Meeting Time and Conference information
Meeting Time: 3rd Monday of each month at 1pm EST as needed (if there are no agenda items, the meeting is cancelled)
EdgeX Working Group 2 is inviting you to a scheduled Zoom meeting.
Topic: EdgeX - Monthly Architects Meeting
Time: Nov 30 2020 10:00 AM Pacific Time (US and Canada)
Every month on the Third Mon, until Nov 18, 2024, 50 occurrence(s)
Please download and import the following iCalendar (.ics) files to your calendar system.
Join Zoom Meeting
Meeting ID: 353 955 907
One tap mobile
+16699006833,,353955907# US (San Jose)
+12532158782,,353955907# US (Tacoma)
Dial by your location
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 778 907 2071 Canada
+1 204 272 7920 Canada
+1 438 809 7799 Canada
+1 587 328 1099 Canada
+1 647 374 4685 Canada
+1 647 558 0588 Canada
855 703 8985 Canada Toll-free
Meeting ID: 353 955 907
Find your local number: https://zoom.us/u/ajhw77vTU
Architects Meeting - EdgeX Microservice Authentication.pptx.pdf (Bryon's presentation)
- Med - address how to provide services, UIs, startup scripts/services, etc. with a list of system services.
- SMA needs the list of services
- UI needs the list of services
- Secret bootstrapping needs to provide tokens to services
- What if Consul is not in use (or should we even allow this)?
- What if app or device services are added at runtime (post bootstrapping)?
- There are some chicken/egg scenarios; security may need the list in order to provide each service with the proper token before they come up and register with the registry service
- Med - per Core WG meeting of 4/22/21 - how much info should be put in errors and log messages.
- There is a concern about putting to much information in from those familiar with commercial products
- Temporary decision was to provide enough so that someone could debug the problem with the information provided and not to be concerned with exposing intellectual property since everything is open source.
- Med - Standardizing units of measure
- Per meeting of 3/15, Jim to research more like the ANSI X-12 standard and see what other IoT/edge projects are using.
- Med - Declarative Kong applicability
- Allowing us to drop Progress DB
- But can you configure groups/users ACL
- Only supports JWT users
- Med - what's the future state of system management service(s) look like
- How to deal with dynamically adding/removing services
- Does it reside in registry/configuration service
- How to handle security issues
- Low - Is the Wiki the best place to document project decisions (those outside of or smaller than ADRs). This was our initial take. Should we revisit?
- Low - Revisit combine core services at least at all executables in one image
- Release would be easier but image would be bigger with more complex compose files
- Per Core WG of 2/18/21 - is it at least worth exploring the combination of Core Metadata and Core Command since the two have to share so much data?
- Core command is just a proxy service today, but reasons for having a separate service include: additional security to protect actuation; issue multiple device commands with one request (make one request and fire it to all Modbus devices or all devices under the control of one service); provide the means to limit requests down to a device so as not to overwhelm it or wake it up). These needs could also be incorporated into a combined metadata service but there are advantages to separation of concerns.
- Low - Digital twin (and LWM2M) applicability - being worked via liaison with DTC
- Low - Time series database support and applicability
- Ian Johnson has an example of app service to InfuxDB export (snap in the store)
- Low - where should tool/script for creating new device and application services be placed?
- After the architect's meeting of Jan 26, 2021, it was decided that "templates" should be created in all SDKs to allow for the easy creation of new services (removing the old samples in the SDKs). The templates will be a means for users to copy and create a new service with some instruction on how to rename and replace TODOs with necessary code.
- After the templates are in place, there is a decision to be made about where automation can be placed to use the templates to create new services (versus a manual copy). In the CLI, in a new tool, in a set of simple scripts?
On Hold Topics or Pending Research
- High - V2 API - should we add security foundation added to that (per some of earlier V2 API designs via Dell and Bryon N)?
- Adding token to authenticate a micro service call (is this in scope for Ireland)
- May not be needed unless all services are distributed
- We need to explore alternatives to provide secure / locked out service to service communications
- ADR being created and to be reviewed in the Security WG.