This guide will walk you through adding the IoT Cloud repository to your Intel® IoT Gateway and adding support for Amazon Web Services (AWS)* so you can begin developing applications for this platform in your programming language of choice.

This section is geared toward users working with Intel® IoT Gateway Software Suite.

Requirements

  • Intel® IoT gateway technology running Wind River* Intelligent Device Platform XT (IDP) 3.1 or above with internet access
  • A host computer on the same network as the Intel® IoT Gateway
  • Terminal access to the Intel® IoT Gateway from your host computer
  • Amazon Web Services account: https://aws.amazon.com/ 
  • If you haven't already, set up your gateway.

Adding the IoT Cloud repository to your Intel® IoT Gateway

  1. Access the console on your gateway using either a monitor and keyboard connected directly, or SSH (recommended).
  2. Add the GPG key for the cloud repository using the following command:
    rpm --import http://iotdk.intel.com/misc/iot_pub2.key
  3. On your host computer, open a web browser and load the Intel® IoT Gateway Developer Hub interface by entering the IP address of your gateway in the address bar.

    Tip: You can find your gateway’s IP address using the ifconfig command.
  4. Log in to the Intel® IoT Gateway Developer Hub interface using your credentials. The default login and password are both root.


  5. Next, you'll add the IoT Cloud repository. Go to the Packages section and click the Add Repo + button.


  6. Populate the fields with the following information and click Add Repository:
    • Name: IoT_Cloud
    • URL: http://iotdk.intel.com/repos/iot-cloud/wrlinux7/rcpl13
  7. Finally, click the Update Repositories button to update the package list.

Adding AWS* support to your Intel® IoT Gateway

  1. Click the Add Packages + button to bring up the list of packages you can install.


  2. Search for cloud-aws using the search box at the top of the package window. Click the Install button next to the packagegroup-cloud-aws entry.

Set up your user in AWS* console

  1. In a browser, navigate to the AWS* console at https://console.aws.amazon.com and log in to your AWS account.
  2. Next, you'll assign the AWSIoTFullAccess policy to your user.
  3. Click on your account name in the top right corner of the console and select Security Credentials from the drop-down list.


  4. If you get the popup message shown below, which is about accessing the security credentials page for your AWS account, select Continue to Security Credentials.


  5. Select Users from the left-hand panel to get a list of all users in your AWS account. If there are no users listed, click the Create New Users button, enter the usernames you would like to create, and click Create. Your AWS users should then be listed as shown.


  6. Click on your user to show a summary page. Select the Permissions tab and click on Attach Policy


  7. Scroll down through the list of policies until you find AWSIoTFullAccess. Select this policy and click Attach Policy to add this policy to your user.


  8. Back on the user summary screen, select the Security Credentials tab and click on Create Access Key.


  9. At this point, a window will appear showing you your unique access key pair.
    Warning: Do not close this window before completing the next section! The Secret Access Key will not be shown again once this window is closed, which means you will need to generate a new access key if you close it before completing the steps below.

Configuring your gateway

Tip: It is recommended that you use SSH to connect to your gateway, or access the command line through the Intel® IoT Gateway Developer Hub interface to make copying access keys easier. If you are accessing the command line of your gateway directly, using a monitor and keyboard, you will need to manually enter the access key and secret access key in the next section.

  1. Enter the following command to add your user credentials to the gateway:
    aws configure
    When prompted, enter the following information:
    • AWS Access Key ID: The Access Key ID you just generated.
    • AWS Secret Access Key: The Secret Access Key which pairs the access key you just generated.
    • Default region name: See here for a list of regions (e.g. eu-west-1) http://docs.aws.amazon.com/general/latest/gr/rande.html#iot_region
    • Default output format: Default is fine, so hit Enter to continue.
  2. Enter the following command on your gateway to create an associated thing in your AWS instance:
    aws iot create-thing --thing-name gateway-test-01
    If adding the thing is successful, you will get output similar to that below:


  3. Enter the following command to create a new policy in your AWS instance:
    aws iot create-policy --policy-name gateway-policy --policy-document '{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action":["iot:*"], "Resource": ["*"] }] }'
    If the policy is successfully added, the console output should be similar to that below.


  4. Enter the following commands on your gateway to create keys and certificates to communicate with AWS:
    wget -O rootCA.pem https://www.symantec.com/content/en/us/enterprise/verisign/roots/VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem
    aws iot create-keys-and-certificate --set-as-active --certificate-pem-outfile cert.pem --private-key-outfile privkey.pem
    You should get output similar to that shown below, followed by a lot of JSON data. For the next step, we need to know only the certificateArn value, which is at the beginning of the console output.


  5. You now need to attach the thing certificate you just generated to the policy you created earlier. Do this with the following command:
    aws iot attach-principal-policy --policy-name ${POLICY_NAME} –principal ${CERTIFICATE_ARN}
    Be sure to enter the policy name you entered above (e.g. gateway-policy) and the certificateArn from the previous step. For example:
    aws iot attach-principal-policy --policy-name gateway-policy --principal arn:aws:iot:eu-west-1:681450608718:cert/122c86b84c6e0b919353882c03ca37385855897e16804438a20d44b3f9934cb3
  6. In your browser, navigate to the AWS console home screen by clicking on the AWS icon in the top-left of the page. In the top right-hand corner, check that the region you configured your gateway with is selected (e.g. Ireland) and then select the AWS IoT service from the list.


Your AWS IoT dashboard should now contain your thing, policy, and certificate you just configured on your gateway.

Next Steps

Now that your gateway is configured, it is ready to receive data. Provided below are instructions for sending data to AWS using Python*, or Node-RED*:

 


Sending data to AWS* IoT service using Node-RED*

In order to use Node-RED, you need to ensure that your OS is fully up-to-date. Node-RED 0.14.x is required for connecting to AWS.

  1. To monitor the gateway communication, view the AWS console.


  2. From your AWS IoT console, select MQTT Client near the top-right of the page.


  3. In the MQTT Client window, enter the thing name for your gateway, which you assigned earlier (e.g. gateway-test-01). Click Connect.



    The connection status will turn green and say Connected if AWS is able to communicate with your gateway.
  4. Select Subscribe to topic from the MQTT Client Actions options.

In the Subscription topic field, enter sdk/test/nodered and click Subscribe.


Messages received from the gateway will now appear in the message box on the left.

Load the Node-RED* interface

1. Navigate back to the IoT Gateway Developer Hub interface and go to the Administration section. Click Launch under the Node-RED icon to load the Node-RED interface.

Configure a Node-RED* flow

  1. Drag an inject and mqtt node from the nodes panel on the left into the current flow (you may need to scroll down in the nodes panel to see these nodes).


  2. Arrange and connect the nodes as in the screenshot above. Here we have an inject node, which will send a timestamp value at a specified interval to the MQTT node. The MQTT node is responsible for sending this timestamp value to an MQTT broker of your choice. In this case, it will be your AWS IoT endpoint. First, we need to configure the nodes.


  3. Double-click on the timestamp node to bring up the configuration dialog box. Change the settings so they match the screenshot and click Done. This will set the node to send a trigger every 5 seconds.


  4. Double-click on the mqtt node to bring up the configuration dialog box. Click the edit icon at the end of the Server section.


  5. Configure your MQTT connection so it matches the screenshot. You will need to enter your own unique server URL, which we will find in the next step.


  6. Enter the following command in your console window to get the endpoint to send messages to AWS:

    aws iot describe-endpoint

    This will return the endpointAddress, which is the server URL we require to configure the MQTT connection.

  7. Copy the URL in quotes and paste this in the Server field. Ensure that the Port field is empty!
  8. You now need to configure security for your connection. To do this, ensure the Enable secure (SSL/TLS) connection check box is selected and click the Edit icon at the end of the TLS Configuration section.


  9. Here you need to configure the paths to the certificate files you generated earlier.
    • Certificate: This is the path to the cert.pem file you generated earlier.
    • Private Key: This is the path to the privkey.pem file you generated earlier.
    • CA Certificate: This is the path to the rootCA.pem file you downloaded earlier.
    All of the certificates and keys should have been downloaded or created in the same path. By default, this will be /root unless you changed directory after logging into the gateway.

    Below is a working example for reference:


  10. When finished, click Add to save your TLS configuration.


  11. Your MQTT connection configuration should now look similar to the above screenshot. When you are finished, click Add to save your connection configuration.


  12. Finally, enter a topic to send messages on. This needs to match what you subscribed to earlier using the MQTT client in the AWS dashboard, so enter sdk/test/nodered as in the above screenshot. When finished, click Done.

Your Node-RED flow is now configured and ready to be deployed.

Deploy Node-RED* flow and test connection to AWS*

  1. Click the Deploy button in the top right of the Node-RED interface and click Confirm deploy if prompted.


  2. If your MQTT node has been successfully configured, the indicator below it will turn green and state connected. To verify this, head back to your AWS dashboard, where you should have the MQTT client message window loaded. You should see new messages being displayed similar to the screenshot below.

You are now sending data to AWS IoT with Node-RED. If you're curious about how to send data to AWS IoT with Python, continue to the next section below.

 


 

Sending data to AWS* IoT service using Python*

This section contains steps to send data to Amazon Web Services using Python. Now that your gateway is configured, you are ready to begin sending data to AWS IoT. There are a number of Python samples included which you can use for testing.

Monitor gateway communication in the AWS* console

  1. From your AWS IoT console, select MQTT Client near the top-right of the page.


  2. In the MQTT Client window, enter the thing name for your gateway which you assigned earlier (e.g. gateway-test-01) and click Connect.



    The Connection status indicator will turn green and say Connected if AWS is able to communicate with your gateway.


  3. Select Subscribe to topic from the MQTT Client Actions.


  4. In the Subscription topic field, enter sdk/test/Python and click Subscribe.



    Messages received from the gateway will now appear in the message box on the left.

Send messages from the gateway

  1. Enter the following command to get the endpoint to send messages to AWS:
    aws iot describe-endpoint
    This will return the endpointAddress, which we will need for the next step. Copy the address in quotes.

  2. Navigate to the directory that contains the AWS samples:
    cd /usr/share/awsiotsdk/samples/python/
  3. Run the sample using the following command:
    python basicPubSub.py -e [ENDPOINT] -r [ROOTCA_PATH] -c [CERT_PATH] –k [PRIVATE_KEY_PATH]
    Be sure to provide your own information in the command, as described below:
    • ENDPOINT: This is the endpoint address you discovered in the previous step.
    • ROOTCA_PATH: This is the path to the rootCA.pem file you downloaded earlier.
    • CERT_PATH: This is the path to the cert.pem file you generated earlier.
    • PRIVATE_KEY_PATH: This is the path to the privkey.pem file you generated earlier.
    • All of the certificates and keys should have been downloaded or created in the same path. By default this will be /root or $HOME unless you changed directory after logging into the gateway.

    Below is a working example:

    python basicPubSub.py -e a1gx5hswnkj6kf.iot.eu-west-1.amazonaws.com -r $HOME/rootCA.pem -c $HOME/cert.pem -k $HOME/privkey.pem

  4. If the sample app is running correctly, you will start seeing console output like that shown above, indicating that messages are being sent on the sdk/test/Python topic. To verify this, head back to your browser and take a look in the message window. You should see new messages being displayed similar to those in the screenshot below.


    Your gateway is now connected to AWS IoT and able to send and receive data.

Next Steps

For more information on Amazon Web Services*: https://software.intel.com/en-us/iot/cloud-analytics/aws

集成开发环境或开发框架: 
有关编译器优化的更完整信息,请参阅优化通知