►
From YouTube: Kubernetes WG IoT Edge 20230208
Description
February 8, 2023 meeting of the CNCF IoT Edge Working Group. General discussion of group activities and a presentation on AKS Edge Essentials Kubernetes for edge. The AKS Edge Essential presentation included a demonstration of device integration using Akri and an OPC UA gateway, and a demonstration of Web Assembly support.
A
Hi
welcome
to
the
February
8th
2023
meeting
of
the
cncf
iot
edge
working
group
on
the
agenda.
Today,
we've
got
three
items
and
if
we
have
time,
members
are
welcome
to
add
more
first
one
is
just
a
quick
reminder
that
kubernetes
on
the
edge
day,
is
slated
for
April
19th
in
Amsterdam,
but
they
are
still
open
for
speaking
proposals.
That
deadline
is
Sunday
at
midnight,
so
you've
got
four
days
to
get
a
submit
in
for
talks.
A
B
I
can
add
a
bit
to
that,
so
Brandon
Wick
has
kind
of
been
in
charge
of
getting
our
first
edition
of
our
Edge
native
application
principles
out
into
the
world
and
has
been
working
in
conjunction
with
the
cncf
media
team
around
that,
and
so
the
first
wave
of
this
is
that
they
published
it
in
Cube
weekly,
which
is
kind
of
a
Weekly
Newsletter.
That
cncf
stands
stands
up
every
week
and
then
the
marketing
community
of
the
cmcf
is
going
to
create
a
PDF
that
they'll
put
in
a
blog
post.
A
C
C
D
C
E
C
C
So
you
know,
as
you
may
know,
the
cloud
is
where
rapid
Innovation
is
happening
right
and
on
the
edge.
We
have
Legacy
solutions
that
generate
a
lot
of
data
which
is
chatty,
and
it's
really
about
sending
Telemetry
to
process
it
in
the
cloud,
but
that
can
get
pretty
expensive
when
there's
a
lot
of
data
involved.
C
So
the
value
of
the
edge
is
obviously
to
do
the
intelligent
process
in
filtering
at
the
edge
based
on
your
scenarios,
so
that
you
can
control
what
actually
makes
it
up
to
the
cloud
for
cloud
processing
and,
additionally,
you
know
Edge
compute
creates
more
flexibility
for
you,
so
you
can
also
reduce
latency.
So,
according
to
some
data
from
ground
view,
research,
we
see
that
we
can
expect
125
billion
connected
devices
by
2030
11.2
billion
Edge
Computing
Market
size
in
2022
and
155.9
billion
revenue
forecast
for
Edge
Computing
implementation
in
2030.
C
C
C
C
Now,
if
we
take
these
up
a
level
and
Abstract
it,
we
essentially
have
an
expandable,
Hardware
compute
cluster,
and
this
acts
as
the
central
brain
of
the
factory
floor
that
can
talk
to
the
various
domain
controllers.
An
idea
is
to
run
kubernetes
on
the
hardware
cluster,
and
this
allows
you
to
scale
out
your
central
compute
unit
and
talk
to
the
domain
controllers
through
the
open
source
project
Opry,
which
acts
as
a
connector
between
your
Brownfield
devices
or
sensors
to
your
cluster.
C
We
also
deliver
cncf,
conforming
k8s
and
k3's
distributions,
and
these
are
managed
and
automatically
updated
for
you
to
ensure
that
your
kubernetes
stack
is
the
latest
ingredients
and
we
also
support
both
Linux
and
windows.
Containers
which
can
be
deployed
on
both
single
or
multi-machine
clusters,
and
your
deployments
across
all
clusters
on
the
edge
more
Cloud
can
be
easily
managed
with
Azure
Park,
so
that
you
know
you
can
focus
your
energy
on
the
applications
and
features
that
you
want
to
deliver
to
your
customers.
Not
the
rigorous
work
that
it
takes
to
manage
a
kubernetes
infrastructure.
C
So
with
aksh
Essentials,
it's
pretty
easy
for
you
to
get
started
with
your
on-prem
kubernetes
deployment.
So
you
get
a
Microsoft
managed
lightweight
kubernetes
distribution,
which
can
run
on
something
as
little
as
four
gigs
of
memory
and
two
virtual
CPU
compute
and
we've
also
simplified
the
installation
experience
via
an
included
Microsoft
managed
VM
for
easy
installation
and
configuration.
C
So
now,
let's
just
look
at
the
overall
technology
stack
of
how
it
works.
So
at
the
bottom
you
have
your
light
edge
devices
and
then,
on
top
of
that
you
know
you
would
run
a
Windows
client
host
of
some
sort.
We
lean
on
Windows
Enterprise
and
then
you
can
install
AKs,
Edge
and
Essentials,
just
like
any
other
application
through
an
easy
MSI
and
so
inside.
C
You
have
your
Powershell
commandlets
and
agents
that
enable
the
provisioning
of
your
infrastructure
and
then
your
cncf
performance,
kubernetes
platform,
and
then
the
user
can
just
manage
your
cluster
using
either
standard
Cube,
CTL
or
Azure
Park.
And
on
top
of
that
you
know
you
would
deploy
your
Linux
and
or
Windows
containerized
workloads.
C
C
If
you
want
to
run
Windows
for
glues,
but
on
the
Mariner
side
you
would
have
your
k8s
or
k3s
control
plane
and
then
any
other
Azure
containers
like
flux
agents
or
the
art
connected
cluster
agents
would
also
sit
on
the
Mariner
side
and
you
can
actually
have
Windows
native
apps
running
on
the
host
that
can
actually
talk
to
the
VMS
running
inside
AKs,
educational.
So,
for
example,
you
might
have
a
retail
setting
with
a
UI.
E
Sure
Eugene
can
you
yeah?
Thank
you.
This
is
Sean
and,
as
we
engineer,
AKs
essential
one
of
our
achievements
to
bring
up
k3s
for
Windows
support.
As
some
may
know,
KCs
is
a
kubernet
implementation
which
is
optimized
for
memory
and
disk
footprint.
It
comes
with
many
interesting
architectural
decisions
to
distinguish
itself
from
the
Upstream
KAS,
for
example,
instead
of
virtualizing
the
kubernetes
core
components
as
running
Parts,
k3s
fold
them
into
one
single
process
and
they
run
them
in
multi-thread
environment.
E
This
decision
May
expose
the
disk
footprint
and
the
memory
usage
more
compact
when
it
comes
to
packaging
all
of
the
required
runtime
binary
package
in
a
single
binary,
and
it
is
executing
all
of
them
at
runtime
when
needed.
It
is
also
natively
supporting
to
manage
precache
user
container
image.
It
is
very
useful
for
the
offline
deployment.
E
K3
has
already
made
a
few
a
skeleton
change
to
make
it
ready
for
someone
to
continue
to
grow
across
platform
porting
to
highlight
a
few
things
we
made.
For
example,
we
update
and
pick
up
the
correct
set
of
cni
binary
and
the
content
Edition
for
Windows
platform.
We
also
update
the
default
flannel
setup
vendor
to
support
Windows
cni
initialization,
and
we
fix
a
few
file
paths
convention
issues
and
update
the
view
scripts
to
be
more
like
Windows
compatible
using.
E
Can
you
move
to
the
next
slide,
and
we
hope
least
ever
is
not
a
work
only
limited
to
aksh
essential.
Therefore,
we
commit
to
the
community
to
bring
back
and
Upstream
those
change
back
to
the
KCs
project
and
to
make
it
more
sustainable
support
for
long
term.
We
also
commit
to
work
with
the
project
owner
to
improve
the
windows
validation.
E
C
So
here
I
have
a
config
Json,
where
I
can
configure
the
cluster
that
I
want.
So
I
want
a
Linux
node
with
four
CPUs
four
gigs
of
RAM
and
10
gigs
of
data.
So
now
I
will
pass
in
the
config.json
as
a
parameter
and
do
new
AKs,
Edge
deployment
and
so
I'm
just
going
to
skip
over
a
little
bit.
It
takes
I'd
say
like
two
minutes
for
the
cluster
to
be
deployed.
C
So
now
our
cluster
is
deployed
and
I
can
do
compute
control.
I
can
pause,
see
all
the
necessary
pause
are
running,
and
now
we
actually
have
some
samples
that
are
public,
so
this
Powershell
script
will
enable
you
to
run
walls
and
workloads
on
AKs
Edge.
So
here
I'm
just
running
that
Powershell
script.
C
C
So
now
we're
just
going
to
wait
for
the
pause
to
spin
up
and
you
can
see
that
the
spin
and
slide
workloads
are
up
and
running
now,
I'm
just
going
to
get
the
service
of
the
port
so
that
I
can
curl
it
and
see
that
it's
working
correctly.
So
you
can
do
invoke
AKs
Edge
command
to
just
do
your
Linux
commands
on
the
Note,
so
here
I'm
just
copying
the
service
IP
and
Port
hello.
C
C
So
I
already
have
you
know
a
k3s
cluster
up
and
running
here
and
now
I'm
just
going
to
update
my
help,
charts
and
use
home
to
install
all
green
with
the
correct
OPC
UA
configurations.
So
here
I
actually
already
have
some
container
instances
running
that
spit
out
simulated,
OPC,
PLC
values
and
then
I'll
actually
put
in
the
fqdns
into
the
URLs
so
that
they
can
discover
the
correct
server.
It's
it's
foreign.
C
Pods
are
running
and
if
we
get
just
give
it
some
time,
it
will
discover
the
servers
and
create
an
awkward
instance
resource
for
each
of
them.
So,
since
I
have
two
servers
running,
we
see
two
augery
instances
here
and
now:
I'm
just
going
to
apply
an
anomaly
detection
app,
which
will
use
a
broker
to
take
in
the
values
from
the
servers
and
highlight
any
outlier
values.
C
C
A
C
A
And
in
terms
of
supported
platforms,
I'm
wondering
how
small
this
would
go.
You
know
what,
if
you
were
to
put
it
on
an
edge
device.
Is
it
strictly
x86
at
this
point
or
do
arm
things
like
Pi's
work
and
what
would
be
the
memory
and
number?
Of
course
one
would
expect
to
run
a
minimal
kubernetes
cluster
at
an
edge
location.
F
A
F
A
F
So
if
you
want
it's
just
an
optional
thing
right,
so
if
you
want
to
opt
in
right,
you
can
go
ahead
and
do
that
and
you
know
manage
everything
through
the
cloud.
But
if
not,
you
can
just
do
all
kind
of
on
the
edge
right
using
Powershell
or
using
whatever
other
kind
of
Windows
tool
is
the
the
available.
A
Yeah
I'm
just
imagining
a
scenario
where
out
at
Edge,
you
sometimes
have
intermittent
connectivity,
but
you'd
still
expect
to
be
able
to
run
even
with
loss
of
your
Uplink
and
in
many
things
that
people
put
together
for
Edge
operation.
They
would
include
things
like
running
a
local
oci
registry
so
that,
when
apps
start
to
restart,
they
would
pull
their
images
from
a
local
Source
rather
than
requiring
Cloud
connectivity
and
I'm
just
wondering
if
that
sort
of
thing
is
part
of
the
package
or
something
that
you
would
you'd
add
on.
If
you
needed
that
facility.
F
Yeah,
that's
an
interesting
question
and
yeah.
We're
kind
of
aware
of
you
know
if
these
kind
of
offline
scenarios
right
now
we
do
support
offline
deployments.
So
basically
you
could
do
that
right
and
you
could
have
your
private
oci
right.
Just
if
you
have
a
generation
in
your
private
Network
and
just
you
know,
download
everything
directly
on
your
own
Prem
right
when
they're
providing
those
sort
of
products.
F
The
other
thing
is
we
we're
working
to
bring
other
features
that
will
kind
of
enable
this
kind
of
scenarios
like,
for
example,
multiple
nics
right,
so
that
you
can
have
you
know,
for
example,
an
online
Nick
and
then
having
a
an
offline
Nick,
for
example,
for
a
DMC
kind
of
scenarios
right
but
yeah
we
do
support
offline
offline,
Employments
and,
and
the
other
thing
is
like
regarding
other
features
like,
for
example,
updates
right
or
management
right,
because
this
is
this
is
Windows
right.
You
can
always
go
ahead
and
use
whatever
Windows
tooling.
F
There
is
right
for
offline
kind
of
Windows
requirements
right
so,
for
example,
if
it's,
if
you
want
to
apply
the
updates
right
and
you
want
to
do
offline
updates
right-
you
can
use
this
all
the
you
know,
AKs
updates
are
done
through
Microsoft
fabric
right.
So,
if
you,
you
know,
if
you're,
using
whatever
wsus
or
other
windows
mechanisms,
are
for
applying
offline
Windows
updates,
then
you
can
use
those
same
update
mechanisms
right
for
these
kind
of
a
clusters.
G
H
H
So
what's
the
recommended,
inter
cluster
networking,
so
I
think
like
between
the
Clusters,
like,
usually,
you
have
a
lot
of
like
the
you
have
to
set
up
on
some
VPN
or
whatever
yeah
that's
and
you
have
to
make
the
like
the
subnet
right
yeah.
That's
also
always
a
pain
point,
and
the
second
question
is
like
the
what's:
the
memory
requirement
for
the
windows
k3s
nodes.
F
Okay,
so
first,
let's
let's
go
ahead
and
turn
on
networking,
so
we
do
have
two
deployment
types
right.
The
first
one
is
what
we
call
the
single
machine
cluster
right.
So
this
is
just
you
know.
You
have
one
machine
that
you
can
run
either.
You
know
you
need
to
run
a
Linux
zone
and
you
can
add
a
Windows
now
Place
optional
right
when
we
do
that
right.
What
we
end
up
doing
is
we
are
using
an
internal
virtual
switch
and
we
we
set
up.
F
The
second
option
is
what
we
call
the
scalable
cluster
right
so
as
well.
You
have
multiple
devices
right
running,
maybe
you
know
one
or
two
knowledge
each
of
these
devices
and
they
need
to
communicate
between
the
different
nodes
in
different
devices
right
so
that
you
know
there.
What
we
use
is
we
use
an
external
virtual
switch
right,
so
each
of
these
devices
right
will
have
we'll
use
an
external
virtual
switch
and
look.
F
You
know
you
know
we'll
connect
the
different
VMS,
the
Linux
VM
on
the
Windows
VM
to
that
external
virtual
solution
and
communicate
directly
to
the
external
network
when
it
comes
to
more
specific
kind
of
you
know.
Networking
parameters
like
like
we
support
static
Mac
address.
We
support
mtus,
we
support
proxy
right
and
I.
Think
the
other
thing
is
custom
DNS
also,
so
we
do
support
all
of
kind
of
networking.
Vpn
is
not
something
that
we
do
support
right
now,
but
me.
A
F
A
F
G
G
E
E
Well,
we
we
don't
officially
like
recommend
to
pull
it
and
use
it
to
swap
the
cni
implementation.
And
then
maybe
it's
not
that
easy
to
that,
because
the
the
VN,
the
note
itself
is,
the
composition
is
managed
by
us
yeah.
So
back
to
your
question,
I
would
recommend
you
just
go
with
the
default
implementation,
but
for
experimental
purpose.
Sure.
G
E
G
A
Okay,
so
another
thought
related
to
the
cni.
Plugins
are
the
storage
plugins,
you
know
suppose
I
wanted
to
run
a
stateful
app
that
would
use
CSI
storage
are
any
of
the
plugins
supportable
or
are
there
some
bundled?
You
know
in
particular
I'm
thinking.
If
I
wanted
to
use
an
NFS,
NFS
mounted
storage,
there
are
some
kubernetes
distros
that
run
on
a
with
some
of
the
minimal
kubernetes.
Don't
include
the
kernel
features
that
would
enable
that
out
of
the
box,
so
I'm
wondering
what
the
situation
is.
There.
F
F
Okay,
when
it
comes
to
other
kind
of,
let's
call
it
external
Provisions,
like
Longhorn,
you
know
open
EVS
group
like
we
still
haven't
tested
those
and
I
think
we
have
some
some
packages
missing,
but
but
local
path
and
NFS
work
for
Linux
and
we're
working
support
that
to
for
win
for
the
windows
notes.
Also.
A
F
No,
so
it's
always
it's
always.
You
know
that
Linux
VM
is
always
based
on
our
own
Linux
distribution
inside
Microsoft
and
the
VM
is
it's
a
big
kind
of
particular
because
it
has
a
read-only
root
file
system
and
has
no
package
manager.
So,
basically
you
cannot
add
packages.
Issues
like
you
know.
If
that
VM
is
only
used,
you
know
to
run.
You
know
these
containers
right
and
kind
of
you
know
the
way
kind
of
one
of
one
of
the
reasons
for
your
advice.
We
need
to
provide.
F
F
A
A
Yep
yeah
so
like,
like
suppose,
I'm
a
user
and
I
want
to
either
initiate
an
update
or
monitor
the
updates.
Where
do
I
go
to
do
that
is
that
at
some
Cloud
control,
plane
and
yeah,
is
it
automatic,
or
is
this
manually
driven
just
curious
about
how
that
this,
these
OS
at
Edge
node
updates,
would
work
same
with
kubernetes
updates
at
the
edge
node.
E
Sure
yeah
so,
as
usual
mentioned
like
in
early
slide
like
the
AKA
essential,
is
packaged
in
the
windows
MSI
installer,
so
it
will
be
like
installed
as
a
regular
application
and
then
in
this
case
the
windows
will
regularly
check
with
the
Microsoft
update
and
if
there
any
update,
then
we
will
just
like
download
a
new
update
package
which
is
another
MSI
and
to
deploy
to
your
machine.
But
at
that
moment
the
your
cluster
still
remain
the
original
state.
E
We
will
not
touch
your
cluster
like
out
of
your
consent
and
the
end
user.
When
end
user
is
comfortable
and
ready
to
update
the
cluster,
they
can
run
the
partial
commonly
and
to
confirm
there.
Is
there
any
update
and
if
it
is
then
trigger
update
and
then
the
process
can
be
automated
if
there
is
some
other
it
infrastructure,
but
in
general,
that's
the
the
process,
how
we,
how
we
trigger
the
opting
yeah.
A
Okay,
so
let
me
just
let
me
repeat
what
I
think
I
heard
just
so
I'm
sure
I
understand,
so
you
do
something
like
Microsoft
hosts
out
at
the
edge
Windows
hosts.
You
would
probably
use
something
like
Active,
Directory,
Group
Policy,
to
configure
policies
of
how
the
updates
and
would
be
policed
and
monitored
and
downloaded,
but
they
get
staged
downloaded
and
it's
a
manual
operation
that
one
could
use
a
Powershell
script
or
API
to
trigger
the
actual
update.
So
it
do
I
understand
that
correctly.
Then,.
E
A
It
if
it
works
with
the
standard,
wouldn't
those
update,
it's
a
pretty
large
Hammer,
but
in
theory
maybe
you
could
do
a
system
recovery,
but
that
would
recover
the
entire
host,
not
just
this
portion,
so
that
if
you
were
running
other
things
there
like
I
say
it's
a
pretty
crude
tool,
but
it
might
work
okay.
Well,
you
answered
my
question
thanks.
A
D
G
G
But
I
think
I
was
considering
I
I
have
played
with
k3s
like
years
ago
and
that
works
okay
and,
as
you
mentioned,
like
a
memory
footprint
and
CPU
consumption
that
pretty
well
optimized
I
can
say
that.
But
you
know
like
something:
I
consider
is
like
architecture,
so
the
k3s
is
fully
compatible
with
kubernetes,
because
the
problem
could
happen
because
the
if
the
application
container
issues
in
classic
config
API
or
something
realized
on
the
kubernetes
API
and
it
breaks
right,
but
because
k3s
does
not
support
a
fully
compatible
API.
G
E
G
E
E
But
maybe
you
are
talking
about
something
else:
yeah.
If
they,
you
are
learning
something
beyond
the
com.
The
the
general
complement
test,
then
yeah.
Maybe
there
will
be
some
differences
between
KS
and
k3s
and
that
you
have
to
thinking
about
yeah,
which
is
true.
We
are
using
and
you
need
to
use
the
compatible
whatever
compelling
method
to
to
to
to
talk
to
the
cluster
yeah.
A
I'm
kind
of
curious
as
to
what
aspects
you
think
are
not
compliant
because
the
the
cncf
definition
requires
you
to
pass
a
Sona
boy
conformance
test
in
order
to
even
call
it
a
kubernetes,
distro
and
I.
Think
k3s
is
on
the
list,
but
there
are
often
other
aspects
where
they
leave
things
out
that
people
have
grown
to
expect.
You
know
that
are
are
shipped
in
the
box
with
a
lot
of
other
distros,
and
maybe
it's
something
like
that.
But
could
you
expand
on
what
aspects
you're
talking
about
as
having
had
issues.
G
G
B
F
G
F
D
I
can
try
to
take
that.
So,
as
you
note,
there
are
a
few
different
AKs
products
in
Microsoft,
right
AKs
in
account
AKs,
HDI
and
now
AKs
actually
potential,
and
we
try
to
align
our
Live
support
cycle
for
kubernetes
aligned
with
ATS.
So
you
we
are
going
to
follow
the
same
life
cycle
as
AKs
in
the
cloud.
So
that's
how,
in
the
long
term,
that's
what
very
broadly
aligned.
D
As
and
the
second
question
regarding
cve
as
Francisco
and
Eugene
mentioned,
we
are
the
the
VM
that
we
use
is
based
on
CBR,
Mariner
and
Microsoft
has
internal
tools
to
check
the
series
and
we
have
an
SLA
to
adjust
all
the
CV
that
is
published
to
the
database.
We
are
using
the
same
method
to
track
the
CV
for
key
fish
right.
So
when
the
CV
is
made
available
on
this,
we
will
we
will
patch
it
SRA
and
the
different
update
for
Microsoft
updates
foreign.
A
A
A
A
Okay
and
feel
free
too,
to
let
this
group
know
if
that
that,
if
it's
getting
G8
I
think
often
people
have
a
lot
of
unveiling
events
and
things
and
kind
of
Hands-On
workshops.
So
if
you
in
the
near-term
future
want
to
drop
links
to
those
kinds
of
things
or
YouTube
videos
or
whatever
you
have
into
this
group's
chat
stream
on
slack,
please
go
for
it
because
I
think
a
lot
of
people
would
be
interested
in
getting
that
material.
A
A
Those
kinds
of
things
are
not
on
that
list,
so
it
is
really
pretty
a
remarkable
Testament
to
how
rapidly
growing
interest
is
in
this
Edge
space
that
there
are
so
many
open
source
projects
and
we'd
like
some
help
on
that,
so
that,
if
we're
missing
any
of
these
or
some
of
the
data
is
wrong,
please
just
go
use
your
credentials
as
a
member
of
this
group,
you
should
you'll
automatically
get
edit
access
to
that
spreadsheet.
Help
us
continue
to
polish
that
and
complete
it.
A
A
Read
150
entries
in
a
spreadsheet,
but
maybe
can
say,
I
need
an
AIML
solution
for
Edge
or
you
know,
I
need
a
in
an
iot
Gateway
for
Edge
and
look
at
what's
out
there
so
that
you
can
join
in
the
efforts
already
being
made
by
others
rather
than
Reinventing
wheels
that
don't
need
to
be
reinvented.
So
anyway,
that
was
the
agenda
item
that
I
had
just
to
call
attention
to
that
that
this
is
still
ongoing.
A
B
Also,
just
to
let
everyone
know
these
agendas
flow
each
time.
So
if
you
know
someone
that
would
be
interested
in
presenting
or
there's
a
certain
topic,
you'd
be
interested
in
hearing
about
feel
free
to,
let
us
know
or
reach
out
to
the
person.
You
would
like
to
speak.
It's
very
Word
of
Mouth
to
get
speakers
to
come
so
always
open
to
directing
the
agenda
where
people
are
interested.
Yeah.
B
A
Willing
to
go
do
a
little
research
to
go,
find
who's
out
there
on
the
topic.
So
we
want
to
keep
this
interesting
to
users.
That
is
the
goal,
so
just
kind
of
things
that
you
want
to
learn
about,
go,
throw
them
out
here.
You
can
either
speak
up
right
now
or
leave
a
note
in
our
slack
Channel
suggesting
that
you
would
like
to
see
a
speaker
on
this
topic,
whether
you
know
the
name
of
that
speaker
or
not
foreign.
A
I
guess
we'll
close
this
out,
then
the
final
reminder
that
I
gave
at
the
beginning
speaking
proposals
are
still
open
for
kubernetes
on
the
edge
in
Europe
for
the
until
Sunday.
So
if
you
want
to
talk
about
something,
please
consider
submitting
a
cfp
back
conference
is
coming
up
in
April.
The
scale
conference
in
Los
Angeles
is
coming
up
in
March
and
has
a
lot
of
edge
related
sessions
as
well.