|
1 Beremiz and Beremiz_service connectors |
|
2 ====================================== |
|
3 |
|
4 To connect a PLC, Beremiz provides 2 types of connectors : |
|
5 * a Pyro connector |
|
6 * a WAMP connector |
|
7 |
|
8 To configure the connection, you have to set the *URI_location* in your project Config tab according to this documentation. |
|
9 |
|
10 The Pyro connector |
|
11 ---------------------------- |
|
12 |
|
13 Pyro is an advanced and powerful Distributed Object Technology system written entirely in Python. |
|
14 Beremiz_service spawns a Pyro server, serving a PLCObject (see runtime/PLCObject.py). Therefore, Beremiz acts as a Pyro client. |
|
15 |
|
16 TODO:: link to PLCObject API documentation |
|
17 |
|
18 URI_location : |
|
19 * LOCAL:// is a facility that starts the PLC service locally and connect Beremiz to it via Pyro. |
|
20 This is intended for use in development stage. |
|
21 * PYRO://<ip:port> normal connection to a remote PLC. PLC default port is 3000. |
|
22 * PYROS://<ip:port> SSL connection to a remote PLC, see below. |
|
23 |
|
24 more information about Pyro can be found on http://pythonhosted.org//Pyro/1-intro.html |
|
25 |
|
26 =========================== |
|
27 Setup a Pyro SSL connection |
|
28 =========================== |
|
29 |
|
30 Pyro v3 has a limited TLS/SSL support based on m2crypto. Pyro v4 had dropped it. |
|
31 In order to have a full and reliable SSL, we recommand to use a TLS/SSL wrapper as nginx, stub or stunnel. |
|
32 |
|
33 -------------------- |
|
34 TLS-PSK with stunnel |
|
35 -------------------- |
|
36 |
|
37 In this example, we setup a simple TLS-PSK connection according to rfc4279. |
|
38 This ciphersuite avoid the need for public key operations and certificate management. |
|
39 It is perfect for a performance-constrained environments with limited CPU power as a PLC. |
|
40 |
|
41 |
|
42 Needed : |
|
43 * stunnel >= 5.09 |
|
44 |
|
45 verify openssl support for PSK cipher:: |
|
46 |
|
47 openssl ciphers -v 'PSK' |
|
48 |
|
49 ---------------------- |
|
50 Client setup (Beremiz) |
|
51 ---------------------- |
|
52 |
|
53 You need to choose an identity for your client, here *client1*. |
|
54 generate a valid and strong key:: |
|
55 |
|
56 $ echo client1:$(openssl rand -base64 48) > pskclient1.txt |
|
57 |
|
58 write a stunnel client configuration file *stunnel-client.conf*:: |
|
59 |
|
60 output = stunnel-client.log |
|
61 client = yes |
|
62 |
|
63 [beremiz] |
|
64 accept = 3002 |
|
65 connect = [PLC]:3001 |
|
66 PSKidentity = client1 |
|
67 PSKsecrets = pskclient1.txt |
|
68 |
|
69 start stunnel client side:: |
|
70 |
|
71 stunnel stunnel-client.conf |
|
72 |
|
73 You could now connect beremiz with classic URI_location = PYRO://127.0.0.1:3002 |
|
74 |
|
75 -------------------- |
|
76 Server setup (PLC) |
|
77 -------------------- |
|
78 |
|
79 import the client key in a keyfile psk.txt, concatening all client key. |
|
80 |
|
81 write a stunnel server configuration file *stunnel-server.conf*:: |
|
82 |
|
83 output = stunnel-server.log |
|
84 |
|
85 [beremiz] |
|
86 accept = 3001 |
|
87 connect = 127.0.0.1:3000 |
|
88 PSKsecrets = psk.txt |
|
89 |
|
90 start stunnel server side:: |
|
91 |
|
92 stunnel stunnel-server.conf |
|
93 |
|
94 more documentation on stunnel http://www.stunnel.org/docs.html |
|
95 |
|
96 The WAMP connector |
|
97 ------------------ |
|
98 |
|
99 WAMP is an open standard WebSocket subprotocol that provides two application messaging |
|
100 patterns in one unified protocol: Remote Procedure Calls + Publish & Subscribe. |
|
101 |
|
102 Beremiz WAMP connector implementation uses Autobahn and crossbar. |
|
103 |
|
104 URI_location : |
|
105 * WAMP://127.0.0.1:8888#Automation#2534667845 |
|
106 |
|
107 more information about WAMP can be found on http://wamp.ws/ |