BT

QCon New York - IoT and Edge Compute at Chick-fil-A

| by Srini Penchikala Follow 34 Followers on Jul 03, 2017. Estimated reading time: 2 minutes | NOTICE: The next QCon is in San Francisco Nov 5 - 9, 2018. Save an extra $100 with INFOQSF18!

Internet of Things (IoT) and Edge Computing technologies drive the architecture at Chick-fil-A. Brian Chambers, enterprise architect at the restaurant chain company, spoke at QCon New York 2017 Conference about how they use edge and cloud services. He also discussed the design principles they follow in their applications: security, open API, and scalability.

Security: The team sees technology as a first class citizen to solve business problems, but anything they do with IoT has to be secure.

Open SDK: The IoT environment is open to third party vendors so the vendors and other companies can integrate with Chick-fil-A services.

Securing the IoT devices includes device registration, credential management and Transport Layer Security (TLS). The architecture is also based on brokered communications meaning every device needs to be authenticated before they can call any services. Brokered communication is based on services subscribing to messages and then consuming those messages to perform business functions.

User and system security is done using single sign so (SSO), multi-factor authentication (MFA), and stateless token (JWT) technologies. The system doesn't allow inbound connectivity, and all requests initiate at the edge, to prevent any unauthorized requests coming into the system.

Another requirement is there should be no degradation when network (WAN) is offline to ensure the same security capabilities when applications are not connected to the network. They monitor device traffic profiles to ensure the devices are behaving normally.

Collecting the data from IoT devices is based on MQTT light-weight messaging protocol and uses pub/sub messaging. Device to device direct interaction is not allowed. They use a customized version of Mosca broker (to support JWT) backed by a distributed Redis cluster.

Edge computing is a big part of the architecture and it helps to support critical businesses when a network is down or slow. It also helps with reducing latency for IoT device interactions and data aggregation before shipping to cloud. Everything in their edge computing runs on Docker containers. They use Docker Swarm to run microservices at Edge with a self healing architecture, discovery and portability of apps between Edge and Cloud.

NGINX local web server is used for internal content delivery and as a reverse proxy for edge microservices (for managing the service versioning). Edge architecture also includes a fluentd server for event & log forwarding (MQTT and Docker log forwarding).

Persistence is distributed across all edge nodes using Redis cluster and supports edge application persistence.

Chambers also talked about the best practices on how to develop edge applications. The team uses Java, Node.js, Python, and Go languages to develop their applications. Edge applications can be short-lived (like AWS Lambdas) or long-lived and support service limits (SLAs).

He also discussed the CI/CD pipeline for IoT applications which includes tools like Git, Jenkins, Virtual Edge servers (Docker), and Chaos Monkey.

Chambers concluded the talk by saying that connecting IoT devices creates the opportunity to orchestrate interactions between devices and people. We need to think about the whole ecosystem that's secure, open, and scalable. He also presented the future roadmap of their architecture, using analytics and machine learning on IoT data and on the edge services.

 

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Educational Content

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT