Intel® Smart Edge Open Developer Experience Kit

เวอร์ชัน: 2.0.0   เผยแพร่: 10/06/2021  

อัปเดตล่าสุด: 03/22/2022

Overview

Intel® Smart Edge Open Developer Experience Kit provides customized infrastructure deployments for common network and on-premises edge use cases. Combining Intel cloud-native technologies, wireless networking, and high-performance compute, experience kits let you deliver AI, video, and other services optimized for performance at the edge.

The Intel® Smart Edge Open Developer Experience Kit lets you easily install and instantiate an Intel® Smart Edge Open edge cluster.

The Intel® Smart Edge Open Developer Experience Kit installs the Smart Edge Cluster on a single node. The kit solution is built on top of Kubernetes*, which is a production-grade container orchestration environment. A typical Smart Edge Open Developer Experience Kit -based deployment consists of a Kubernetes Control Plane and an Edge Node. 

Once the cluster is installed, you will be able to run edge applications, including reference implementations built on Intel® Smart Edge Open, and become familiar with operating a stand-alone edge node.

The security features like Intel® Security Libraries for Data Center (Intel® SecL - DC) and Intel® Software Guard Extensions (Intel® SGX) are enabled by default. You can disable them before deployment. 

Select Configure & Download to download the Intel® Smart Edge Open Developer Experience Kit. 

Configure & Download

 


Time to Complete

Programming
Language

 

Available Software  

15 - 20 minutes

Python*
C++
JavaScript*
HTML

Intel® Smart Edge Open Developer Experience Kit

 

System Requirements 

 

You will need two machines if you choose ESP-based deployment: a provisioning system where you will build a bootable image of the experience kit, and a target system where you will install the experience kit to create an edge cluster.

If you choose to enable security features in your installation, you will also need an Amazon* Web Services (AWS) EC2 t2.medium instance or a local standalone VM instance to host the controller node.

 

Provisioning System

This is required only for ESP-based deployment.

  • At least 4 GB RAM.
  • At least 20 GB hard drive.
  • USB flash drive.
  • Operating system: Ubuntu* 20.04.2 LTS Server.
  • Git.
  • Docker and Docker Compose.
    NOTE: You must install Docker from the Docker repository. Installation by Docker package is not supported.
  • Python 3.6 or later, with the PyYAML module installed.
  • An Internet connection.

NOTE: You must add the user account on the provisioning system to /etc/sudoers.

Smart Edge Cluster Node

  • A server with two sockets, each populated with a 3rd Generation Intel® Xeon® Scalable Processor.
  • At least 64 GB RAM.
  • Hard drives: Two SATA SSDs, one for booting and one for data caching.
  • Network adapters: Two NICs, one connected to each socket.
    NOTE: This configuration was validated using two Intel® Ethernet Controller E810-C for SFP (rev 02) NICs.
  • Operating system: Ubuntu* 20.04 LTS.
    NOTE: The provisioning process will install Ubuntu 20.04 LTS on the target machine. Any existing operating system will be overwritten.
  • Connection to the provisioning system.


View the full specs of the validated system

NOTE: The Intel® Smart Edge Open Developer Experience Kit does not support provisioning with Secure Boot enabled, however, Secure Boot can be enabled on the reference platform while provisioning. Refer to the provisioning guide.

 

AWS EC2 Instance or standalone VM Requirements for security cluster

Installations that enable either platform attestation using Intel® SecL - DC or application security using Intel® SGX will require the following:

  • An AWS EC2 t2.medium instance with the following system requirements:
    • Two vCPUs.
    • 16 GB RAM.
    • 100 GB disk space.
    • Ubuntu 20.04 LTS.
  • A Linux system from which deployment of the controller node is initiated.

 

 

How It Works

The Intel® Smart Edge Open Developer Experience Kit uses Edge Software Provisioner, which automates the process of provisioning bare-metal or virtual machines with an operating system and software stack. Intel® Smart Edge Open provides a fork of the Ubuntu OS ESP Profile tailored for its specific needs.

The Intel® Smart Edge Open Developer Experience Kit is designed to support a variety of edge computing use cases. Below is the architecture of an edge node instantiated with platform attestation and application security features enabled:

The kit consists of two clusters.

  • Cluster in the cloud or standalone VM, that hosts Intel® SecL - DC and Intel® SGX control plane services. These control plane services enable platform attestation and secure enclave for Edge applications and services.
  • Cluster at the edge (typically on-premises) that hosts edge services and applications.

Deployment Architecture

Figure 1. Deployment Architecture

 

Let us now look at the component stack of Intel® Smart Edge Open Developer Experience Kit edge and cloud cluster. 

Components of the Intel® Smart Edge Open Developer Experience Kit 

Figure 2. Components of the Intel® Smart Edge Open Developer Experience Kit 

 

The integrated security features require that remote attestation services are deployed on an Amazon Web Services (AWS) EC2 instance or standalone VM. 

Verification Node

Figure 3. Verification Node Components

 

Building Blocks

Building blocks provide specific functionality in the platform you'll deploy. Each experience kit installs a set of building blocks as part of deployment. You can use additional building blocks to customize your platform, or develop your own custom solution by combining building blocks.

The Intel® Smart Edge Open Developer Experience Kit includes the following building blocks. For more information on a component, see that component’s documentation.

Edge Node Components

Building Block Functionality
Calico CNI Default Container Network Interface (CNI)
SR-IOV Network Operator Additional container network interface
Multus CNI Support for multiple network interfaces
Harbor Cloud native registry service that stores and distributes container images 
Telemetry Remote collection of device data for real-time monitoring
Node Feature Discovery (NFD) Detects and advertises the hardware features available in each node of a Kubernetes* cluster
Topology Manager Coordinates the resources allocated to a workload
CPU Manager Dedicated CPU core for workload
cert-manager Adds certificates and certificate issuers as resource types in the cluster, and simplifies the process of obtaining, renewing and using those certificates
Intel® SecL-DC Components to provide platform attestation on the edge node
Intel® SGX Provides application security

 

Intel® SecL-DC Controller Node Components

Building Block Functionality
Calico CNI Default Container Network Interface (CNI)
Topology Manager Coordinates the resources allocated to a workload
Node Feature Discovery (NFD) Detects and advertises the hardware features available in each node of a Kubernetes* cluster
CPU Manager Dedicated CPU core for workload
cert-manager Adds certificates and certificate issuers as resource types in the cluster, and simplifies the process of obtaining, renewing and using those certificates
Intel® SecL-DC Components to provide platform attestation on the edge node
Intel® SGX Provides application security

 

For information on the versions installed, see the Intel® Smart Edge Open Developer Experience Kit release notes.

 

Get Started

 

Prerequisite

Make sure that System Requirements for ESP Server are met before continuing further. 

Download and Install Intel® Smart Edge Open Developer Experience Kit

Select Configure & Download to download Intel® Smart Edge Open Developer Experience Kit and then follow the steps below to install it. 

  1. Copy the downloaded zip package to the ESP Server.
  2. Extract the downloaded .zip package with the command:
    unzip Smart_Edge_Open_Developer_Experience_Kits.zip 
    NOTE:  If the unzip command cannot be found, install it using sudo apt-get install unzip
  3. Go to the Smart_Edge_Open_Developer_Experience_Kits directory: 
    cd Smart_Edge_Open_Developer_Experience_Kits
  4. Change permission of the executable edgesoftware file: 
    chmod 755 edgesoftware
  5. Run the command below to install the kit:
    ./edgesoftware install
  6. During the installation, you will be prompted for the Product Key. The Product Key is contained in the email you received from Intel confirming your download. 
     Screenshot of product key

    Figure 2. Product Key


     
  7. When the installation is complete, you see the message Installation of package complete and the installation status for each module.
     Screenshot of install success

    Figure 3. Installation Complete



    NOTE:  The Intel® Smart Edge Open Developer Experience Kit repo will be downloaded to the ~/dek folder. 
     Screenshot of repository folder

    Figure 4. Repository Folder



    NOTE:  Installation logs are available at the following path: /var/log/esb-cli/Smart_Edge_Open_Developer_Experience_Kits_2.0.0/Smart_Edge_Open_Developer_Experience_Kits/install.log   

 

Create AWS t2.medium Instance and Deploy Developer Experience Kit Cloud Cluster

 
If you choose to enable security features in your installation, follow the Intel® Smart Edge Open Developer Experience Kit procedure to Create AWS t2.medium instance.

Then for cloning Developer Experience Kit repository, follow steps mentioned in Clone the Developer Experience Kit Repository and Set up the Intel® SecL - DC Controller Node and Intel® SGX Provisioning Certificate Caching Service (PCCS) procedures in the Intel® Smart Edge Open Developer Experience Kit guide.


Create Standalone VM for Developer Experience Kit Cloud Cluster

Follow the steps below to create Standalone VM instance. 

  1. Make sure to have Ubuntu 20.04 installed on the VM with the Hardware specified in the standalone VM Requirements section.
  2. Confirm the steps below are followed: 
    • Proxy Settings: If you are behind a proxy network, ensure that proxy addresses are configured in the system.
      export http_proxy=<proxy-address>:<proxy-port>
      export https_proxy=<proxy-address>:<proxy-port>
    • Date and Time: Make sure that the date and time are in sync with the current local time.  
    • Verify that the ssh public key is installed on the system.
    • Verify that a non-root user "smartedge-open" has been created with password as "smartedge-open". 
  3. On the VM, for cloning Developer Experience Kit repository, follow steps mentioned in Clone the Developer Experience Kit Repository.
  4. Change directory to ~/dek directory and edit the inventory.yml file, 10-default.yml and all.yml files as mentioned in Set up the Intel® SecL - DC Controller Node and Intel® SGX Provisioning Certificate Caching Service (PCCS) procedure.  
    • Update inventory/default/group_vars/all/10-default.yml file for
         - all_proxy: socks5://<socks5:proxy-address>:<port> All proxy needs to use socks5 proxy to connect.
         - pccs_api_key: Have to subscribe to Intel® PCS service by following steps How to subscribe to Intel PCS Service mentioned at Intel® SGX Software Services page.
         - pccs_user_password: and pccs_admin_password: fields to be set for some password should contain at least 12 characters. 
       
    • Update deployments/verification_controller/all.yml file for 
         - isecl_ta_san_list: possible host names for TA. 
           For example "10.190.*.*"
  5. Execute the deploy.sh script to install all required packages.

 

Steps to install on Developer Experience Kit Edge Cluster (Target System)

Intel® Smart Edge Open Developer Experience Kit Installation procedure steps vary based on options selected.

  • Edge Cluster with disabled security features.
  • Edge Cluster with security features enabled.

 

Edge Cluster with disabled security features

  1. Disable unused security features in config file as described at Generate the Configuration File.
  2. Follow the Create the Installation Image procedure provided. 

 
Edge Cluster with security features enabled

 

  1. BIOS version on target system must be 1.3.8 or higher.
  2. Enable security support in the BIOS by following steps mentioned at Enable security suport in the BIOS.
  3. If you want to deploy with ESP system support, follow the Create the Installation Image procedure provided. 
  4. If you want to deploy Intel® Smart Edge Open Developer Experience Kit manually on target system without ESP system support, you must clone dek repository on the target setup by following steps mentioned in above Clone the Developer Experience Kit Repository.
  5. Change directory to ~/dek directory and edit the inventory.yml file, 10-default.yml and network_setting.conf.j2 files.
    • Update inventory.yml for ansible_host and ansible_user.
    • Update 10-default.yml for the following:
      • proxy_env:
        http_proxy: <proxy-address>:<proxy-port>
        https_proxy: <proxy-address>:<proxy-port>
        ftp_proxy: <proxy-address>:<proxy-port>
        no_proxy: <add Provision machine IP>
        all_proxy: socks5://<proxy-address>:<proxy-port>
      • sgx_pccs_ip: PCCS server IP address (Attestation DEK cloud cluster/ VM IP)
      • pccs_user_token: the exact password provided in attestation DEK cloud cluster/ VM for pccs_user_password: and pccs_admin_password:
      • isecl_cms_tls_hash: add the hash generated by running the below command on attestation DEK cloud cluster / VM.
        kubectl exec -n isecl --stdin "$(kubectl get pod -n isecl -l app=cms -o jsonpath="{.items[0].metadata.name}")" -- cms tlscertsha384
      • isecl_control_plane_ip: <Attestation DEK cloud cluster / VM IP>
    • Update network_setting.conf.j2 file from  /roles/infrastructure/provision_sgx_enabled_platform/templates/network_setting.conf.j2 for proxy_type  = direct
  6. Execute the deploy.sh script to install all required packages.

 

Uninstall the Package

To remove the Intel® Smart Edge Open Developer Experience Kit, run the command:

./edgesoftware uninstall -a

 

You will see output similar to: 

Screenshot of uninstall complete

Figure 5. Uninstall Complete

 

Summary and Next Steps

In this guide, you installed the Intel® Smart Edge Open Developer Experience Kit. 

 

Troubleshooting

Operating System (OS) Mismatch 

Use only supported OS and version as mentioned in target system requirements. Otherwise, the error not supported is displayed.

Invalid ESH Product Key

If you provide an invalid key during installation, an error is returned and the installation will exit.  

You must use the token that was provided when downloading the package. 

Screenshot of invalid product key

Figure 6. Invalid Product Key

 

Changing BIOS settings

The Intel® SGX settings modification in BIOS doesn't work from iDRAC/BMC. You must do this step from the BIOS console if you experience this issue.
If you set multiple different parameters, then you must reboot for each step.

Intel® SGX Enable Issues

In some servers, Intel® SGX may not enable even after following BIOS settings as in Enable security suport in the BIOS.
You must reboot the setup after each setting done in BIOS.

  • TPM Advanced Settings -> Memory Encryption -> Disabled (reboot)
  • TPM Advanced Settings -> Memory Encryption -> Single Key (reboot)
  • TPM Advanced Settings -> SGX & SGX factory reset -> On (reboot)
  • TPM Advanced Settings -> PMMR -> 64GB (reboot)

SR-IOV Enabling

If SR-IOV is enabled in the config file, you must enable SRIOV in BIOS globally and on each NIC interface. 

Support Forum

If you're unable to resolve your issues, contact the Support Forum

To attach the installation logs with your issue, execute the command below to consolidate a list of the log files in tar.gz compressed format, e.g., seo_dek.tar.gz.  

tar -czvf seo_dek.tar.gz /var/log/esb-cli/Smart_Edge_Open_Developer_Experience_Kits_1.0.0/ Smart_Edge_Open_Developer_Experience_Kits/ 

 

 

ข้อมูลผลิตภัณฑ์และประสิทธิภาพ

1

ประสิทธิภาพจะแตกต่างกันไปตามการใช้งาน การกำหนดค่า และปัจจัยอื่นๆ เรียนรู้เพิ่มเติมที่ www.Intel.com/PerformanceIndex