AWS Integration DONE


#1

Dear all Loraserver users,

I’ve been searching, during the last two days, the way to integrate AWS IoT Core with the Lora-App-Server. I saw some topics in the forum talking about existing problems setting it up. Finally I got to do the integration and I would like to share it with all of you.

The next links helped me to reach my objective:

  1. https://www.loraserver.io/lora-app-server/integrate/data/
  2. https://github.com/gotthardp/lorawan-server/blob/master/doc/Integration.md
  3. Nil Error When Connecting to MQTT Broker (AWS IoT Core)

First you should create a thing in IoT AWS Core as you can see in the link #1. Follow the steps (name, type, groups, attributes…). Then you have to create a certificate. It can be your own certificate by a CA or you could let AWS IoT to create it for you. I chose the second option and I downloaded the certificate, and the public and private keys into the /etc/lora-app-server/certs/ directory. After this you have to go to the security options in the main panel, and to create a policy. Then you will have to attach this policy to the certificate created before. For the moment we will use the policy given by #1:

"Statement": [{
  "Action": "iot:*",
  "Resource": "*",
  "Effect": "Allow"
}]

If you go to the thing you created, you will find, in the interact option, the link_point which you will have to insert into the lora-app-server configuration file.

Secondly, in the lora-app-server (mine is running in an Ubuntu 18.06 EC2 instance) you have to modify the /etc/lora-app-server/lora-app-server.toml file as follow:

    # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
    server:"ssl://link_point:8883
    # TLS certificate file (optional)
    tls_cert="/etc/lora-app-server/certs/certificate.pem.crt"
    # TLS key file (optional)
    tls_key="/etc/lora-app-server/certs/private.pem.key"

As you can see, it is important to change the “tcp” by the “ssl” protocol and it’s not necessary to fill the “ca_cert” because this is just when the certificate is self generated.

To check that everything is correct, go to the test/trial option in AWS IoT Core and write any topic like the next one:
application/1/device/#
If you have an application and a device created, you will see your data at the IoT AWS Core platform. From here, you are free to create and connect any allowed AWS application!

If you have any doubt or just you would like to share more things about this topic, do not hesitate to write here!

PD: Thanks a lot Brocaar for the work you are doing! It could be a very nice option to implement the AWS Integration, so that users could choose between two big cloud solutions (Google and Amazon). Thanks again!


#2

Wow great job! If we could eventually officialize this implementation in future version, it would be a great addition.


#3

Thanks! It could also be interesting to add other platforms like IBM Bluemix… couldn’t be? :smirk: The more intregations are added, the happier we will be!


#4

Great work :+1: I’m currently traveling and will be back in about a week. Then I’ll look further into this and see what would be needed to “officialze” this integration :slight_smile:

Yes that is definitely the plan!


#5

super Thanks ! I had issues earlier while integrating with IoT core link and would like to know if you had made any configuration changes on the gateway and server side.

Did you install gatewaybridge on the gateway ? could you please share your configurations on gateway and loraserver.toml,
If multiple devices are registered to IoT core then how should we configure the app-server.toml.


#6

Good job, I have the same setup with the bridge installed on the gateway. I’m using MQTT bridge mode in order to connect my gateways to IoT Core service in AWS.

I also have LoRa server and LoRa application server connected through mosquitto bridge to AWS too.

So every part of my network, “talks” to mosquito locally and then mosquitto bridges back to AWS.

This solves the problem of too many “Things” and “Certificates” and “Policies” in AWS, you only need one of them per instance (LoRa Server, LoRa App, LoRa Gateway).


#7

Hi Rini!
I have installed the packet_forwarder software in my gateway. Then I have all the loraserver environment installed in an instance EC2 micro of Amazon. I know it would be safer to install lora_gateway_bridge in the GW, it will be a future objective!
According to the configuration done in the server side, I already shared in my first post everything I did. There are no more things to do following my steps.
If you have many sensors, you will be able to differentiate them by their ID or EUI. For instance you could subscribe to the topic of the device you have as: application/1/device/YOUR_DEVICE_ID/EUI


#8

Hi stelios!
I really like how you did it, so that you can receive information from several parts of your entire network into the IoT Core in AWS.
Thanks!


#9

Thanks Promero, I do have the same setup will try again and see how it goes. The sensors part which you explained , sorry I should have been more clearer. My question was wrt. “Things and certificaties” which I think stelios has clarified.


#10

@stelios That’s great, thank you. I am trying to achieve something similar. However, I am using this bridge link on the gateway.
Would it be correct to say that you have only configured one file with IoT core details on it and that is the bridge Mosquitto. The app server.toml and lora server.toml has no information of iot core instead its still pointing to “tcp://mosquitto:port”.

Would you have any idea on what all configuration I would need to do if I use the above mentioned bridge setup.


#11

Take a look at the link I have posted, you leave the default configuration for lora server and lora app and you make the bridge configuration to

#Create the configuration file
sudo nano /etc/mosquitto/conf.d/bridge.conf

So in that way, the bridge in the link you posted, forwards the packets to localhost:1883 mosquitto which is bridged with the IoT Core service.


#12

thanks @stelios will try that.