RAINBOW is a novel platform that simplifies the deployment and management of scalable, heterogeneous and secure IoT services. With RAINBOW, fog computing can reach its true potential by providing the deployment, orchestration, network fabric and data management for scalable and secure edge applications, addressing the need to timely process the ever-increasing amount of data continuously gathered from heterogeneous IoT devices and appliances.
RAINBOW provides users with: (i) an intuitive Dashboard and DevOps toolset enabling the description of application topologies and QoS requirements, (ii) a Fog Middleware with horizontal and vertical services for IoT orchestration, continuous service placement and management, adaptive monitoring, trust establishment and runtime verification and decentralized analytics; (iii) a Trusted Overlay Mesh Network as the control plane that efficiently abstracts the complexity of enforcing security and privacy crypto-primitives among fog services; and (iv) a Sidecar Proxy providing an execution environment embedded alongside service instances able to properly and efficiently manage both fog node resources and high volumes of data, which can be collected, stored, and analyzed in place to derive analytics. This approach provides IoT service operators with the opportunity to solely focus on their services business logic, leaving to RAINBOW the burden of how and where services must be placed, establishing secure collaboration among services and dealing with low-level aspects in data analysis including heterogeneous resource management, mobility and reducing data movement.
The on-boarding to the RAINBOW platform usually starts from the Dashboard. Through the Dashboard, either one is a developer or operator, collaborative management of the application lifecycle is conducted via two perspectives. The first is the Service Graph Editor, which enables software teams to graphically describe their application topology, denote intercommunication and dependencies among services, and annotate the description with constraints, optimization policies and QoS requirements, henceforth denoted simply as “Configurations”.
When the packaging description is exported, the IoT service is ready for deployment with the RAINBOW Fog Middleware acting as the link between the user and the execution environment. As the layer where the business logic of RAINBOW is applied, its main tasks include: (i) the validation of service graph model submitted for deployment to detect potential problems such as antagonizing Configurations and circular dependencies between service segments; (ii) the establishment of a Secure Overlay Mesh Network as the network fabric between the service segments and any other collaborative services. The overlay mesh network will act as the control plane providing P2P encrypted communication between services, and their instances, respectively. The mesh network will embed crypto-primitives for efficiently managing and verifying that, at any given time, new service instances, fog nodes and connected devices can be trusted and that the user-defined privacy Configurations are constantly obeyed; (iii) the enablement of a lightweight Sidecar Proxy on each fog node for managing and monitoring both the underlying programmable infrastructure and deployed services. The Sidecar Proxy will relay all incoming inter-service traffic and requests to the services deployed on the fog node, providing the appropriate node management, load-balancing, health-checking, resource integrity validation and (self-) adaptive interfaces to ease on-node processing, energy consumption, local data storage and reduce unnecessary data movement; (iv) the service lifecycle management for interpretation and binding of the annotated model to provide runtime configuration of the infrastructure and service topology for guaranteeing that user-desired QoS Configurations are continuously adhered. Any suspected violation can potentially render QoS configurations as invalid due to the dynamic nature of the topology, networks, and mobility of the fog nodes, connected devices and services.
Finally, through the Management Perspective service operators can modify and define additional Configurations (e.g., auto-scaling policies, data sharing) that will govern the operation of deployed services through the Service Graph Editor and also define and execute analytic queries to derive useful insights from their deployed services. Administrators can also view in an intuitive graphical manner collected metrics, potential security incidents and vulnerabilities, and manage the lifecycle of their deployments. This provides one collaborative and unified environment in the same place where developers and IoT operators design their applications, allowing them to share workspaces, ship applications to the cloud, and then, manage the lifespan of their deployments.