Control your Embedded Linux remotely by using WebSockets

Transcript

1. LUCA CIPRIANI, GIANLUCA VARISCO Codemotion Rome 2019 - 22/03/2019 Control

   your Embedded Linux remotely by using WebSockets

2. 2 WHO ARE WE? Luca Cipriani Chief Information Officer Gianluca

   Varisco Chief Information Security Officer

3. 3 LEGENDA IoT Gateway EDGE Linux Device

4. 4 Run Arduino code on Linux Devices! MANAGE EDGE LINUX

   DEVICES

5. 5 CONTROL LINUX FROM THE WEB • OLD problems, OLD

   solutions • HTTPS is hard to achieve • BI-DIRECTIONAL communication • Work on most network topologies • Create a web server, contact it via HTTP • Cannot have HTTPS unless domain name is registered and IP address is static/known • UDP ports are often closed

6. 6 Give users a quick and easy-to-use web interface to

   • Check the status of the system • Configure networking • Install packages • Deploy apps / containers USE CASE

7. 7 USE CASE MQTT server GW Connector Websocket + MQTT

   Browser

8. 8 DO NOT OVERKILL We do not want to store

   users’ data unless needed or it brings big advantages for both users and us. We do not want to deal with state synchronization. Scaling is really expensive!

9. Arduino Connector

10. Features • One single binary, ~20MB (no external deps) •

    Works on every Debian-like Linux distro • Secure-only connections • MQTT (Stable TCP socket with remote server) • Works on slow connections • No need to know the IP in advance

11. Features • Go Language runs on: ◦ ARM v5, v6,

    v7 ◦ ARM64 v8 ◦ x86 ◦ x86_64 Public repository: https://github.com/arduino/arduino- connector

12. About MQTT • Well known • Widely used • Feature

    complete • Simple enough • Bi-directional

13. 13 SERVER SIDE, WHAT DO YOU NEED? • MQTT Server

    • SSL support • MQTT Client • OAuth 2 server (optional) • MQTT over WebSocket

14. 14 EXAMPLE API

15. 15 Use /proc , Luke! And remember, everything is a

    file in Linux We released arduino/go-system-stats, a library that gathers OS metrics about resource usage (memory, disk, network, etc.) STATS API

16. 16 APT integration is dummy, APT lib APIs are in

    C++ only and nearly impossible to integrate with Go, thus we decided to use the CLI as an API and released arduino/go-apt-client A combination of dpkg + apt commands wrapped in an API Supports the management of apt repos APT INTEGRATION

17. 17 APT INTEGRATION

18. 18 NETWORK MANAGER INTEGRATION NetworkManager has a stable API (0.98

    is really stable) We released arduino/gonetworkmanager, Go D-Bus bindings for NetworkManager You select ETH or Wi-Fi networks

19. 19 NETWORK MANAGER INTEGRATION

20. 20 • We install Docker if not previously installed and

    if target supports it • Docker Go APIs are really easy to manage (imagine why) • Works with Private Registry • Runs on huge servers (tested on Intel Data Center w/ 64+ core CPU) and small devices (e.g BeagleBone Black or Raspberry Pi) DOCKER INTEGRATION

21. 21 DOCKER INTEGRATION

22. 22 RUNS ON LINUX Support for all Debian-based devices Porting

    to other OSes / distros’ flavors is simple

23. 23 Arduino uses the same underlying tech described in this

    talk for its own IoT Cloud: MQTT + TLS + WebSocket

24. 24 WHAT ARDUINO PROVIDES Sensors Data + Device Interaction Automatic

    Code Generation Arduino Hardware Secure Cloud Connection Device Management OTA Updates Firmware Changes Business Logic Firmware Upload Certificate or Password Provisioning Dashboards Third Parties IoT SaaS Arduino IoT Cloud

25. GIVE IT A TRY! create.arduino.cc/devices

26. 26 • https://github.com/arduino/arduino-connector • https://github.com/arduino/go-system-stats • https://github.com/arduino/go-apt-client/ • https://github.com/arduino/gonetworkmanager •

    https://create.arduino.cc References

27. THAT’S A WRAP, THANK YOU! Luca Cipriani <[email protected]> Gianluca Varisco

    <[email protected]> @gvarisco @mastrolinux