Slides from webinar by Mirantis about how to build a basic edge cloud using surveillance cameras. Watch the webinar recording at: https://bit.ly/mirantis-edge-cloud
2. 2
Nick Chase
Head of Technical
Content
Featured Presenters
Lost his glasses over the weekend when one of his goats
head butted him in the face. The goat won.
Marc Meunier
Technical Strategic
Alliances Director
Loves the outdoors and woodworking… especially
outdoors.
3. 3
A Little Housekeeping
● Please submit questions in the
Questions panel.
● We’ll provide a link where you
can download the slides at the
end of the webinar.
4. 4
● What is edge and why should I care?
○ Demo of an actual edge app in action
● Edge challenges
○ Scaling
○ Security
○ Heterogeneous compute
● Sample use cases
● Q&A
Agenda
6. 6
Where are my apps?
West
HQ - Central
Control
East
FactoryStore
EMEA
Lower resiliency
Higher cost to move data
Higher latency
7. 7
High level architecture picture - end to end
West
HQ - Central
Control
East
Face
Identification
EMEA
Lower resiliency
Higher cost to move data
Higher latency
Face
Detection Security
Cameras
Log strangers and
send an alert
8. 8
App developer: Develops the apps, tests the apps
and pushes it to the repository
Operator: Deploys the app where it makes sense:
Cloud, Edge, IOT, or in between.
Why containers at the Edge?
9. 9
High level architecture picture - end to end
West
HQ - Central
Control
East
Face
Identification
EMEA
Lower resiliency
Higher cost to move data
Higher latency
Face
Detection Security
Camera
Log strangers and
send an alert
12. 12
Distributed Supply Chain supports Localized Edge Content
• Enable “follow the sun” development with
secure image promotion and image
caching
• Rapidly update software when new
patches need to be distributed globally
KEY BENEFITS
• Image mirroring: Push and pull images
from one registry to another based on
pre-defined policies
• Image caching: Extend the registry to a
local cache while maintaining secure
posture via encryption and access controls
FEATURE / CAPABILITY
13. Core Cloud / Datacenter
Application Registry
Push1
Edge Gateway
Registry
Mirror
Only approved apps are
mirrored
3
4
Employee
Stage and
Promote2
Typical application flow
Stage and
push
Update on demand
Secure Engine
End Devices
5
From SW source to End Device
Fog Site
ISVs
14. Core Cloud / Datacenter
Application Registry
Push1
Edge Gateway
Registry
Mirror
Only approved apps are
mirrored
3
4
Employee
Stage and
Promote2
Typical application flow
Stage and
push
Update on demand
Secure Engine
End Devices
5
From SW source to End Device
Fog Site
ISVs
15. Core Cloud / Datacenter
Docker Trusted
Registry
Sign,
Push
1
Edge Gateway
Registry
Mirror
Mirror Signed images to
the Edge
3
Encrypted
connections
4
• Extending the HW root of Trust to Runtime
Engine
• Leveraging HW keys to secure
communication
• Image integrity validation in Docker Engine
Employee
Scan, Sign, and
Promote2
Expanding Chain of Trust to edge Devices
Validate
Edge
Devices
Validate source of images
Secure Engine
Edge Devices
5
From SW source to End Device
Fog Site
ISVs
17. 17
Extending the HW root of trust
Edge
Node
Docker Engine daemon.json
Trust from
tboot
OS Kernel
Tboot
Bootloader
BIOS
Hardware with TPM
Trust from TXT
18. 18
Validating Signed Images in End Nodes
Edge
Node
Data
Center
Docker
Engine
Trust
from
Docker
Enterprise
Docker Engine daemon.json
Trust from
tboot
OS Kernel
Tboot
Bootloader
BIOS
Hardware with TPM
Trust from TXT
Trust from Docker Content Trust
19. 19
Security in a Heterogeneous World
PARSEC Platform Agnostic Security Layer
PARSEC
Client Library
PARSEC
Client Library
PARSEC
Client Library
24. 24
Case study: Customer environments managed by SI
Customer Site #1
Fog
Compute
Nodes
Registry
Mirror
Camera GPS Activator
Local
Actions
Local Compute
Data Locality
Real Time
Customer Site #2
Fog
Compute
Nodes
Local
Registry
Camera GPS Activator
Local
Actions
Control
Plane
Registry
CloudIntermittent
Connectivity
3G/4G
Node NodeNodeNode Node Node
Control
Plane
Control
Plane
Air Gapped
25. 25
Learn how Mirantis and Intel are
partnering to harden container
infrastructure and backend
connectivity.
Download from:
bit.ly/secure-docker-containers
White Paper
26. 26
Thank You
Q&A
We’d love to hear from you!
Nick Chase nchase@mirantis.com
Marc Meunier mmeunier@mirantis.com
Download the slides from bit.ly/mirantis-edge-demo
We’ll email you the slides & recording later this week.