Skip to content

Introduction

Device Management with a Raspberry Pi Device Management Platform

Explore proficient strategies for handling a vast array of Linux or embedded devices utilizing a Raspberry Pi device management platform. This guide delves into configuring devices to ensure they are secure and robust while also facilitating various remote access forms. Embedded fleet management, an IoT use case, is garnering increasing attention. Maintaining SLAs (Service Level Agreements) or ensuring cost-effectiveness during technology operation becomes profoundly challenging without intelligent device management software. Given that IoT projects often use various new and legacy devices, a significant degree of flexibility becomes important, especially for projects anticipated to have an extended lifecycle. Therefore new tools are developed that allow IoT configuration management with similar concepts known from server automation.

Highlight: qbee for Unified Device Management

This discussion on Raspberry Pi device management spotlights qbee.io since this software can manage an assortment of devices from various vendors, regardless of whether the devices are newly launched or part of legacy installations.

Raspberry Pi 5

Seamless Raspberry Pi Remote Access

Addressing a key challenge, remote device access, is typically accomplished through a secure VPN. However, distinct vendors might offer varied VPN solutions, often necessitating additional infrastructure. In this instance, we leverage the built-in secure VPN remote access provided by qbee. All requisite VPN infrastructure is encompassed within the hosted qbee solution, permitting effortless access to all ports (80,443, 1880...) and technologies such as HTTP, HTTPS, Node-Red, and even VNC. There is a tool called qbee-connect for this which runs on Windows, Linux and MacOS and allows for easy port forwarding. The concept used is a reverse ssh tunnel, sometimes also called port forwarding.

The Versatility of Raspberry Pi Device Management

Using numerous qbee features, we illustrate how to configure, manage, monitor, and administrate embedded Linux fleet devices on a single platform with a unified dashboard. The scale of the fleet, whether it comprises a single demo device or thousands of units, is immaterial. Remote access to all Raspberry Pis or even other devices in the remote network through port forwarding is feasible, enabling access to HVAC or SCADA installations in smart buildings or industry 4.0 applications, for example. This makes this a very versatile Raspberry Pi device management platform.

Emphasis on Device Security

A paramount focus on device security and hardening is facilitated by qbee, which provides a CVE vulnerability analysis for all Linux packages, enabling the effortless identification of both new and existing security issues within the installed packages. Upon detecting a new CVE, a warning is issued, and the library can be fixed as soon as a patch becomes available. The CVE data is sourced directly from the NIST threat library.

In contrast to other configuration management tools like Chef or Puppet, the qbee.io agent is explicitly engineered to operate with standard desktop or server Linux devices, as well as with embedded devices. Through its RAM disk, it prevents flash wear and is optimized to utilize minimal resources, such as CPU and memory usage, flash writes, and includes metric and inventory data compression to keep bandwidth consumption as low as possible. This is vitally important for use cases involving 4G or 5G mobile network deployments in terms of cellular data consumption. The agent allows for a flexible run interval that can be configured from 5 minutes to 24 hours. Just try it out, you can even do this without hardware.

Often, IoT use cases involve navigating through multi-level company firewalls and complex NAT setups. However, Raspberry Pi remote access should function as smoothly through these networks as through cellular mobile networks. State-based configuration management with the pull-based agent operates seamlessly through all these disparate network types. A GUI is available to configure numerous different topics. With the qbee-connect tool, one can effortlessly obtain remote access to any embedded Linux device or RPi and combine qbee.io with Ansible. While embedded configuration management and secure remote device access stand as the primary focus areas of the qbee tool, it also accumulates metrics such as CPU load, file system usage, bandwidth consumption, and more. This is supplemented with inventory discovery of libraries, open ports, registered users, running process metrics, password analysis, CVE vulnerability analysis of packages, OTA software updates, remote package updates, and much more.

etrics, password analysis, CVE vulnerability analysis of packages, OTA software updates and remote package updates and much more.