openBalena VPN function

Hi all,

I’m following the development of openBalena, but we’re not using it at the moment. I’ve stumbled upon an open pull request, which states that openBalena does not use a “regular” VPN, but it has some VPN-like features.

I’m was not sure where I should ask the question, here or in the pull request itself, but what does openBalena use for the connection (SSH etc.) with devices? I’ve read some articles about IoT and VPN connections, but there are some limitations. For example, you’ll need a powerful server (powerful CPU and much RAM) and even multiple instances when you’ve many devices connected to it. In our case, each year at least 250 new devices are added to the (future) openBalena instance. Not all devices are always connected to the internet, but probably about 80% of them.

So, if openBalena is not using a regular VPN, is this because of these reasons? And is it much less resourceful than a regular VPN? And, one of the most important questions, can you scale openBalena by using multiple instances for the VPN and such, or can you just run 1 openBalena instance and that’s it?

I’m very eager to know how openBalena works and if it can be scaled well. And last but not least, keep up the great work!

Hi,

We are very glad to hear you are so interested in openBalena.
The PR is talking about the feature list that we advertise from openBalena and indeed we do not give our users a VPN to work with, but we give them a wrapper around a VPN which augments the VPN, but only exposes the features we want to the user. The VPN in openBalena (https://github.com/balena-io/open-balena-vpn) is used to reach the device, establish ssh connections etc. As the PR says the VPN is the way we implemented these features it is not a feature in itself.

We are using openVPN to implement these features and yes we do allow for the instances to scale. You can find more details about scaling in the repository I linked above.

Kind regards,
Theodor