Preparing for installation

This document provides a detailed breakdown of the BMC Helix Edge installation architecture, focusing on its layered structure and key components. The architecture is designed to facilitate edge computing deployments, effectively bridging the gap between Operational Technology (OT) networks and IT/datacenter environments. By examining the various layers and their functionalities, we can better understand how data is collected, processed, and managed from edge devices to the central management system.

The BMC Helix Edge system is designed for edge computing deployments, bridging the gap between Operational Technology (OT) networks and IT/Datacenter environments. It uses a layered architecture to collect, process, manage, and analyze data from edge devices.

image-2025-1-31_19-58-33.png

Layers and Components

OT Network

This is where the edge devices reside (sensors, machinery, etc.).

  • Edge Services: These services run directly on the edge devices or on dedicated edge gateways within the OT network. They handle:
    • Data Collection: Gathering data from the connected devices.
    • Rules, ML, Inferencing: Applying predefined rules and machine learning models for local data processing and decision-making.
    • Workflow: Orchestrating actions based on data analysis or predefined triggers.
  • Redis: In-memory data structure store used for fast data access and caching at the edge.
  • Data Flow: Edge services communicate bi-directionally with the "On-prem Core" via the message bus (MQTT).

On-prem Core

This layer acts as a bridge between the OT network and the cloud or datacenter.

  • Hedge Services: A set of containerized services, likely orchestrated by Kubernetes, that provide core functionalities:
    • Edge Management UI: A user interface for managing and monitoring edge devices and services.
    • Visualization: Tools for visualizing data collected from the edge.
    • External Integrations: Connectivity to other systems and services.
    • Workflows: More complex workflow management that may span across multiple edge devices or interact with cloud services.
  • Redis: Similar to the OT network, Redis is used here for fast data access and caching.
  • Helix SSO Sidecar Proxy: Handles authentication and authorization using BMC Helix Single Sign-On (RSSO).
  • X-launch, RSSO: Components related to launching applications and managing user sessions, integrated with RSSO.
  • Data Flow: Communicates with the OT network via the message bus. It also interacts with "Helix ADE on-prem" through a secure HTTPS connection, passing through the customer's IT/datacenter firewall.

Helix ADE on-prem (BMC Helix Operations Management on-prem)

This is the customer's data center's central management and analytics layer.

  • RSSO Server: Central authentication server for the entire BMC Helix platform.
  • Helix Operations Management: Provides monitoring, event management, and service management capabilities.
  • AI Foundation: Machine learning and AI services for advanced analytics and automation.
  • Helix Dashboard: Centralized dashboards for visualizing data and insights from across the entire system.
  • Open Distro for Elasticsearch, VICTORIA: Components for data storage, indexing, and searching, providing powerful analytics capabilities.
  • Helix Portal: A unified portal for accessing various BMC Helix services.
  • Data Flow: Receives data and events from the "On-prem Core" via a secure connection.

Key architectural features

  • Message Bus (MQTT): Facilitates real-time, lightweight communication between the OT network and the On-prem Core.
  • OT-IT Network Firewall: Separates the OT network from the IT network for security purposes.
  • Customer IT/Datacenter Firewall: Protects the customer's internal network from external threats.
  • Hedge Kubernetes: Likely the orchestration platform for the "Hedge Services" in the On-prem Core, providing scalability and resilience.
  • Helix SSO Sidecar Proxy: Enables secure authentication and authorization for the On-prem Core services.
  • HTTPS: Secure communication channel between the On-prem Core and Helix ADE on-prem.
  • Data ingestion, ML Training: These processes occur between the On-prem Core and Helix ADE on-prem, indicating that data is sent to the datacenter for further processing and model training.
  • True edge offering with Enterprise scale: The system can scale to handle large numbers of edge devices and complex deployments.
  • No duplication: Data and functionality are not unnecessarily duplicated across the layers.
  • Seamless integration: Components are designed to work together seamlessly.
  • Enterprise scale: The architecture is built to handle the demands of large enterprises.
  • BMC Helix Edge core on Kubernetes: This is part of the left-side node deployment for managing edge devices and their interactions.
  • Docker-Compose-based installation for nodes: A Docker-Compose-based installation simplifies the deployment process for individual devices for the nodes on the left side of the deployment diagram.

In essence, this architecture enables organizations to collect data from their OT environments, perform local processing at the edge, manage devices and services through an on-premises layer, and then leverage the full power of BMC Helix Operations Management in their data center for advanced analytics and centralized management.

Before you begin

The BMC Helix Edge core manages edge devices and their interactions. You must deploy the BMC Helix Edge core cluster. 

Before installing BMC Helix Edge on Kubernetes, you must complete the following tasks:

Task

Action

Reference 

1

Make sure you have access and permissions as Cluster Admin to run the installer and the user permissions on all servers where you install BMC Helix Edge.

Installation permissions

2

Make sure that all hardware and software components are present in BMC Helix's on-premises infrastructure.

3

Get the BMC Helix Edge files to complete the installation from the BMC Electronic Product Distribution (EPD) site. Upload and unzip the installation files to all servers where you install BMC Helix Edge.

4

Setting up the install config parameters.  

5

Update the BMC DTR registry 

When preparing for deployment, you must install all necessary tools on the server from where you run the deployment. By following these installation guidelines, you ensure that the required tools are available in standard system paths, avoiding potential issues during deployment.

Task 1: To install Ansible

  1. Install Ansible on the machine from where you plan to run the deployment commands.
  2. Install Ansible in a system-wide location, such as /usr/local/bin/ansible.
  3. Follow the official Ansible installation instructions for your environment.
    For more information about the Ansible, installation, see Installing Ansibleimage-2024-2-23_15-9-7.png.

Task 2: To install Helm

  1. Install Helm on the same machine where Ansible is installed.
  2. Install Helm in a directory included in the path name, such as /usr/local/bin/.
  3. Refer to the Helm installation guide for platform-specific instructions.
    For more information about the Helm installation, see Installing Helmimage-2024-2-23_15-9-7.png.

Task 3: To install kubectl

  1. Install Kubectl on the machine from where you run commands against the Kubernetes cluster.
  2. Install kubectl in a system-wide location, such as, /usr/local/bin/kubectl.
  3. Follow the official Kubernetes documentation for installing kubectl.
    For more information about the kubectl installation, see Install kubectlimage-2024-2-23_15-9-7.png.

Task 4: To install the envsubst utility

  1. Make sure that the envsubst utility is available on the machine.
    This utility is included in the gettext package.
  2. On a UNIX-based system, install gettext, which includes envsubst.
    For example, on macOS, by using Homebrew: brew install gettext

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*