Posts

Azure IoT and M5Stack with M5Flow Blocky Python - C2D

Image
The M5Flow (blocky) graphical program builder makes it easy to drag and drop a program that receives C2D messages from Azure IoT Hub.  I've been playing with the M5Stack Core2 devices and wanted to see how hard it would be to create a program that sends data Azure to an IoT device  without  having to actually  write  any code.   They support several development environments including a graphical Python builder.  The UIFlow IDE includes common cloud integration blocks for Azure and AWS.  There weren't a lot of samples out there. I hope this will help others can use this as a starting point. You can find a link to a video walkthrough down below. Azure IoT Hub Cloud-to-Device From the Microsoft guide https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-c2d-guidance IoT Hub provides three options for device apps to expose functionality to a back-end app: Direct methods for communications

Azure IoT and M5Stack with M5Flow Blocky Python - D2C

Image
Device to Cloud (D2C) with Azure IoT Hub I've been playing with the M5Stack Core2 devices and wanted to see how hard it would be to create a program that could send data to Azure without having to actually write any code.  I used the M5Flow (blocky) graphical program builder. It includes common cloud blocks for Azure and AWS.  The program sends sensor data to Azure IoT where it can be processed. I only verified the messages were received in Azure.  Processing will be left for another time. There weren't a lot of samples out there. I hope this will help others can use this as a starting point. You can find a link to a video walkthrough down below. Azure IoT Hub Device-to-Cloud From the Microsoft guide https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-d2c-guidance When sending information from the device app to the solution back end, IoT Hub exposes three options: Device-to-cloud (D2C) messages for time ser

Azure IoT Hub - Generating the SAS Token connection string

Image
IoT devices identify themselves by presenting credentials when they connect to an IoT hub.  Unique credentials are burned into each IoT device. The simplest way to prototype IoT Hub connected devices is to use Shared Access Signature Tokens.  SAS Tokens are created by signing configuration information with the device's symmetric key that was generated when the device was provisioned in the IoT hub. There are several different ways to manage device credentials on the device itself. Embed the Symmetric key in the device and have the device generate the token. This has the advantage of letting the device refresh its tokens. It has the disadvantage that the symmetric key has been installed on a device that you can lose control of. Embed the SAS Token directly in your device if the device does not have a library to generate them. This has the advantage of not needing the signing library. It has the disadvantage that you have hard-coded a future death date into the device wit

The AWS IoT EduKit IoT - An M5Stack with a secure element for AWS Integration

Image
AWS and Microsoft have both been busy demonstrating how their clouds are ideal for fleets of IoT devices.  Both introduced their own sample hardware.  The AWS entry is an M5Stack Core2 ESP32 device that comes with I/O, ports, and a certificate store.  Amazon has a couple relatively straightforward examples including a simple "blinking light" program that reacts to cloud messages with lights and that sends regular messages to cloud topics for processing. I created the video down below to give a quick overview of the steps that make up that sample. AWS Branded IoT Device This is the device.  It is an AWS-enhanced version of the standard M5Stack Core2 component. The Demo Application The sample program operates on two paths. It sends a regular message to AWS via MQTT.  The sample tells you how to view that message in the AWS portal. The sample then shows you how to use the IOT test client to generate test messages that are sent to the EduKit IoT device.  The devi

Crypto mining with LHR cards - the T-Rex dual mining effect

Image
Crypto mining is something I read about but have never played with. I've read about how it works and how NVidia implemented an LHR limited hash rate to reduce the utility of their graphics cards for mining.   The T-Rex project recently came out with a new version that bypasses much of the LHR by using the graphics card to mine two currencies at the same time. This lets you mine both currencies with transaction rates below the rate limit. NiceHash QuickMiner / Excavator This is my default miner that is easy to set up and easy to run with no installation.  It gives you good results with no custom setup required.   A single ethash miner running on my NVidia RTX 3080 TI generates about  52MH/s Sample payout  The right way to do a comparison is to compare hash rates at the same time and not BTC/24 hours across two different times.  We should run two rigs at the same time using two different configurations.  I only have one graphics card so I used two different time windows.   This graph

Bitlocker requires a code whenever you change hardware signature - a graphics card

Bitlocker forces you to re-enter our BitLocker encryption key when a drive has been moved to different hardware.  Upgrading a graphics card will change the signature.  This means a graphics card upgrade may prompt you for your BitLocker key on startup. You will be prompted for your key.   Hopefully, you saved your BitLocker key to your Microsoft account to paper or some secure device. Microsoft provides the corporate recovery link The boot screen refers you to https://aka.ms/bitlocker .  This is the location redirects to htts://login.microsoftonline.com where Enterprise Accounts  keep their BitLocker keys.  You will get a message something like  AADSTS50020: User account <your account> from identity provider 'live.com' does not exist in tenant 'Microsoft' and cannot access the application ....(MSProtect Website [wsfed enabled]) in that tenant. The account needs to be added as an external user in the tenant first. Sing out and sign in again with a different Azure

SEP and its evil twin Someone Else's Problem

Image
Someone Else's Problem  is a term that declares that some work  out of our  control or scope. Sometimes we declare someone else's problem  so that we don't have to take any action. I n the best situations, we evaluate and declare SEP so that we can focus on our core needs. Maintaining focus and scope control is one of the hardest things to do when creating new software systems or implementing various types of programs.  Every decision or new requirement spiders off to touch other requirements that demand other decisions.   Some of those touchpoints belong to other teams.  This means your success is dependent on the actions of those other teams with other priorities. Sometimes that means you have to get heavily involved with the other team's activities to ensure that they do what you need.  This takes focus away from activities that are truly within your charter. SEP as avoidance One of the downsides of SEP is ho

Selecting a SaaS platform is about more than business requirements

Image
Software as a Service can be an equalizer, giving organizations access to best-of-breed capabilities with lower entry costs than custom-built or self-managed services.  Product evaluation involves business requirements and non-technical and technical Non Functional Requirements.   The following are part of my list of mandatory NFRs for a modern internet-connected SaaS product. All of these are discussed in more detail in the video. Video Control and Data Plane Platform Control Plane  Software management functionality used by the SaaS vendor must be isolated from the Tenant control and data plane. It must not overlap functionality that is delegated to the tenant. This plane should not have access to business API or data. It should be easy to block access from the public internet. Tenant Control Plane  Softw

Cloud Strategy: All In or Total Portability

Image
Organizations have two primary strategies when they move to the cloud. Prioritize time to market. Use the cloud provider's services as they were built without customization. Prioritize portability and capability. Focus on avoiding vendor locking by buying the best cloud-agnostic or building their own t meet their custom needs Every technical or platform decision needs to include your cloud strategy as one of its primary drivers.  Decisions that deviate from the standard should be considered technical debt to be revisited later. The cloud strategy is like any other PDCA . Select a strategy. Document the drivers for the decision.   Make the approach clear to the company.  Revisit  the decision on a regular basis to align with business needs The benefits of both approaches

Someone wants your software - Is it platform ready?

Image
You created some piece of software that can be repurposed by you or by others.  Step back and think about how the system was built.  Do the design and data protection rules mean you have to run multiple single-tenant instances?  Is it built in a way you can securely add tenants into a multi-tenant system? Identity management, data security, load isolation, data isolation, log, and metric isolation, reporting controls, data exposure, and APIs are just some of the things that you need to review before signing up new consumers. Multi-tenant or Single-tenant The big push is to Software as a Service.  You stand up your platform in the cloud for use by other teams or organizations.  There are two main models for supporting multiple customers.  Muli-tenant: The customers all run within a shared environment.  The environment is coded to firewall off the different consumer groups to make it appear as if they are the only ones in the system. Multi-tenancy often must be suppor