Free Node-RED Hosting in the Cloud

IBM used to offer a very convenient way to host a Node-RED instance in the cloud for free - but since a few days, this offer does not exist any more (and this change is so brand new that their user interface still claims it to be free!).

Nevertheless, if you need free Node-RED hosting (e.g., for students), you may try the Oracle "always free" offer instead (warning: credit card is still required!)

Todd Sharp has written a nice blog post which describes the set-up process.

It works fine, but you may want to consider the following additional tips:

  • when it comes to choose the operating system for your VM, do not choose "Ubuntu" because the installation script mentioned in the post does not support that OS (I'm currently using CentOS)
  • the instructions want you to upload the public key of an SSH key-pair. If you do not know what this is or how to create it, there is also an explanation of how to create that key-pair
  • even after adding the mentioned "Ingress Rule", your Node-RED instance will not be reachable in the end - instead, after having set-up everything in your SSH connection to the VM hosted by Oracle, you should additionally submit the following command
    Ā 
    sudo iptables -I INPUT -p tcp --dport 1880 -j ACCEPT

This gives you a working Node-RED instance reachable over the Internet.

If not (and it took me 5 (five!) attempts until everything worked as intended), an explanation of how to revert your set-up may become useful.

[Amendment]

Of course, such a public Node-RED instance as the one you created in the cloud should immediately be secured as described in the Node-RED docs. However, Oracle will provide you with a numeric IP address for your VM only (rather than with a host name). As a consequence, you won't be able to use "Let's Encrypt" to get a server certificate for HTTPS but will have to create one yourself.

For that purpose, create a file called certificate.cnf in your home folder (e.g., /home/opc) using the following command:

echo > certificate.cnf \
[req] \
distinguished_name = subject \
req_extensions     = req_ext \
prompt             = no \
encrypt_key        = no \
 \
[ subject ] \
C  = DE \
ST = state \
L  = city \
O  = organization \
OU = organizational-unit \
CN = <your-ip-address> \
 \
[ req_ext ] \
basicConstraints = CA:FALSE \
keyUsage = nonRepudiation, digitalSignature, keyEncipherment \
subjectAltName = @alt_names \
 \
[alt_names] \
DNS.1 = <your-ip-address>

and replace both occurances of <your-ip-address> with the IP address of your VM.

Alternatively, you may also use an HTTP endpoint of the author's Node-RED instance on such an oracle VM and let it generate that configuration file for you:

wget --no-check-certificate -O certificate.cnf https://152.70.181.238:1880/cert-config-for-ip-address?ip=<your-ip-address>

Again, replace <your-ip-address> with the IP address of your VM

Then run the following command to actually create the certificate

openssl req -x509 -nodes -newkey rsa:4096 -keyout privkey.pem -out cert.pem -days 3650 -config certificate.cnf

This command will generate the two files /home/opc/privkey.pem and /home/opc/cert.pem mentioned in the instructions how to secure Node-RED

Nota bene 1: after working through these instructions, do not forget to restart your Node-RED instance: sudo systemctl restart nodered

Nota bene 2: since your certificate is a "self-signed" one, the browser you use to access your Node-RED instance will complain about an "insecure connection" - but since you made the certificate yourself you know that you can trust it and proceed to the Node-RED editor without fear.

3 Likes

If you like, you may also test the author's freely hosted Node-RED instance first. Just enter the following URL into the address field of your browser

https://152.70.181.238:1880/cert-config-for-ip-address?ip=1.2.3.4

or replace 1.2.3.4 with an IPv4 address of your choice.

Your browser may complain about an "insecure connection" but that is due to the need for a self-signed certificate - it is safe to proceed.

The server will respond with the customized version of a configuration file for the creation of a self-signed certificate with OpenSSL (probably badly formatted by the browser because it is no HTML)

Hi I cant use sudo in oracle cloud instanceļ¼Ÿ
and everytime I close my ssh, my node-red will stop

Well,

if you uploaded the ssh key following the given instructions you will actually have to sudo because you cant't login as root.

Additionally, you should enable Node-RED as a "service" which continuously runs in the background:

sudo systemctl enable nodered

sudo systemctl start nodered

Note: Node-RED must not already be running when you start it that way.

You may now logout or reboot and Node-RED will continue running or restart after booting.

thank you very much ! it working right now
and one more problem , since I am using uibuilder too, how do I connect to oracle using vscode ssh remote development, am not so familiar with ssh

I try to connect it but I cant save or edit any files, do you know how to fix this?

It already took me quite long to get the VM running with Node-RED - I'd expect similar problems with other Oracle services as well.

I can only suggest to do a research based on the error messages you get from SSH.

Good luck and sorry for not being able to help you with the second problem

I've just updated this guide with instructions how to

  • apply for a symbolic host name
  • generate automatically renewable "Let's Encrypt" certificates and
  • configure Node-RED for using them

plus some other changes eliminating a few quirks of the originally created Oracle VM.

As it became a bit lengthy, the whole guide has been published on GitHub.