Versions Compared

Old Version 1

changes.mady.by.user Jonathan Simon

Saved on

compared with

New Version 2

changes.mady.by.user Dave Bacher [analog]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: add notes about apc_launcher waiting for NTP sync

...

No Format
[include]
files=/opt/dust-apc/etc/supervisor.conf.d/*.conf

 When started in the default configuration, the AP Bridge launches a script that waits for NTP to synchronize time before launching the main AP Bridge process, named apc. The NTP service should be started before the AP Bridge is started.  

Secure communication

The AP Bridge software does not implement the TLS security layer itself. Instead, to implement secure communication with the VManager, the AP Bridge uses stunnel running on the same device. To secure the AP Bridge connection, stunnel is configured to listen to local TCP port 9100 and connect to TCP port 9101 on the VManager host. From the AP Bridge, stunnel establishes a connection to the remote VManager and negotiates the cipher suite with stunnel on the VManager. Stunnel uses the host's openssl library, so both the stunnel and openssl packages should be kept up to date on the VManager and AP Bridge systems.   If you do not specify a specific set of security suites to use, stunnel will revert to openssl defaults. Configuring openssl for a particular security suite, or operation in FIPS mode, is left to the system operator.

...

The AP Bridge binary runs as the dust user. To interact with the AP Mote, the AP Bridge software must be able to read and write to the AP Mote's serial devices. On the Ubuntu distribution, this means the dust user must be a member of the dialout group. 

Environment variables

NameDefault valueDescription
APC_HOME/opt/dust-apcThe directory where the APC is installed
Note

Some of the provided configuration scripts may use a hard-coded default value for APC_HOME. If the default install location is changed, similar changes may need to be applied to the startup and configuration scripts.

...

In-network time is mapped to system time at network start, via the master AP (or master APs if GPS is being used). If the AP(s) is/are connected to the system hosting the VManager, then the VManager and AP Bridge software will be synced to a single time base. If the AP is installed on a separate device, then both the VManager system and the AP Bridge host should be synced to the same time base. This can be accomplished using NTP (or GPS when using this method for AP timing), but the details of how time synchronization is configured is left to the system operator. The VManager and each of the AP Bridges connected to it should synchronize to the same time servers. In addition, the AP Bridge software should only be started after the system time has been synced by NTP. The AP Bridge package contains a script apc_launcher.py that waits for NTP to synchronize before launching the main apc process

In the event that the VManager system and AP Bridges are not synchronized, the SmartMesh IP network will continue to work normally, however mapping network time to UTC time accurately may be impossible. 

...