Introduction
In recent years, edge computing has gained significant traction as organizations strive to bring data processing closer to the source of data generation. This shift is driven by the need for low latency, reduced bandwidth usage, enhanced security, and increased reliability. Kubernetes, the de facto standard for container orchestration, extends its capabilities to the edge with KubeEdge. This tutorial delves into the intricacies of using Kubernetes with KubeEdge for edge computing, tailored for an audience familiar with Kubernetes basics but looking to deepen their understanding and application in edge scenarios.
Understanding KubeEdge
KubeEdge is an open-source project that extends Kubernetes capabilities to the edge computing environment. It facilitates the orchestration of applications and services across cloud and edge environments, allowing edge devices to operate independently and providing a seamless experience from cloud to edge.
Key components of KubeEdge include:
- Cloud Core: The cloud-side component of KubeEdge that interacts with the Kubernetes API server and manages edge nodes.
- Edge Core: The edge-side component that runs on edge nodes, managing communication between the cloud and edge, and ensuring the edge node operates autonomously when disconnected from the cloud.
Prerequisites
Before diving into KubeEdge, ensure you have the following:
- A working Kubernetes cluster (version 1.15 or later).
- Basic understanding of Kubernetes concepts such as pods, deployments, and services.
- Familiarity with Linux commands and system administration.
Setting Up KubeEdge
Step 1: Setting Up the Kubernetes Cluster
Start by setting up a Kubernetes cluster, which will serve as the central control plane for your KubeEdge deployment. You can use managed Kubernetes services like Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), or set up a cluster using tools like kubeadm.
# Update the package index and install packages needed for installation
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common
# Download the Google Cloud public signing key
curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
# Add the Kubernetes apt repository
sudo add-apt-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
# Install kubelet, kubeadm, and kubectl
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
# Initialize the Kubernetes cluster
sudo kubeadm init
# Set up the local kubeconfig
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/configCode language: Bash (bash)Install a pod network add-on (for example, Flannel):
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymlCode language: Bash (bash)Step 2: Installing KubeEdge
Cloud Core Setup
- Download KubeEdge:
wget https://github.com/kubeedge/kubeedge/releases/download/v1.7.1/kubeedge-v1.7.1-linux-amd64.tar.gz
tar -xvf kubeedge-v1.7.1-linux-amd64.tar.gzCode language: Bash (bash)- Install Cloud Core:
sudo cp kubeedge/cloud/edgecontroller /usr/local/bin/
sudo cp kubeedge/cloud/admission /usr/local/bin/Code language: Bash (bash)- Configure Cloud Core:
Create the configuration file for the edgecontroller.
cat <<EOF | sudo tee /etc/kubeedge/config/cloudcore.yaml
kind: CloudCore
apiVersion: cloudcore.config.kubeedge.io/v1alpha1
metadata:
name: cloudcore
controller:
kube:
master: http://127.0.0.1:8080
namespace: default
modules:
cloudHub:
enable: true
address: 0.0.0.0
port: 10000
quicPort: 10001
httpsPort: 10002
nodeLimit: 10
tlsCAFile: /etc/kubeedge/ca/rootCA.crt
tlsCertFile: /etc/kubeedge/certs/edge.crt
tlsPrivateKeyFile: /etc/kubeedge/certs/edge.key
edgeController:
kube:
master: http://127.0.0.1:8080
namespace: default
EOFCode language: YAML (yaml)- Start Cloud Core:
sudo cloudcore --config /etc/kubeedge/config/cloudcore.yamlCode language: Bash (bash)Edge Core Setup
- Install Edge Core:
sudo cp kubeedge/edge/edgecore /usr/local/bin/Code language: Bash (bash)- Configure Edge Core:
Create the configuration file for the edgecore.
cat <<EOF | sudo tee /etc/kubeedge/config/edgecore.yaml
kind: EdgeCore
apiVersion: edgecore.config.kubeedge.io/v1alpha1
modules:
edgeHub:
enable: true
websocket:
url: wss://<cloudcore-ip>:10000/e632aba927ea4ac2b575ec1603d56f10/<edge-node-id>
certfile: /etc/kubeedge/certs/edge.crt
keyfile: /etc/kubeedge/certs/edge.key
quic:
url: 127.0.0.1:10001
certfile: /etc/kubeedge/certs/edge.crt
keyfile: /etc/kubeedge/certs/edge.key
controller:
protocol: websocket
edgeMesh:
enable: true
EOFCode language: YAML (yaml)- Start Edge Core:
sudo edgecore --config /etc/kubeedge/config/edgecore.yamlCode language: Bash (bash)Step 3: Registering Edge Nodes
To connect an edge node to the cloud, you need to create a token and use it to join the edge node.
- Create Token:
kubectl create token edge-node-tokenCode language: Bash (bash)- Join Edge Node: On the edge node, use the token to join:
sudo keadm join --cloudcore-ipport=<cloudcore-ip>:10000 --token=<generated-token>Code language: Bash (bash)Deploying Applications to Edge Nodes
Deploying a Simple Application
- Create a Deployment:
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
EOFCode language: YAML (yaml)- Schedule Pod to Edge Node:
To ensure the pod is scheduled on the edge node, use nodeSelector or affinity rules:
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
nodeSelector:
kubeedge.io/edge-node: <edge-node-id>
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
EOFCode language: YAML (yaml)Monitoring and Logging
Monitoring and logging are crucial for managing and troubleshooting applications running on edge nodes. KubeEdge supports integration with Prometheus and Fluentd for monitoring and logging.
- Install Prometheus:
kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/master/bundle.yamlCode language: Bash (bash)- Install Fluentd:
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
name: fluentd-config
namespace: kube-system
data:
fluent.conf: |
<source>
@type forward
port 24224
bind 0.0.0.0
</source>
<match **>
@type stdout
</match>
EOF
kubectl apply -f https://raw.githubusercontent.com/fluent/fluentd-kubernetes-daemonset/master/fluentd-daemonset-elasticsearch-rbac.yamlCode language: YAML (yaml)Advanced Features and Best Practices
Device Management
KubeEdge provides a robust device management framework that supports various protocols such as MQTT and OPC-UA. This allows you to manage and control edge devices efficiently.
- Define a Device Model:
apiVersion: devices.kubeedge.io/v1alpha1
kind: DeviceModel
metadata:
name: temperature-sensor-model
spec:
properties:
- name: temperature
description: "Temperature of the device"
type:
int:
accessMode: ReadOnly
defaultValue: 0
maximum: 100
minimum: -
100Code language: YAML (yaml)- Create a Device Instance:
apiVersion: devices.kubeedge.io/v1alpha1
kind: Device
metadata:
name: temperature-sensor
spec:
deviceModelRef:
name: temperature-sensor-model
nodeSelector:
node: edge-node
protocol:
protocolType: mqtt
protocolConfig:
topic: /sensor/temperatureCode language: YAML (yaml)Security Considerations
- TLS Communication:
Ensure secure communication between cloud and edge by configuring TLS.
edgeHub:
enable: true
websocket:
url: wss://<cloudcore-ip>:10000/e632aba927ea4ac2b575ec1603d56f10/<edge-node-id>
certfile: /etc/kubeedge/certs/edge.crt
keyfile: /etc/kubeedge/certs/edge.keyCode language: YAML (yaml)- RBAC Policies:
Implement Role-Based Access Control (RBAC) to restrict access to resources.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: default
name: edge-node-role
rules:
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: edge-node-rolebinding
namespace: default
subjects:
- kind: User
name: edge-user
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: edge-node-role
apiGroup: rbac.authorization.k8s.ioCode language: YAML (yaml)Edge Autonomy
One of the key benefits of KubeEdge is its ability to ensure edge autonomy. This means that edge nodes can continue to operate and manage workloads even when disconnected from the cloud.
- Local Persistence:
Use local storage to ensure data persistence on edge nodes.
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
storageClassName: local-storage
local:
path: /mnt/disks/ssd1
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- edge-nodeCode language: YAML (yaml)- Edge Application Health Checks:
Implement health checks to ensure applications are running as expected.
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
periodSeconds: 10Code language: YAML (yaml)Conclusion
KubeEdge empowers organizations to leverage the full potential of edge computing by extending Kubernetes capabilities to edge environments. By following this tutorial, you should now have a solid understanding of how to set up and use KubeEdge for deploying and managing applications at the edge. The flexibility, autonomy, and robust device management offered by KubeEdge make it an ideal solution for edge computing scenarios.