Docker VPN-based Raspberry Pi Server tutorial

Many developement boards can be used in home and industrial applications to control and manage data. Get secure remote access from anywhere via your own VPN based on Docker containers. Check out latest video from open-tech infuencer, Andreas Spiess, in which he uses Raspberry Pi and Docker, Node-RED, influxDB and Grafana to build custom Raspberry Pi data server.

Docker implementation in CM4 cluster – ClusBerry-2M

The introduction of new Compute Module 4 has opened the possibility to construct and maintain effective hardware matrix solutions with the use of both PCI-Express buses and 1GBps Ethernet. Therefore, the ClusBerry-2M opens up completely new capabilities of utilizing cluster solutions for Industrial Automation and server applications.

ClusBerry-2M can be equipped with multiple expansion cards, e.g. serial RS-232/485 ports, range of digital and analog I/Os, USB, HDMI and Ethernet. Interfaces can be expanded with additional I/Os and opto-isolation, relays, Ethernet, 1-Wire, CAN, M-Bus Master and Slave, accelerometer and many more features like TPM Security Chip & eSIM. The device can also be equipped with additional SuperCap backup power source for continuous work and safe boot/shutdown in case of emergency.

ClusBerry-2M series also offers two M.2 NVMe SSD slots and up to four standard miniPCIe module support for various wireless communication protocols, such as:

  • GSM modem (4G/LTE and fast 5G modem)
  • economic NarrowBand-IoT technology
  • LoRa, ZigBee, Z-Wave, Sigfox, Wireless M-Bus
  • secondary Wi-Fi/Bluetooth interface or Wi-Fi Hi-Power
  • custom wireless interfaces

Software cluster management with Docker and K3s Lightweight Kubernetes

With use of Docker-based and Kubernetes solutions, installation and management of ClusBerry-2M is easy and backed with a large community for further support and development. Kubernetes is a portable, extensible open-source software platform for managing containerized tasks and sites that enables declarative configuration and automation. The Kubernetes ecosystem is large and dynamically developing. Kubernetes services, support and tools are widely available.

Kubernetes provides:

  • Detection of new services and traffic. Kubernetes can balance the load and redirect the network traffic to ensure the stability of the entire installation.
  • Kubernetes data storage management enables you to automatically mount any type of storage system – on-premises, from cloud providers and others.
  • Automatic deployment and rollback. You can describe the expected state of your installation with Kubernetes, which will take care of bringing the actual state to the expected state in a controlled manner. For example, with Kubernetes, you can manage your cluster modules at ease, boot modules from one to another, upgrade firmware crosswise and provide safe operation of each module.
  • Automatic management of available resources. ClusBerry-2M provides a cluster of modules that Kubernetes can use to run tasks in containers. You determine the CPU power and RAM requirements for each container. Kubernetes arranges containers on machines in such a way as to make the best use of provided resources.
  • Self-healing Kubernetes reboots containers that have stopped working, replaces them with new ones, forces disabling containers that are not responding to certain status queries, and does not announce their availability until they are ready to run.
  • Managing confidential information and Kubernetes configuration with TPM Security Chip allows you to store and manage confidential information such as passwords, OAuth tokens and SSH keys. Secured data and configuration information can be provided and changed without having to rebuild the container image and without exposing sensitive data in the overall software configuration.
IoT Security with latest SLM 9670 Industrial Grade TPM 2.0

Like other embedded systems, Industrial IoT design faces a constant stream of threats. As hackers adopt new attacks, developers rush to close security holes. Deployed devices need to update IoT firmware, increasing potential security vulnerabilities. For example, using a simple firmware verification check can leave the software published. In this situation, the developer may expect to be able to query external resources for verification and catch attempts to replace the firmware with hacked code. However, even relatively novice hackers can replace the firmware with code that ignores such verification checks. To secure these vurnerabilities comes Industrial Grade TPM 2.0.

Securing devices with Infineon industrial grade TPM

Infineon Technologies AG has unveiled a new security chip that defines the first TPM (Trusted Platform Module), designed specifically for industrial applications such as industrial computers, servers, industrial controllers and edge gates. The module protects confidential data in connected devices and reduces the risk of leakage of this information due to attacks, e.g. hackers.

The OPTIGA TPM SLM 9670 module protects the integrity of industrial systems and the identity of users using them. The system controls access to sensitive data at key locations in industrial environments, such as an automated factory. It also protects the cloud interface if the network uses one. The security system fully meets the TPM 2.0 standard developed by the Trusted Computing Group and is certified by an independent test laboratory in accordance with the criteria contained in this standard. The new module is meticulously controlled and certified by Infineon. Thanks to its use, it is possible to shorten the time of designing and introducing the device to the market, thanks to the ready security solution in the system.

The TPM system has a lifetime declared as 20 years. It allows programmers to perform firmware updates, which in turn enables them to meet the long-term security requirements in rapidly changing industrial environments. In this way, it can also reduce maintenance costs of industrial equipment thanks to secured remote software updates. The TPM chip will be available in serial production in the second half of 2019.

TPM 2.0 Key Features

  • Random Number Generator (RNG) according to NIST SP800-90A
  • TPM FW update functionality installed
  • 6962 Bytes of free NV memory
  • Full personalization with Endorsement Key (EK) and EK certificate
  • Up to 3 keys in the volatile memory
  • Up to 7 keys in the NV memory
  • Up to 8 NV counters
  • Support of various cryptographic algorithms:
    • RSA-1024 and RSA-2048
    • SHA-1 and SHA-256
    • ECC NIST P256
    • ECC BN256

Security chip implementation in Industrial IoT devices

With knowledge of latest Industrial IoT security measures, the choice of proper end-point conroller or gateway is much easier than you think. Some manufacturers can implement TPM 2.0 security chip in production process, to allow users to generate certification keys after purchase, maximizing security of their installations. TECHBASE offers wide range of solutions, optionally aided with TPM system.

For example, ESP-32 based solution, Moduino X series and eModGATE series products offer the support for such security measures. Read more in Industrial IoT Ecosystem brochure, to understand the importance of reliable and secure hardware for Industrial IoT.

ESP32-based LoRa / LoRaWAN wireless network

One way of long-range and low-power data transmission is LoRa wireless technology. Since the Internet of Things market (with ESP32 – based solutions) is mainly covered with short-range Wi-Fi and Bluetooth and long-range with 3G / NarrowBand-IoT technologies, LoRa oftens is omitted or simply unknown by IoT users. Below you will find a short representation of what LoRa is and how can it be used.

What is LoRa / LoRAWAN network?

LoRaWAN® network architecture is deployed in a star-of-stars topology in which gateways relay messages between end-devices and a central network server. The gateways are connected to the network server via standard IP connections and act as a transparent bridge, simply converting RF packets to IP packets and vice versa. The wireless communication takes advantage of the Long Range characteristics of the LoRa physical layer, allowing a single-hop link between the end-device and one or many gateways. All modes are capable of bi-directional communication, and there is support for multicast addressing groups to make efficient use of spectrum during tasks such as Firmware Over-The-Air (FOTA) upgrades or other mass distribution messages.

Source: https://lora-alliance.org/about-lorawan

Industrial use of LoRa & ESP32-based solutions

One of industrial IoT devices, supporting LoRa wireless technology is ESP32 based eModGATE from TECHBASE. Economical, ESP32-based solution can serve as an end-point in any installation or works well as a gateway, gathering data from scattered sensor mesh across the installation. For more information and also Raspberry Pi based solutions check Industrial IoT Shop with all the configuration options for eModGATE.

eModGATE with ESP32
New industrial grade touch panel with Raspberry Pi

Latest addition to Industrial IoT Ecosystem from TECHBASE is TECHPANEL P500 is an industrial-grade touch panel automation controller for wide range of industrial installations. Equipped with up to date Raspberry Pi Compute Module 3/3+ or Compute Module 3/3+ Lite, 7” capacitive touch display and IP65 hermetic casing with cast gaskets, can be used in harsh conditions of industrial applications.

Raspberry Pi based touch panel features

New TECHPANEL P500 M3/3+ is powered by quad-core Cortex-A53 1.2GHz processor with 1GB RAM and up to 32GB eMMC or 8GB microSD flash memory. Wide range of modems and extra wireline/wireless interfaces via expansion cards makes the TECHPANEL micro-computer a versatile addition to Industrial IoT solutions offered by TECHBASE company.

TECHPANEL devices can easily work remotely with existing ModBerry Gateways & Moduino ESP32 Edge Controllers for data accumulation and monitoring, to perform specific actions before sending the data to cloud services. TECHPANEL with ModuinoModBerry installation can work as standalone Ecosystem (for example via MQTT), providing complex data management solution to any installation.

TECHPANEL P500 M3+ with Compute Module 3+ from Raspberry Pi
TECHPANEL P500 M3+ with Compute Module 3+ from Raspberry Pi

Visual management and available Raspbian OS

The device is equipped with compact 800 x 480 px 7-inch TFT panel with 10 points capacitive touch to allow the user to perform direct actions on-site. With IP65 casing and extended working temperature range, TECHPANEL can be placed almost everywhere.

Over 23 million Raspberry Pi’s have been sold and the Raspberry Pi is likely to stay as a new standard in the industry. Official Raspbian OS is free operating system based on Linux Debian optimized for the Raspberry Pi comes with over 35,000 packages, pre-compiled software bundled in a nice format for easy installation.

TECHPANEL P500 M3+ with Compute Module 3+ from Raspberry Pi
TECHPANEL P500 M3+ with Compute Module 3+ from Raspberry Pi

SPECIFICATION

  • Cortex A53 1.2GHz Processor
  • RAM 1GB, eMMC up to 32GB
  • 7″ TFT screen (800x600px)
  • Capactitive touch screen (10-point)
  • Wide range of expansion modules (Ethernet, RS-232/485/422,  Digital and Analog I/Os, Relay, M-Bus, CAN, optoisolated I/Os, Accelerometer, etc.)
  • Wide range of wireless modules (GPRS/EDGE, 3G/LTE, NarrowBand-IoT, GPS, Wi-Fi, Bluetooth, LoRa, ZigBee, Z-Wave, Sigfox, Wireless M-Bus, etc.)
  • Water-Resistant casing (IP65)
  • Operating temperature: -20°C ~ 70°C
  • Optional SD card support instead of eMMC Flash
Pros and cons of using Raspberry Pi 4 in IoT

Every fan of new technologies has heard of small single-board computers (SBC) in the form of Raspberry Pi 4. Raspberry debuted on the market in many different versions, and the current model is Model 4B. A lot of people got infected with it for DIY, programming or Linux. But new board comes with variety of pros and cons, as compared to previous RPi3 versions.

Industrial use of market Raspberry Pi 4 SBCs

A year ago, TECHBASE released an updated version of the ModBerry M500 industrial IoT computer, replacing the aging Raspberry Pi 3 with a 3B+, giving it better performance. With the recent launch of the Raspberry Pi 4, TECHBASE has yet again, announced another upgrade to the M500, which now packs the latest single-board computer.

ModBerry M500 with Raspberry Pi’s 4

ModBerry M500 also utilizes many more SBC platforms, such as Orange Pi, NanoPi and Intel-based UpBoard. Find more information here: https://iiot-shop.com/product/modberry-m-series/

Technology must transfer data to the central system in real time, otherwise it may have negative consequences. If the sensor battery power runs out, a machine failure may stop production for one day or lead to direct danger. If battery life is unbelievable and short, IoT applications will become useless, causing more interference rather than making life easier for its intended purpose. Therefore battery powered IoT devices come as a standard in up-to-date IoT installations

Wireless sensors and sensor networks are one of the elements of the Internet of Things systems and intelligent factories. Replacing the standard sensors and data collection devices with versions that communicate wirelessly gives many benefits, but also enforces a highly thought-out system design that will minimize energy consumption. This is important because these systems must work for many years without servicing. In the article we present the issues regarding the design of systems and forecasting of energy consumption in IoT systems.

Wireless communication vs Battery power

The idea of wireless sensor networks has been around for at least two decades, while the IEEE subgroup working on personal wireless networks defined the 802.15.4 standard in 2003, a year later the first versions of ZigBee appeared. Since then, many varieties of wireless communication have been developed, such as LoRa & NarrowBand-IoT and additional functions introduced, as a result of which designers now have a choice of various open or proprietary protocols. What significantly affects the way the entire project is implemented is energy consumption.

Battery powered IoT installation. Source: https://modberry.techbase.eu/

The basic elements of these systems are sensors that measure physical quantities. Some signal and data processing capabilities are also important. After all, the communication interface is important, which will allow you to pass the measured data on. Such a sensor node should wake up from time to time, make contact with its superordinate controller, transfer data and fall back to sleep again. Battery life depends on the total charge collected. Minimizing this consumption in the long run means that you need to minimize energy consumption during each work cycle. In many cases, the sensor will only work for a small fraction of the time. A measurement that lasts a few milliseconds can be triggered once per second, once per minute, or even less frequently. Therefore, the energy consumed in sleep mode may dominate the total energy consumption.

Battery powered sensors market growth

The lifetime of IoT sensors varies greatly: some last a year years, others 10, the first being the most realistic. When organizations need to deploy engineers to install new batteries in sensors and employ staff to monitor them, the benefits of technology itself are beginning to run out.

Battery powered IoT devices crucial to 2020+ standards

It is estimated that in 2020 nearly 31 billion devices will be connected to the Internet of Things. Such forecasts provide ample opportunities, especially for producers associated with the products that make up it, and they are intensified by the developing IoT technology.

Source: https://globenergia.pl/co-laczy-internet-rzeczy-i-perowskity-fotowoltaika-do-zastosowan-wewnetrznych/

Battery-ready IoT devices based on ESP32

Battery / SuperCap power support allows the processes and data to be securely executed, saved or transferred, and the operating system to be safely shutdown or reboot, if the power source has been restored. The power failure alert can also be sent to cloud service, to perform custom task, specified by user or self-learning AI algorithm.

The Moduino device is a comprehensive end-point controller for variety of sensors located throughout any installation. It fully supports temperature and humidity sensors and new ones are currently developed, e.g. accelerometer, gyroscope, magnetometer, etc.

Battery powered Moduino ESP32
Battery powered IoT installation. Source: https://modberry.techbase.eu/

ModuinoModBerry symbiosis allows wide range of wake-up/sleep schedule customization, in order to perform best and save energy accordingly to power supply state. Arduino and MicroPython environments provide libraries to control different scenarios of data and power management.

With built-in algorithms and the possibility to program on your own, the TECHBASE’s sleep/wake addon module can wake the device using schedule/timer. Another option is wake on external trigger, e.g. change of input, etc. All the options for sleep, shutdown and wake can be configured for various scenarios to ensure constant operation of devices, safety of data and continuity of work in case of power failure in any installation.

Sequent Microsystems has introduced the Raspberry Pi „4-relay” add-on to the Industrial IoT market. Four relays switch lines for loads up to 10 A and 250 V, can be stacked up to 8 times with max. 32 switched relays.

It can be used to control loads of up to 10A and 250V. You can control directly all your lights and appliances. Pluggable connectors accept 18 to 22 AWG wires and simplify the installation, specially if you are planning to use more than one card. The cards are stacked with 18mm male-female standoffs. All the hardware required for the installation is provided. Relays are controlled through I2C IO Expanders, using only 2 pins on the GPIO interface and leaving all the other pins available for the user.

Source: https://www.kickstarter.com/projects/279405789/4-relays-for-raspberry-pi-8-level-stackable-10a-250v-each/

Some industrial IoT devices, based on Raspberry Pi platform already offer Relay expansion modules. One of them is ModBerry 500 CM4 series, introduced in 2014 – later upgraded with latest Raspberry Pi’s Compute Module 4+. ModBerry standard configurator offers up to 12x Relay expansion, with additional customizable options available for larger orders.

ExCard modules to peak the performance

Every TECHBASE’s industrial computer is supported by ExCard add-on modules for extra RS-232/485 serial ports, Ethernet ports, PCIe slots, analog input and output, digital I/Os, relays, M-Bus interface, opto-isolation, accelerometer, etc. To provide specific communication paths, ModBerry can be rigged with additional Wi-Fi/Bluetooth module, 3G/LTE, NarrowBand-IoT, LoRa, ZigBee, GPS and Wireless M-Bus.

The latest options for ModBerry series are:

  • SuperCap expansion, to provide constant power supply as a UPS option
  • OLED 0.96” & new OLED 1,3″ screen, allowing the control without the need of connecting into the device
  • ESP32 module as a security chip, to add a firewall into control installation and ensure constant operation of the device, even with power drops and random events
  • Aluminum case, to grant much higher durability for extra harsh industrial conditions
  • M.2 NVMe SSD controller for extra data storage
ModBerry 500 with Raspberry Pi Compute Module 4

ESP-MESH is a network protocol based on the Wi-Fi protocol. ESP-MESH enables the connection of a large number of devices (hereinafter nodes) covering a large physical area (both inside and outside) over a single WLAN (wireless local area network). ESP-MESH self-organizes and self-heals, allowing you to build and maintain networks autonomously.

Traditional Wi-Fi Network Architecture. Source: espressif.com

Traditional Infrastructure of Wi-Fi network is a point-to-multipoint network in which a single central node called an Access Point (AP) is directly connected to all other nodes called stations. The AP is responsible for arbitrating and forwarding transmissions between stations. Some access points relay transmissions to and from external IP networks through routers.

Traditional Infrastructure Wi-Fi networks have the downside of having a limited coverage area as all stations need to be in range to connect directly to the access point. In addition, the maximum number of stations allowed in the network is limited by the bandwidth of the access point, making traditional Wi-Fi networks prone to overload.

ESP-MESH vs traditional Wi-Fi infrastucture

ESP-MESH differs from traditional Wi-Fi infrastructure networks in that the nodes do not have to connect to a central node. Instead, the node can connect with its neighbors. Nodes are responsible for relaying transmissions to each other. This allows for achieving interconnections without the need for nodes to be within the range of the central node, which significantly extends the coverage area of the ESP-MESH network. Likewise, ESP-MESH is less prone to congestion as the number of allowed nodes in the network is no longer limited by a single central node.

ESP-MESH Network Architecture. Source: espressif.com

Industrial use of ESP32-based solutions

One of industrial IoT devices, supporting Espressif’s ESP32 technology is eModGATE from TECHBASE. Economical, ESP32-based solution can serve as an end-point in any installation or works well as a gateway, gathering data from scattered sensor mesh across the installation. For more information check Industrial IoT Shop with all the configuration options for eModGATE.

eModGATE with ESP32

Hyperautomation is a process in which businesses automate as numerous commerce and IT forms as conceivable utilizing apparatuses like AI, machine learning, event-driven computer program, mechanical process automation, and other sorts of choice prepare and task automation instruments.

It is the key to both computerized operational greatness and operational resiliency for organizations. To empower this, organizations had to digitize their documents/artifacts and guarantee their trade and IT process workflows were advanced. They got to mechanize tasks, processes and coordinate computerization over utilitarian zones.

Hyperautomation is irreversible and inevitable. Everything that can and should be automated will be automated.

Brian Burke, Research Vice President, Gartner

Gartner prepared a Tech Trends 2021 summary with key features of the constantly changing market. Read more at: https://www.gartner.com/en/information-technology/trends/top-strategic-technology-trends-iot-gb-pd

Industrial IoT market evolution

Data generated over the Internet of Things is growing exponentially faster than the traditional cloud environment where data is stored, so just the amount of data can justify the acceleration. In addition, in the cloud as the destination, problems related to data transfer (delay and bandwidth) occur, so travel speed is the main issue. This edge is necessary as a solution to the inefficiency of IIoT to Cloud architecture.

Fast data processing of Industrial IoT devices

When industrial IoT devices and edge processing work together, digital information becomes more powerful. Especially in contexts where you need to collect data in a traditional edge context, such as a smart meter, a parking meter or a connected trash can in a street apartment. The installation of sensors with internet access in metropolitan garbage containers is becoming increasingly common for smart urban engineers. You can then remotely monitor the container using the sensor. When it is full, the city sanitation service receives a notification and can register an order and empty the container.

By introducing AI (artificial intelligence) into the device itself, edge computing can also make more context-sensitive, quick decisions at the edge. Data gathered from the sensors can be transferred to the cloud at any time after local work has been completed, contributing to a more global AI process, or archived. With the combination of industrial IoT devices and advanced technology, high quality analysis and small footprint will become the AI standard in 2020.

ModBerry AI GATEWAY with Raspberry Pi CM4 and Google Coral

Latest innovations used in industrial solutions

One of many uses of IoT can be edge devices, dedicated to data management, process control (e.g. with MQTT protocol) and monitoring. Latest ESP32-based eModGATE controller from TECHBASE company is a series utilizing MicroPython environment to provide data management solutions for end-points applications. The eModGATE has built-in Wi-Fi/BT modem and can be equipped with additional NarrowBand-IoT, LoRa, ZigBee, etc.

For example eModGATE eqipped with wireless NB-IoT modem are perfect for industrial automation solutions, e.g. data logging, metering, telemetrics, remote monitoring, security and data management through all Industrial IoT applications.

Silicon Labs recently announced two hardware modules based on its BG22 Secure Bluetooth 5.2 SoC: 6x6mm BGM220S system bundled (SiP) and slightly optimized for wireless performance with a better link budget. BGM220P introduced, large PCB variant, wider range.

Both modules can be integrated into products with a battery life of up to 10 years using a single coin cell battery. All variants of BGM220S/P can support Bluetooth directional discovery, and some components can also support Bluetooth mesh low power protocol.

Main features

  • Silicon Labs EFR32BG22 Arm Cortex-M33 with DSP instructions and floating-point unit, up to 512 kB Flash, 32 kB RAM, 2.4 GHz radio with TX power up to 8 dBm, and Embedded Trace Macrocell (ETM) for advanced debugging
  • Supported Protocols
    • Bluetooth Low Energy (Bluetooth 5.2)
    • Direction-finding
    • Bluetooth mesh Low Power Node

Source: https://www.cnx-software.com/2020/09/14/silicon-labs-bluetooth-5-2-bgm220s-sip-and-bgm220p-pcb-module/

Industrial use of ESP32-based solutions

One of industrial IoT devices, supporting Espressif’s ESP32 and Bluetooth technology is eModGATE from TECHBASE. Economical, ESP32-based solution can serve as an end-point in any installation or works well as a gateway, gathering data from scattered sensor mesh across the installation. For more information check Industrial IoT Shop with all the configuration options for eModGATE.

eModGATE with ESP32