I'm creating my first project. I want to control the start of my boiler. The system is very simple, an ESP32 reads the temperature and sends it once a minute to mosquito on a raspberry, node-red reads the temperature and commands the boiler. I realized that there might be a problem. If the boiler is on and the ESP32 board no longer sends the temperature, the boiler will never turn off. How can I tell with node-red if the sensor is still working?
Get notified when I don t receive mqtt messages anymore
There are several different ways you can explore to do this.
Look at Last-Will messages, as well as the trigger node in Node-RED which can send a message if another message is not received. (i.e. if you don't receive a temperature message with a period of time send this message)
What happens if the boiler is on, the connection to Node-RED fails and it doesn't get a "OFF" message from Node-RED? But you will also need to work on this on the ESP32 board as well so that it fails-safe.
For what appears to be a safety critical application like this you should have a separate fail-safe system such as an over temperature thermostat that cuts the power in case of a failure of the control system.
And to add to everything else ou are doing/learning, you should go read https://www.hivemq.com/blog/mqtt-essentials-part-1-introducing-mqtt/
the series is a great introduction for anyone using MQTT.
Critical systems like boiler controls should not be undertaken lightly.
You need to think through the likely failure modes:
- The ESP32 locks up or fails completely
- The ESP32 loses its WiFi connection
- The ESP32 loses its MQTT connection
- THe device running MQTT fails or loses networking
- The device running Node-RED fails or loses networking
- Node-RED itself fails or loses connection to the network or MQTT
- Someone hacks your network and gains access to Node-RED or MQTT or the ESP32 itself.
I'm sure you can think of others.
Next you need to think about the impact of those failure modes and then work out how much you need to mitigate those risks.
One thing's for sure, the more complex a system, the more likely it is to go wrong.
I've just been caught out that way myself this Christmas. The normally 100% reliable Pi2 that runs Chez Knight failed while we were away for Christmas. I could see that it failed because I have a secondary system with Node-RED, an MQTT broker and a Telegram bot. The secondary told me that the MQTT connection to the the primary had been lost and hadn't come back. Annoyingly, there was nothing I could do because the actual problem was a partial failure of my UPS device that the primary is connected to. The old Pi, for some bizarre reason, once the UPS switches to battery, loses network connectivity and doesn't come back. Been meaning to fix that for a while - indeed that is what the secondary is actually for, I'm gradually migrating.
But my HA system only really controls lights and keeps me informed. Critical systems run separately and Node-RED is the glue to make things even nicer but nothing totally fails if it does.
Even so, I'll be migrating my old LightwaveRF remote switches to ESP devices with built-in timers so that I'm not just reliant on the network. The primary Pi will also get a new flow that reboots if external network connectivity is lost.
Thank you all for your answers.
Reading, I thought that I could have the ESP32 send not only the temperature, but also a number that increases with each sending. Nodered stores the first number received and stores it and starts a timer for example of 90 seconds. If within the set time it doesn't receive any other number, or It always receives the same one, then it switches off the boiler. All this seems simple to me to say, but I would not know how to do in nodered. I looked at the trigger and delay node, but I don't know how I can be used for my case.
set the trigger to not send anything on first output, then wait for 90 secs, and extend if any more inputs, then send something on second output. That way as long as inputs keep arriving the output will never fire... if it does then nothing arrived in the last 90 secs.
But also do read up on MQTT LWT functionality.
Also need to watch out for hysteresis for these type of systems.
That sounds like you are getting Node-RED to send the signal to turn off the boiler and that isn't really what we meant. It is pretty common for ESP devices to loose connections to the network. You will need to make sure that you have ESP code that works hard to reconnect and that even reboots the ESP after several tries. Ultimately though, you need the boiler emergency off to be coded in the ESP where it is most likely to remain usable (I'm assuming the ESP is directly wired to the boiler).
Also, if you push everything between the ESP and Node-RED via a reliable MQTT broker (probably on the same Pi as Node-RED), you can use the MQTT Last Will & Testament feature to handle timeouts & disconnects.