Available as a Technology Preview, Red Hat Edge Manager is a fleet management solution that provides comprehensive security, simplified management, and real-time visibility for thousands of edge devices and applications. You define the required state of your edge devices, including operating system versions, host configurations, and application deployments. Then, Red Hat Edge Manager automatically implements and maintains these configurations across your entire fleet of devices.
When you register Edge Manager, you also have access to Red Hat build of MicroShift, a lightweight Kubernetes container orchestration solution built from the edge capabilities of Red Hat OpenShift.
Red Hat Advanced Cluster Management for Kubernetes 2.13 provides Technology Preview support to help you manage edge devices on Red Hat Advanced Cluster Management for Kubernetes.
In this article, you will learn how to auto-register Red Hat Edge Manager with Red Hat MicroShift into Red Hat Advanced Cluster Management for Kubernetes.
Enable Red Hat Edge Manager with Red Hat Advanced Cluster Management for Kubernetes
You can enable Red Hat Edge Manager with your Red Hat Advanced Cluster Management for Kubernetes namespace. If you are using a version earlier than Red Hat Advanced Cluster Management for Kubernetes 2.13, enable Edge Manager by completing the following steps:
- Go to your
open-cluster-managementnamespace in Red Hat Advanced Cluster Management for Kubernetes. - To enable the
edge-manager-preview, update themulticlusterhubcustomer resource by running the following command:
oc patch mch multiclusterhub -n open-cluster-management \
--type=json -p='[{"op": "add", "path": "/spec/overrides/components/-","value":{"name":"edge-manager-preview","enabled":true}}]'Set up the flightctl command in Red Hat Advanced Cluster Management for Kubernetes
After enabling Red Hat Edge Manager, you can set up the flightctl command. To do so, you must first install Flight Control locally.
After installing the Flight Control CLI, set up the flightctl command in Red Hat Advanced Cluster Management for Kubernetes as follows:
- Get your OpenShift cluster token by running the following command:
oc whoami -t- Get your
flightctlAPI route address by navigating to your installed Red Hat Advanced Cluster Management for Kubernetes namespace. - In your CLI, run the
flightctlcommand to log in to Red Hat Edge Manager. - Verify that your login worked by confirming that the status of the flightctl repository shows
ACCESSIBLE: True.
Enable auto-registration for Red Hat Edge Manager with Red Hat MicroShift
To enable auto-registration for Red Hat Edge Manager with Red Hat MicroShift, complete these steps:
- Change the value of the image name for your
os.imageby building your ownos.image. - Run the
flightctlcommand to add the following configuration file to your device template:
apiVersion: flightctl.io/v1alpha1
kind: Fleet
metadata:
name: fleet-acm
spec:
selector:
matchLabels:
fleet: acm
template:
spec:
os:
image: quay.io/hchenxa/centos-bootc-flightctl:test
config:
- name: acm-crd
httpRef:
filePath: /var/local/acm-import/crd.yaml
repository: acm-registration
suffix: /agent-registration/crds/v1
- name: acm-import
httpRef:
filePath: /var/local/acm-import/import.yaml
repository: acm-registration
suffix: /agent-registration/manifests/{{.metadata.name}}
- name: pull-secret
inline:
- path: "/etc/crio/openshift-pull-secret"
content: "{\"auths\":{...}}"
- name: apply-acm-manifests
inline:
- path: "/etc/flightctl/hooks.d/afterupdating/50-acm-registration.yaml"
content: |
- if:
- path: /var/local/acm-import/crd.yaml
op: [created]
run: kubectl apply -f /var/local/acm-import/crd.yaml
envVars:
KUBECONFIG: /var/lib/microshift/resources/kubeadmin/kubeconfig
- if:
- path: /var/local/acm-import/import.yaml
op: [created]
run: kubectl apply -f /var/local/acm-import/import.yaml
envVars:
KUBECONFIG: /var/lib/microshift/resources/kubeadmin/kubeconfigThe items for .spec.template.spec.config have the following functions:
acm-crduses the HTTP Configuration Provider to query the ACM agent-registration server for the Kubernetes manifests that contain the custom resource definition (CRD) for the ACM agent.acm-importqueries the server once more to receive the import manifests for a cluster whose name is the same as the device's name so that both can be more easily correlated later.pull-secretis optionally used to pull images from the image registry. You must manually configure the pull-secret to pull the images.apply-acm-manifestsis used to install anafterUpdatingdevice lifecycle hook.
Build images for Red Hat Edge Manager
Now that you have auto-registered Edge Manager into Red Hat Advanced Cluster Management for Kubernetes, you can build images for the former We will use bootc images for this demonstration.
If you want more details on building images and the tools used in this demonstration, see the following resources:
Before you begin the building images for Red Hat Edge Manager, complete the following prerequisites:
- In your CLI, confirm you have Podman version 5 by running
podman -v. - In your CLI, confirm you have
flightctlversion 5 by runningflightctl version.
Build bootc images for Red Hat Edge Manager by completing the following steps:
- Add the following Dockerfile sample:
hchenxa@huichen1-mac flightctl % cat Containerfile
FROM quay.io/centos-bootc/centos-bootc:stream9
RUN dnf -y copr enable @redhat-et/flightctl-dev centos-stream-9-x86_64 && \
dnf -y install flightctl-agent; \
dnf -y clean all; \
systemctl enable flightctl-agent.service
COPY id_rsa.pub /usr/etc-system/root.keys
RUN touch /etc/ssh/sshd_config.d/30-auth-system.conf; \
mkdir -p /usr/etc-system/; \
echo 'AuthorizedKeysFile /usr/etc-system/%u.keys' >> /etc/ssh/sshd_config.d/30-auth-system.conf; \
chmod 0600 /usr/etc-system/root.keys
VOLUME /var/roothome
ADD config.yaml /etc/flightctl/config.yaml
RUN dnf -y install epel-release epel-next-release && \
dnf -y install podman-compose && \
systemctl enable podman.service
ADD etc etc
RUN rm -rf /opt && \
mkdir -p /opt/crio
RUN dnf install -y microshift && \
systemctl enable microshift.service
RUN rm -rf /opt && ln -s /var /opt- Create the
config.yamlfile by creating a device certificate from theflightctlserver. Run the following command:
flightctl certificate request --signer=enrollment --expiration=365d --output=embedded > config.yaml- Create a bootc image with this
config.yamlfile. - Install the Red Hat build of MicroShift service into your
bootcimage. Run the following command:
RUN dnf install -y microshift && \
systemctl enable microshift.service .- After the images successfully build, push the image to your private registry and provide the pull secret that gets configured into your YAML content.
Create a virtual machine with the bootc image
After building the bootc image, you can create a virtual machine (VM) for it. For this example, we will use the qemu-system-aarch64 system to create the VM. Complete the following steps:
- Create a VM using your
bootcimage by running the following command:
flightctl % sudo qemu-system-aarch64 \
-M accel-hvf \
-cup host \
-smp 2 \
-m 4096 \
-bios /opt/homebrew/Cellar/qemu/9.2.2/share/qemu/edk2-aarch64-code.fd \
-serial stdio \
-machine virt \
-snapshot /Users/<your username>/Documents/<your username>/src/daily_work/redaht/flightctl/output/qcow2/disk.qcow2 \ - Verify that you created your VM by confirming that your CLI shows an output similar to the following:
Your device is enrolled to flightctl.
You can manage your device by scanning the above QR coce or folloiwng this URL: <the provided URL> Conclusion
When you auto-register Red Hat Edge Manager with Red Hat Advanced Cluster Management for Kubernetes, you can build images and automatically implement and maintain these images across your entire fleet of devices. You can continue to explore how these products help your development needs by using a virtual machine build images.
Stay tuned for upcoming Technology Preview features in Red Hat Advanced Cluster Management or Kubernetes 2.14 that further enhance your experience!
