1

I'm working on a IoT project where i have a central platform hosting my application and multiple small devices in the wild (untrusted environment).

Today, the central application can command the devices by sending them requests through http and the device response is handled in the http response. The devices can also send notification to the server without being requested.

I am now thinking about the architecture to deploy this kind of features, the requirements are:

  • be able to connect to the device from distance to perform maintenance (ssh)
  • send requests to devices
  • receive infos from devices

I have two setups in mind:

First : Each devices connect to a VPN, they register somewhere so I can contact them using deviceA.dns etc. Because they are in a VPN, I can securely connect to the devices using ssh.

Second : We already use rabbitmq. So I was thinking about each devices registering to an AMQP endpoint and multiple queues: inbound queue for requests from server, outboud for all notifications etc. This does not solve the connection from distance using ssh. But maybe with some reverse ssh it should do the trick.

What do you think ? Is there a recommended 'way' of achieving this goal which seems common in IoT projects ?

Thank you.

Alex Grs
  • 3,231
  • 5
  • 39
  • 58

3 Answers3

1

To reach the devices, for both SSH and HTTP, you can use https://openport.io. It's basically a reverse SSH platform where you can see which devices are online and stuff.

For the devices contacting the server, RabbitMQ or Kafka is the way to go.

Jan DB
  • 355
  • 2
  • 6
0

You can use Muzzley to create an IoT device, the cloud, your logic and a mobile / desktop app.

Once integrated with Muzzley, it will automatically: - create compatibility with their app so you can control your device (with your own UI) - receive information from your device - create automations between your device and others - provide behavioral analysis of your device

djsb
  • 44
  • 2
-1

You did not provide any information about devices so I am guessing they have full IP connection and plenty of CPU/memory to run SSH client.

I would go for simplicity and use your second scenario. A service like like dynamic DNS, DHCP, or even some message from device to your server would update the address so your ssh could be easy done by name.

JrBenito
  • 973
  • 8
  • 30