Node-red multi-user workaround

Hi, I know that node-red is a multi-instances software but not multi-tenant.
However I need to make it used by different users with different data (identical flows). So I was thinking to a workaround in order not to loose all the work done till now.
What I was thinking is to start more instances of node-red, create a login interface (obviously external to node-red) so that, knowing the logging user I can pass the dedicated parameter as context variable to the first instance available. The main problem I'm facing is that I cannot pass the database and its credential to the node (mysql), and other connecting device.
Have someone already tried this adventure? what kind of major problems can I encounter that would be better to take in mind before starting it?
Thanks to all

The question of multi user access come up in the forum regularly. I have done some basic testing on a solution
I have a "master" Node Red and MQTT broker running on Ubuntu with the main flow, I then have a Docker installation of Node Red for each user with different log in credentials. It is then possible to have flows specific to each user and also have access to the common flows. It does require carefully configuration of MQTT topics and retain flags on topics.
This is not teh most elegant solution but should be possible

1 Like

Hi mtoko. Thanks for replying. I have necer used Docker before.

  • Does it works even on windows?
  • I need to have node-red installed and working on a main PC (let's say a "server") and users that can reach it via web. So I cannot install anything on user's devices.
    But the idea of having just one instance of node-red running would be wonderful

It is incredibly easy to run multiple instances (docker is a new world of hurt if you're not using it already)

See this...

and if you want complete freedom (even to run different versions of NR for your different instances), have a look at my alternate installer.

Thanks. The problem is not how to run multiple instances on the same machine. But if someone has tried what I'm going to do and can give me some advice, help or try together.

  • Node-red and its instances will run on a dedicated computer (there is a limit of instances that is better to keep in mind?)
  • The flows will be the same for all instances
  • Users can access from everywhere via internet and logging with their own credential

You don't mention if the user is required to add or modify the information in the database or only to view it. I have a system where Node Red collects data locally and then passes this data to an Influxdb database on AWS. The data is then accessible by multiple users using Grafana, also on AWS, so available over the internet. Grafana enables you to manage uses and can connect to mysql database

No, the users can only view it.
One of the problem I'm encountering is the database. There are several devices in different place with internet access and each device has to modify its own table inside the database which has to be accessible in real time by the users (with grafana as you suggest or via node-red that is what I'm trying).
I tryed moving the database data dir on cloud but obviously it doesn't work (onedrive) since the files are update only after they are saved. Don't you know if setting my own file sharing (via samba for example) I can make the data dir update continuously in real time?

Those statements appear to be contradictory. You say the user only views the database, then you say he has to modify the database.
Whatever the situation is, if you use mqtt to communicate back to the main node-red server then the data update can be done there, locally to node-red.

Let me clarify better:

  • Devices write on the database. Each one has one dedicated table where it can work on. Or if it can help more, a dedicated database.
  • Users can only read data, stored within the databases/tables and shown inside the dashboard.
    I thought to use mQTT, but the amount of data is really huge and updated each second, (more then 100 devices and almost 400 data per seconds actually all put in one record). For this reason I was thinking that the best way is to have a shared database with a local instance for each device so that I can even prevent from losing data in case of internet problems. Setting MQTT too high QoS will slow down it all too much

That hasn't clarified it much I am afraid, I still haven't got a clear of what your system is comprised off or what you are trying to achieve.
What is a device?
How does the device write to the database?
What is the relationship between a user and a device?
Is it the user's access to the database you are trying to configure or the devices access?

OK here we are. Simplifying there are several sites, and each one have its own PLC, probs, switches, and other IoT devices.

  • Focusing on each site:
    All these devices, directly or via dedicated script, writes on a detabase.
    Node-red takes data by the database and make its job, showing the needed information inside the dashboard;
    The user/client can have a look at what happening directly connecting to "his own" node-red dashboard;
    So: devices writes on database, node-red read from database, user cannot do anything on the database.

All this works fine, since each site is independent and stand alone.

  • Now, for several reason what is required is to centralize all this in a server in order to have:
    One login page for all users from where they can have access with their own personal credential to their own data;
    Each user have to see only data related his site;
    Dashboard configuration, as front-view) will be the same for all users, since all the sites are more or less identical

At the end what is now stand alone must be centralized and moved into a server, and here the main problems:

  • having a multitenant front-end (dashboard) in order to allow each user to have access only to his data. It would be great to continue with node-red without loosing all the effort runned till now.
  • data transfer from the local database to the main one on the server (facing problem related to internet connection interruption and recovering data from the local database).

I know the obvious answer would be to simple create a link to each local site, but it cannot be the solution for several reasons.

So, that's it

@ mtoko
I have a "master" Node Red and MQTT broker running on Ubuntu with the main flow, I then have a Docker installation of Node Red for each user with different log in credentials. It is then possible to have flows specific to each user and also have access to the common flows. It does require carefully configuration of MQTT topics and retain flags on topics.
This is not teh most elegant solution but should be possible

Can you explain better the main node-red running, the docker instances for each user and the access to common flows? what for abot 100 users?

The use of multiple Docker containers with Node Red was only a suggestion to resolve the original problem you described relating to multi users.
You have now described the problem in more detail, my second reply is more likely to be a better solution.
You use Grafana installed on a cloud platform (AWS, IBM Cloud, Google etc) so that users (and Organisations) can be managed (created, deleted, control access to correct database) and can access the information from anywhere. Grafana can have connections to all the databases (on each site) via the internet so that in the event of connection failure the database is still updated as it is local to the equipment. There are certainly issues about security etc but I think this could be a workable solution worth investigating. There are plenty of resources about learning to use Grafana and it is quite easy to set up on a virtual machine in a cloud platform.
This will also save the Node Red work and databases that you have already got on each site and only add the multi user interface that is now required

What sort of database are you using?

I am using InfluxDb, but Grafana is compatible with mysql databases that was suggested in the initial post

Are you still planning to have remote databases which then somehow synchronise with the central one? If not then what happens during a network outage?

More over, if I'm not wrong, it is true that grafana is multiuser and you can have several dashboard releted several users, but as well you have one instance running. I've tryed it on my PC, it starts on port 3000 and once I'm logged you need another instance in order to have another user login. I don't know if updating to Grafana cloud you can solve this. But anyway are included only 10 users, and you need to buy other users.
This for what I have understood in a quickly research on your suggestion.

Are you sure about that, you can certainly configure multiple users though I am not certain exactly what the access control capabilities are, I only use basic admin and view permissions.

No I'm not sure, I'm evaluating this solution now and I'm trying to undestand how it works and if it can solve my problem. I have never used grafana before
Can you login with two users at the same time? If yes How do you do it?