PLCnext on LinkedInPLCnext on Instagram  PLCnext on YouTube Github PLCnext CommunityStore PLCnext Community

  1. pietrospranzi
  2. PLCnext Technology & PLCnext Controls
  3. Friday, 20 March 2020

I have a problem when i try to secure Node-red with the classic procedure. I have first installed Node.js with the app on the store and the i have installed Node-red.

I have modified the file settings.js which is used from Node-red to read the settings but it doesn't work.

I have performed this procedure with a lot's of other devices but i never had problems.

Here are the steps that i have performed:

  • Install Node.js using offline procedure
  • Install Node-red using this command: npm install -g node-red
  • Modify the settings.js to create an account

But it doesn't work. I have tried to perform the same procedure with a Siemens device and it works perfectly. I am wrong with something? Could the version of node be a problem?

Could you help me with this thing

Stefan Brinkmann Accepted Answer Pending Moderation
0
Votes
Undo

Hi Pietro,

I tried it on my AXC F 2152 and it worked fine.

Here are my steps

 

  1. install node-red admin
    npm install -g node-red-admin

  2. create a password hash
    node-red-admin hash-pw

  3. open the settings.js
    sudo nano ~/.node-red/settings.js

  4. enable the adminAuth section and paste in the password hash

After a reboot of the controller I will be prompted for a username and password when I connect to node-red.

pietrospranzi Accepted Answer Pending Moderation
0
Votes
Undo

Hi Stefan,

I thank you for the quick repsonse. I know that the standard procedure is the same and i have already done it but unfortunately it does not work. I better describe my situation:

  • I have performed a factory reset of the PLC
  • I have installed the latest version of the firmware downloadable from the site (2020_0_1_LTS)
  • I have installed Node.js version 12.16.1 LTS using the offline procedure
  • I have installed Node-red using command: npm install -g node-red
  • I have installed node-red-admin using command: npm install -g node-red-admin
  • I have created a password with command: node-red-admin hash-pw
  • I have opened settings.js and i have uncommented the section related to Auth and i have paste the password

I have noticed that during the installation of node-red i see many errors as shown in the image attached.

Maybe i have to install some other packages before installing node red. I am wrong with something during the installation?

Attachments (1)
Stefan Brinkmann Accepted Answer Pending Moderation
0
Votes
Undo

Hi Pietro,

 

when I have a look at your errormessages it looks like Python is not properly installed on your device. Please try to install or update Python. There is a description in the makers blog.

There is also a message like unsufficient access rights. Have you tried to make the installation as root? 

pietrospranzi Accepted Answer Pending Moderation
0
Votes
Undo

Hi Stefan,

I have done all with root account. Following your advice, i have noticed that no version of python is installed on the PLC: if i use command: python --versione the system responde me: -sh: python: command not found.

I have looked in the markers blog but i have founf only the procedure that uses the following command: /opt/bin/ipkg install python3. This command is no longer valid. Is there another way to install python on the PLC?

Thank you very much for your help

Stefan Brinkmann Accepted Answer Pending Moderation
0
Votes
Undo

Hello Pietro,

what do you mean by "The command is no longer valid"? Befpre you can use the command, you have to install the package manager ipkg as decribed in the makers blog.

After that you should be able to install python.

Here are my steps:

wget -O – http://ipks.nslu2-linux.org/optware-ng/bootstrap/buildroot-armeabihf-bootstrap.sh | sh

export PATH=$PATH:/opt/bin:/opt/sbin

sudo ipkg install python3

sudo install py3-pip

pip3 install --upgrade pip

sudo ipkg remove py3-pip

 

Marcel PLCnext Team Accepted Answer Pending Moderation
0
Votes
Undo

Hi Pietro,

there should be a version of python be installed. The command is not python --version, you need to call python3 --version

I am not sure if its the correct way, but you could create a symlink on the python3 as root:

ln -s /usr/bin/python3 /usr/bin/python

pietrospranzi Accepted Answer Pending Moderation
0
Votes
Undo

I proceeded to perform the factory reset of the PLC again. I followed the following steps:

  • update firmware to the latest version available
  • node installed via app downloaded from the site
  • installed ipkg with command: wget -O - http://ipkg.nslu2-linux.org/optware-ng/bootstrap/buildroot-armeabihf-bootstrap.sh | sh 
  • installed python3 with command: /opt/bin/ipkg install python3
  • create soft link between /usr/bin/python3 and /usr/bin/python
  • executed: export PATH=$PATH:/opt/bin:/opt/sbin  
  • used command python3 --version to see the version installed
  • set python version with command: npm config set python python3.7.2
  • installed node-red with command: npm install -g node-red --unsafe-perm

This procedura led me, fortunately and finally, to the result of havig password proteceted flows; particular that in such an important application as the one i am implementing it is obviously essential.

I renounce on the use of the RT datalogger which itself, having tested it, i also have serious doubts about its operation. A custom datalloger was developed by me on another Siemens device where a MySQL database was created inside which will be populated by a special script i created and residing on the Siemens itself.

I strongly recommend, as a user, to install Node-red by default already in the testing phase (In Phoenix contact) or alternatively have a detailed guide with all the commands that must be used because it is really unthinkable to spend so much time to make a so simple operation due to particular dependencies or files that are missing in the standard firmware base package provided. Frankly speeking, i do not feel like investigating the operation of the RT datalogger as i would not want particular situation to arise that will make the situation unstable which now seems to be

 

Thank you so much Marcel and Stephan for your help

 
 
Frank PLCnext Team Accepted Answer Pending Moderation
0
Votes
Undo

Hi pietrospranzi,

first of all I'd like to apologize for the bit inconvenience procedure and that you've had to spent that much time for it, but next I'd like also to thank for your valuable feedback!
This gives me the change for a bit more detailed answer, which hopefully gives you an outlook and also answers the question why ? .

The initiate design goal of PLCnext were to offer an industrial grate, real-time, secure but as well open control platform.
Since the introduction we've got an enormous positive feedback from the marked as well as a lot different use cases and with it requirements (in terms of supported libs, frameworks ...) which we've not had really in focus on the beginning.

That's fine, but this leads to the problem that some of those requests are maybe incompatible to each other, or would lead to a really huge image which is fairly hard to maintain.
Keep in mind that we're also tracking for every used lib and package the security vulnerabilities --> Cyber Security demand.

However, we came to the clue, that we need another way to fulfill the community demands instead of implementing every requested framework (e.g. node.js, .Net Core, Java, and a lot more).

So we've decided to enable PLCnext to be capable to run "Docker" Containers (read this article), which would make it more easier to deploy those features with all dependencies.

We'll have full Docker support (by means of implementing the balena-engine) by middle of the year, but you can start right away even with the current firmware.

Honestly, I don't know if the node.js container on Docker-Hub will already fulfill all of your demands but this is the direction were we're heading to.

I hope this little insight could explain a bit "why" the current procedure is a bit cumbersome and how we try to ease this.

Take care

Frank 


Phoenix Contact Electronics Headquarter - PLCnext Runtime Product Management and Support

pietrospranzi Accepted Answer Pending Moderation
0
Votes
Undo

Hi Frank,

Thank you for the detailed explanation and for the quick support that the Phoenix techincians have given me in the development.

The particularity that the PLC supoorts and will support Dockers trust that it turns out to be a winner choice. Everything nowadays can work on docker: from MySQL, to Java applications or anything else. Besides guaranteeing the single execution of the various containers, docker allows communication between them and makes the distribution of an application very simple.

Pay atteintion to the various peculiarities of the operating system installed on the PLC in addition to the HW performance in accordance with the containers which will then be installed into the PLC which can be truly varied.

 

Best regards and thank you again

pietrospranzi Accepted Answer Pending Moderation
0
Votes
Undo

For the current project i just needed to put a security password on node-red and therefore i will not have the opportunity to take advantag of the potential of docker.

Definitely for the future projects i will take seriously its use. Since the company in which i work distributes autonomously guided robots that are controlled by rest api (HTTP request), it is possible to use high-level Language and develop an application then be easily incorporated into a container for me is optimal

 

I want to thank you again!

  • Page :
  • 1


There are no replies made for this post yet.
However, you are not allowed to reply to this post.