Hi guys,
How can Node-Red be integrated in a cloud environment e.g. in Azure?
As far as I understand Node-Red is a monolithic component consisting of a frontend and a backend. If I want to integrate it for several users, I have to provide a docker container containing a Node-Red. Most probably I need a reverse proxy in front of the docker containers for security reasons and to map a user to its corresponding container.
Is this a right and a good assumption? Or are there better ideas? Or is it general bad to consider such a cloud integration?
Expand on what you are trying to achieve and we can then advise on a reasonable approach. Yes an NGINX front end to multiple Node-Red backends would be one approach - each of the NRs could talk to a single back end database for shared date etc
Craig
This is actually easier than it first appears though I've not tried it in a long time.
The Azure web service (or whatever they are calling it this week) includes the ability to run PHP, Python (I think) and Node.JS
The Node.js integration uses an IIS plugin (IIS is Microsoft's web server rather than Apache or NGINX). So you can run Node-RED fairly easily though you probably need to install Node-RED locally rather than globally. I have some instructions for doing a local Node-RED install on my GitHub site somewhere - in one of my repo's. That is what I always use anyway as I find it a lot more convenient, flexible and secure.
Of course, you will need to secure Node-RED well since it will be exposed to the Internet if you use the Azure web service. If you need more security, you will need to look at the other Azure features. You might, for example, restrict access to the admin UI to only certain source IP address ranges.
You can also add Azure Active Directory authentication to the whole thing which would be very much recommended. Again, this is native to Azure, you wouldn't need changes in Node-RED.
1 Like
thanks for you answers so far!
Yes you are right, I need to be more precise.
I want to use Node-Red to create new data streams that shouId be fed back to the system (e.g. via MQTT or something else). I already have an application where users belong to a tenant. I want to have one Node-Red for each tenant and also data should be stored separately for each tenant (multi tenancy).
When a user navigates in the application to a link called Node-Red he should be navigated to his tenant Node-Red instance secured by his or the tenants jwt token such that no one else can call the instance.
The AAD integration with IIS should do this for you. It has doubtless changed since I last looked at it but I seem to remember it was pretty easy.
Ok, but there is no best practise of integrating NR in a cloud environment for multiple independent Users. And I guess this is not a conmon scenario?
I couldn't say how common a requirement it is. I've picked up that quite a few people have done it with Azure over the years.
IBM offer Node-RED integration of course with their cloud service (Node-RED originated in IBM). That is well documented.
I expect others have done it with AWS as well.
Coming down to smaller cloud services, plenty of people have set up Node-RED on VPS's.
However, it is correct that the Azure process is not well documented. I'm sure that Nick and Dave would welcome an addition to the documentation though.
1 Like
This might be helpful as well. A free Pakt eBook on developing Node.js solutions with Azure.