EdgeX Foundry 安全模式安装部署

文章目录

shell 复制代码
# EdgeX Foundry

https://iothub.org.cn/docs/edgex/
https://iothub.org.cn/docs/edgex/deploy/deploy-secty/

一、安装准备

1.官方文档

shell 复制代码
# edgexfoundry/edgex-compose
https://github.com/edgexfoundry/edgex-compose

# Edgex Docker Compose Builder
https://github.com/edgexfoundry/edgex-compose/tree/main/compose-builder

# Secure Consul
https://docs.edgexfoundry.org/3.1/security/Ch-Secure-Consul/

# Authenticating to EdgeX Microservices
https://docs.edgexfoundry.org/3.1/security/Ch-Authenticating/#how-to-make-authenticated-edgex-calls

2. 克隆服务器

shell 复制代码
# 克隆机器

# 修改IP地址
cd /etc/sysconfig/network-scripts
vim ifcfg-ens33
192.168.202.233

# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

# 设置主机名
hostnamectl set-hostname edgex

3.安装 Docker

安装版本19.03.*

shell 复制代码
$ wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

$ yum -y install docker-ce

$ systemctl enable docker && systemctl start docker

$ docker --version
  • 添加阿里云加速镜像
shell 复制代码
# 添加阿里云加速镜像

cat > /etc/docker/daemon.json << EOF
{
   "registry-mirrors": ["https://gcctk8ld.mirror.aliyuncs.com"],
   "exec-opts": ["native.cgroupdriver=cgroupfs"]
} 
EOF
  • 重启docker
shell 复制代码
#重启docker
systemctl restart docker

4.安装 docker-compose

安装 docker-compose

shell 复制代码
#下载源码
curl -L https://github.com/docker/compose/releases/download/1.25.0/docker-compose-Linux-x86_64 -o /usr/local/bin/docker-compose


#给docker-compose添加执行权限
sudo chmod +x /usr/local/bin/docker-compose

#查看docker-compose是否安装成功
docker-compose -version

docker-compose 基本操作

shell 复制代码
# 安装并启动EdgeX
sudo docker-compose up -d     # -d 后台运行容器
 
# 查看所有容器运行状况
sudo docker-compose ps
 
# 显示容器日志
docker-compose logs -f [compose-contatainer-name]
 
# 停止容器
sudo docker-compose stop
 
# 启动容器
sudo docker-compose start
 
# 停止和删除所有容器
sudo docker-compose down


# 常用命令:
启动:docker-compose up -d 注意这里需要在yml配置文件路径执行,其他路径执行需要-f指定配置文件地址。
查看日志:docker-compose logs -f ${compose-contatainer-name}
停止:docker-compose stop
停止并删除容器:docker-compose down
其他命令帮助:docker-compose --help

二、安装部署

1.docker-comepse

shell 复制代码
# 1.克隆 edgex-compose
$ git clone git@github.com:edgexfoundry/edgex-compose.git 
$ git clone https://github.com/edgexfoundry/edgex-compose.git
$ cd edgex-compose 
$ git checkout v3.1


# 2.生成 docker-compose.yml 文件(注意这包括 mqtt-broker)
$ cd compose-builder
$ make gen ds-virtual


# 3.检查生成的文件
$ ls | grep 'docker-compose.yml'
docker-compose.yml
shell 复制代码
[root@edgex mqtt-device]# git clone https://github.com/edgexfoundry/edgex-compose.git
Cloning into 'edgex-compose'...
remote: Enumerating objects: 4779, done.
remote: Counting objects: 100% (2916/2916), done.
remote: Compressing objects: 100% (173/173), done.
remote: Total 4779 (delta 2831), reused 2804 (delta 2741), pack-reused 1863
Receiving objects: 100% (4779/4779), 1.22 MiB | 450.00 KiB/s, done.
Resolving deltas: 100% (4042/4042), done.


[root@edgex mqtt-device]# ll
total 4
drwxr-xr-x. 6 root root 4096 Feb  1 04:10 edgex-compose


[root@edgex mqtt-device]# cd edgex-compose/
[root@edgex edgex-compose]# git checkout v3.1
Note: checking out 'v3.1'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

  git checkout -b new_branch_name

HEAD is now at 488a3fe... Merge pull request #424 from lenny-intel/device-mqtt-secure-mode-napa


[root@edgex edgex-compose]# cd compose-builder/

[root@edgex compose-builder]# make gen ds-virtual
echo MQTT_VERBOSE=
MQTT_VERBOSE=
docker compose  -p edgex -f docker-compose-base.yml -f add-device-virtual.yml -f ./gen_ext_compose/add-device-virtual-secure.yml -f add-security.yml -f add-secure-redis-messagebus.yml convert > docker-compose.yml
rm -rf ./gen_ext_compose


[root@edgex compose-builder]# ls | grep 'docker-compose.yml'
docker-compose.yml

2.启动 EdgeX Foundry

使用以下命令部署 EdgeX:

shell 复制代码
$ cd edgex-compose/compose-builder
$ docker compose pull
$ docker compose up -d


# 修改配置文件
替换IP地址 127.0.0.1 为 0.0.0.0
shell 复制代码
# docker compose pull

# docker compose up -d



3.访问 UI

3.1. consul
shell 复制代码
# 访问地址
http://192.168.202.233:8500
509bd0ae-2fdc-110e-f404-23942a9d1143


# make get-consul-acl-token

[root@edgex compose-builder]# make get-consul-acl-token
509bd0ae-2fdc-110e-f404-23942a9d1143



3.2. EdgeX Console
shell 复制代码
# 访问地址
http://192.168.202.233:4000/

eyJhbGciOiJFUzM4NCIsImtpZCI6IjY0YTI4ZTk5LWY2YmMtZDQwYi00OWQ1LTZjMzIzM2UzMWJhYiJ9.eyJhdWQiOiJlZGdleCIsImV4cCI6MTcwODQ1MTkwNiwiaWF0IjoxNzA4NDQ4MzA2LCJpc3MiOiIvdjEvaWRlbnRpdHkvb2lkYyIsIm5hbWUiOiJlZGdleHVzZXIiLCJuYW1lc3BhY2UiOiJyb290Iiwic3ViIjoiZTJiZmM4MDMtMzQ5Mi1hYjBhLWE0OTUtMzNjMmY1MzEzYjU3In0.xERcFnGr42rImdzquED6NEIebw4ZV_67z_AMoLp7LmDCRaB8mF3fwSawpuhoSOyiSKmFKb_ZL9O7q3K0-y-xN4c8-Gcg4GgTwLi4lQ_A6jB0sUmuUkLITQUa__CGDHvX



# make get-token

[root@edgex compose-builder]# make get-token
eyJhbGciOiJFUzM4NCIsImtpZCI6IjY0YTI4ZTk5LWY2YmMtZDQwYi00OWQ1LTZjMzIzM2UzMWJhYiJ9.eyJhdWQiOiJlZGdleCIsImV4cCI6MTcwODQ1MTkwNiwiaWF0IjoxNzA4NDQ4MzA2LCJpc3MiOiIvdjEvaWRlbnRpdHkvb2lkYyIsIm5hbWUiOiJlZGdleHVzZXIiLCJuYW1lc3BhY2UiOiJyb290Iiwic3ViIjoiZTJiZmM4MDMtMzQ5Mi1hYjBhLWE0OTUtMzNjMmY1MzEzYjU3In0.xERcFnGr42rImdzquED6NEIebw4ZV_67z_AMoLp7LmDCRaB8mF3fwSawpuhoSOyiSKmFKb_ZL9O7q3K0-y-xN4c8-Gcg4GgTwLi4lQ_A6jB0sUmuUkLITQUa__CGDHvX




shell 复制代码
# EdgeX Foundry

https://iothub.org.cn/docs/edgex/
https://iothub.org.cn/docs/edgex/deploy/deploy-secty/
相关推荐
阿里云云原生17 小时前
Higress v2.2.3 发布:正式入驻 CNCF Sandbox,AI Gateway 与 Ingress 迁移能力双向加固
云原生
阿里云云原生2 天前
香港站【企业 AI Agent 工程化实战专场】来啦,邀您7月9日见!
云原生·agent
阿里云云原生2 天前
研发域与运维域的“数字握手”:通过 Agentic Skills 实现 DevOps 全链路自动化
云原生
老梁agent2 天前
MCP 协议实战:用标准化方式让 Agent 调用工业工具
物联网·agent·mcp
老梁agent5 天前
一个 Agent 不够用?工业场景下的多 Agent 路由模式实战
物联网·agent
老梁agent6 天前
从 0 到 22 篇:工业 Agent 的六大设计原则
物联网·agent
阿里云云原生6 天前
AI 开发新常态:当 Cursor、Claude、Codex 并行,如何统一管理散落的 Skill 资产?
云原生·ai编程
探索云原生6 天前
K8s 1.36 这个 GA 特性,把 initContainer 拉模型的 hack 干掉了
ai·云原生·kubernetes
Java之美6 天前
从edge-trigger到level-trigger,谈谈 Kubernetes controller 的开发范式
云原生
阿里云云原生7 天前
深度解构:当 Append-only 的 SLS 遇上 Update/Delete,是如何实现设计权衡的?
云原生