I’m contemplating a remote data logging architecture using cloud hosting. I’m assuming I’d want to take a Hub & Spoke approach …
Has anyone implemented such a solution? Does anyone have any recommendations or other feedback? Is this feasible?
I’m considering a solution with Rackspace as the provider … thought I’d drop a line in the forums first …
This will work no problem. You actually have 3 ways to connect to the PLC. The cheapest, least secure way is a direct connection to the PLC through a VPN. For obvious reason, this is not recommended. The second option is installing the ignition gateway, along with the UA server and drivers. This will give you secure access sans VPN to your PLC, but no data caching should the connection go down. Finally, there is the Hub and Spoke option. I believe this option will still require a VPN, but will provide caching should the connection to the central host/database go down.
I’m almost certain I’d go with the third approach … I’d prefer to maintain a local cache at each location for just the reason you mentioned.
I was hoping I could get by without a VPN … possibly just configuring each “Data Logging Box” with a connection to the remote database in the cloud. To keep things secure, I was thinking of turning on SSL Encryption … I’m hoping the encryption applies to SQL Bridge traffic as well …
Thanks for your feedback!
Turning on SSL encryption will only affect HTTP traffic between Clients, web browsers and the Gateway. It does not affect communication between the Gateway and the database, which is what you need.
Luckily, some databases, like MySQL, let you use SSL on their connection as well. You’ll need to set up certificates for the server. MySQL’s manual is a good place to start. We have used this before - it works great, and we can help you set it up.
At the moment, I’m tied to using Microsoft SQL Server 2008 … do you have any experience encrypting SQL Server database connections?
I Google’d around and found an MSDN article on JDBC and SSL Encryption, url=http://msdn.microsoft.com/en-us/library/bb879935%28v=SQL.90%29.aspx[/url]. If time allows, I’ll try to set up a development environment at my office and run some tests …
Thanks for responding!
I don’t have any direct experience using SSL encryption with SQL Server’s JDBC connector, but if it says it works, then I’d assume it will.
I know that would work, but for some reason, I still hate the idea. It would be nice if there was some sort of forwarding engine, for example, from a remote ignition gateway to a central ignition gateway. I dont know why I like that idea better.
I don’t know why you like that idea better either, but it’s strangely an idea I’ve had as well (but have also not formed into a solid idea).
I think the biggest way I see it being useful is when doing store/forward stuff over an expensive (or slow) connection. The data could be cached on purpose for some time and then sent as a compressed unit to the central gateway where it’s decompressed and stored.
Will have to think about this a bit more… but in general, I don’t want to discourage Bryan from using JDBC/SSL - I think that’s a good way to go to start with.
Not discouraged at all …
At the moment, I’m experimenting … this isn’t project or client-driven, (at least not yet) … my interest has been peaked enough to see if I can get JDBC/SSL working regardless if I end up using it or not … all I need now is enough time to pull it off!
I’ll be sure to share my results when finished … thanks for the additional input Kyle/Carl.
Bryan,
Have you had the opportunity to use Ignition in a cloud environment yet? Would be very interested in your experience with that if you have.
Thanks
Our demo machine is in the Amazon EC2 cloud in a linux virtual machine. You can access the demo machine here:
inductiveautomation.com/products … emo/online
It runs great and is very secure if you use SSL in Ignition.