aws iot 및 mobile hub 서비스 소개 (김일호) :: re:invent re:cap webinar 2015
Post on 07-Jan-2017
2.751 Views
Preview:
TRANSCRIPT
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
김일호(Ilho Kim) Solutions Architect
AWS IoT and Mobile Hub Introduction
Nov 26, 2015
Session Time (ex. 01:30 pm – 02:30 pm)
Agenda
What is AWS IoT (45min) AWS Mobile Hub Overview(15min)
Things Are Becoming Connected
Now Not too long from now Soon After
Source: Pretty much everyone
Hello World!
Healthcare and Life Sciences Municipal Infrastructure Smart Home Retail
Manufacturing, Logistics & Supply Chain
Agriculture Education Automotive
Building Blocks for Innovation in IoT
How can we escape the spin cycle?
Many SDKs & Tools
Alternate Protocols
Scalability &
Noise/Signal
Security & Management
Integration with Cloud and Mobile Apps and
Analytics
AWS IoT
“Securely connect one or one billion devices to AWS, so they can interact with applications and other devices”
AWS IoT
DEVICE SDK Set of client libraries to
connect, authenticate and exchange messages
DEVICE GATEWAY Communicate with devices via
MQTT and HTTP
AUTHENTICATION AUTHORIZATION
Secure with mutual authentication and encryption
RULES ENGINE Transform messages based on rules and
route to AWS Services
AWS Services - - - - -
3P Services
DEVICE SHADOW Persistent thing state
during intermittent connections
APPLICATIONS
AWS IoT API
DEVICE REGISTRY Identity and Management of
your things
AWS IoT Message Broker
DEVICE GATEWAY Communicate with devices via
MQTT and HTTP
AWS IoT Device Gateway
Standard Protocol Support (no lock-in) Millions of devices and apps can connect over any protocol starting with MQTT and HTTP 1.1 Powerful Pub/Sub Broker with Long-lived bi-directional messages Clients (Devices and Apps) can receive commands and control signals from the cloud Secure by Default Connect securely via X509 Certs and TLS 1.2 Client Mutual Auth
Topic Based Architecture
(lights/thing-2/color)
Highly Scalable Device Gateway
MQTT
MQTT vs HTTPS: • 93x faster throughput • 11.89x less battery to send • 170.9x less battery to receive • 50% less power to keep connected • 8x less network overhead
Source: http://stephendnicholas.com/archives/1217
• OASIS standard protocol (v3.1.1) • Lightweight, pub/sub transport protocol
that is useful for connected devices • MQTT is used on oil rigs, connected
trucks, and many more sensitive and resource-sensitive scenarios.
• Customers have needed to build, maintain and scale a broker to use MQTT with cloud applications
Protocols – MQTT – Use Cases
mydevices/#
mydevices/1 mydevices/2 mydevices/3
Protocols – MQTT – Use Cases
mydevices/4
mydevices/4
Protocols – MQTT – Use Cases
mydevices/4
mydevices/4
Protocols – MQTT – Use Cases
mydevices/to_all
mydevices/to_all
Protocols – MQTT – QoS 0
1
2
3
4
5
6 1,2,3,5,6
Protocols – MQTT – QoS 1
1
2
3
4
5
4 1,2,3,4,5,6
6
Protocols – MQTT – Keep Alive
PINGREQ
PINGRESP
Although TCP/IP in theory notifies you when a socket breaks, in practice, particularly on things like mobile and satellite links, which often “fake” TCP over the air and put headers back on at each end, it’s quite possible for a TCP session to “black hole”, i.e. it appears to be open still, but in fact is just dumping anything you write to it onto the floor. Andy Stanford-Clark on the topic “Why is the keep-alive needed?“ *
* https://groups.google.com/forum/#!msg/mqtt/zRqd8JbY4oM/XrMwlQ5TU0EJ
AWS IoT Message Broker : Managed Service
Highly Scalable Device Gateway
Millions of devices sending billions of messages
Subscribers Publishers
AWS IoT Security: Authentication and Authorization
AUTHENTICATION Secure with mutual
authentication and encryption
AUTHENTICATION AUTHORIZATION
Secure with mutual authentication and encryption
One Service, Two Protocols
MQTT + Mutual Auth TLS AWS Auth + HTTPS
Server Auth TLS + Cert TLS + Cert
Client Auth TLS + Cert AWS API Keys
Confidentiality TLS TLS
Protocol MQTT HTTP
Identification AWS ARNs AWS ARNs
Authorization AWS Policy AWS Policy
NEW
Mutual Auth TLS
Provisioning and Security Secure Communications with Things
- Single API call to CreateKeysAndCertificate() - Client Generated CreateCertificateFromCSR(CSR)
Fine-grained Authorization for: Thing Management Pub/Sub Data Access AWS Service Access
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["iot:Publish"], "Resource": ["arn:aws:iot:us-east-1:123456972007:topic/foo"] }, { "Effect": "Allow", "Action": ["iot:Subscribe"], "Resource": ["arn:aws:iot:us-east-1:123456972007:topicfilter/foo/bar/*"] }]}
AWS IoT Rules Engine
RULES ENGINE Transform messages based on rules and
route to AWS Services
Simple & Familiar Syntax - SQL Statement to define topic filter - Optional WHERE clause - Advanced JSON support Functions improve signal : noise - String manipulation (regex support) - Mathematical operations - Context based helper functions - Crypto support - UUID, Timestamp, rand, etc.
AWS IoT Rules Engine Basics
SELECT * FROM ‘things/thing-2/color’ WHERE color = ‘red’
AWS IoT Rules Engine’s Flexibility
SELECT *, clientId() as MQTTClientId FROM 'one/rule' !WHERE !startsWith(topic(2), 'IME33') AND (state = 'INIT' OR hydro_temp > surface_temp)",!"actions": ![{ !"republish": {!
!"topic": ! ! !"controllers/${substring(topic(3), !3, 5)}",!}] !
AWS IoT Rules Engine
Complex Evaluations Respond to the fleet, not just a single unit. Dozens of functions() available Multiple / Simultaneous Actions Sometimes a situation requires you to take many actions
AWS IoT Rules Engine Actions
RULES ENGINE Transform messages based on rules and
route to AWS Services
AWS Services - - - - -
3P Services
AWS Services - - - - -
3P Services
1. AWS Services (Direct Integration)
Rules Engine
Actions
AWS IoT Rules Engine
AWS Lambda
Amazon SNS
Amazon SQS
Amazon S3
Amazon Kinesis
Amazon DynamoDB Amazon RDS
Amazon Redshift
Amazon Glacier
Amazon EC2
3. External Endpoints (via Lambda and SNS)
Rules Engine connects AWS IoT to External Endpoints and AWS Services.
2. Rest of AWS (via Amazon Kinesis, AWS Lambda, Amazon S3, and more)
AWS IoT Rules Engine Actions
Rules Engine evaluates inbound messages published into AWS IoT, transforms and delivers to the appropriate endpoint based on business rules. External endpoints can be reached via Lambda and Simple Notification Service (SNS).
Invoke a Lambda function
Put object in an S3 bucket
Insert, Update, Read from a DynamoDB table
Publish to an SNS Topic or Endpoint
Publish to an Amazon Kinesis stream
Actions
Amazon Kinesis Firehose
Republish to AWS IoT
AWS IoT Rules Engine & Amazon SNS
Push Notifications Apple APNS Endpoint, Google GCM Endpoint, Amazon ADM Endpoint, Windows WNS Amazon SNS -> HTTP Endpoint (Or SMS or Email) Call HTTP based 3rd party endpoints through SNS with subscription and retry support
SNS
2
AWS IoT Button - “Hello World” of AWS IoT
• Based on the Amazon dash button hardware (Stateless Wi-Fi Button)
• Code in the Cloud; no device specific code or flashing required
• Learn Rules, Shadows and Topics
Build Cool Stuff
You already have competition!
Call an Uber cab
Order pizza
Start a car
Poke someone on Facebook
“Like” something on Facebook
Mayday button
Tweet Something
Call customer service
Slack it
Approve Expense reports
Count things
Track Things
AWS IoT Mega Contest by Hackster.io
Step 1: Go to Hackster.io/Challenges (AWS) Step 2: Submit your idea (by 11/8) Step 3: Submit your project (by 1/8)
AWS IoT to AWS Lambda to and External Endpoint
Lambda Function
Rules Engine
Policy Private Key & Certificate
Thing/Device
Rule SDK
AWS IoT AWS Services
Execution Role Policy
External Endpoint
Permission
Select * from ‘iotbutton/+’
Action
AWS IoT to Amazon DynamoDB to Dashboard
DynamoDB Table
Rules Engine
Policy Private Key & Certificate
Thing/Device
Rule SDK
AWS IoT AWS Services
Policy
Dashboard
IAM Role
Select * from ‘iotbutton/+’
Action DynamoDB S3 Website
AWS IoT Thing Shadow
THING SHADOW Persistent thing state
during intermittent connections
SHADOW Persistent thing state
during intermittent connections
APPLICATIONS
AWS IoT Thing Shadow
Shadow
AWS IoT Shadow Flow
Shadow
Device SDK
1. Device Publishes Current State
2. Persist JSON Data Store
3. App requests device’s current state
4. App requests change the state 5. Device Shadow sync’s updated state
6. Device Publishes Current State 7. Device Shadow confirms state change
AWS IoT
AWS IoT Device Shadow - Simple Yet Powerful
{ "state" : { “desired" : { "lights": { "color": "RED" }, "engine" : "ON" }, "reported" : { "lights" : { "color": "GREEN" },
"engine" : "ON" }, "delta" : { "lights" : { "color": "RED" } } }, "version" : 10 }
Thing
Report its current state to one or multiple shadows Retrieve its desired state from shadow
Mobile App
Set the desired state of a device Get the last reported state of the device Delete the shadow
Shadow
Shadow reports delta, desired and reported states along with metadata and version
AWS IoT Device Shadow Topics (MQTT)
Thing SDK (C-SDK, JS-SDK) makes it easy for you build shadow functionality into your device so it can automatically synchronize the state with the device.
AWS IoT Thing Shadow
UPDATE: $aws/things/{thingName}/shadow/update DELTA: $aws/things/{thingName}/shadow/update/delta GET: $aws/things/{thingName}/shadow/get DELETE: $aws/things/{thingName}/shadow/delete
Sensor Reported Desired Delta
LED1 RED YELLOW LED1 = Yellow TEMP = 60F
ACCEL X=1,Y=5,Z=4 X=1,Y=5,Z=4
TEMP 83F 60F
AWS IoT Button to Device Shadow
Thing Shadow
Android App
HTTP Publish
UpdateThingShadow()
Desired: Purple, Yellow, Green “p,y,g”
Reported: Blue, White, Cyan “b,w,c”
GetThingShadow()
AWS IoT Registry
THING REGISTRY Identity and Management of
your things
REGISTRY Identity and Management of
your things
AWS IoT Registry
• Static attributes associated to Thing • Firmware version • Serial Numbers • Device Type • Device Group • Device Description • Sensor description
• Support and Maintenance • Reference Manual URL • Part # reference
• Reference to external support system
AWS IoT – Device Management
S3 Holds Versioned Firmware Distributions Organize and secure your firmware binaries in S3 Message Broker notifies groups of the fleet using Topic Patterns Alert the fleet (or part of it) of the update, and send the URL to the S3 download
Firmware Update
Stored in S3
Publish to groups of devices
• Ability to update global or within a Region
• Rules Engine keeps state of updates and tracks progress in a DynamoDB Table
• Store Version in Registry Entry
AWS IoT
DEVICE SDK Set of client libraries to
connect, authenticate and exchange messages
DEVICE GATEWAY Communicate with devices via
MQTT and HTTP
AUTHENTICATION AUTHORIZATION
Secure with mutual authentication and encryption
RULES ENGINE Transform messages based on rules and
route to AWS Services
AWS Services - - - - -
3P Services
DEVICE SHADOW Persistent thing state
during intermittent connections
APPLICATIONS
AWS IoT API
DEVICE REGISTRY Identity and Management of
your things
Simple Pay as you go and Predictable Pricing
• Pay as you go. No minimum fees • $5 per million messages published to, or delivered
in US East (N. Virginia), US West (Oregon), EU (Ireland) $8 in Asia Pacific (Tokyo)
AWS IoT
Free Tier 250,000 Messages Per Month Free for first 12 Months
Pricing Example
100 sensors * 30 days * 24 hours * 60 minutes = 4.38 million messages
1 meter * 100 readings * 30 days * 24 hours * 60 minutes = 4.38 million messages
100 Sensors: Publishing 1x/minute
DynamoDB Table: Receives all Sensor Data
Metering Unit: Receives all Sensor Data
1 table * 100 readings * 30 days * 24 hours * 60 minutes = 4.38 million messages
4.38 million publishes from sensors: 4.38 * $5 = $21.90 4.38 million deliveries to a metering unit: 4.38 * $5 = $21.90
4.38 million deliveries to DynamoDB: $0
AWS IoT
Get Started with AWS IoT Device SDK
C-SDK (Ideal for embedded
OS)
JS-SDK (Ideal for Embedded
Linux Platforms)
Arduino Library (Arduino Yun)
Mobile SDK (Android and iOS)
AWS IoT Device C SDK
// Libraries #include "mqtt_interface.h" #include "iot_version.h" // Connecting to MQTT broker MQTTConnectParams connectParams; connectParams.MQTTVersion = MQTT_3_1_1; connectParams.pClientID = "CSDK-test-device"; connectParams.pHostURL = HostAddress; connectParams.port = port; iot_mqtt_connect(connectParams); // Subscribing to a topic MQTTSubscribeParams subParams; subParams.mHandler = MQTTcallbackHandler; subParams.pTopic = "sdkTest/sub"; subParams.qos = qos; iot_mqtt_subscribe(subParams);
Getting Started – Embedded C SDK
Deeply embedded Port to your platform Delivered as source w/ POSIX port
Getting Started –Embedded C SDK
Memory Conscious TLS MQTT Client Shadow SDK Examples
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface
Layered Well-defined Interfaces Porting Points
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface
Your application The soul of the device
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface
Shadow SDK Subscription Management Version Tracking Client Tokens JSON Helpers
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface
Embedded MQTT Client Interfaces
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface You know how timers work on your system
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface Interface to the network Raw sockets TLS implementation included
Thing Shadow
C SDK Porting – SDK Architecture
Hardware / OS
Timer Interface
MQTT Interface / Client
Custom Application
TLS Interface
Your hardware
Thing Shadow
AWS IoT SDK for Javascript
// Enable AWS SDK for JavaScript support using a service model file var myService = new AWS.Service({apiConfig: require('./path/to/service-model.json'), endpoint: "service endpoint"}); // Initialize SDK var aws = require('aws-sdk'); var iot = new aws.Service({apiConfig: require('./iot-service-model.json'),
endpoint: ”iot.us-east-1.amazonaws.com” }); var iotData = new aws.Service({apiConfig: require('./iot-data-service-model.json'), endpoint: "data.iot.us-east-1.amazonaws.com“ }); // Publish message on MQTT topic var params = { "topic" : "foo/bar", "payload" : "hello world" }; iotData.publish(params, function(err, data) { console.log(err, data);});
Common Design Architectures with AWS IoT
Using Smartphone as a hub
Intel Edison AWS cloud
Amazon Cognito
Mobile Application
• No connectivity: Very limited resources / Saving costs • Security: Use Amazon Cognito to securely send data to AWS IoT or to the
AWS cloud • Hub: Use Smartphone’s capabilities (WiFi/4G)
Building Automation / Mobile Control of IoT
• Dynamic Automation: Dynamically respond to Events happening in the Factory
ex. Opening doors and requesting assistance when emergency button is pushed
• Mobile Control: Simplify mobile control of IoT/Factory automation devices with AWS IoT rules
IoT Devices AWS cloud AWS Lambda
AWS IoT Rule
Mobile Application
Factory
Display complex metrics… … Using processing power from the AWS Cloud
AWS IoT Connected device
AWS Lambda
Amazon DynamoDB
Mobile Application
User
Learn your user preferences… … And anticipate their needs
Serverless Web Dashboard
Millions of sources producing terabytes of data
IoT Devices
Mobile Application
AWS IoT Amazon Kinesis
Amazon Machine Learning
Amazon S3
Launching AWS IoT Hardware Program
The AWS IoT Hardware Program helps AWS customers build connected products using any hardware platform. IoT Hardware Partners reduce the time to market and improve customer experiences by providing necessary tools, SDKs and sensors to connect their devices to AWS. The program is designed for partners that provide hardware (semiconductors, connectivity modules, sensors, actuators) to customers and are interested in connecting their hardware platform to AWS.
Official IoT Starter Kits, Powered by AWS
Official IoT Starter Kits on Variety of Platforms
Broadcom WICED BCM4343W On Threadx/Netx
Marvell EZConnect MW302 On FreeRTOS
Renasas RX63N On Micrium OS
TI CC3200 On TI-RTOS
Microchip WCM PIC32 Platform
Intel Edison on Yocto Linux
Mediatek LinkOne on Linkit OS
Dragonboard 410c on Ubuntu
Seeeduino Arduino on openWRT
Beaglebone Green on Debian
Anyone can now build a device quickly and scale
AWS IoT Device Gateway Rules Engine Device Shadow Registry Security
Easy to get started AWS IoT Device SDK AWS IoT Button Hackster Contest Free Tier
Partners and Ecosystem AWS IoT Starter Kits AWS IoT Partners
Still incomplete
AWS Mobile Hub Overview
The best mobile apps are built on AWS
“Mobile” growing in all directions Published mobile apps
continue to grow… …As “mobile” platforms expand to new domains
TV
Watch
Car
*Source: Vision Mobile
0
200
400
600
800
1000
1200
1400
1600
2011 2012 2013 2014
Published Apps in App Stores ('000s)*
iOS App Store Google Play
Apps are also getting more complex
…To cloud-connected apps From basic client apps…
Sign-in/Social Push notifications
Usage analytics
Cloud storage
Crash analytics
Ads
Attribution analytics Config management
Custom back ends
“AWS has what we need, but…it’s complex” 1. Which services should I use? 2. How do I connect them?
Identity provider SDKs +
=
Example:
Login screen & integration code +
SDK
There has to be a better way…
Introducing: The AWS Mobile Hub (Beta)
1. Single integrated console
2. Pre-built features
3. Auto-provisioned services
4. Auto-generated app
Result: Build apps on AWS in minutes
Introducing: The AWS Mobile Hub (Beta)
Create a project and add features
Configure how your users sign in: • No sign-in, optional, or mandatory
Configure sign-in providers: • Facebook (Google, Twitter, Amazon to follow) • Your own system
Adds a sign-in screen to your quickstart app
Powered by Amazon Cognito Identity
User sign-in
Send push notifications to your apps • iOS or Android • 1:1 or topic/subscription based
Quickstart app demonstrates features • Enable/disable notifications • Auto-registers push tokens with SNS • Lets you select topic subscriptions
Powered by Amazon SNS
Push notifications
Store application assets in the cloud • Example: Resource files or media assets
Use a CDN for faster delivery (optional)
Quickstart app includes on-device cache logic • Set max cache size • Pin specific files to the cache
Powered by Amazon S3 and CloudFront
App content delivery
Store user files such as photos • User-only access or all-user access
Store user profile data • Key-value pairs • Syncs across devices where user signed in
Quickstart app includes usage examples • Contains file browser and color selector
Powered by Amazon S3 and Amazon Cognito Sync
User data storage
Monitor app usage with analytics • Session, monetization, and custom events • Monitor active users, monetization, retention
Quickstart app includes all three event types Access your dashboard from the Mobile Hub
App analytics
Powered by Amazon Mobile Analytics
Run back-end code in the cloud • Share functions across apps • Update on the fly without app submissions
Call directly from your mobile app • You define inputs/outputs
Write in Java, Javascript, or Python
You write code, we manage infrastructure
Powered by AWS Lambda
Cloud logic
Download your starter app & start coding…
Testing apps with Amazon Device Farm
Monitoring usage with Mobile Analytics
AWS Mobile Hub (Beta) available now!
• Listed in the AWS Management Console • Also at https://console.aws.amazon.com/mobilehub
• Services provisioned in US-East-1 • Plan to add Tokyo and Dublin shortly
• AWS Mobile Hub is a free service • You pay for the services you use (e.g. S3)
• Just getting started… • Send ideas to aws-mobile-hub@amazon.com
온라인 자습 및 실습
다양한 온라인 강의 자료 및 실습을 통해 AWS에
대한 기초적인 사용법 및 활용 방법을 익히실 수 있
습니다.
강의식 교육
AWS 전문 강사가 진행하는 강의를 통해 AWS 클라우드로 고가용성, 비용 효율성을 갖춘 안전한 애플리케이션을 만드는 방법을 알아보세요. 아키텍쳐 설계 및 구현에 대한 다양한 오프라인 강의가 개설되어 있습
니다.
인증 시험을 통해 클라우드에 대한 자신의 전문 지식
및 경험을 공인받고 개발 경력을 제시할 수 있습니다.
AWS 공인 자격증
http://aws.amazon.com/ko/training
Thank you!
http://bit.ly/awskr-webinar
발표자료 / 녹화영상
top related