Frequently asked questions regarding the icom SmartBox
You'll find answers regarding use and programming of the icom SmartBox.
|1. Terms and Applications|
What is the icom SmartBox?
The professional routers of the MR series are based on an embedded Linux System that is open for customer-specific applications (Device Apps), i.e. executing user programs independent of the router. Because of this capability, we call our routers INSYS Smart Devices.
What are Device Apps?
Device Apps consist of single or several programs that complement the core functions of the router (Internet access, network management, routing, VPN, firewall, switch, configuration, connection management, etc.) by own functions.
Device Apps are executed in the SmartBox of routers of the MR series like apps on a smartphone: they are guests on the system and can provide additional functions. Several Device Apps can be executed in parallel and independent of each other within a SmartBox. Device Apps are realised as Linux containers (LXC).
What is LXC?
LXC (Linux Containers) is a method for visualisation on operating system level that allows to execute multiple isolated Linux systems on one single host. In contrast to other systems, LXC does not realise its visualisation using virtual machines. LXC creates a virtual environment instead that has its own processes, but uses the kernel of the host system conjointly. wikipedia.com
Containers are the technical shell in which Device Apps are realised and they are used to transport them from router to router.
Is it possible to run Windows in the container?
No, the Linux containers are based on the Linux kernel and use it conjointly. Various Linux distributions can be executed on this kernel as long as they get along with the resources.
What can I do with a Device App?
Device Apps can assume tasks that would require a small PC next to the router otherwise. They communicate with their environment via the network, serial interfaces and IOs. Typical tasks are:
- Collecting and compacting data from measurement devices and providing them for download.
- Analysing data, e.g. whether values change too fast or exceed or fall below thresholds; then, a message (SMS, e-mail) can be sent to the service (edge computing)
- Querying target values from a central system and transmit them to local controls; collecting important operational data from the controls periodically and reporting them to the control center
- Mirroring digital IOs between several field devices or mapping IO conditions of a simple device to register contents in a control
- Presenting data on an internal web server (visualisation)
- Querying and evaluating the status of network devices and websites lo+ly or via Internet
- Creating simplified configuration pages for MR routers with restricted access for end users
- Emulating modem functions in existing applications (investment protection, migration)
- Extending the router by services (e.B. proprietary VPNs and dynDNS, FTP server).
What's behind the Device Apps technically?
The SmartBox of the MR routers manages so-called Linux containers (LXC). This is a standard solution for visualisation of the Linux kernel. All containers use the same Linux kernel and start their individual system on top of it. LXC virtualises processes and network interfaces and relocates the root of the file system.
Can I also use Docker containers?
No, Dockers has used LXC as platform originally, but developed an own technology then. Dockers is optimised for rolling out single standard applications on PCs and servers (not on embedded routers) quickly and requires much more resources than LXC for this.
Which rights do I have in my container?
The user has unrestricted rights within his container: He can add further users and groups and assign rights to them as "root".
How much memory can I use?
The router reserves itself 64 MB RAM for its own processes and distributes the remaining 192 MB (448 MB*) evenly across all containers. If several containers are installed, the memory for each single container will be reduced.
Can I store data permanently?
The router has more than 2 GB (6 GB*) permanent storage that can be used by all containers and the router together if required. However, the files systems of the individual containers are strictly separated from each other.
How much processor capacity can I use?
The firmware of the router has priority access to the processor. The processes of the different containers share the computing time apart from that.
Can I communicate outwards from inside the container?
Yes, the container behaves like a network device with own IP address, own MAC address and it will be assigned to one of the networks of the router (IP net 1 to IP net 5) as if it would be connected externally. The firewall and NAT rules are also effective. A container application can use the router like an external device as access to the Internet.
Do I have to configure the network properties?
Yes, if IP communication is intended. Then, assigning an IP address and being in one of the IP nets is necessary. No, if the application (Device App) in the Linux container does only communicate with the outside world via the serial interface.
How can the serial interfaces be used?
Routers make their serial interfaces (e.g. RS232 and RS485 on the MRcard SI) available to all processes in the router firmware and the containers equally. The processes must resolve possible access conflicts independently.
How can processes in different containers communicate with each other?
The individual containers behave like individual PCs in a network and communicate using IP protocols. The processes can communicate lean via messaging protocols as well besides many standard protocols like HTTP and FTP. INSYS routers contain an MCIP server for this - MCIP (Management and Control Information Protocol - https://sourceforge.net/projects/mcip/) is a very lean and freely available protocol sponsored by INSYS.
|3. Router Configuration|
Can I modify the router as well?
Device Apps can query and configure the router time- and event-triggered like a regular user from his PC via the web interface or the command line interface (CLI). The internals of the router configuration remain protected to ensure the integrity of the system – confidential certificates for example are stored safely and cannot be read out.
Can programs be started automatically?
Yes, the router is usually running self-sufficient without active operator. Each Device App has a Linux init system in which programs are started automatically and services can be monitored additionally. This ensures that services that are intended to be available permanently, are being restarted following a failure.
Tasks can be executed at fix planned times and repeated.
|4. Creating Device Apps|
Who creates the Device Apps?
Device Apps can be created by everyone who has basic knowledge in Linux operation. Device Apps can be created by the end customer, his service provider, a system integrator and also by INSYS. Ready-made Device Apps of third parties can be used (if compatible with the system).
Who owns the Device App?
The Device App belongs to the author or his purchaser. INSYS does not claim any rights to Device Apps that have been created by third parties.
What can I use as basis for creating my Device App?
There are four different methods for users for creating a container as Device App from existing templates:
Downloads are available on our website.
- Default container in the firmware
- Debian container with package manager
- Development container with development environments for scripting languages
- Pre-defined application containers
How do I start with the default container?
A new container that is pre-configured with BusyBox (shell tools and web server), a Lua interpreter and more can always be added on the router interface. You can immediately start to work on the command line via SSH access and combine the necessary programs with each other. A tutorial is available on our website.
A Device App can be downloaded from the router (Smart Device) and uploaded to other routers (Smart Devices).
What is the Debian container?
Debian is the Linux on which most distributions are based – like the well known Ubuntu for example. The Debian project contains comprehensive application collections (packages) and a package manager that installs them with all dependencies, updates them or deletes them again.
How do I use the Debian container?
The Debian container is ideal for Linux users who want to use an existing software on the router: this can be a network monitoring application or the development environment for a special programming language.
Can I also compile a container from scratch?
Yes, the documentation for this is available on Github under https://github.com/insys-icom/M3_Container. The technical documentation uses the project name "M3" for the platform on which the routers of the MR family are based.
|5. Containers for Developers|
I master a script language – how do I create my Device App?
Development containers with pre-installed environments for script languages (e.g. Python, PHP, Lua) are maintained and made available by INSYS icom. You'll use this environment for development and operation as script coder. If INSYS icom does not have prepared your script language, use the Debian container and load your script environment.
How do I code in C/C++?
The tool chain (SDK) for C/C++ is provided by INSYS icom in a VirtualBox. The VirtualBox renders the development environment independent of the PC operating system. The tool chain is used by INSYS itself and maintained accordingly. INSYS and SmartBox users provide proven build scripts for common software packages in the community area on Github.
|6. Prepared Applications|
Are there ready-made containers with Device Apps as demo?
Yes, INSYS provides a selection of containers to make the start with a new technology and functionality as easy as possible for the user. You'll find further information here.
|7. Distributing Device Apps|
Do I have to re-create my Device Apps on each router?
No. If you have created your app once, you can download the container from the router and upload it as a whole to other routers.
I have many routers – do I have to install the Device App manually on each router?
No. Device Apps can be distributed like firmware and configurations as update packets: They will be made available on an HTTP(S) or FTP server and the router can look for updates regularly and install them.
Do I need an own server for distributing apps?
At the moment, yes – this gives you full control of which apps are distributed when and to whom. We are planning a deployment service for sale and management of the Device App distribution for the future. Please contact us in case you have special requirements. It is also possible to operate an update server for other routers in a container.
Can I protect my Device Apps by licences?
Own licence data can be stored in the router and evaluated in the container to release authorisations for individual or all functions. Get in touch with us. We'll help you with planning and realising marketable solutions.
Can I protect myself from uncontrolled distribution of my Device App?
The creator of a container can define whether the container can be downloaded (and distributed) again from the router upon installation.
*) INSYS icom adds more memory to the product lines MRO and MRX successively. Ask your sales contact about the status of your product in question.