Citrix Octoblu: an Architectural Breakdown

Not that long ago, I wrote a blogpost about IoT regarding some of the things you (might) need to consider when thinking about delivering IoT as a service, from an integrator perspective, for example. Something which often goes beyond the technology involved. If you missed it, you can read about it here. I also briefly mentioned Citrix Octoblu as a potential IoT platform. And, although I am aware that there are literally hundreds of alternatives out there, that's what I would like to focus on throughout this post–Octoblu. An architectural breakdown if you will. I used an existing Slideshare presentation as reference (link is posted near the end).

Octoblu, now owned by Citrix connects everything to everything. It considers everything to be a node, no matter if it is a person, sensor, workflow, service or some type of other 'thing.' As such, every node is uniquely addressable with a UUID and accusable with/through a token. Once the nodes, or 'things' are connected, workflows are used to automate just about anything by adding in simple logic. They offer a very intuitive graphical user interface (drag and drop) to achieve this, which is actually named 'Octoblu designer.' Though developers can easily extend on this by adding in their own code when and where desirable and/or necessary. The platform is built with security in mind and supports a impressive list of Application Program Interfaces, or API's -- a must have these days.

IoT Components.png

From an architectural point of view Octoblu can roughly be divided into 6 main components: Meshblu, Octoblu, Octo, Mobiblu, Microblu and Gateblu. Throughout the next sections I'll elaborate a bit more on each. Octoblu is a cloud based service and extremely portable, even among different clouds. Why? Because it runs on node.js inside Docker containers. Meshblu (see above overview) supports highly distributed mesh deployments. 

Octoblu Designer

Of all components, Octoblu designer is probably the best known one, which makes sense, since this is the GUI used for workflow design and configuring devices, or 'things.' Just do a Google search and you'll find plenty of examples. Its interface speaks for itself and the drag and drop functionality when it comes to designing workflows and connecting 'things' makes it very accessible even for the novice user. Though more experienced developers can add in their own code just as easily, or build upon the various supported API's. Octoblu designer is used for the following: 

  • Device and channel management
  • Security and device configuration
  • A visual interface for workflow design and deployment
  • Process monitoring of devices and workflows
  • Basic machine learning and Big data analysis
  • It can be deployed/used as a cloud service or on-premises

Meshblu

As the overview clearly shows, Meshblu makes up the center and can be best described as a hub, or traffic cop, making sure all components are connected and receive proper information, a.k.a. a cross protocol messaging platform -- it offers support for: HTTPS, WebSockets, MQTT and COAP. It also takes care of the earlier mentioned UUID / Tokens regarding secure authentication. Other services/responsibilities include: 

  • It acts as a device registry / directory
  • Secure authorisation, devices ownership, black and whitelists
  • Message encryption for devices with public/private keys
  • It can be deployed/used as a cloud service or on-premises
  • Open source platform 

Octo fact: From their website: Octoblu is a full-stack Internet of Things platform capable of automating solutions in any vertical market. Approximately 80% of the Octoblu IoT stack is open source with over 800 repositories available on GitHub.

Gateblu (Mobiblu) and Tentacle

These components (primarily Mobiblu and Tentacle) allow device plugins to be configured and run on the Edge (see this post for some more information around Edge devices). They are platform agnostic and as such support Windows, Mac, Linux, Android as well as iOS. Native device protocols are supported, including: BLE and AIIJoyn. Like Meshblu they are all open source. Gateblu, is the smart software hub working within the Octoblu platform connecting to Meshblu any smart device that has an IP address and any not-so-smart devices lacking an IP address. 

Nanocyte (automation engine)

Is the flow automation engine and takes care of all workflows that run within the Octoblu secure cloud containers. It allows custom automations to run 24 X 7 and can run multiple automations at the same time.

Security

Octoblu completely separates the authentication and authorisation processes. In fact, they have built a patent-pending security system, which is specifically and exclusively designed for this purpose. As a side note, payloads sent with and through Octoblu can be encrypted as well.

When it comes to authentication, a login can be serviced by Octoblu, Twitter, Facebook, Google+ or GitHub. It uses strong credentials in the form of 36 character UUID's as well as 32 character tokens. Third party API's are secured by OAuth tokens and/or basic authorisation credentials (encrypted on disk). Encryption is supplied for: HTTPS, WSS, MQTT, CoAP, and ALLJoyn. Further more, all transactions are logged in an Audit log. Authorisation is fully resource orientated, everything is seen as a resource, people, apps, clouds, things, sensors and so on. Every UUID can be white or black listed and extensible permissions can be assigned, read write, discover etc.

Conclusion

To be honest, I'm not that big on IoT developing/programming myself, however, I do find it interesting to see and read how these technologies, and the IoT as a concept keep evolving in a rapid pace. Hopefully this post answers some of the questions you have, or might have had around Citrix Octoblu.

Reference material used: Slideshare presentation uploaded by John Moody.

1 Like

Please login to add your comments.

Recent Stories
HDX Leading Best Practices for your Modern Secure Workspace

Reboot Schedule - VM's in Maintenance Mode ... do it

How To Set Your Environment As Active/Active or Active/Passive Per Application Level