Deploying the BMC Helix Edge on node

Deploying BMC Helix Edge on a node ensures your IoT ecosystem operates efficiently at the network's edge.

  1. Install an SSL certificate in the node
  2. Configure Docker-bridge
  3. Configure the Docker log settings
  4. Update the host file
  5. Update the .env file
  6. Retrieve secret file
  7. Deploy services

Related topics

Recommended-skillset-and-training-for-deployment

Installation-process-overview

Before you begin

Task 1: Install an SSL certificate in the node for ml-edge-agent

Installing an SSL certificate in node for ml-edge-agent ensures secure communication between these services and external clients. You must install SSL certificates during the initial deployment of ml-edge-agent to establish secure communication channels from the outset.

Use the following steps to install the SSL certificate in node for ml-edge-agent:

  1. Make sure that the SSL certificate is available in the crt format. For example: <cert-name>.crt
  2. Copy the SSL certificate <cert-name>.crt file to <install directory>/hedge-certs.

Task 2: Configure Docker-Bridge

You must configure Docker-Bridge for virtual machines. If your VM loses network connectivity while starting the EdgeX stack with docker-compose up due to a Docker-Bridge network issue, use the following steps to resolve it:

  1. Uninstall Docker entirely from the host.

    Important

    Before proceeding with the uninstallation process, it's crucial to consider any other containers that might be running on your system. Uninstalling the container in question could potentially affect the functionality of those other containers, leading to unintended consequences or disruptions in services.

  2. Re-install Docker on the virtual computer.

  3. Start or restart the Docker service or the daemon by using one of the following commands:

    sudo systemctl start docker
    sudo service docker start

  4. To verify the docker0 bridge IP has changed to 10.104.0.1 from the default 172.17.0.1, enter the following command:

    ifconfig

    If the docker0 bridge IP does not change, restart the Docker services by using one of the following commands:

    sudo service docker stop
    sudo systemctl stop docker 

Task 3: Configure Docker log settings

  1. Stop the Docker service.

  2. To limit the log file size, add a log-driver and log-opts to the /etc/docker/daemon.json file as shown in the example:

    {
        "log-driver": "json-file",
       "log-opts": {"max-size": "30m", "max-file": "3"}
    }
  3. Start the Docker service.

Task 4: Update the/etc/hosts file

  1. Remove or comment on all entries for 127.0.0.1 and 127.0.1.1.
    For example: ##127.0.0.1 localhost

  2. Update the /etc/hosts file with the names of all the service names with local IP in /etc/hosts.

    127.0.0.1 hedge-secret-bootstrapper edgex-security-bootstrapper hedge-init edgex-security-secretstore-setup
    edgex-core-common-config-bootstrapper edgex-core-consul edgex-vault edgex-redis edgex-support-notifications
    edgex-core-metadata hedge-admin hedge-device-extensions meta-sync hedge-event-publisher hedge-remediate
    nats-proxy edgex-mqtt-broker edgex-security-proxy-setup edgex-nats-server auth-proxy edgex-nginx hedge-elasticsearch
    hedge-victoria-metrics hedge-db hedge-user-app-mgmt hedge-ml-management export-biz-data hedge-export
    hedge-event hedge-ui-server hedge-grafana hedge-init hedge-node-red edgex-kuiper edgex-core-command data-enrichment
    metadata-notifier hedge-ml-edge-agent hedge-ml-broker hedge-ml-anomaly-inferencing device-virtual
    device-rest device-doms device-obd-go hedge-fleet-db

Task 5: Update the .env file

  1. Navigate to hedge-deployment/docker/.env with your configuration details and update the following parameters in the .env file:

     Parameter

    Description                     

    Example Value              

    CURRENT_HEDGE_NODE_SERVER_NAME 

    The name of the server or computer for the node.

    clm-aus-w4gmrd              
    CURRENT_HEDGE_NODE_SERVER_IP   

    The IP address of the node's server or computer.

    172.20.176.117              
    REMOTE_HEDGE_CORE_SERVER_NAME  

    The name of the remote server where the core component is deployed.

    <namespace-name>              

    REMOTE_HEDGE_CORE_DOMAIN_NAME  

    The domain name is associated with the remote core server.

    .bmc.com                    

    REMOTE_HEDGE_CORE_SERVER_IP    

    The IP address of the remote core server.                                     

    172.20.171.50              
    CURRENT_HEDGE_NODE_SERVER_DOMAIN_NAME

    The domain name is associated with the node server.              

    .bmc.com                    

    RSSO_TOKEN

    BMC Helix Single Sign-On Token for BMC Helix Platform Common Services Tenant


    RSSO_REFRESH_TOKEN

    BMC Helix Single Sign-On refresh Token for BMC Helix Platform Common Services Tenant


    After deploying the BMC Helix Edge core, the system displays the following values with the parameters required during the BMC Helix Edge node deployment.

    REMOTE_HEDGE_CORE_SERVER_NAME                       
    REMOTE_HEDGE_CORE_DOMAIN_NAME                       
    REMOTE_HEDGE_CORE_SERVER_IP

    If you did not note the values, use the following command in the BMC Helix Edge core installer host to retrieve the details.

    ./deploy.sh <namespace> -node
  2. Verify that all pods within the "<namespace>" namespace have stabilized before continuing.

    1. Set up the BMC Helix Edge node environment variables:

      REMOTE_HEDGE_CORE_SERVER_NAME=<namespace>
      REMOTE_HEDGE_CORE_DOMAIN_NAME=.<domain-name>
      REMOTE_HEDGE_CORE_SERVER_IP=<CORE-IP>

    2. Download and copy the following files to the /tmp/ directory of your HEDGE NODE(s) before initiating the HEDGE NODE setup process:

      /tmp/.mqttencpwd
      /tmp/.cnslenctok
      /tmp/nats.crt.pem
      /tmp/nats.key.pem
      Important

      Before starting the installation of BMC Helix Edge on node:

      • Authenticate: Use docker login with your appropriate user token to authenticate to the container registry.
      • Copy Files: Transfer the following files from the /tmp/ directory of BMC Helix Edge-Core to the /tmp/ directory of BMC Helix Edge node:
        • .mqttencpwd
        • .cnslenctok
        • nats.crt.pem
        • nats.key.pem

Task 6: Retrieve secret files for the edge node setup

Use the following steps, on the same machine where you downloaded and installed the Hedge core.

  1. Navigate to the /tmp directory.
  2. From the /tmp directory, copy the secret files to the directory on your edge node.
    The specific copy instructions vary depending on your environment.

  3. (Optional) If the secret files are missing from the /tmp directory, regenerate secret files by using the following command on your edge Kubernetes deployment:

    Bash
    ./deploy.sh -node

    This command fetches the most recent secret files, restores them to the /tmp directory on the core server, and prints instructions on setting up a node for the core. 

  4. After running the ./deploy.sh -node command, copy the newly generated secret files from the /tmp directory on the core server to the designated directory on the edge node.

    Note

    The specific directory for placing the secret files on the edge node might differ depending on the deployment configuration.

Task 7: Deploy services

  1. Navigate to <install-location>/hedge-node/.env with your configuration details and update the parameters in the .env  file.

  2. Run the following commands:

    make run

    The system deploys the node services.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*