Internet of Things - le monde des objets connectés est véritablement présent dans Azure. Focus sur les services spécialisés Azure IoT, mais surtout de la pratique geek avec des objets connectés live.
2. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
■L’IoT ?
■Les choix à faire pour vos objets
■Prototypez vos objets connectés
■Les services Azure IoT
■Les nouveautés de la build
Agenda
4. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Harnessing the IoT Revolution
What if I could tell when it’s the best time for my things to _______ ?
What if my things could tell me when they go someplace they
shouldn’t?
What if I simply knew where my things were?
What if I knew when my things were going to break before they did?
What if I could use device telemetry to improve next generation devices?
What insights could I find from all of my devices?
It all starts with a great idea…
6. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Choices – What powers the device?
Option Upside Downside Common examples
Battery (primary) Device can operate in a mobile
environment for extended
periods of time.
Device now has a current /
wattage budget (CPU cycles are
not free).
Efficient and safe battery charging
requires sophisticated circuitry
(you won’t do it in firmware).
Mobile brains phones
Battery (secondary) Device can sustain function
through transient power
interrupts
Efficient and safe battery charging
requires sophisticated circuitry
(you won’t do it in firmware).
May have to add additional
circuitry to run while charging
Laptops
Main power (primary) Device can leverage all
available computing power
(barring thermal constraints)
Device functionality susceptible to
interruption during power supply
events
3D printer
Main power + backup Device can leverage all
available computing power
(barring thermal constraints),
and operate at reduced
Additional power management
circuitry. Need to reduce current
load during loss of main power.
NEST thermostat
7. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Choices – What connects the device to cloud services?
Option Upside Downside Common examples
Ethernet Cheap, easy to install. No hard
bandwidth or framing
limitations.
Requires hard wired connection
provided by end-user. May
require additional configuration or
security enhancements to route
through firewalls, etc.
Industrial PLC (programmable
logic controllers)
WiFi Readily available on more
sophisticated microcontrollers
and embedded devices.
Requires ambient WiFi network,
and method of managing security
keys and access (including
rotation).
May require additional
configuration or security
enhancements to route through
firewalls (commercial).
NEST thermostat.
Cellular Self-contained; plug and go. Communication heavily metered –
cost of operations (CoGS) borne
by service operator.
3rd party car data logger
Local (Bluetooth,
Zigbee, etc)
Minimal cost and power
requirements.
Short ranged, require field
gateway or other “smart” edge
device to proxy connections.
iBeacon
8. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
With the ubiquity of firewalls and NAT (network address translators),
cloud services connecting inbound to devices is typically impractical.
If two local devices want to talk to each other, two options:
Device A connects directly to device B, or vice-versa
The devices communicate through a secured cloud endpoint (service
assisted communication)
Whom connects to whom?
10. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
■ LiFX lightbulbs create a mesh network between each other
■ One lightbulb elects as master, and proxies to WiFi router
■ Devices shipped from factory with a single GLOBAL PRE-SHARED KEY.
■ Break one device – break them all.
■ Remediation Options:
■ Global firmware update. How do the devices “call home” to get firmware
updates? At scale there will always be devices behind the update curve.
■ Don’t make any mistakes in the bootloader for in-field firmware updates. A
single RMA (return material authorization) can wipe out the profit from
dozens of devices.
■ Move to provisioned key-per-device. Need to build and manage key
infrastructure. Also need to incorporate key rotation (don’t make a mistake
here of the device will “bricked”).
■ Is there an out-of-band update mechanism (USB?). Is the end-user
community amenable to handling firmware updates (industrial, technical vs.
mass consumer)
Peer to peer sounds cool!
http://contextis.com/resources/blog/hacking-internet-connected-light-bulbs/
11. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Choices – Let’s connect!
Option Upside Downside
UDP • Simple; datagrams require no framing.
• Efficient on bandwidth metered links.
• Impractical to secure channel.
• Need faith or out of band acknowledgement mechanism
for reliable transfer.
• Cannot reliably support ordered data streams.
• Challenging to implement return-channel (cloud to
device) for commands
TCP/IP • Simple; minimal code footprint for RTOS
class devices.
• Can use TLS to secure channel
• Bi-directional channel for notifications and
commands
• Need to handle framing on both sides of connection (or
hard code avoidance of MTU limits from end to end)
• Firewall traversal is challenging
HTTP/S • Straightforward firewall traversal, use of
SSL for channel encryption and signing
• Built in framing, can leverage semantic
conventions (REST) to publish data
• Inefficient for Signal-to-Noise ratio of bytes on wire
• Heavy device stack footprint to implement general
purpose HTTP client stack
AMQP, MQTT • Bi-directional channel for notifications and
commands
• Efficient use of bandwidth (batching,
efficient framing, etc)
• Firewall traversal is challenging
• Client stack may not fit on smaller devices
• Evolving standards and implementation levels
12. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Choices – Let’s encode!
Option Upside Downside
XML • You have more money than you know what
to do with. Enjoy another mojito on your
yacht.
• Extremely inefficient for both
serialization/deserialization time and wire encoding.
JSON • Self-describing (“tagged”) format requiring
no type identifiers. Readable by
convention.
• Need to handle framing on both sides of connection (or
hard code avoidance of MTU limits from end to end)
• Firewall traversal is challenging
Tagged /
Untagged
“standard” Binary
(Protobuf, Thrift,
etc)
• Highly efficient wire protocol with broad
range of encoder bindings for various
languages
• Can use common IDL (definition) to
generate device and cloud code
• Built in support for protocol versioning
• Implementation may not be compatible with RTOS class
device BSP (board support packages)
• Until you’ve lived through the mistake, you probably
won’t use the versioning features.
Custom Binary
(roll your own)
• You can put “wrote yet another custom
protocol” on your resume
• High degree of control over bit packing,
ordering, etc.
• Can support any device.. Since you wrote it
for that device
• Very few implementations use code generation from a
common definition (result -> divergent implementations
with subtle differences)
• Rarely incorporate version management, self-describing
type and version fields, rich variable support (arrays,
maps, etc)
• Take on a life of their own, generating support burdens
with inertia
14. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
■Cout d’un oubli ou d’un bug coté cloud :
corriger le bug , commit, push, build, deploy ( cout : 3 clics et un café)
■Cout d’un oubli ou d’un bug coté device :
Hardware : refaire tous les devices
Software : Mise à jour de firmware (est ce que c’est prévu)
Dans les 2 cas trés cher $$$
La nécessité de prototyper
19. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Microsoft Cloud offer for IoT
Predictive
maintenance
Asset
management
Azure IoT SuiteAzure services (IoT and others)
21. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Platform Services
Infrastructure Services
Web Apps
Mobile
Apps
API
Management
API Apps
Logic Apps
Notification
Hubs
Content
Delivery
Network (CDN)
Media
Services
BizTalk
Services
Hybrid
Connections
Service Bus
Storage
Queues
Hybrid
Operations
Backup
StorSimple
Azure Site
Recovery
Import/Export
SQL
Database
DocumentDB
Redis
Cache
Azure
Search
Storage
Tables
Data
Warehouse
Azure AD
Health Monitoring
AD Privileged
Identity
Management
Operational
Analytics
Cloud
Services
Batch
RemoteApp
Service
Fabric
Visual Studio
App
Insights
Azure
SDK
VS Online
Domain Services
HDInsight Machine
Learning
Stream
Analytics
Data
Factory
Event
Hubs
Mobile
Engagement
Data
Lake
IoT Hub
Data
Catalog
Security &
Management
Azure Active
Directory
Multi-Factor
Authentication
Automation
Portal
Key Vault
Store/
Marketplace
VM Image Gallery
& VM Depot
Azure AD
B2C
Scheduler
22. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Suite
Business
Process
ERP/CRMEvent Hub
Storage Blobs DocumentDB
Web App
Stream Analytics Logic Apps
Azure
Active Directory
IoT Hub Web Jobs
Devices
Azure IoT SDK (OSS)
Linux, RTOS, mBed, Windows,
Android, iOS
Power BI
23. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Hub
Connectivity, Security & Management for billions of devices
Devices are not servers
Use IoT Hub to enable secure bi-directional communications
Device-to-cloud and Cloud-to-device
Durable message inbox/outbox per device
Delivery receipts, expired messages
Device communication errors
24. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Stream Analytics
Data Source Collect Process ConsumeDeliver
Event Inputs
- Event Hub
- Azure Blob
Transform
- Temporal joins
- Filter
- Aggregates
- Projections
- Windows
- Etc.
Enrich
Correlate
Outputs
- SQL Azure
- Azure Blobs
- Event Hub
Azure
Storage
• Temporal Semantics
• Guaranteed delivery
• Guaranteed up time
Azure Stream Analytics
Reference Data
- Azure Blob
25. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
• Start with one of the Azure IoT Starter kits
– aka.ms/iotstarterkits
• Start from a sample
– Simple Hello World samples: Readme.md of the SDKs
repo
– E2E samples : aka.ms/azureiotsamples
– Get started on a specific platform:
aka.ms/azureiotgetstartedguides
• Start from scratch
DIY
26. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Device SDK
Everything is on GitHub, open source under MIT license
RTOS, Linux, Windows, iOS, Android
C, Node.js, Java, C#, Python
Includes Xamarin compatible libraries
Samples, walkthroughs to get you started quickly
27. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure Certified for IoT
Operating systems & devices
Azure IoT Device SDK supports more than Azure
Certified for IoT and is easy to adapt to new devices and
operating systems
29. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
New Offering Announcements
Update firmware, software, configuration on any device running any operating system
Organize and update devices based on hierarchical topologies
Cross platform middleware for field gateways
Connect, manage and monitor multiple devices
Protocol translation & data normalization
5 new kits to get started quickly
30. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Hub Device Management
Going beyond simple ‘Create, Remove, Update and Delete’ for devices
Fully extensile - works on any device running any operating system or firmware
Based on OMA LWM2M
Group devices into custom topologies
Update devices based on sub-sections of that topology
Role based access control
OT is responsible for keeping things running, IT is responsible for keeping things secure
31. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Hub Device Management
Enroll devices and determine properties and available operations
Group & manage based on your scenario
Role based access to sub-groups
Update software, firmware, configuration using “device jobs”
Operators can monitor device health and signal when it is safe to update devices
IT can update and rollback during maintenance windows
Decommission and replace devices after service lifetime
35. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Hub – Device Topology Support
Permissions: Group 1 Permissions: Group 2
36. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Device Job - Firmware Update Example
Azure IoT HubDevice
Your code
on the device
IoT Hub DM
client library
Step 1
Step 2
Step 3
Device Job
Write Firmware
Package URI,
Trigger Client
Download
Package URI
Download
Package URI
Download Completed
Download the
firmware
Apply the
Update
Apply Update
Reconnect after restart
Monitor State
Changes and
Apply Update
Azure IoT Suite
Your code
in the cloud
Step 1:
Start Firmware
Update Job
providing the
Package URI
On Job
Completed:
Receive callback in
cloud
Anytime during
job execution:
Check the status of
the Job
37. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Azure IoT Gateway SDK
• Cloud connectivity for devices that don't speak TCP/IP
• Security Isolation for devices can't be updated/secured
• Protocol translation for existing and new protocols
• Data transformation compression, annotation, filtering
• Local intelligence local processing for low latency needs
38. Global Azure Bootcamp#GlobalAzure @AZUGFR PARIS - FRANCE
Global Availability
Australia (East, Southeast)
Japan (East, West)
Germany (Central, Northeast) – Preview
US Europe APAC Japan Australia LATAM China Germany India UK