Uploaded byCodit
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
The document provides an overview of an IoT solution including: - Countries where customers were located between 2000-2017. - Three options for device connectivity: direct, cloud gateways, and field gateways. - Key aspects of focusing on quick value creation versus robustness. - An overview of the Azure IoT landscape including services, solutions, and device support. - Concepts related to Azure IoT Hub including security, device twins, messaging, telemetry, and command/control.
More Related Content
Similar to Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
Microsoft Azure IoT Hub (Sam Vanhoutte @TechdaysNL 2017)
- 2. Hello world Customers Entities 2000Belgium 2004 France 2013 Portugal 2016 Switzerland 2016 UK 2016 The Netherlands 2017 Malta
- 3. IoT End-to-End ValueChain 3
- 4. The connectivity challengeDirectConnectivity •Easiest to install and configure • Mixing machine logic with IoT logic • Complexity of IoT (retries, command handling…) on every machine • Not possible for legacy systems • “Feels” less secure CloudGateways • Devices come with embedded connectivity (NB-IoT, LoRa, SigFox…) to a propriatary cloud • Cloud to Cloud integration needed • Forwarding capabilities from platforms available to IoT platforms, custom HTTP endpoints • Easy to start in the cloud FieldGateways • Requires extra hardware • industrial PC, physical gateway • Machine logic seperated from IoT logic • Complexity of IoT in one single place • Retries, command handling… • Way to Internet-enable legacy systems • “Feels” more secure
- 5. Focus on quickvalue creation • Quick & fast connectivity • Often using simulated devices • Telemetry ingestion • Reporting, visualization & basic integration • Data storage & basic analytics (time series) • Business rules Proof of concepts Robustness, reliability & security • Reliability, buffering & retries • Remote updates • Security hardening • Bandwith & compute optimization • Edge capabilities & local actions • Multi-tenancy, privacy & GDPR • Logistics & deployment automation Real world deployments Proof of concepts vs reality
- 6. Time spent inproject phases Real world deployments Proof of concepts vs reality Time spent in project phases Proof of concepts
- 7. The Azure IoTlandscape 7
- 8. The Azure IoTLandscape 8 PaaSServices& DeviceSupport Azure IoT Edge Edge Support Azure IoT Hub Azure IoT Hub Device Provisioning Service IoT Services Azure Time Series Insights Azure Machine Learning Azure Stream Analytics Cosmos DB Azure Data Lake Azure Data Lake Analytics Azure HD Insight Spark, Storm, Kafka Azure Event Hubs Data & Analytics Services Microsoft Flow Azure Logic Apps Notification Hubs Azure Websites Microsoft Power BI Azure Active Directory Azure Monitor Visualization & Integration Services IoTSolutions (SaaS) Microsoft IoT Central IoT SaaS Microsoft Connected Field Service Field Service SaaS Device Support Azure IoT Device SDK Certified Devices Azure Certified for IoT Security Program for Azure IoT Windows 10 IoT Core IoTSolutions (PaaS) Remote Monitoring Predictive Maintenance Connected factory Azure IoT Suite
- 9.
- 10.
- 11. Access policies ➔ ServiceConnect(cloud side reading messages) ➔ DeviceConnect (individual devices – or send on behalf) ➔ RegistryRead (read only device monitoring) ➔ RegistryReadWrite (device management)
- 12. Authentication support ➔ Deviceid + device key ➔ Security credentials are never sent over the wire ➔ Token transport is protocol specific (MQTT, AMQP, HTTPS) ➔ X.509 certificates ➔ Existing cert ➔ Self signed cert ➔ CA-signed cert 12
- 13. Announced: x.509 CAsupport on IoT Hub ➔ Configure CA cert (per factory?) on IoT hub ➔ Sign all devices once at production time ➔ Authentication happens through the CA trust ➔ Can be combined with DPS
- 14. Device provisioning service ➔Simplify with zero touch provisioning ➔ Supports multiple locations ➔ Easiest way to mass-provision devices ➔ URL stability ➔ Enhanced security through HSM ➔ For any device compatible with IoT Hub ➔ Remove human error ➔ Minimize manual connection requirements ➔ Multitenancy support DPS knows exactly which IoT Hub to connect and provision IoT Hub US IoT Hub Japan IoT Hub India DPS
- 15.
- 16. Azure IoT Hub endpoints& routes 16
- 17.
- 18. IoT Hub endpoints& routing IoT Hub Telemetry stream (d2c) Operations monitoring File upload notifications Command feedback Storage account Event Hub Service Bus (topic / queue) Routing rules • Device messages • Twin Change events • Device lifecycle events Router EventGrid ?
- 19. Azure IoT Hub devicetwins 19
- 20. Azure IoT Hub IoTHub Twin 0 Tags Properties Desired Reported Methods Device 0 (or GW) edge cloud back-end Edge-visible metadata/config Edge reported state/condition … Telemetry Edge-opaque metadata Cloud initiated device actions
- 21. Device metadata &organisation 21 IoT Hub Twin 0 Tags Properties Desired Reported Methods … Telemetry Jobs Queries Set tags on twins to simplify the task of finding and targeting devices
- 22. Device management &configuration 22 IoT Hub Twin 0 Tags Properties Desired Reported Methods … Telemetry Jobs Queries Set desired properties on twins to set common policy across a large group of devices
- 23. Device querying &compliance 23 IoT Hub Twin 0 Tags Properties Desired Reported Methods … Telemetry Jobs Query desired and reported properties to attest device compliance and surface problems Queries
- 24. Device troubleshooting &updating 24 IoT Hub Twin 0 Tags Properties Desired Reported Methods … Telemetry Jobs Queries Initiate an action directly on a device or schedule an action with a job
- 25. Azure IoT Hub messaging& telemetry 25
- 26. Device to cloudmessaging ➔ Used for telemetry streams ➔ AMQP / MQTT / HTTPS ➔ Send to /devices/{deviceid}/messages/events ➔ Maximum 256 KB ➔ Body (opaque) + Properties (key-value) ➔ Partitioning per originating deviceid ➔ Process with EventProcessorHost (like Event Hub) 26
- 27. Reported properties ➔ Stateinformation & job status ➔ AMQP / MQTT ➔ Maximum 8 KB ➔ JSON structure ➔ Process, using routes on twinChangeEvents endpoint 27
- 28. IoT Hub fileupload ➔ Upload abstracted in client SDK ➔ hubClient.UploadToBlobAsync("file.txt", fileStream); ➔ Using a claim check pattern ➔ Content stored in associated storage account on blob (client endpoint /devices/{deviceId}/files) ➔ Event triggered on service endpoint (/messages/servicebound/fileuploadnotifications) 28
- 29. Azure IoT Hub command& control 29
- 30. Cloud to devicemessaging ➔ Asynchronous operation: device can be online ➔ AMQP / MQTT / HTTPS ➔ Send to /devices/{deviceId}/messages/devicebound ➔ Maximum 64 KB ➔ Body (opaque) + Properties (key-value) ➔ Important to configure TTL (time to live) ➔ No support for jobs ➔ At least once guaranteed delivery (device can reject / abandon) 30
- 31. Direct methods ➔ Interactive(sync) operation: device has to be online ➔ MQTT only ➔ MQTT topic: $iothub/methods/POST/{method name}/ ➔ Passing request body, maximum 8KB ➔ Configurable timeout (default: 30 secs) ➔ Device disconnected? 404 ➔ Support for jobs 31
- 32. Desired properties ➔ Setconfiguration ➔ AMQP / MQTT ➔ Maximum 8 KB ➔ JSON structure ➔ Support for jobs ➔ Durable (persisted in twin). 32
- 33. Azure IoT Hub DeviceJobs 33
- 34. Device jobs ➔ Scheduleupdates or commands for selection of devices ➔ Selection: based on device query ➔ Actions: ➔ Update desired properties ➔ Update tags ➔ Invoke direct methods ➔ Query on job status, using job id 34
- 35.
- 36.
Editor's Notes
- #4 Things to add Diff poc/real world Federated integration/esb Edge capabilities Rules
- #12 https://azure.microsoft.com/en-us/blog/announcing-support-for-x-509-ca-on-azure-iot-hub/
- #14 https://azure.microsoft.com/en-us/blog/announcing-support-for-x-509-ca-on-azure-iot-hub/
- #15 https://azure.microsoft.com/en-us/blog/announcing-support-for-x-509-ca-on-azure-iot-hub/
- #18 https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-endpoints#list-of-built-in-iot-hub-endpoints