Next: , Previous: , Up: Top   [Contents]


6 System Architecture and Concepts

The following pieces of the GNU remotecontrol architecture are necessary:

The following pieces of the GNU remotecontrol architecture are optional:

The following versions for the GNU remotecontrol architecture are required:

GNU remotecontrol runs without difficulty on either Linux or Windows.

6.1 Web Server

Please make certain you have the required software versions, as listed in the beginning of this section.

6.1.1 Security Model

GNU remotecontrol is configured with the minimum level of security necessary for a Web Server. You are responsible for setting up your security on your Web Server.

6.1.1.1 Access Control - File System

It is STRONGLY RECOMMENDED you edit your GNU remotecontrol file system ownership and permissions. This editing occurs with the file system.

The necessary changes for both USER and GROUP ownership of the GNU remotecontrol file system achieve a good level of security and protection from inadvertent file changes.

Note: The group apache is used here to denote the group account that your Web Server (apache in this example) is running under. You must use the corresponding Web Server group name for your particular installation and operating system, e.g. apache, httpd, nobody, www-data, etc.

We recommended the following changes, as illustrated with both numeric-notation and symbolic notation:

6.1.1.2 Access Control - Web Server

The Web Server is configured with authentication restrictions for all files in the GNU remotecontrol DocumentRoot. This restricts access to the files of your GNU remotecontrol website to authenticated website account users only. It is STRONGLY RECOMMENDED that connections to Internet facing servers, or through any untrusted networks, are further secured with SSL encryption.

It is also STRONGLY RECOMMENDED to completely prohibit access to the GNU remotecontrol file Common.php through your Web Server, to further protect your GNU remotecontrol Database login credentials. This can be accomplished in either the Web Server configuration file or by adding the following directive in an .htaccess file in the GNU remotecontrol DocumentRoot:

	<Files "Common.php">
	order allow,deny
	deny from all
	</Files>

6.1.2 Requirements

GNU remotecontrol can operate on any platform that can run PHP with cURL and MySQL.

6.1.3 Options

GNU remotecontrol runs without any known problems on Apache and IIS. Running GNU remotecontrol on a lightweight Web Server versus a complete Web Server is possible, but not recommended. This is due to the security benefits of a complete Web Server. Again, you are responsible for setting up your security on your Web Server.

6.1.4 Configuration

GNU remotecontrol will not work with anonymous users. This is because of how GNU remotecontrol is designed and for security purposes. You must add at least a single user in your GNU remotecontrol database using the admin.php web page, which is checked against an identically named user account that is configured in your website. GNU remotecontrol authentication is aligned with Web Server authentication, by keeping user names between the two identical. Please review the section for the admin.php web page, for more information on this requirement. Follow the configuration stated by the Web Server you so choose to use.

Here is what you need to run GNU remotecontrol on Apache, after you setup your security on your Web Server. This example Web Server configuration provides an administrator user called tstat_admin having access to admin.php and all other pages of the website. The remaining users, tstat_test_user_1 and tstat_test_user_2, cannot get to admin.php, though they can get to all other pages of the website.

6.2 Database Server

Please make certain you have the required software versions, as listed in the beginning of this section.

6.2.1 Security Model

GNU remotecontrol is configured with the minimum level of security necessary for a Database System. You are responsible for setting up your security on your Database Server.

It is not necessary to leave the file /src/dbscripts/iptstat.sql on your Database Server file system, after you initially run it to setup your GNU remotecontrol database.

6.2.2 Requirements

Follow the configuration requirements stated by the Database System you so choose to use.

GNU remotecontrol runs without any known problems on MySQL. Running GNU remotecontrol on a lightweight Database Server versus a complete Database Server is possible, but not recommended. This is due to the security benefits of a complete Database Server. Again, you are responsible for setting up your security on your Database Server.

6.2.3 Options

It is important to consider the option of a Federated Database System in environments where GNU remotecontrol will operate with legacy databases and existing datasets. This option provides the benefit of reducing implementation costs and shortening deployment timescales, by leveraging existing Database Systems to work with your GNU remotecontrol database. You are not bound to only use MySQL for your GNU remotecontrol. Thinking outside of the box here can help you find innovative ways of implementing your GNU remotecontrol.

6.2.4 Configuration

Follow the requirements stated by the Database System you so choose to use.

There is a single database script, /dbscripts/iptstat.sql. This script builds the GNU remotecontrol database. From there, you apply your security model as you see fit.

Configure the file Common.php with the password you wish to setup for your PHP to authenticate to your MySQL server. Edit the string accordingly:

const ConnectionString = 'Host=localhost;DB=iptstat;UN=tstatuser;PW=Yell0w';

6.2.5 Translations

All databases have a character set and collation setting that can be configured to handle languages with special characters. The Character Sets and Collations specify what you can add to your tables. This does not have to be a global setting. This can be table-specific or even field-specific.

GNU remotecontrol is built to display in any language you can get into the database. You can also edit the contents, as you prefer, with wording that is more appropriate for your end-users. This will help ease your usage of GNU remotecontrol in multilingual environments.

6.3 Remote Monitoring Server

Please make certain you have the required software versions, as listed in the beginning of this section.

6.3.1 Security Model

GNU remotecontrol is configured with the minimum level of security necessary for a Remote Monitoring application. You are responsible for setting up your security on your Remote Monitoring Server.

6.3.2 Requirements

Follow the requirements stated by the Remote Monitoring application you so choose to use.

6.3.3 Options

The question must be answered.....why would you not monitor your systems? This is not a judgemental question, simply framing the context of this section. This section has a list of Frequently Asked Questions, at the end. If your answer contents you to not have a Remote Monitoring Server, so be it. Perhaps you trust the decisions and work of others enough to not bother with setting up a Remote Monitoring Server. That is often a poor choice.

Running a Remote Monitoring Server is the easy part of having a Remote Monitoring Server. The biggest decision you have to make is..... are you going to run it, or is someone else? Then, and only then, choose the technology combination you want to have for your Remote Monitoring Server. Do not let your skill set alone decide what is best for meeting your needs. Determine what you needs are, count the cost, and then choose your technology.

Popular Options

Note: There are many, many other options to choose.

We have developed plugins for Nagios that quite nicely round out the Energy Management strategy. Check out the Nagios Plugins.

6.3.4 Configuration

Follow the configuration stated by the Remote Monitoring application you so choose to use

6.4 Nagios Plugins

We have developed 2 plugins to round out the GNU remotecontrol Architecture. The function of these plugins is to capture and process numerical characters from data obtained from your IP enabled thermostat and RSS feeds for weather information out of doors. The measurements of Temperature, Humidity, Wind-Speed, Wind-Chill, and Atmospheric (Barometric) Pressure help to analyze your entire HVAC system and determine if your Energy Management strategy is working for you. Other measurements can be added in as preferred, as shared below.

6.4.1 Proliphix Alarms

The need for the Thermostat Plugin - check_ubicom is better understood when the limitations of the native Proliphix alarms are examined. The Proliphix thermostat device has 4 alarms.

Alarms in the thermostat device were considered for displaying in GNU remotecontrol index.php or another web page not yet developed (perhaps something like a GNU remotecontrol alarms.php web page). Feedback from users during development of GNU remotecontrol showed their preference is to be informed of alarms from a Remote Monitoring Server notification. This approach also provides logging of all monitored information, a feature not available in the thermostat device itself.

The Temperature and Humidity alarms are already provided for in the Nagios checks we have developed. The Filter Change alarm has various pre-determined options to select; 10, 30, 60, 90, 120, 240, 365 Runtime Days. This does not account for dust accumulating on a filter, should the power be off to the thermostat device. This logic combination is determined as insufficient to use for monitoring when to change the filter of an HVAC system. Reasoning for this determination includes:

The Proliphix API only supports reading these alarms, not setting an alarm threshold or resetting an alarm event. The user must go to the web page within the Proliphix thermostat device for setting an alarm threshold or resetting an alarm event. Also, there is only a single alarm issued per alarm type until the alarm type event is reset in the thermostat device. This logic combination means a threshold may be exceeded, return to an acceptable level for the user, and then be exceeded again. This example is an excellent illustration of the value gained by having a Remote Motoring Server, with its fully configurable and flexible alarm functionality, watching your network, your devices, and anything else you can monitor.

Finally, since the thermostat device has a threshold of how many read events the unit can support per minute, we did not want to overwhelm the device with multiple read events. An example of this overwhelming of the device is:

The Proliphix API is quite distinct about this cautioning of too many read events per minute through the Proliphix API. The combination of the web server of the thermostat device and GNU remotecontrol index.php is a proper approach to use and not overwhelm the thermostat device. This approach caches the data and avoids repeated Proliphix API calls to the Proliphix HVAC thermostat device.

6.4.2 Thermostat Plugin - check_ubicom

Please review the documentation provided with the source code for the plugin for detailed usage instructions. The following is an outline of the detailed instruction.

This plugin will attempt to read temperature and humidity from an IP thermostat. Successful reads initially set the response to STATE_OK. If the temperature or humidity falls outside the range set by the warn-temperature or the warn-humidity arguments, then the response is upgraded to STATE_WARNING. If the temperature or humidity falls outside the range set by the critical-temperature or the critical-humidity arguments, then the response is further upgraded to STATE_CRITICAL. Failure to read both values (due to timeout or parsing failure) results in a STATE_UNKNOWN response.

Temperature and humidity arguments may specify a minimum, a maximum, or both. A ’:’ character must be used to follow a minimum or precede a maximum. For example.....

6.4.2.1 Syntax Example - IMPERIAL

check_ubicom -wt :70 -ct :90 -wh 10: -ch 5: -t 60 -I example.remote-mon.com -u /status.shtml

6.4.2.2 Result Example - IMPERIAL

6.4.2.3 Syntax Example - METRIC

check_ubicom -m -wt 0:30 --critical-temperature=-10:50 -I example.remote-mon.com -u /status.shtml

6.4.2.4 Result Example - METRIC

6.4.2.5 Syntax Example - Macro

define command{

command_name check_ubicom_whatever

command_line $USER1$/check_ubicom -I 10.10.10.22 -p 8264

}

6.4.3 Weather Plugin - check_weather

Please review the documentation provided with the source code for the plugin for detailed usage instructions. The following is an outline of the detailed instruction.

The check_weather plugin checks the wind-chill, wind-speed, humidity, pressure, and temperature received from Yahoo! Weather RSS Feed for a single station code. The return value is always OK or UNKNOWN.

You are certainly free to use any other RSS feed you prefer. Examples of this include The Weather Channel and Weather Underground. All of these RSS feeds have free and paid options. Please carefully read their provisions if you select to use their RSS feed.

The performance values returned by the check_weather plugin, in order, are:

  1. wind-chill (apparent temperature) in degrees F or degrees C
  2. wind-speed in m.p.h. or km.p.h.
  3. relative humidity in percent
  4. barometric pressure in in.Hg or mm.Hg
  5. current temperature in degrees F or degrees C

6.4.3.1 Syntax Example - IMPERIAL

check_weather -z USTN0268

6.4.3.2 Result Example - IMPERIAL

OK|52 8 88 29.68 52

  1. 52 degrees Fahrenheit wind-chill
  2. 8 mph wind-speed
  3. 88% relative humidity
  4. 29.7 in.Hg barometric pressure
  5. 52 degrees Fahrenheit actual temperature

6.4.3.3 Syntax Example - METRIC

check_weather -z USTN0268 -m

6.4.3.4 Result Example - METRIC

OK|35 12.8748 88 753.872 35

  1. 35 degrees Celsius wind-chill temperature
  2. 12.8 km/h wind-speed
  3. 88% relative humidity
  4. 758.8 mm.Hg barometric pressure
  5. 35 degrees Celsius actual temperature

6.4.3.5 Syntax Example - Macro

define command{

command_name check_weather_knox

command_line $USER1$/check_weather -z USTN0268

}

These plugins are developed under the Nagios License.

6.5 Email Server

6.5.1 Security Model

GNU remotecontrol is configured with the minimum level of security necessary for an Email Server. You are responsible for setting up your security on your Email Server.

6.5.2 Requirements

Follow the requirements stated by the Email Server application you so choose to use with your RMS Server.

The email send function used in the GNU remotecontrol Architecture is for sending email from your Remote Monitoring Server to you, using SMTP. The mail send function will use the server’s Mail Transfer Agent (MTA). Requirements for High Availability of mail sending necessitate the configuration of a secondary MTA to provide service redundancy. You will need to have your own registered Domain Name with its MX record, to be able to send email messages directly to recipients and not be blocked by various Internet Service Providers (ISPs), for fear of spam.

6.5.3 Options

Many ISPs block outgoing packets through port 25. This occurs as a matter of course to minimize spam. If you ISP is blocking port 25, then you have the option.....and is STRONGLY RECOMMENDED for security purposes.....to configure your MTA to use SSL/TLS encryption when sending messages to remote mail servers (SMTPS). This configuration would normally use a different port to port 25 for outgoing messages, overcoming the problem of blocked port 25. If your server is not operating under a registered Domain Name, then you have no option but to use a 3rd party SMTP service offered by different ISPs (e.g. DynDNS Email, Gmail, etc.) to relay messages from your RMS server to the intended recipients, via your email account on the 3rd party server.

Do yourself a big favor and become very, very clear on these 3 items:

Then, do yourself a very big favor and become very familiar with these 4 items:

Now, having a familiarity understanding of these items will equip you to have a very successful talk with your Email Administrator, or your Internet Service Provider, or a Mail Relay Provider. That administrator will ask you several questions about how you want email handled for your GNU remotecontrol. Prepare beforehand for that discussion. The discussion will go much better if you are familiar with and understand these items.

6.5.4 Configuration

Follow the configuration stated by the MTA application you so choose to use and the settings provided by any 3rd party SMTP service.

The Remote Monitoring Server can be configured to send notifications to any number of different recipients. It is advisable that you configure the access control list of your Email Server to only allow messages to be sent from the user under which your Remote Monitoring Server is running, as an added security precaution.

The email you probably want to receive is that which will notify you of a condition occurring. You are notified by email messages sent to you by your Remote Monitoring Server. You do not have to keep these email notifications after you are notified, nor do you need to set any reports to be sent to you in more emails. All of the information you would ever need about notifications, alerts and their history, is being stored on your Remote Monitoring Server, either in log files or in a database. The benefit of receiving an email alert is to be notified in real time, when you need to look into an exception event to mitigate its impact. The benefit of this awareness is priceless.

Note: Don’t use an SMS address when sending email to cell phones. Use the cell phone’s email address via the Free Email To SMS Gateways. Major United States Carriers offer this to both email and SMS users. Look for the same options of the cell phone provider’s of the land in which you live. You will be much happier using the cell phone’s email address, as you can easily track if the message went out or not, versus wondering about the SMS system.....in which knowing is often a mystery. Finally, it is 1 less system to work with.

6.6 Frequently Asked Questions

6.6.1 What is RMS?

RMS is the acronym of Remote Monitoring Server.

6.6.2 What is Remote Monitoring Server?

A Remote Monitoring Server regularly keeps track of your chosen networked device (computers, email servers, web servers, routers, IP thermostats, et cetera) and notifies you with alerts of any problems when they occur.

6.6.3 Why do I need RMS?

If you want to know the status of any IP addressable device, you need to monitor it. If you do not have the time/effort available to stand there and watch the device yourself, you need something to automatically monitor it and record the results for you to review at your leisure. Ideally, that Remote Monitoring Server will promptly notify you of anything occurring that you have defined as a problem. An automated technology that remotely monitors your equipment, commonly referred to as.....stuff.....and alerts you when there is a problem. This is RMS.

6.6.4 What will RMS do for me?

Watch your “stuff” and tell you when your “stuff” has a problem. It logs the results of the monitoring of your “stuff” for you to review in a web page based format. That will help you figure out very quickly if something is wrong and what is wrong with your “stuff”.

6.6.5 How do I use RMS?

Pretty easy, actually. Setup your Remote Monitoring Server and decide what network and devices you want monitored. From there, you receive an email and/or SMS message to your cell phone when there is a problem.

6.6.6 Does a Remote Monitoring Server do graphing?

Yes, it produces graphs providing a visual indication of the measurements taken, in configurable scale and units of measurement.

6.6.7 Mobile access for RMS?

Yes, you can access your RMS server using your cell phone Internet browser.

6.6.8 Is it difficult to use RMS?

No more difficult than receiving an email or SMS message when an alert occurs. Reports of historical events are available on the RMS served website, which includes a summary dashboard, as well as detailed log tables and graphs.

6.6.9 How many emails/SMS messages will I get?

More than enough for you to know if and when there is a problem. A notification system is almost limitless in how it can be configured for you. A good example is not receiving all SMS message in the middle of the night, but only the SMS messages you conclude you must have ’round the clock. When you receive a notification, how many times you receive a subsequent notification for the same failure, and who receives that notifications.....all set up as you want.

6.6.10 How many different email addresses will you send me notifications to?

Often, there is a primary and a secondary person in a monitoring notification. Each person has an email address and an SMS address, receiving email and SMS notifications to each address.....as you prefer. Or, it is sent to a Distribution List. The combination of options are plentiful to send email, rest assured.

6.6.11 Can I use RMS to help Test & Balance my HVAC system?

Yes. RMS & GNU remotecontrol work together to help you do just this. Having recorded data for your system usage and outdoors weather information is priceless for testing & balancing. It offers considerable cost savings, in both time and effort, to review recorded data to optimize your system setup. Additionally, you can reduce the number of people necessary to do the testing and balancing down to 1 person.

6.6.12 Do I need RMS?

Not to sound silly, but RMS prevents a mess. It is impossible to consciously improve anything without first measuring it. You may stumble upon a way to improve it, but is that a pro-active approach to managing anything? Of course not. To help improve things, RMS helps by monitoring the status your resources. The unknown things of life can crop in and cause problems. The faster you know about a problem, the faster you can stop any damage that problem may cause. RMS helps you take advantage of the opportunity to improve how you manage things, so the chance of a problem returning becomes less likely.

6.6.13 Really, how do I know that I need RMS?

If you worry about your “stuff”, and your “stuff” has an IP address, you need RMS.


Next: , Previous: , Up: Top   [Contents]