Moving Greengrass to the SATCOM terminal – Architecting for Disconnected Edge Computing Scenarios

 2024-07-01
      No Comments
      Brette Connolly

Imagine a situation like we had in the previous section where we want to put an IoT gateway in the middle of nowhere behind a SATCOM terminal, but for various reasons, AWS Snowcone isn’t ideal. Maybe we intend to deploy it once and never physically visit the site for 5 years. How could we run the AWS IoT Greengrass v2 agent on the terminal itself?

As you’ll recall from earlier in this chapter, most SATCOM terminals have just enough local compute resources to run a Real-Time Operating System (RTOS) that hosts a web interface for configuration and orchestrates digital signal processing tasks. There is a FreeRTOS version of the Greengrass v2 agent. We might be able to squeeze it onto the existing microprocessor onboard the terminal. But for an IoT gateway that will support many different types of sensors, and especially one that will run an ML model, we need more horsepower.

We could augment the terminal with a single-board computer such as a Raspberry Pi Zero 2 W, or one of the more powerful modules available from companies such as Variscite. We could simply install Linux normally on top of it, but to conserve resources and simplify mass deployment, we would prefer to create a custom build of embedded Linux containing the AWS IoT Greengrass agent, Fleet Provisioning certificates, and bootstrap configuration scripts. This would allow us to flash microSD cards on a per-deployment basis, inserting Fleet Provisioning certificates and endpoint configuration specific to a group of devices we want attached to a certain AWS account. It would also allow the user to receive the terminal, point it, and power it on – the rest of the configuration is handled by AWS IoT Greengrass components that configure the terminal environment:

Figure 9.15 – SATCOM terminal enhanced with edge compute using AWS IoT Greengrass

Next, the Greengrass v2 agent communicates with an endpoint in AWS and exchanges its Fleet Provisioning certificates for a true individual certificate with an IoT policy and IAM roles attached to the terminal vendor’s SAAS platform account in AWS. At that point, whatever edge compute configuration the customer has subscribed to is pushed down via components of a Greengrass deployment. Now, the customer can directly point IoT sensors at a local MQTT queue on the terminal, upload CSV data files to it via SFTP, set up poll/response configurations for Modbus PLCs, and so on.