Direct vs. Restricted Access
Resource Management and Workflow
EdgeXR presently supports OpenStack Tenant Deployment as the Virtual Machine Orchestration layer.
With the OpenStack model, the EdgeXR Platform is a tenant on an existing OpenStack environment within the operator’s infrastructure. As the operator, you register your cloudlet by providing EdgeXR with a pool of compute resources and access to the OpenStack API endpoint by specifying a few required parameters, such as dynamic IP addresses, cloudlet names, location of cloudlets, certs, and more, using the Edge-Cloud Console. EdgeXR relies on this information to remotely access the cloudlets to determine resource requirements as well as dynamically track usage. Once EdgeXR completes its remote probe of the operator’s infrastructure, a record of inventory is maintained within a cloudlet registry.
Direct vs. Restricted Access
Note: While VSphere is available as a Platform Type, only Direct access is currently supported, but is considered an alpha feature at this point; Restricted access for VSphere is under development and currently not supported. If you wish to schedule a demo for VSphere, contact EdgeXR.
EdgeXR relies on the ability to access the operator’s infrastructure (API endpoint) to set up the cloudlets via the Controller to perform various operational tasks. Providing EdgeXR Direct access makes it seamless for MobiledgeXAdmin to access the operator’s API endpoint through a public network, and to perform those tasks. However, we understand that different operators often use varying security methods, so providing EdgeXR with Direct access to the API endpoint over the public network may not always be feasible. To overcome this challenge, EdgeXR provides operators with a means to restrict access from the public network to their infrastructure by specifying the Restricted access type through the Edge-Cloud Console. Using the Restricted access type will allow EdgeXR to create a cloudlet object to then create cloudlets.
If Restricted access type is used, operators are required to take additional steps to ensure their infrastructure is set up so that access to the API endpoint is available and information can be exchanged. Operators will need to create their cloudlets by following a few steps provided directly within a cloudlet Manifest file to bring up the cloudlet. For steps on how to set up Restricted access, refer to the steps as described in To create and deploy cloudlets using Restricted access.
OpenRC and CACert Data for OpenStack Cloud Management
For OpenStack, simple client environment scripts such as OpenRCs are supported and represented as a key=value pair. These scripts are available to help increase the efficiency of client operations. Additionally, CACert Data is supported, which is a collection of the trusted certificate authority (CA) used to encrypt and secure data transmission over the internet and authenticate and authorize users connecting to sites. EdgeXR stores these OpenRC and CACert Data in a separate secure storage environment.
Often times, EdgeXR will add the OpenRC details on behalf of the operator. In this case, the OpenRC Data field may be left blank and EdgeXR will provide operators the Physical Name of the cloudlet to be provided in the Physical Name field. However, if there is a need to upload a new OpenRC file or the CACert Data file was not uploaded, the operator must upload the files manually and provide a Physical Name.