Management System

Introduction

In this section we will review Onesait Platform Things Management System, the Onesait Platform module used to commission, access, configure, update and manage your edge devices.This module will require Minsait licensing model and it is not included in the Onesait Community distribution. For Onesait Community version, focused on development, a simplify edge device management can be done using both the IoTClients connected with IoTBroker and the initial  Edge Engine containers. Also, under request, a Things Management System instance is available at Onesait Cloud Lab environment for testing and fast prototyping.

Onesait Platform Things Management System is a web application running at a server (on-premises or cloud) that allows managing remotely all the edge devices deployed in the field. The goal is to have a bidirectional communication with the edge devices without the need for the physical presence of a technician by allowing an absolute control. It also aims to facilitate and speed up the edge device provisioning, start-up and maintenance processes, so that the device is plug & play, and does not require any prior registration process to be operated by the user/operator. Last but not least, it will allow to manage devices in groups or individually, having control over the content of the devices, their updates and the environments/projects to which they belong. In this way, an administrator can operate remotely to:

  • Commission the containers infrastructure and configuration files, defined for the Edge Engine.
  • Update full stack software (from OS to applications running in contaniers).
  • Restart the device or turn it off
  • Send commands (event new commands can be implemented using shell scrips).
  • Change project/environment configuration
  • Open a remote SSH console using TLS tunneling to manage device.
  • Access the web interface of the deployed containers (Modbus, Zigbee, Node-RED, etc.).

Things Management System works with the Edge Agent, an embedded agent running at the edge device. For large deployments, this agent is installed during the production process and trust on  TPM (1.2 or 2.0) to manage credentials. For fast prototyping, agent can be download and installed locally in a Linux (Ubuntu 16.04 / 18.04) machine, in this case an enrolling process should be perform where a security connection token is provided from Things Management System.

Architecture


The Management System is composed by the following components:


1.-Edge Agent

Each edge device includes a lightweight Python Edge Agent (Freezing in C++), that is in charge of establishing and maintaining the communication with the Things Management System and control all the Edge Engine infrastructure deployed at the edge device.

2.- MQTT Communication Broker

Edge Management System employs one of the market leaders standards for M2M communication, MQTT, a lightweight messaging protocol for small sensors and mobile devices, optimized for high-latency or unreliable networks. Using secured MQTT protocol and JSON formatted messages, the edge device exchange information and commands. The underlying MQTT Broker used for Onesait Things Management System is RabbitMQ.

3.-  Edge Devices configuration repository

In this repository you will find all the information related to the defined projects and organizations with which each of the devices are associated. Additionally, the repository manages all the individual or collective configuration files of the different devices. This component has been developed using Postgres and Gitea repository.

4.-  Authentication

The Authentication Module guarantees secure connection (authentication and authorization ) to the registered devices, so any undesired connections are avoided. This process is performed through a token connection exchanged using secure communications.

5.-  Registry repository

 Management System provides also a Private Docker Registry repository, where all the docker images used by the edge devices are stored, allowing a secure, fast and flexible Docker Containers deployment locally.

6.-  Application Layer: Back-end.

The back-end services of the Management Systems manages all the commands and information exchange to enable all the functionality described. These services used Spring Boot technology.

7.-  Application Layer: Front-end.

The front-end of Things Management System is based on Vue.js technology, a flexible, powerful and appealing framework for modern web applications.

Features

1.- Edge Devices Monitoring

Monitor all the edge devices form the initial dashboard to access the main functions and check if the device is online


2.- Add new Edge Device


Add new devices to your edge devices administration.

3.- Execute scripts

Execute the scripts you have configured for your repositories remotely over a single device or set of devices (docker containers update, open zigbee network, update devices or configurations,...).



4.- Parameters Monitoring and remote access

Check the status of the edge devices hardware and software configuration as well as connection tokens (both Things Management System and Things IoT Broker if deployed). Access remotely to local web servers of your containers remotely is also available if Things Management System and the ede device belongs to the same VPN.




5.- SSH Access

Administrate your edge devices through ssh (tunneling) console access with configurable OS privileges over remote machine.



6.- Devices Management by Organizations and User Roles


The Things Management System allows different users role and Permissions to manage different Organizations, repositories and tags registries to manage different Gateway clusters with different functionality, operators or managers.





7.- Batch script execution


Execute scripts or commands to a group of devices of your repository.




8.- Configuration repository

Manage the configuration (docker-compose.yml, persistence, credentials, new patches, etc) and scripts of your repositories. Follow your GitFlow like  methodology for performing Dev/Ops at the edge!