Gunnebo Business Solutions, IBM International Business Machines, Microsoft Azure, Node RED, Technical

Node-RED deployment on Azure

Today I would like to talk about the process of deployment Node-RED instances on Azure platform.

The initial tasks were:

  1. Deploy Node-RED instance to Azure cloud and provide public IP address/ DNS name to it.
  2. Secure Node-RED instance access with user credentials.
  3. Update instance with actual node set and provide ability to keep them up to date.

Let’s discuss all steps one by one.

Azure deployment

The most common and convenient way to deploy your application on Azure platform is by using Azure Resource Manager. It enables you to use all application resources as a group and to deploy, manage or delete them just in one operation. With Resource Manager, you can create a template (Azure Resource Manager template) that defines the infrastructure and configuration of your Azure solution. It allows you to deploy your solution repeatedly throughout its lifecycle being confident that your resources are deployed in a consistent state.

Resource Manager template is a JSON file that defines resources which you need to deploy to a resource group. Resource Manager analyzes the template and then converts its syntax into REST API operations for the appropriate resource providers. For the resources to be deployed in correct order, you can set dependencies between them.  It is done when one resource relies on a value from another resource, for example, in case of a virtual machine which needs a storage account for disks.

You may wonder, “What resources are and why we need them? We just want to deploy NodeJS application (Node-RED) on Azure”.  Well, a resource is a manageable item that is available on Azure. Some common resources are a virtual machine, a storage account and a virtual network, but there are much more. To start Node-RED in the cloud, we need to create VM and deploy a Docker container(image) with Node-RED inside. Since one resource relates to another one, we should create a bunch of resources in our resource group (that is a container holding related resources for our Azure solution). It includes:

  • Storage account
  • Public IP address
  • Virtual Network
  • Network interface
  • Network security group
  • Virtual Machine
  • Extensions

Resource Manager provides extensions for scenarios in case you need additional operations such as installing particular software which is not included in the setup. We used Docker Extension in order to setup Docker container on VM.

Ok, so now we are ready to create a template. The detailed description can be found here.

Here I would like to  talk only about extension section:

At this stage, we define DockerExtension resource that depends on our Virtual Machine resource. We specify to use “nodered/node-red-docker” image from DokerHub

Also, we need to enable Docker Remote API for further use:

Since we need to get access to the API we also expose port in Network Security Group:

Also, we need to map 80 VM port to 1880 (default port for Node-RED):

After defining the template, we are ready to deploy the resources to Azure. There are several ways to do that: PowerShell, Azure CLI, Azure Portal, REST API or Azure SDK.

Since we want to develop automation solution for application deployment, REST API and Azure SDK seem to be most suitable for us.  The reason why I want to highlight the Azure SDK for .NET is that it is much easier to build an application using existing wrapper classes for the API than to create your own REST wrappers and methods

Take these four steps to deploy your template with C# SDK:

1. To be able to make any requests to the API, first we need to authenticate and authorize our request. Let’s create the management client:

azureauth.properties  –  authorization file. Before you can deploy a template, you need to acquire a token for authenticating requests to Azure Resource Manager. You should also record the application ID, the authentication key, and the tenant ID which you need in the authorization file.

2. Create resource group and storage account:

3. Upload your template file to Azure:

4. Deploy template:

That’s it. On the whole, the deployment process in our case takes about 3-5 mins.

To retrieve public  IP address our Docker container is available on:

So now we have Node-RED instance up running on Azure cloud and accessible via public IP/DNS name. Let’s proceed to the next step.

Secure Node-RED instance

Node-RED Editor supports two types of authentication:

  • username/password credential based authentication
  • starting from Node-RED 0.17, authentication against any OAuth/OpenID provider such as, for example, GitHub or Twitter 

If we choose the first option, we need to add the following to our settings.js file:

Since we want to make this credentials customizable for each deployment we can’t embed this configuration in Docker file. So we need a way to execute commands inside Docker container after deployment. That’s why we use Docker Remote API to adjust credentials settings. And this is the reason to expose additional port in our template, as mentioned above.

Here is a command example to setup credentials for Node-RED:

We used .NET Client for Docker Remote API as a wrapper to REST API:

Now we have secured our Node-RED editor with custom username and password.

Keeping nodes and flows up to date

Now we need a way to provide our cloud Node-RED instance with custom node’s set and keep it up to date. We already have all tools for that. Custom nodes are stored in separate Git repository. A few options are available:

  1. Execute npm install <git repo url>  inside Node-RED userDir ( /data  for "nodered/node-red-docker"  container)
  2. Copy custom nodes to /data/nodes inside a container.

Node-RED flows can be synchronized in a similar way. By default, Node-RED Docker container stores flows data in /data/flows.json. The flows configuration file is set using an environment parameter ( FLOWS), This can be changed by setting environment variables in docker-compose configuration section:

Using this approach we can put nodes and flows file under version control inside a container and synchronize them with a remote repository.

All commands can be executed via Docker Remote API in the same way, as described in the previous section.

Each time we need to update our nodes, we just call Docker API and pull updates from repository. Also, we can backup our flows.json  by committing and pushing it into the repository.

As an improvement, we can create Git hook in order to update our Node-RED instances once some changes are pushed to our node’s repo. But this is out of the scope of this post.

Summary

Here we make a short overview of how to automate your deployments on Azure cloud with Azure Resource Manager and Azure SDK for .NET. In our example, we set up Node-RED docker container in the cloud but all mentioned steps are applicable to any similar Docker deployments.

Leave a Reply