Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News QCon New York - IoT and Edge Compute at Chick-fil-A

QCon New York - IoT and Edge Compute at Chick-fil-A

Internet of Things (IoT) and Edge Computing technologies drive the architecture at Chick-fil-A. Brian Chambers, enterprise architect at the restaurant chain company, spoke at QCon New York 2017 Conference about how they use edge and cloud services. He also discussed the design principles they follow in their applications: security, open API, and scalability.

Security: The team sees technology as a first class citizen to solve business problems, but anything they do with IoT has to be secure.

Open SDK: The IoT environment is open to third party vendors so the vendors and other companies can integrate with Chick-fil-A services.

Securing the IoT devices includes device registration, credential management and Transport Layer Security (TLS). The architecture is also based on brokered communications meaning every device needs to be authenticated before they can call any services. Brokered communication is based on services subscribing to messages and then consuming those messages to perform business functions.

User and system security is done using single sign so (SSO), multi-factor authentication (MFA), and stateless token (JWT) technologies. The system doesn't allow inbound connectivity, and all requests initiate at the edge, to prevent any unauthorized requests coming into the system.

Another requirement is there should be no degradation when network (WAN) is offline to ensure the same security capabilities when applications are not connected to the network. They monitor device traffic profiles to ensure the devices are behaving normally.

Collecting the data from IoT devices is based on MQTT light-weight messaging protocol and uses pub/sub messaging. Device to device direct interaction is not allowed. They use a customized version of Mosca broker (to support JWT) backed by a distributed Redis cluster.

Edge computing is a big part of the architecture and it helps to support critical businesses when a network is down or slow. It also helps with reducing latency for IoT device interactions and data aggregation before shipping to cloud. Everything in their edge computing runs on Docker containers. They use Docker Swarm to run microservices at Edge with a self healing architecture, discovery and portability of apps between Edge and Cloud.

NGINX local web server is used for internal content delivery and as a reverse proxy for edge microservices (for managing the service versioning). Edge architecture also includes a fluentd server for event & log forwarding (MQTT and Docker log forwarding).

Persistence is distributed across all edge nodes using Redis cluster and supports edge application persistence.

Chambers also talked about the best practices on how to develop edge applications. The team uses Java, Node.js, Python, and Go languages to develop their applications. Edge applications can be short-lived (like AWS Lambdas) or long-lived and support service limits (SLAs).

He also discussed the CI/CD pipeline for IoT applications which includes tools like Git, Jenkins, Virtual Edge servers (Docker), and Chaos Monkey.

Chambers concluded the talk by saying that connecting IoT devices creates the opportunity to orchestrate interactions between devices and people. We need to think about the whole ecosystem that's secure, open, and scalable. He also presented the future roadmap of their architecture, using analytics and machine learning on IoT data and on the edge services.


Rate this Article