IEF Service Overview - HUAWEI CLOUD · 2020. 12. 14. · IEF Service Overview IEF Service Overview...

IEF Service Overview

IEF Service Overview

Issue 01

Date 2020-12-14

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without priorwritten consent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respectiveholders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei andthe customer. All or part of the products, services and features described in this document may not bewithin the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,information, and recommendations in this document are provided "AS IS" without warranties, guaranteesor representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518129People's Republic of China

Website: https://www.huawei.com

Email: [email protected]

Issue 01 (2020-12-14) Copyright © Huawei Technologies Co., Ltd. i

https://www.huawei.commailto:[email protected]

Contents

1 What Is Intelligent EdgeFabric?........................................................................................... 1

2 Functions................................................................................................................................... 3

3 Advantages............................................................................................................................... 6

4 IEF Instance Editions............................................................................................................... 9

5 Basic Concepts........................................................................................................................10

6 Requirements......................................................................................................................... 12

7 Permissions Management................................................................................................... 14

8 Quotas......................................................................................................................................15

IEF Service OverviewIEF Service Overview Contents

Issue 01 (2020-12-14) Copyright © Huawei Technologies Co., Ltd. ii

1 What Is Intelligent EdgeFabric?Cloud computing capabilities are centralized, which are far from devices such ascameras and sensors. It will cause long network latency, network congestion, andservice quality deterioration in scenarios where high real-time computingperformance is required. Furthermore, the computing capabilities of devices areinsufficient and far behind those in the cloud. This is where edge computingcomes in. By deploying edge nodes near devices, the computing capabilities in thecloud are extended to the edge nodes.

Intelligent EdgeFabric (IEF) provides you a complete edge computing solution, inwhich cloud applications are extended to the edge. By leveraging edge-cloudsynergy, you can manage edge nodes and applications remotely and process datanearby. In addition, you can perform O&M in the cloud, including devicemonitoring, application monitoring, and log collection.

As shown in Figure 1-1, IEF extends cloud capabilities such as AI applications andfunctions to edge nodes, which are close to devices. In this way, the edge nodeshave the same capabilities as the cloud and can process device computingrequirements in real time.

IEF Service OverviewIEF Service Overview 1 What Is Intelligent EdgeFabric?

Issue 01 (2020-12-14) Copyright © Huawei Technologies Co., Ltd. 1

Figure 1-1 Edge cloud computing

IEF Service OverviewIEF Service Overview 1 What Is Intelligent EdgeFabric?


2 FunctionsEdge Node Management

IEF can connect to a large number of edge nodes, automatically generateconfiguration information about edge nodes, and efficiently and convenientlymanage edge nodes where Edge Agent is installed. In this way, all edge nodes canbe managed, monitored, and maintained in the cloud.

Figure 2-1 Edge node management

Edge Device ManagementDevices can be connected to IEF through edge nodes by using the MQTT, Modbus,or OPC UA protocol. After devices are connected to IEF, you can manage them onIEF in a unified manner.

IEF Service OverviewIEF Service Overview 2 Functions


Figure 2-2 Edge device management

Edge Application ManagementIEF allows containerized applications and functions to be deployed on edge nodes,and manages these containerized applications and functions.

● Containerized applicationsIEF allows edge applications to be deployed on edge nodes as containers.Specially, edge applications are packed into container images and pushed toSoftware Repository for Container (SWR) of HUAWEI CLOUD. Then, edgeapplications are deployed on edge nodes by using the edge applicationtemplate created on IEF. In addition, IEF supports version upgrade,configuration change, uninstallation, monitoring, and log collection forapplications.The container ecosystem is prosperous, which can help your containerizedapplications seamlessly switch to other runtime environments and enhancetheir portability. In addition, containers can isolate resources better andsupport CPU/GPU scheduling.

● FunctionsIEF allows functions in HUAWEI CLOUD FunctionGraph to be deployed onedge nodes. Then, IEF can control the start and stop of the functions.Functions provide more lightweight architecture and faster deployment thancontainers. You are advised to use functions in the following scenarios:– Edge node resources are limited.– The service logic of edge applications is event-driven. In this way,

functions can quickly respond to service requirements through the event-based triggering mechanism.



https://www.huaweicloud.com/intl/en-us/product/swr.htmlhttps://www.huaweicloud.com/intl/en-us/product/functiongraph.html

Figure 2-3 Edge application management

Message Route ManagementIEF provides the message routing function. Based on configured routes, IEFforwards edge messages to the corresponding service endpoint (sender orrecipient). In this way, messages can be forwarded based on specified paths,enhancing flexibility in data routing control and improving data security.

Currently, the following message forwarding paths are supported:

● SystemREST -> ServiceBus: The REST gateway interface is called to obtain fileservices on edge nodes. The collaboration with the edge file service in theedge market is required.

● SystemREST -> SystemEventBus: The REST gateway interface is called to sendmessages to SystemEventBus (MQTT Broker) on edge nodes.

● SystemEventBus -> API Gateway: SystemEventBus forwards the edge devicedata bound to edge nodes to a specified API Gateway address. Thecollaboration with the edge device connection application in the edge marketis required. Alternatively, SystemEventBus directly forwards the edge devicedata to a specified API Gateway address through SystemEventBus on edgenodes.

● SystsEdgedb -> Systsdb: SystsEdgedb calls the REST interface of CloudTable atthe edge to upload the time series data of edge nodes to CloudTable. Thecollaboration with the CloudTable application in the edge marketplace isrequired.



3 AdvantagesExcessive Intelligent Edge Applications

IEF allows more than 20 AI models such as stream processing, video analysis,Optical Character Recognition (OCR), and image recognition, to be deployed onedge nodes. It also provides synergy between edge applications and cloud services.

Figure 3-1 Excessive intelligent edge applications

High-Performance Intelligent Edge HardwareIEF provides a software and hardware integrated solution, which offers users withlow-cost, out-of-the-box, and centralized on-cloud O&M services. It uses Huaweigeneral-purpose servers and AI hardware and is deeply integrated with HuaweiAscend chips to provide high-performance, low-cost edge AI inference computingpower. IEF also supports TaiShan servers that use Huawei Kunpeng processors.

IEF Service OverviewIEF Service Overview 3 Advantages


Figure 3-2 Edge hardware

Security and Reliability● IAM authentication

Agencies can be created in Identity and Access Management (IAM) to allowedge nodes to access HUAWEI CLOUD resources such as ApplicationOperations Management (AOM), Software Repository for Container (SWR),and DIS.

● Edge node securityEdge Agent creates dedicated service users whose accessible directories andpermissions are limited. Users can upload logs and monitoring information tothe cloud based on their requirements.

● Edge-cloud synergy communication securityEdge Agent initiates a request to IEF for establishing a bidirectional encryptedchannel. Messages exchanged between devices and IEF are authenticated andencrypted by certificates.

● Cloud securityThe frontend anti-DDoS protects the cloud against malicious attacks.A unique access certificate is issued for each edge node. Bidirectionalcommunication is authenticated and encrypted by certificates.

● Device securityEdge devices use certificates for identity authentication.



Figure 3-3 IEF security solution

Open CompatibilityIEF is based on the open-source software KubeEdge. Based on Kubernetes,KubeEdge provides fundamental infrastructure support for network, applicationdeployment, and metadata synchronization between the cloud and edge.

By using KubeEdge, developers can customize and tailor the edge node runtime(Edge Agent, an edge node manager) to reduce the difficulty in using edge nodes.

Cost-effective● The combination of cloud and edge computing implements data filtering and

analysis on edge nodes, which greatly improves efficiency and reduces cloudcomputing costs.

● During cloud transmission, simple data processing is performed by edgenodes, so that the device response time is shortened, data traffic from devicesto the cloud is decreased, and bandwidth costs are reduced.



https://kubeedge.io/en/

4 IEF Instance EditionsIEF offers two instance editions for you to choose.

● Professional edition: The management plane cluster is shared by multipleusers. The professional service instance allows you to manage nodes, devices,containerized applications, and functions.

● Platinum edition: Users have their own management plane clusters. Platinumservice instances allow you to manage large-scale nodes and deliver higherperformance. In addition to the functions provided by the professional serviceinstance, functions such as batch job and application governance aresupported by platinum service instances.

Table 4-1 lists the differences between the two editions.

Table 4-1 Functions provided by the two editions

Function Professional Edition Platinum Edition

Node management √ √

Device management √ √

Function management √ √

Containerizedapplication management

√ √

Edge-cloud messagerouting

√ √

Multi-network access √ √

Monitoring and O&M √ √

Batch job management √

Multi-instance √

Exclusive clusters √

Application governance √

IEF Service OverviewIEF Service Overview 4 IEF Instance Editions


5 Basic ConceptsEdge Node

An edge computing device used to run edge applications, process data, andcollaborate with cloud applications securely and conveniently.

DeviceDevices can be as small as a sensor or controller or as large as a smart camera orcomputer numerical control (CNC) machine tool. They can be connected to IEFthrough edge nodes by using the MQTT, Modbus, or OPC UA protocol.

ApplicationA functional module that runs on edge nodes. Deploying the required applicationsbuilds your own edge computing capabilities.

FunctionFunctions are hosted in FunctionGraph. IEF can deliver these functions to edgenodes to quickly respond to events at the edge.

EndpointEndpoints are nodes that send or receive data. For example, if data is sent from adevice to a cloud service, the device is the source endpoint and the cloud service isthe destination endpoint.

RouteA route defines source and destination endpoints and resources. The systemforwards messages from the specified source endpoint resource to the specifieddestination endpoint resource based on the route.

ProductProduct is an abstract concept of devices. A product can connect to multipledevices. It is used by vendors to manage multiple devices in batches.

IEF Service OverviewIEF Service Overview 5 Basic Concepts


https://www.huaweicloud.com/intl/en-us/product/functiongraph.html

FirmwareFirmware is an installation package used by vendors to maintain and updatedevices. IEF allows vendors to allocate firmware to products and perform firmwareupgrade on devices managed by the products.

CertificateCertificates are categorized as node, application, and device certificates. The nodecertificate is used by edge nodes to access IEF. The application and devicecertificates are credentials for applications and devices to access MQTT Broker onedge nodes, respectively.

IEF Service OverviewIEF Service Overview 5 Basic Concepts


6 RequirementsAn edge node can be a physical machine or a virtual machine (VM). Edge nodesmust meet the specifications listed in Table 6-1. IEF allows you to register Atlas500 AI edge stations as edge nodes.

Table 6-1 Edge node requirements

Item Specifications

OS ● x86_64 architectureUbuntu 16.04 LTS (Xenial Xerus), Ubuntu 18.04 LTS(Bionic Beaver), CentOS 7.x and RHEL 7.x, Kylin 4.0.2,NewStart CGSL v5.5, and NeoKylin v7.0

● Armv7i (Arm32) architectureRaspbian GNU/Linux 9 (stretch)

● AArch64 (Arm64) architectureUbuntu 18.04.2 LTS (Bionic Beaver)

Memory ≥ 256 MB

CPU ≥ 1 vCPU

Hard disk ≥ 1 GB

GPU (optional) The GPU models on the same edge node must be thesame.NOTE

Currently, only NVIDIA GPUs, such as Tesla P4, P40, and T4, aresupported.If a device equipped with GPU hardware is registered as anedge node, you can choose not to enable its GPUs.

IEF Service OverviewIEF Service Overview 6 Requirements


Item Specifications

Docker (mandatorywhen containerizedapplications aredeployed)

The Docker version must be later than 17.06. Docker18.06.3 is recommended.(However, do not use Docker 18.09.0 as it has a seriousbug. For details, see https://github.com/docker/for-linux/issues/543. If this version has been installed,upgrade it at the earliest. This issue has been resolved inDocker 18.09.0.60 embedded in Atlas 500 AI edgestations.)For details about how to install Docker, see https://docs.docker.com/install/overview/. You can installopen-source Docker Engine - Community (Docker CE) orpaid Docker Engine - Enterprise (Docker EE). For moredetails about Docker EE, see the official Dockerdocumentation at https://docs.docker.com/ee/supported-platforms/.NOTICE

After Docker is installed, configure the Docker process to startupon host startup. This configuration prevents systemexceptions caused by the Docker startup failure after the hostis restarted.

Glibc The Glibc version must be later than 2.17.

Port Edge nodes need to use the following ports. Ensure thatthese ports function properly.● 8102: used for reporting edge node logs to AOM● 8149: used for reporting monitoring data of edge

nodes to AOM● 8065: used for reporting edge node alarms to AOM● 443: used by edge nodes to interwork with IEF● 8883: used by the built-in MQTT Broker● 1883: port used by the external MQTT Broker

IEF Service OverviewIEF Service Overview 6 Requirements


https://github.com/docker/for-linux/issues/543https://github.com/docker/for-linux/issues/543https://docs.docker.com/install/overview/https://docs.docker.com/install/overview/https://docs.docker.com/ee/supported-platforms/https://docs.docker.com/ee/supported-platforms/

7 Permissions ManagementIEF does not support fine-grained permission management using Identity andAccess Management (IAM). You are advised to log in to IEF using an account. Ifyou need to log in to IEF as an IAM user, assign permissions defined in the TenantAdministrator policy to the IAM user.

IEF Service OverviewIEF Service Overview 7 Permissions Management


8 QuotasIEF restricts the maximum amount of resources that a user can use. For detailsabout quotas, see Table 8-1 and Table 8-2.

Table 8-1 Resource quotas for the professional edition

Resource Object Default Quota

Node 10

Device 500

Device template 10

Containerizedapplication

500

Applicationtemplate

10

Applicationtemplate version

10

Tag A maximum of 20 tags for each resource

ConfigMap 50

Secret 50

Encryption data 50

Messageendpoint

20

Message route 100

Product 50

Node certificate 5000

IEF Service OverviewIEF Service Overview 8 Quotas


Table 8-2 Quotas for the platinum edition

Resource Object Default Quota

Service instance 5

Node 50, 200, or 1,000, which can be selected when you create aplatinum service instance

Device Number of nodes x 50

Device template Same as the number of nodes

Containerizedapplication

Number of nodes x 50

Applicationtemplate

Same as the number of nodes

Applicationtemplate version

10

Tag A maximum of 20 tags for each resource

ConfigMap 50

Secret 50

Encryption data 50

Messageendpoint

20

Message route 100

Product 50

Node certificate Number of nodes x 500

Node group 100

Node groupcertificate

Number of nodes x 50

Service 500

Gateway 500

Virtual service 500

Batch job 20

IEF Service OverviewIEF Service Overview 8 Quotas


Contents1 What Is Intelligent EdgeFabric?2 Functions3 Advantages4 IEF Instance Editions5 Basic Concepts6 Requirements7 Permissions Management8 Quotas

IEF Service Overview - HUAWEI CLOUD · 2020. 12. 14. · IEF Service Overview IEF Service Overview...

Documents

Transcript of IEF Service Overview - HUAWEI CLOUD · 2020. 12. 14. · IEF Service Overview IEF Service Overview...