Who's using Cloud or Docker in production environments?

I’m old school and think everything should be on-prem (VM, not physical) when it comes to HMI & SCADA, I see the trends of everything moving to cloud and docker based deployments.

I’m trying to get a feel from anyone who is using cloud based or docker based deployments and how its working for you. What issues have you come across and how do you like it? How are you dealing with possible internet outages?

I understand Docker is mostly on-prem (from my experience) but wasn’t sure if anyone is using it in the cloud.

This is just a high level question/discussion regarding kicking tires so let me know your thoughts and how well it did or didn’t work for you! Thanks!

I have a customer that deploys the Gateway to a private cloud….and as would be expected when the ISP goes down, their production goes down. It’s a silly design because IT will not venture to the plant floor.

The workaround is edge gateways…..but then IT has to venture to the plant floor.

Docker is really just about efficient use of resources and works the same regardless of the hardware location.

I’m old school and think everything should be on-prem (VM, not physical) when it comes to HMI & SCADA

That’s because you don’t have experience with use cases where this approach isn’t viable. Oil fields, pump stations, wind farms, municipal utilities…anywhere you have nodes that are separated by miles and there is no single “premises” that exists, this is where Cloud applications come in.

Trying to accomplish this with traditional SCADA methods won’t be nearly as secure or reliable. Transmitting things over the internet with 1990s security technology (e.g., no security, which are the vast majority of “traditional” SCADAs) is inviting disaster. Cloud edition gives you functionality with modern security practices. SSL certification, multi-factor authentication, traffic encryption. There’s a whole lot out there in the world of internet security that us “old school” guys don’t have the first clue about, but are incredibly important all the same.

In my experience, the most important consideration when utilizing Cloud Edition, especially when you have a multi-tenant application like my team is working on, is scalability. Something that will work on a tiny single-project edge station will very often annihilate a Cloud server at scale. You have to really consider every single method you use to accomplish what you need to accomplish or else you’ll be a big world of hurt down the road as more tenants move in.

For example, we had a situation where one of our servers was crashing and it turned out that someone had made a script transform on a binding that refreshed every 5 seconds inside of a template. That script included an alarm journal query, which is a pretty “expensive” scripting method as it is. When we had just a handful of tenants, it wasn’t a problem. But when we had 50, that means 50 alarm journal queries were happening every single second, per perspective session. So if 10 sessions were open, that meant 500 alarm journal queries per second. We ended up moving the script from the view template to a gateway timer script and changed it so that it would write its results to tags instead. Since it became a gateway timer script, that meant only one instance of the script would run no matter how many sessions were open, because each template would just read the tag the script populated instead. That’s just one example of something that’s typically “discouraged but tolerated” (using a script transform on a binding) being an absolutely unworkable solution at scale.

In order to use Cloud, imo, the most important thing is really understanding where to write your scripts and why. You need to really plan out and optimize everything.

Im pretty intrigued by the idea of hosting a central ignition in the cloud. Im looking at building out a hub and spoke system consisting of 4 facilities for a water/wastewater with 20+ miles between some of the facilities. Unfortunately I know zero about cloud stuff and I think it would be a touch expensive for our needs. Letting super professionals at aws take care of the hardware sounds great though.

In this case a hybrid approach of physical hardware with limited software at the plant, and then a full blown central SCADA in the cloud might make sense.

There are many factors to consider and there is no one-size-fits-all.

FWIW - AWS Lightsail is a great platform to dip your toe in the water for cloud hosting.

Im already planning to do a edge panel install at each location that connects directly to the plcs, provides local fallback, provides backup short term data collection, etc. These will report back to a central gateway for system wide visualization, data logging, reporting, alarming, etc, etc. So really only difference would be using a local gateway vs the cloud edition. Seems like a decent use case for cloud, except I would be stuck endlessly explaining what the cloud is to operators. And IT could screw our internet up and sink the whole ship.

We use it lots in O&G. Wells pads accessible via private radio towers or cell modems collected to a regional server then it's all accessible via a cloud front end so that the operators can control everything remotely on their tablets.

Works pretty well, though you have to be mindful of availability, even if cloud providers claim 99.99% uptime that still means instances of outages. Also in the era of AI slop we've seen more problems with places like cloudflare, aws, azure, etc having outages more frequently than in the past so be mindful to plan mitigations or backup routes.

We do not use cloud edition ever. It's not worth it financially unless you're just spinning up a short term install. Just buy a regular license.

This has just sent me down a new rabbit hole this morning. When I initially looked at the cloud stuff I was looking specifically at the cloud edition and it seemed pretty expensive. However it seems like paying for a cloud instance and installing a normal license would be the same or cheaper than maintaining appropriate hardware on site for a central gateway.

This is great information, thanks everyone!