root CA https: //docs. aws. amazon. com/iot/latest/developerguide/create-device-certificate. html
AWS Io. T -Authorization • Policy – create one – [Secure]->[Policies]->[Create] – Allow all iot operations for simplicity https: //docs. aws. amazon. com/iot/latest/developerguide/authorization. html
AWS Io. T- AA • Attach certificate& policy to authenticate and authorize a user’s action – In [Secure] -> [Certificates] – In each certificate -> [Attach policy]
HMI to AWS Io. T– making the connection MQTT Server Setting –AWS Io. T Cloud service Normal Protocol MQTT v 3. 1. 1 Customized length Not necessary Domain name Endpoint (found in [Settings]>>[Custom endpoint]) Port 8883 Client ID Any; as long as not duplicated System Topic ALL DISABLED TLS/SSL Enabled Server verification Import Root CA Certificate Client verification Certificate: import client certificate (xxxcert#xxx-certificate. pen. crt) Private key: import private key (xxxcert#xxx-private. pem. key)
HMI to AWS Io. T– as message broker • AWS Io. T functions as a standard message broker. – Publish to any valid topic (with the exception of the reserved), Subscribers to that topic will receive message immediately Eg. iot/aws/data publish Subscribe Eg. another HMI, Mqttfx (PC), application
HMI to AWS Io. T– as message broker • AWS Io. T does have a convenient web interface to test out MQTT message broker
MQTT to Cloud 1. MQTT - Standard MQTT - Io. T Hub Connectivity 2. Sending MQTT to. . - Microsoft Azure Io. T - IBM Watson Io. T - AWS Io. T 3. AWS Io. T Device Shadow
AWS Io. T Thing • Devices connected to AWS Io. T are “Thing” – Create one to be the virtual representation of the actual device – Suitable for device parameters/states that could use telemetry
AWS Io. T Thing • Devices connected to AWS Io. T are “Thing” – [Manage]->[Things]->[Create]
AWS Io. T • Shadow – A device's shadow is a JSON document that is used to store and retrieve current state information for a device. shadow
AWS Io. T • Shadow Document
AWS Io. T Shadow - reported • reported state • “The reported state of the thing. Things write to this portion of the document to report their new state. Applications read this portion of the document to determine the state of a thing. ” “Reported” APP T= 23 degrees Thing: Thermometer Thing “Reported”: T= 23 degrees Application. (Eg. Monitor Station)
AWS Io. T Shadow - desired • desired state • “The desired state of the thing. Applications can write to this portion of the document to update the state of a thing without having to directly connect to a thing. “ “desired” APP Light OFF Thing: Light Thing “desired”: Light OFF Application (Eg. Monitor Station)
AWS Io. T Shadow • Shadow desired/reported behaviour, achieving remote MONITOR and CONTROL through the Io. T Platform. • Be reminded that these data can flow to the rest of AWS cloud services, like lambda function, Dynamo. DB… Thing Application (Eg. Monitor Station)
AWS Io. T- Thing-Certificate • Attaching certificate to the Thing is recommended – Go to certificate section to do this.
HMI to AWS Io. T– thing shadow MQTT Server Setting –AWS Io. T Cloud service AWS Io. T Domain name Endpoint (found in [Settings]>>[Custom endpoint]) Port 8883 Client ID Any; as long as not duplicated System Topic ALL Disabled TLS/SSL Enabled Server verification Import Root CA Certificate Client verification Certificate: import client certificate (xxxcert#xxx-certificate. pen. crt) Private key: import private key (xxxcert#xxx-private. pem. key) Same whether you want to send reported or desired messages
HMI to AWS Io. T– thing shadow MQTT Server Setting –AWS Io. T Thing name Name of the thing Qo. S 0 or 1 Advanced mode 1. ROLE AS A DEVICE device “reported” : device data update to shadow “desired” device: device data updated by shadow 2. ROLE AS AN APP “reported” device: device data updated by shadow (essentially monitoring) device ”desired”: device data update to shadow (essentially to set another device)
HMI to AWS Io. T– thing shadow ROLE AS A DEVICE ROLE AS AN APP reported state Thing: Thermometer Thing “Reported”: T= 23 degrees Application (Eg. Monitor Station) “Reported” APP T= 23 degrees
HMI to AWS Io. T– thing shadow ROLE AS A DEVICE ROLE AS AN APP desired state Thing: Light Thing “desired”: Light OFF Application (Eg. Control Station) “desired” APP Light OFF
MQTT Demo – AWS Io. T • Demo – Show room in Weintek c. MT 3151(TPE) (Io. T Monitor Dashboard) MQTT (AWS Io. T ) Things Remote 1 c. MT-SVR (Suzhou) Sensor Remote 2 c. MT-SVR (SZX) Sensor Remote 3 c. MT-SVR (USA) Sensor Remote 4 c. MT-SVR (KOR) Sensor Remote 5 c. MT-G 01 (TPE) Sensor
MQTT Demo • c. MT-SVR Thing address – report/desired design integrated with Arduino sensor program – Remote 1, Remote 2, Remote 3…
Conclusion Device MQTT Io. T Hub
A note on data encryption – TLS 1. 2 is recommended in Azure – TLS 1. 2 is required in IBM Cloud and AWS Io. T – c. MT models should be fine. – non-c. MT models should have OS upgraded to a supported version
loud tion gra Inte • i. R Series Remote I/O • c. MT built-in CODESYS • HMI Core ---------------------- • MQTT + Cloud • OPC UA • Easy. Access 2. 0 • SQL Database PLC , I/O sor Sen I HM P, C R E , S , ME ADA C for S MQTT + Cloud
FOR MORE INFORMATION PLEASE CONTACT : support@napa. fr
- Slides: 57