Living on the Edge with AWS Greengrass
•Télécharger en tant que PPTX, PDF•
1 j'aime•513 vues
In this talk, delivered at the 2018 AWS New York Summit, Forrest shares real-world learning experiences building on AWS's edge IoT service, Greengrass.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Living on the Edge with AWS Greengrass
Similaire à Living on the Edge with AWS Greengrass (20)
Dernier
Dernier (20)
Living on the Edge with AWS Greengrass
- 1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Forrest Brazeal Sr. Cloud Architect, Trek10 DEV12 Living On The Edge with AWS Greengrass
- 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Forrest Brazeal • AWS Serverless Hero • Cloud Architect at Trek10 • Cartoons, etc at A Cloud Guru
- 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Greengrass - Announced at re:Invent 2016, GA in summer 2017 - Extension of AWS IoT - Lets you run Lambda functions on edge devices
- 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Hold up. Why would I want to do that?
- 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. History time! • AWS released their IoT service at re:Invent 2015. • It lets you hook IoT devices into a cloud gateway and pass messages via MQTT, HTTP, WebSockets, etc. • IMPORTANT: message broker, rules, orchestration, etc all live in the cloud gateway ("IoT Core"). • Cool, but …
- 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. What if we moved our device gateway to the edge? • Lower latency • Works with intermittent/poor internet connectivity • Potential compliance wins
- 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The Case For Greengrass • “Laws of the land, of physics, of economics” • You can manage your edge code the same way you manage your cloud code (great if you have a serverless architecture) • Tightly-integrated security model (Fun side note: if you ever wanted to poke around in a Lambda container, now you can!)
- 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Let’s follow a humble Lambda function on its epic journey to the edge …
- 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Greengrass Groups • Fundamental abstraction • Location: CLOUD • Defines the state of your connected devices • Provides service discovery
- 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Greengrass Core Device • A computer running the Greengrass service • Location: EDGE • The ”brains” of your operation at the edge • ONE per group (for now) • Can run long-lived Lambda functions! • Example: a Raspberry Pi running Greengrass software
- 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Greengrass Resources • Sensors, filesystems, or anything mounted to your Core device • Location: EDGE • You have to give your Lambda functions specific permissions to access these • Example: a camera plugged into a Raspberry Pi
- 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Greengrass Devices • Basically, another word for IoT Things • Location: EDGE • CANNOT run Lambda functions • Talk to each other, the Greengrass Core, and AWS via subscriptions • Example: an IoT thermometer sending telemetry data to the Core device
- 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Lessons learned • A lot of Greengrass is an abstraction on existing AWS IoT primitives. • When you click “Use easy creation” in the Greengrass Group console, this happens…
- 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Easy Group Creation 1. Greengrass Group created 2. IoT keys and certificate created 3. IoT Thing created (for Greengrass Core) 4. Certificate principal attached to Core thing 5. IoT policy created for Core thing with Greengrass, IoT permissions 6. Cert attached to IoT policy 7. Core thing defined in Greengrass group
- 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Sadly, Greengrass does not have CloudFormation support. (Yet!)
- 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Any time we update our Lambda code, we have to… • Update the Lambda function • Publish a new version of the Lambda function • Associate that version with the Lambda alias used by our existing Greengrass group • Create a new deployment of our Greengrass group That sounds like something we should automate.
- 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SAM to the rescue DeviceCoreFunction: Type: AWS::Serverless::Function Properties: CodeUri: device/ Handler: device. handler AutoPublishAlias: !Ref FunctionAlias
- 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SAM to the rescue DeviceCoreFunction: Type: AWS::Serverless::Function Properties: CodeUri: device/ Handler: device. handler AutoPublishAlias: !Ref FunctionAlias
- 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SAM to the rescue • Now we can use a CloudFormation custom resource to deploy the Greengrass group • Full code on the Trek10 blog: https://www.trek10.com/blog/sam-greengrass-lambda- update
- 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. More cool stuff • Device shadows • ML inference at the edge
- 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Real world use case • Quick service restaurant • Real time food quality analysis • Is this sandwich too toasty? • How many pieces of chicken in this bucket? • Does this pizza have the right toppings?
- 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reach out… Email: fbrazeal@trek10.com Twitter: @forrestbrazeal Forrest Brazeal
- 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Q & A
Notes de l'éditeur
- Group CA (used by AWS Greengrass devices to validate the certificate presented by an AWS Greengrass core device during TLS mutual authentication.) X.509 cert (per device) Two roles: service role (lets Greengrass talk to Lambda and IoT – only need to set this up once per account) and custom group role (lets you talk to the cloud from your core device)
- This amazing line of config singlehandedly creates an alias for the function, publishes a new version, points the alias to the version, and points all event sources to the alias, any time your function code changes.