NR + MQTT as standalone server - opinions

General
1

I've searched everything 3 weeks long, and now I'm here to ask for any opinions or experiense about:

What would be the best praktice to run NR + MQTT on a "public" VPS ?

The Job:

... would be to handle ca 50 pizzerias by connecting:

  1. the pizza-boys OwnTrack mobile APP (ca. 150 user)
  2. the web-server with 50 pizzeria web-pages (GPS + notification system)
  3. my own program in the 50 restaurants (GPS + notif. ca 150 PCs)
  4. the customers who are currently ordering or leaving the order page open (1000+)

Explained:

My program helps to manage orders.
To do that I need info, where are the delivery cars currently.
Also I would like to share infos with the customer, who ordered a pizza:

  • status of his order ( downloaded / accepted / printed / on the way )
  • GPS location of the pizza-boy car, if nearby.

Currently we are usingsimple REST get / put every 1 min for download and status-change update from my program to the web-server, but that is overloading it. (Entry-point limit by the server provider.)

Installing a second server that could share + filter + distribute all data with a "subscribe system" based on sockets would be more logical, than initializing hundreds of https get connections every second unnecessary.

2

Currently I'm confused about following things:

  1. What OS would be the best base?

  2. Is docker better than installing directly to the OS ?
    (Maybe could run tests easier by cloning and revert to prev. state, if did something wrong... but maybe the different port-forwarding would make it just more difficult.)

  3. Do I need to isolate multiple NR instances to handle different pizzerias?
    (Some are connected to each other, like having 1 call center but 2-3 kitchens on different locations in the city, so maybe it would be better to have only one to isolate + group.)

  4. NR is not multicore, so scaling on the VPS can be difficult, if I run only one instance.
    (How many MQTT messages + node-red flows can handle one Xeon CPU core anyway?)

  5. Instead of installing this complicated way SSL + firewall + everything (link...) I have red everywhere I should user a reverse proxy instead, because it is much much more secure. Something like this:
    reverse_proxy (Caddyfile directive) — Caddy Documentation
    ... which seems to be much easier to configure + it handles all the Let's Encrypt things by itself.
    Any experience with this?

  6. Is https://www.hivemq.com the most recommended MQTT solution?

  7. How should I secure MQTT, so nobody can use it, only my APP and customers? But I can not change any CERT files or keys in my APPs every year!

  • You should use Docker
  • No need
  • something else ...

0 voters

3

OK you really need to get an enteprise architect involved in this as there are so many things that you will need to know to get this anywhere near being secure

  1. I would create a VPN between each store and the central server to allow all the backend information to be transmitted securely

  2. As you have no idea of the efficiency of your proposed system and what strain that would put on your VPS i would run multiple NR instances on multiple hosts and break it down into manageable chunks until you have a better handle on performance

  3. Anything that is going to be customer facing i would not handle in NR - i would design a Website (your choice of appropriate technology) and have the information from NR (the back end info such as driver locations etc etc) be pushed from NR into a database that was stored on that same Wesbite - anything the customers added to the website (placing orders etc) - NR would pull out of that database and do thorough sanity checking and data scrubbing on befored sending into the store to the appropriate order management chain.

  4. If you are asking about docker at the start then i probably would not use it in the initial deployment - but would definitely look at it as you scale out/up.

I would highly recommend you get an enterprise architect and a securiy professional involved (i assume you are an app developer) and you perform a small scale intial deployment of 3 or 4 stores to give you a handle on how it all works.

In particular think about scalability - not sure where you are - but think about the biggest event that would give rise to a lot of people ordering Pizza in a very short time window and plan for how the system would scale for that - sporting event, Live festival etc

Craig

3 Likes
4

Thank you for the long and detailed answer! :slight_smile:

We already HAVE a webserver that is serving 50+ pizzerias and hundreds of orders pro hour. Sorry, if I wrote this in a way that could be misunderstood.
I only need a VPS to MANAGE the messages between GPS coords + price changes + order notifications.

I was thinking about NodeRed for the job, because everything is always changing. Like:

  • 2 pizzerias merge to one place and the same pizza-delivery boys start to work for both (So I need shared GPS for 2 or more programs to notify)
  • 1 pizzeria starts a franchise
  • an other one splits into 2 kitchens. (Other part of the town to have shorter distances...)

I was looking at many possibilities, including:

  • which MQTT server would be the best
  • how to secure MQTT messages (not just with VPN)
  • other solutions like: ZeroMQ

My conclusions so far:

  • MQTT is still the best solution to coordinate everything.
  • The max data amount for GPS coordinates summarized is ca = 100Kb what could be managed easily even inside a VPS memory, so no need for database.
  • Securing it is still a question. VPN is only a partial solution, because MQTT must serve all the web-pages and clients too, not just the restaurants.
5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.