Ensuring stable and secure network connectivity is paramount in a world increasingly reliant on edge computing. At the Linux Foundation’s recent Open Source Summit Europe, Erik Nordmark, ZEDEDA CTO and co-founder and a prominent board member of the LF Edge’s Technical Advisory Council, shared his expertise on tackling network instability in a presentation titled, “Don’t Accept Instability at the Edge: Solve Your Network Challenges with EVE.”
The discussion highlighted the unique challenges of the distributed edge, where devices are often deployed in remote, physically insecure locations with limited IT support. Think wind farms, solar farms, or remote retail locations. These environments demand a new approach to networking, one that can handle intermittent connectivity, ensure robust security, and enable remote management.
EVE: An Immutable OS for the edge
Enter EVE (Edge Virtualization Engine), an open source, immutable operating system designed specifically for edge environments. EVE’s key features include:
- API-driven architecture: Enables centralized orchestration and management of edge devices at scale.
- Lightweight footprint: Optimized for resource-constrained edge devices and deployments.
- Eventual consistency model: Ensures eventual consistency and simplifies remote management in flaky network conditions.
- Security-first approach: Incorporates strong integrity protection and addresses the unique security needs of distributed edge deployments.
Tackling network challenges head-on
Nordmark’s presentation also delved into the specific networking hurdles faced at the edge and how EVE-OS offers innovative solutions. The following table highlights some of the most common networking challenges and how EVE-OS addresses them:
| Challenges | Solutions |
| Multiple physical ports and network technologies: Devices may need to connect to different networks (e.g., operational technology networks and enterprise networks) requiring complex configurations. | EVE-OS addresses this challenge by supporting multiple physical ports, allowing devices to connect to different networks simultaneously. |
| Static IP addresses and HTTPs proxies: Legacy systems and security requirements often necessitate manual configuration and compatibility with proxies that may perform TLS man-in-the-middle inspections. | EVE-OS tackles this challenge by allowing for both manual configuration of network settings, including static IP addresses and proxy settings.
It also offers a mechanism to securely provision these configurations from a central controller using a signed proto file, eliminating the need for manual configuration at each device. This aligns with EVE’s support for dynamic network configuration updates, where the controller acts as the source of truth, enabling remote updates and configuration changes. |
| Network fallbacks: Devices may need to switch between different connectivity options (e.g., LTE, satellite) requiring dynamic network management. | EVE-OS supports network fallbacks through its declarative configuration approach. The controller can specify multiple network configurations and switch to the highest priority working configuration. This ensures that devices remain connected even if one network connection fails.
This capability is further enhanced by EVE’s offline management feature, which enables devices to continue operating with local operations like restarts even when disconnected from the controller |
| Remote deployment: Setting up devices in remote or challenging locations presents a significant hurdle due to the absence of on-site IT personnel and potentially limited physical security. | EVE-OS is pre-installed on devices at the factory, allowing them to be shipped directly to the installation site. This reduces the need for skilled technicians on-site. Devices are shipped with the OS pre-installed, often after undergoing a security inspection. Once at the installation site, they simply need to be mounted, connected to the network and power source, and turned on.
This method, combined with EVE-OS’s ability to automatically attempt network connections upon power-up, streamlines the initial setup process. |
Learn how EVE-OS can help you overcome network challenges at the edge, watch the complete presentation.
EVE’s solutions for network configuration and management
EVE tackles these networking challenges with innovative solutions. It allows for zero-touch provisioning, enabling devices to automatically connect to the controller using DHCP or fallback options like USB sticks. EVE also supports dynamic network configuration updates, with the controller acting as the source of truth. This allows for remote updates and A/B testing of configurations for smooth transitions. Even when disconnected, EVE enables offline management, allowing local operations like restarts and snapshot reversions to maintain operational continuity.
Air-gapped networks and debugging
Nordmark also discussed the complexities of air-gapped networks, emphasizing the importance of secure software updates and configuration management. He also highlighted EVE’s ability to import signed configurations, enabling policy enforcement and software updates in these restricted environments.
Furthermore, he emphasized the importance of efficient debugging in flaky networks. EVE’s local tracing capabilities allow for capturing and analyzing network issues, minimizing bandwidth consumption while providing valuable insights for troubleshooting.
Real-world examples and future directions
To illustrate the challenges and solutions, Nordmark discussed a couple of real-world scenarios. For instance, in the oil and gas industry, where devices are often deployed in remote and hazardous locations with limited connectivity, EVE enables reliable operation even with intermittent network access. This ensures critical processes can continue uninterrupted, even when connections are unstable.
Beyond specific industries, Nordmark also explored EVE’s potential in managing complex network topologies. This includes scenarios involving NVIDIA’s BlueField DPUs, which combine powerful processing capabilities with advanced networking features. By leveraging EVE’s flexibility and robust network management, these DPUs can be effectively integrated into edge deployments, enabling sophisticated applications and optimized performance.
Enabling a secure and scalable edge
Nordmark’s presentation provided a compelling overview of the network challenges at the distributed edge and how EVE is addressing them. By offering a secure, robust, and flexible platform, EVE is enabling the deployment and management of edge devices at scale. As edge computing continues to evolve, solutions like EVE will play a critical role in unlocking its full potential.
Start simplifying your edge deployments. Get started with EVE-OS today.
