红帽全球峰会此内容没有您所选择的语言版本。
Chapter 1. Red Hat Edge Manager architecture
By deploying a Red Hat Edge Manager agent to a device, the agent autonomously manages and monitors the device while periodically communicating with the Red Hat Edge Manager service to check for new configurations and to report device status.
Red Hat Edge Manager supports image-based operating systems. You can include the Red Hat Edge Manager agent and the agent configuration in the image that is distributed to the devices.
Image-based operating systems allow the agent to initiate a transactional update of the image and to roll back to the previous version in case of an update error.
Red Hat Edge Manager architecture has the following main features:
- Agent: A lightweight process on the device that autonomously polls the service for updates, implements the desired state, and manages local workloads even during network outages.
Service: The central control plane responsible for managing device inventory and coordinating fleet-wide configurations. To support these operations, the service includes:
- API server: The secure gateway that handles all communication between the service, administrative tools, and the distributed agents.
- Database: The persistent storage layer that holds the current device registry, enrollment information, and the target state definitions for the fleet.
-
Image-based operating system: An immutable Linux distribution using
bootc. This enables transactional, versioned updates that can be safely rolled back, ensuring maximum reliability for edge deployments. - Device: An individual hardware unit or virtual machine running the agent. It maintains local state awareness, independently applying configurations and reporting its unique health metrics back to the service.
- Device fleet: A logical grouping of devices managed as a single entity. Fleets allow you to roll out updates and policies to thousands of devices simultaneously with granular visibility.
1.1. Red Hat Edge Manager agent and service
The Red Hat Edge Manager agent is a process running on each managed device that periodically communicates with the Red Hat Edge Manager service.
The Red Hat Edge Manager agent is responsible for the following tasks:
- Enrolling its device into the service.
- Periodically checking with the service for changes in the device specification, such as changes to the operating system, configuration, and applications.
- Applying any updates independently from the service.
- Reporting status of the device and the applications
The Red Hat Edge Manager service acts as the central hub for your edge operations, functioning as a reliable bridge between your core systems and your distributed devices. It manages the entire life of a device from the moment it’s securely connected to the network to the ongoing tracking of its health and activity across the fleet.
The service communicates with a database that stores the device inventory and the target device configuration. When communicating with the service, the agent polls the service for changes in the configuration. If the agent detects that the current configuration deviates from the target configuration, the agent attempts to apply the changes to the device.
When the agent receives a new target configuration from the service, the agent does the following tasks:
- Stage Resources: To ensure resilience against network failure during the update, the agent pre-downloads all required assets—including the operating system image and application container images—directly to local storage.
-
Update Operating System: The agent delegates the operating system update to
bootc, ensuring a transactional image-based transition. - Apply Configuration: The agent updates the local file system by overlaying configuration files provided by the service.
- Finalize Environment: If required by the update, the agent triggers a system reboot. If no reboot is necessary, it signals the relevant system services and applications to reload their configurations.
- Update Workloads: The agent synchronizes and updates applications running on Podman or MicroShift.
If the update fails or the system does not return online after rebooting, the agent automatically rolls back to the previous operating system image and configuration.
You can maintain fleet definitions in Git. Red Hat Edge Manager periodically syncs with the fleet definitions in the database.
1.2. Red Hat Edge Manager API server
The API server acts as the central communication hub, exposing secure endpoints that allow both users and agents to interact with the Red Hat Edge Manager service.
The API server exposes the following endpoints:
- User-facing API endpoint
- Users can connect to the user-facing API endpoint from the CLI or the web console. Users must authenticate with the configured external authentication service to obtain a JSON Web Token (JWT) to make HTTPS requests.
- Agent-facing API endpoint
- Agents connect to the agent-facing endpoint, which is mTLS-protected. The service authenticates devices using the X.509 client certificates.
The Red Hat Edge Manager service also communicates with various external systems to authenticate and authorize users, get mTLS certificates signed, or query configuration for managed devices.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}