LUCA CIPRIANI, GIANLUCA VARISCO Codemotion Rome 2019 - 22/03/2019 Control your Embedded Linux remotely by using WebSockets 

2 WHO ARE WE? Luca Cipriani Chief Information Officer Gianluca Varisco Chief Information Security Officer 

3 LEGENDA IoT Gateway EDGE Linux Device 

4 Run Arduino code on Linux Devices! MANAGE EDGE LINUX DEVICES 

5 CONTROL LINUX FROM THE WEB ● OLD problems, OLD solutions ● HTTPS is hard to achieve ● BI-DIRECTIONAL communication ● Work on most network topologies ● Create a web server, contact it via HTTP ● Cannot have HTTPS unless domain name is registered and IP address is static/known ● UDP ports are often closed 

6 Give users a quick and easy-to-use web interface to ● Check the status of the system ● Configure networking ● Install packages ● Deploy apps / containers USE CASE 

7 USE CASE MQTT server GW Connector Websocket + MQTT Browser 

8 DO NOT OVERKILL We do not want to store users’ data unless needed or it brings big advantages for both users and us. We do not want to deal with state synchronization. Scaling is really expensive! 

Arduino Connector 

Features ● One single binary, ~20MB (no external deps) ● Works on every Debian-like Linux distro ● Secure-only connections ● MQTT (Stable TCP socket with remote server) ● Works on slow connections ● No need to know the IP in advance 

Features ● Go Language runs on: ○ ARM v5, v6, v7 ○ ARM64 v8 ○ x86 ○ x86_64 Public repository: https://github.com/arduino/arduino- connector 

About MQTT ● Well known ● Widely used ● Feature complete ● Simple enough ● Bi-directional 

13 SERVER SIDE, WHAT DO YOU NEED? ● MQTT Server ● SSL support ● MQTT Client ● OAuth 2 server (optional) ● MQTT over WebSocket 

14 EXAMPLE API 

15 Use /proc , Luke! And remember, everything is a file in Linux We released arduino/go-system-stats, a library that gathers OS metrics about resource usage (memory, disk, network, etc.) STATS API 

16 APT integration is dummy, APT lib APIs are in C++ only and nearly impossible to integrate with Go, thus we decided to use the CLI as an API and released arduino/go-apt-client A combination of dpkg + apt commands wrapped in an API Supports the management of apt repos APT INTEGRATION 

17 APT INTEGRATION 

18 NETWORK MANAGER INTEGRATION NetworkManager has a stable API (0.98 is really stable) We released arduino/gonetworkmanager, Go D-Bus bindings for NetworkManager You select ETH or Wi-Fi networks 

19 NETWORK MANAGER INTEGRATION 

20 ● We install Docker if not previously installed and if target supports it ● Docker Go APIs are really easy to manage (imagine why) ● Works with Private Registry ● Runs on huge servers (tested on Intel Data Center w/ 64+ core CPU) and small devices (e.g BeagleBone Black or Raspberry Pi) DOCKER INTEGRATION 

21 DOCKER INTEGRATION 

22 RUNS ON LINUX Support for all Debian-based devices Porting to other OSes / distros’ flavors is simple 

23 Arduino uses the same underlying tech described in this talk for its own IoT Cloud: MQTT + TLS + WebSocket 

24 WHAT ARDUINO PROVIDES Sensors Data + Device Interaction Automatic Code Generation Arduino Hardware Secure Cloud Connection Device Management OTA Updates Firmware Changes Business Logic Firmware Upload Certificate or Password Provisioning Dashboards Third Parties IoT SaaS Arduino IoT Cloud 

GIVE IT A TRY! create.arduino.cc/devices 

26 ● https://github.com/arduino/arduino-connector ● https://github.com/arduino/go-system-stats ● https://github.com/arduino/go-apt-client/ ● https://github.com/arduino/gonetworkmanager ● https://create.arduino.cc References 

THAT’S A WRAP, THANK YOU! Luca Cipriani Gianluca Varisco @gvarisco @mastrolinux