serverless IoT-applications

Transcript

1. serverless IoT-Applications Niko Will, innoQ @n1ko_w1ll

2. @n1ko_w1ll about me > Developer since 2005 > living in

   a Smarthome since 2012 > became an IoT Geek > before: worked on Bosch IoT Suite for 3 years > now: Consultant at innoQ > follow me on Twitter: @n1ko_w1ll

3. @n1ko_w1ll agenda > AWS > IoT > Lambda > use-cases

   > JITR | on-boarding | pairing > list / search things | command & control | telemetry > connected / disconnected / LWT > encrypted file transfer | firmware update

4. @n1ko_w1ll AWS

5. @n1ko_w1ll AWS Amazon S3 Amazon Elasticsearch Amazon Kinesis Amazon SNS

   Amazon SQS Amazon DynamoDB Amazon Cognito Amazon API Gateway AWS Lambda Amazon CloudWatch AWS IoT State Fast Data

6. @n1ko_w1ll AWS Lambda

7. @n1ko_w1ll AWS Lambda > Functions-as-a-Service (FaaS) > serverless > „small“

   functions > stateless compute containers > event-driven

8. @n1ko_w1ll AWS Lambda > advantages > scalable > pay-per-execution /

   pay-as-you-go > no upfront capacity planning > significantly reduce operational cost

9. @n1ko_w1ll AWS Lambda > disadvantages > vendor lock-in > startup

   latency > testing > debugging > execution duration

10. @n1ko_w1ll AWS IoT

11. @n1ko_w1ll AWS IoT > managed service > message broker >

    rules engine > shadows > registry > security

12. @n1ko_w1ll message broker > topic based > publish / subscribe

    > topic wildcards > protocols > MQTT > MQTT + WebSockets > HTTP $aws/events/presence/connected/clientId $aws/events/presence/disconnected/clientId $aws/things/thingName/shadow/update $aws/things/thingName/shadow/update/delta

13. @n1ko_w1ll rules engine > SQL-like syntax > augument or filter

    data > rule actions > state stores > fast data pipelines > CloudWatch > Lambda > republish SELECT *, newuuid() AS requestId, clientId() AS clientId, timestamp() AS timestamp, topic(2) AS deviceId, topic(4) AS sensorId FROM 'device/+/sensor/+/v1' WHERE temperature > 50 AND color <> 'red'

14. @n1ko_w1ll shadows > JSON document > current state of thing

    > connection independent > supports client tokens > supports versioning > MQTT topics > RESTful API { "state" : { "desired" : { "color" : "RED" }, "reported" : { "color" : „GREEN" } }, "metadata" : { "desired" : { "color" : { "timestamp" : 12345 } }, "reported" : { "color" : { "timestamp" : 12345 } } }, "version" : 10, "clientToken" : "UniqueClientToken", "timestamp": 123456789 }

15. @n1ko_w1ll registry > manage your things > physical device or

    sensor > logical entity > attributes > thing types { "version": 3, "thingName": "MyLightBulb", "defaultClientId": "MyLightBulb", "thingTypeName": "LightBulb", "attributes": { "model": "123", "wattage": "75" } }

16. @n1ko_w1ll security > mutual authentication with X509 certificates + TLS

    1.2 > or SigV4 for HTTPS and WebSockets > bring your own certificate > JITR > Atmel ECC508 > policy based access with dynamic values > role based rules action execution

17. @n1ko_w1ll use-cases

18. @n1ko_w1ll just in time registration (JITR) thing AWS IoT Device

    Registry $aws/events/certificates/ registered/caCertificateID IoT Policy IoT Rule AWS Lambda

19. @n1ko_w1ll on-boarding thing AWS IoT AWS Lambda custom/clientId/register IoT Rule

    IoT Policy Device Shadow Amazon DynamoDB

20. @n1ko_w1ll thing IoT Policy Device Shadow mobile client AWS Lambda

    Amazon Cognito Amazon API Gateway AWS IoT thing pairing exchange OAuth token for AWS credentials

21. @n1ko_w1ll list / search things things mobile client AWS Lambda

    Amazon Cognito Amazon API Gateway AWS IoT Amazon DynamoDB

22. @n1ko_w1ll command & control thing mobile client AWS Lambda Amazon

    Cognito Amazon API Gateway AWS IoT Device Shadow

23. @n1ko_w1ll command & control thing mobile client Amazon Cognito AWS

    IoT Device Shadow

24. @n1ko_w1ll command & control thing Amazon Cognito AWS IoT Amazon

    Echo AWS Lambda Alexa Skill Device Shadow

25. @n1ko_w1ll telemetry AWS IoT things Amazon Kinesis Amazon DynamoDB telemetry

    rule telemetry topic Amazon EMR

26. @n1ko_w1ll { "state": { "reported": { "connected": true } }

    } { "state": { "reported": { "connected": true } } } connected / disconnected / LWT Device Shadow thing AWS IoT shadow update topic

27. @n1ko_w1ll { "state": { "reported": { "connected": true } }

    } { "state": { "reported": { "connected": false } } } { "state": { "reported": { "connected": false } } } connected / disconnected / LWT Device Shadow thing AWS IoT shadow update topic

28. @n1ko_w1ll { "state": { "reported": { "connected": true } }

    } { "state": { "reported": { "connected": false } } } connected / disconnected / LWT Device Shadow thing AWS IoT LWT rule custom LWT topic LWT { "state": { "reported": { "connected": false } } } shadow update topic republish

29. @n1ko_w1ll encrypted file transfer Amazon S3 thing AWS IoT AWS

    Lambda AWS KMS

30. @n1ko_w1ll firmware update Device Shadow AWS Lambda thing AWS IoT

    Amazon S3 Amazon DynamoDB

31. @n1ko_w1ll summary > scalable plattform > common IoT use-cases >

    w/o own infrastructure > w/o upfront capacity planning > very secure > very extensible

32. @n1ko_w1ll Thank you. Questions? Comments @n1ko_w1ll Niko Will [email protected] innoQ

    Deutschland GmbH Krischerstr. 100 40789 Monheim am Rhein Germany Phone: +49 2173 3366-0 innoQ Schweiz GmbH Gewerbestr. 11 CH-6330 Cham Switzerland Phone: +41 41 743 0116 www.innoq.com Ohlauer Straße 43 10999 Berlin Germany Phone: +49 2173 3366-0 Ludwigstr. 180E 63067 Offenbach Germany Phone: +49 2173 3366-0 Kreuzstraße 16
 80331 München Germany Phone: +49 2173 3366-0