Corso Systems

View Original

Docker and Ignition Development

Since our first Vision to Perspective Conversion in 2023, we’ve had a massive demand from many companies needing help migrating their Ignition Vision systems to the Ignition Perspective module.

Early in our process, we learned that it was important to work with same version of Ignition the customer was running during a conversion to Perspective. Before this realization, we had been using the latest version of Ignition when starting a project. It’s not always possible to simply upgrade a customer’s existing Ignition gateway at any point in time—and new functionality is often added to the platform in each release. So, if we used one of the features in a version of Ignition newer than what the customer is running, we found issues when deploying to their existing gateway.

As a fully remote company since 2011, we use cloud-based Linux machines for our company-wide Ignition and database development environments. While this works well for our internal systems built on Ignition and project-based development, it can be limiting when we need to set up an entire Ignition gateway for multiple engineers to work on simultaneously.

Docker to the Rescue

Since its release a couple years ago, the Ignition Docker Image is a solid foundation for building out a Docker strategy to run Ignition gateways.

While the purists may disagree with this take, Docker is simply a way to run software inside of a container. Essentially, this container acts as a computer with pre-configured software, security, and data that you can turn on and off. It’s similar the virtual machines that are common across most businesses. And now, you can also run many Docker containers on one server.

For our needs, Docker allows us to run multiple Ignition gateways on one cloud-based server. We can run different versions of Ignition in different containers, connect to different databases running in other containers, and keep our overall costs low by not needing a new server for each gateway we want to run.

Easy to Remember Access

As previously discussed, another advantage of Ignition in general—and especially Perspective—is that you can access Ignition Gateways and Perspective projects with URLs and domain names. This feature makes it very easy to remember how to access a given Ignition system, since you can set it up on a specific domain or subdomain. For example the website you’re currently reading from is located at corsosystems.com. We also have subdomains set up for other servers (such as our internal business systems built on Ignition) which are located at admin.corsosystems.com.

For our Vision to Perspective Conversion development, we found that using a technology stack of Docker, Traefik, and Portainer allows us to easily spin up multiple gateways and access them with subdomains—all while keeping everything secure with SSL certificates. We can even manage multiple development databases.

The beauty of this approach is that we can take a customer’s Ignition Gateway Backup file, spin up a Docker container with the correct version of Ignition, set up a subdomain to point to the gateway, change the gateway password without having to run the gwcmd -p script, and have access to their gateway in a matter of a couple minutes. Then, our team can share links like AmazingCustomer.corsosystems.com with each other rather than an IP address and our engineers can access the systems with an easy to remember URL.

Security is Key

Using Traefik to handle mapping the URLs to the containers also allows us to use SSL certificates leveraging Let’s Encrypt to secure our SCADA servers.

This particular setup also let’s us use a single wildcard certificate on our domain since Traefik can handle mapping everything. Our Docker Compose files are set up to manage configuration inside of Ignition, so we have automatic SSL encryption from the moment the container is turned on.

Once an Ignition gateway is set up and running in a Docker Container, is accessible via a URL, and is secure with SSL, we then add in our Google Workspace Identity Provider so we can access the gateway securely within our usual work flow.

Wrapping Up

Yes, we left out the tutorial portion of this post. But, if this is something you would like to implement at your company and need some tips and tricks on how to set everything up, please reach out and let us know!

Overall, this setup has sped up our overall process for completing Ignition Vision to Perspective Conversions. We can import a customer’s backup, get into it with our own credentials, and be on the correct version of Ignition in a matter of minutes. We don’t have to work with local development environments, or find a way to expose someone’s machine to the rest of the team.

This is an example of how modern manufacturing technology like Ignition combined with modern technology in general can speed up implementations, reduce security risks, and make everyone’s life easier in our highly connected world.


Ready to start your Ignition project with us?

Schedule a short intro call with Cody Johnson in sales today: Schedule Meeting

Or contact us with your project details.