...
Topic: EdgeX - Monthly Architects Meeting
Time: Oct 19, Nov 30 2020 10:00 AM Pacific Time (US and Canada)
Every month on the Third Mon, until Nov 18, 2024, 50 occurrence(s)
Please download and import the following iCalendar (.ics) files to your calendar system.
Monthly: https://zoom.us/meeting/vpEufuytpzstxwJXp3nHvYoHt7mRqmscaw/ics?icsToken=98tyKuqtrTIvH92Vt1_Hd7MvA5X5buHylmlZgJtNzxHNFRlcShehO9BTP6F8Ec-B
...
Dial by your location
+1 669 900 6833 US (San Jose)
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 646 558 8656 US (New York)
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 778 907 2071 Canada
+1 204 272 7920 Canada
+1 438 809 7799 Canada
+1 587 328 1099 Canada
+1 647 374 4685 Canada
+1 647 558 0588 Canada
855 703 8985 Canada Toll-free
Meeting ID: 353 955 907
Find your local number: https://zoom.us/u/ajhw77vTU
Meeting Agenda/Minutes
Apr 19, 2021: Meeting Minutes; Meeting Recording
Mar 15, 2021: Meeting Minutes; Meeting Recording
Feb 16, 2021: Meeting Minutes; Meeting Recording
Architects Meeting - EdgeX Microservice Authentication.pptx.pdf (Bryon's presentation)
Jan 26, 2021: Meeting Minutes; Meeting Recording
Nov 30, 2020: Meeting Minutes; Meeting Recording
Sept 21, 2020: Meeting Minutes; Meeting Recording; Adopter Series Requirements Summary
...
Nov 18: Meeting Minutes; Meeting Recording
Open Topics
- Med - address how to provide services, UIs, startup scripts/services, etc. with a list of system services.
- SMA needs the list of services
- UI needs the list of services
- Secret bootstrapping needs to provide tokens to services
- Considerations
- What if Consul is not in use (or should we even allow this)?
- What if app or device services are added at runtime (post bootstrapping)?
- There are some chicken/egg scenarios; security may need the list in order to provide each service with the proper token before they come up and register with the registry service
- Med - Standardizing units of measure
- Per meeting of 3/15, Jim to research more like the ANSI X-12 standard and see what other IoT/edge projects are using.
- Med - Declarative Kong applicability
- Allowing us to drop Progress DB
- But can you configure groups/users ACL
- Only supports JWT users
- Med - what's the future state of system management service(s) look like
- How to deal with dynamically adding/removing services
- Does it reside in registry/configuration service
- How to handle security issues
- Low - Is the Wiki the best place to document project decisions (those outside of or smaller than ADRs). This was our initial take. Should we revisit?
- Low - Revisit combine
- Is the Wiki the best place to document project decisions (those outside of or smaller than ADRs). This was our initial take. Should we revisit?
- New topics from Ireland Planning Meeting
Ensure that service location data is pulled from trusted source (i.e. not Consul) (Tony's ADR)
- V2 API - should we add security foundation added to that (per some of earlier V2 API designs via Dell and Bryon N)?
- Adding token to authenticate a micro service call (is this in scope for Ireland)
- May not be needed unless all services are distributed
- We need to explore alternatives to provide secure / locked out service to service communications
Address how to get device resource info (for app services and Kuiper)
Probably not ADR worthy
Either provide Lenny’s convenience APIs or tool to dig out the device resource information in the (cached) profiles
- How/when to invalidate the cache if we use the profile-digging approach
- Naming scheme changes for config.Clients (key name change)
- Use consistent name that all other services use for core data
- Consistency in the naming vs changing all the names to use service name as part of key
Docker image naming - resolve naming standard we want
Drop “go” suffix and “docker” prefix??
- What version of Alpine for Docker images (make them consistent?)
How to handle binary data in V2
Is CBOR still the right way?
Simplicity versus performance
We should have new requirements/use cases to change this
Revisit combing core services at least at all executables in one image- Release would be easier but image would be bigger with more complex compose files
Keep commit history from beginning to end (don’t squash them until PR approved)
Standardizing units of measure
- Per Core WG of 2/18/21 - is it at least worth exploring the combination of Core Metadata and Core Command since the two have to share so much data?
- Core command is just a proxy service today, but reasons for having a separate service include: additional security to protect actuation; issue multiple device commands with one request (make one request and fire it to all Modbus devices or all devices under the control of one service); provide the means to limit requests down to a device so as not to overwhelm it or wake it up). These needs could also be incorporated into a combined metadata service but there are advantages to separation of concerns.
- Low - Digital twin (and LWM2M) applicability
Declarative Kong applicability
- being worked via liaison with DTC- Low - Time series database support and applicability
On Hold Topics or Pending Research
- How should we apply semantic versioning to modules? When do we update the minor and major versions of modules? (comes from the Hanoi planning meetings)
- Decision was to release (and tag) them with each EdgeX release (major)
- Enforce backward compatibility within a major release
- Scope this work for Ireland as it will impact DevOps (Jim to get with Ernesto)
- How do we review/remove artifact removal (docker images in Docker Hub, snaps, etc.)?
- Decision made to tag "latest" dot release with X.Y tagging and use X.Y in Docker Compose files (see minutes from 8/20).
- Open discussion still around what to do with old (very old) images.
- Let’s check what are other projects doing in this case (Kong, Consul, Vault, …)?
Also consult with community and adopters; what do they expect from us? Accenture, ThunderSoft, …
Jim to take this research and poll of adopters
- Adopters have been polled. Most want images available indefinitely. Tibco suggested keep them one year.
- Other organizations (Kong, Consul, Vault, etc.) are not removing images regardless of age or circumstances (there are a few exceptions).
- Ian Johnson has an example of app service to InfuxDB export (snap in the store)
- Low - where should tool/script for creating new device and application services be placed?
- After the architect's meeting of Jan 26, 2021, it was decided that "templates" should be created in all SDKs to allow for the easy creation of new services (removing the old samples in the SDKs). The templates will be a means for users to copy and create a new service with some instruction on how to rename and replace TODOs with necessary code.
- After the templates are in place, there is a decision to be made about where automation can be placed to use the templates to create new services (versus a manual copy). In the CLI, in a new tool, in a set of simple scripts?
On Hold Topics or Pending Research
- High - V2 API - should we add security foundation added to that (per some of earlier V2 API designs via Dell and Bryon N)?
- Adding token to authenticate a micro service call (is this in scope for Ireland)
- May not be needed unless all services are distributed
- We need to explore alternatives to provide secure / locked out service to service communications
- ADR being created and to be reviewed in the Security WG
- Jim to do some research first. Findings: there are places in DS, Core and Application Services where messages can get out of order. If order is something that should be an option built in, it will require much work.
- Adopters have been polled. Only one organization suggested having the option (but not manditory) would be nice. Others indicated they understood ramifications (performance hit) and wanted no changes in this regard.