Secure Edge Networking Based On Kubernetes And KubeEdge.

Overview

What is FabEdge

FabEdge is an open source edge networking solution based on kubernetes and kubeedge. It solves the problems including complex network configuration management, network fragmentation, the lack of service discovery ability and topology awareness in edge etc.

Fabedge supports weak network environments, such as 4/5G, WiFi,LoRa, etc., and supports dynamic IP addresses of edge nodes, which is suitable for scenarios such as the Internet of Things and the Internet of Vehicles.

Features

  • Kubernetes Native Support: Fully compatible with Kubernetes API, without any modification, applications can communicate with each others seamlessly no mater in cloud or edge.

  • Edge Container Network Management:Management of the subnets allocation and ip address assignment for edge containers.

  • Cloud-Edge/Edge-Edge Collaboration: Secure tunnels between cloud and edge nodes for synergy between cloud and edge.

  • Edge Community Control: Use K8S CRD of “community” to control which edge nodes can communicate with each others.

  • Topology-aware service: Improve service latency by giving higher priority to local endpoints, while still able to access endpoints in remote cloud.

Advantages

  • Standard: fully compatible with k8s api, support any k8s cluster, plug and plan.

  • Secure: all communication over secure IPSEC tunnel using certificate.

  • Easy to use: designed using operator pattern , minimized ongoing operation effort.

How it works

  • The cloud is any standard Kubernete cluster with any CNI network plug-in, such as Calico. Run cloudcore, the Kubeedge cloud side component, in the cloud and edgecore, the edge side component on the edge node, which registers the edge node to the cloud cluster.

  • Fabedge consists of three components: Operators, Connector and Agent

image

  • FabEdge uses two channels for cloud-edge data exchange. One is the websock channel managed by kubeedge for control signals; the other is an secure tunnel managed by FabEdge itself for application data exchange.

  • Operator monitors k8s resources such as node, service, and endpoint in the cloud, and creates a configmap for each edge node, which contains the configuration information such as the subnet, tunnel, and load balancing rules. The operator is also responsible to launch the agent pod for each edge node.

  • The Connector is responsible to terminate the tunnel from edge nodes, and relay traffic between the cloud and the edge nodes. It relays on a cloud CNI plug-in to forward traffic to nodes other than the connectors. It supports callico so far.

  • The edge node uses the k8s community CNI plug-in bridge and host-local.

  • The edge node uses the k8s community node-local-dns feature, which is responsible for the domain name resolution and caching on the local node.

  • Each edge node runs an agent and consumes its own configmap including the following functions:

    • Manage the configuration file of the CNI plug-in of this node
    • Manage the security tunnel of this node
    • Manage the load balancing rules of this node, the local backend will be used first, followed by the cloud’s

FabEdge vs Calico/Flannel

Fabedge is different from generic Kubernetes network plug-ins such as Calico/Flannel. These plug-ins are used in the data centers to solve the internal network problems of the kubernetes cluster. Fabedge solves the edge computing networing qutestions: how to communitcate between the PODs on different edge nodes, how to community between cloud and edge etc, after the edge node is connected to the cloud cluster using Kubeedge. Currently Fabedge can seamlessly integrate with Calico and will be extended to others in the near future.

Guides

Get start with this doc.

Contributing, Support, Discussion, and Community

If you have questions, feel free to reach out to us in the following ways:

· Please send email to [email protected]
· 社区微信交流群见官网底部

Please submit any FabEdge bugs, issues, and feature requests to FabEdge GitHub Issue.

License

FabEdge is under the Apache 2.0 license. See the LICENSE file for details.

Issues
  • secrets

    secrets "tokensecret" not found

    按照https://github.com/FabEdge/fabedge/blob/main/docs/install_k8s.md 文档第二部添加k8s边缘节点时候出错 add-edge-node.sh ,debug了一下,应该是找不到tokensecret [[email protected] ansible]# kubectl get secret -nkubeedge tokensecret Error from server (NotFound): secrets "tokensecret" not found [[email protected] ansible]#

    image

    Describe the bug A clear and concise description of what the bug is.

    To Reproduce Steps to reproduce the behavior:

    1. Go to '...'
    2. Click on '....'
    3. Scroll down to '....'
    4. See error

    Expected behavior A clear and concise description of what you expected to happen.

    Screenshots If applicable, add screenshots to help explain your problem.

    Desktop (please complete the following information):

    • OS: [e.g. iOS]
    • Browser [e.g. chrome, safari]
    • Version [e.g. 22]

    Smartphone (please complete the following information):

    • Device: [e.g. iPhone6]
    • OS: [e.g. iOS8.1]
    • Browser [e.g. stock browser, safari]
    • Version [e.g. 22]

    Additional context Add any other context about the problem here.

    opened by Haomeng 1
  • Connector

    Connector

    null

    opened by haotaogeng 0
  • add quickstart-k8s

    add quickstart-k8s

    null

    opened by wanglet 0
  • Update README.md

    Update README.md

    There's a document word missing here called "faedge" under the title of the "架构图", I'll change it to "fabedge".

    opened by jackluo04160124 0
  • Certificate management

    Certificate management

    null

    opened by YLyangling 0
  • add dpd_action to sas

    add dpd_action to sas

    null

    opened by haotaogeng 0
  • update connector imagePullPolicy

    update connector imagePullPolicy

    null

    opened by haotaogeng 0
  • connector: add specific routes for remote subnets

    connector: add specific routes for remote subnets

    after strongswan is active, connector addis specific routes into table 220 and one aggregated route to edgePODCIDR into main table, which is propogated into other nodes

    opened by haotaogeng 0
  • 改善Agent

    改善Agent

    1. 添加use-xfrm控制项,可以主动控制xfrm是否启用
    2. 减少全局变量的引用
    3. 为error添加日志
    opened by yanjianbo1983 0
  • Feature/update helm chart

    Feature/update helm chart

    null

    opened by wanglet 0
  • [Question] What features have support?

    [Question] What features have support?

    According to the https://github.com/FabEdge/fabedge/blob/main/docs/roadmap.md, what features have support now? 1. the communication between edge pods 2. the communication between edge node and cloud node

    documentation question 
    opened by khalid-jobs 6
  • [doc] About install.md

    [doc] About install.md

    In the install.md , [email protected]:~# git clone https://github.com/fabedge/fabeedge.git the link of the fabedge is wrong

    bug documentation question 
    opened by khalid-jobs 17
  • [Question] What kubeedge feature does fabedge depend on?

    [Question] What kubeedge feature does fabedge depend on?

    What kubeedge feature does fabedge depend on, such as Autonomic Kube-API Endpoint for list-watch, kubectl exec on the edge or others?

    question 
    opened by khalid-jobs 1
Releases(v0.2)
Secure Edge Networking Based On Kubernetes And KubeEdge.

What is FabEdge FabEdge is an open source edge networking solution based on kubernetes and kubeedge. It solves the problems including complex network

FabEdge 263 Sep 22, 2021
TamaGo - bare metal Go for ARM SoCs

TamaGo - bare metal Go for ARM SoCs tamago | https://github.com/f-secure-foundry/tamago Copyright (c) F-Secure Corporation https://foundry.f-secure.co

F-Secure Foundry 1k Sep 19, 2021
Kubedd – Check migration issues of Kubernetes Objects while K8s upgrade

Kubedd – Check migration issues of Kubernetes Objects while K8s upgrade

Devtron Labs 11 Sep 21, 2021
Go Trusted Execution Environment (TEE)

Introduction The GoTEE framework implements concurrent instantiation of TamaGo based unikernels in privileged and unprivileged modes, interacting with

F-Secure Foundry 44 Sep 21, 2021
A Golang based high performance, scalable and distributed workflow framework

Go-Flow A Golang based high performance, scalable and distributed workflow framework It allows to programmatically author distributed workflow as Dire

Vanu 437 Sep 19, 2021
Enterprise-grade container platform tailored for multicloud and multi-cluster management

KubeSphere Container Platform What is KubeSphere English | 中文 KubeSphere is a distributed operating system providing cloud native stack with Kubernete

KubeSphere 6.8k Sep 19, 2021
Managing your Kubernetes clusters (including public, private, edge, etc) as easily as visiting the Internet

Clusternet Managing Your Clusters (including public, private, hybrid, edge, etc) as easily as Visiting the Internet. Clusternet (Cluster Internet) is

Clusternet 226 Sep 22, 2021
Lightweight Kubernetes

K3s - Lightweight Kubernetes Lightweight Kubernetes. Production ready, easy to install, half the memory, all in a binary less than 100 MB. Great for:

null 17.9k Sep 22, 2021
Production-Grade Container Scheduling and Management

Kubernetes (K8s) Kubernetes, also known as K8s, is an open source system for managing containerized applications across multiple hosts. It provides ba

Kubernetes 81.1k Sep 22, 2021
Lightweight, CRD based envoy control plane for kubernetes

Lighweight, CRD based Envoy control plane for Kubernetes: Implemented as a Kubernetes Operator Deploy and manage an Envoy xDS server using the Discove

null 36 Sep 18, 2021
Kubernetes IN Docker - local clusters for testing Kubernetes

kind is a tool for running local Kubernetes clusters using Docker container "nodes".

Kubernetes SIGs 8.5k Sep 24, 2021
A web-based simulator for the Kubernetes scheduler

Web-based Kubernetes scheduler simulator Hello world. Here is web-based Kubernetes scheduler simulator. On the simulator, you can create/edit/delete t

Kubernetes SIGs 38 Sep 20, 2021
Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes (k8s + wg = kg)

Kilo Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes. Overview Kilo connects nodes in a cluster by providing an e

Lucas Servén Marín 1.1k Sep 25, 2021
GitHub中文排行榜,帮助你发现高分优秀中文项目、更高效地吸收国人的优秀经验成果;榜单每周更新一次,敬请关注!

榜单设立目的 ???? GitHub中文排行榜,帮助你发现高分优秀中文项目; 各位开发者伙伴可以更高效地吸收国人的优秀经验、成果; 中文项目只能满足阶段性的需求,想要有进一步提升,还请多花时间学习高分神级英文项目; 榜单设立范围 设立1个总榜(所有语言项目汇总排名)、18个分榜(单个语言项目排名);

kon9chunkit 38.7k Sep 23, 2021
KinK is a helper CLI that facilitates to manage KinD clusters as Kubernetes pods. Designed to ease clusters up for fast testing with batteries included in mind.

kink A helper CLI that facilitates to manage KinD clusters as Kubernetes pods. Table of Contents kink (KinD in Kubernetes) Introduction How it works ?

Trendyol Open Source 280 Sep 25, 2021
A Kubernetes Network Fabric for Enterprises that is Rich in Functions and Easy in Operations

中文教程 Kube-OVN, a CNCF Sandbox Level Project, integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network

null 1k Sep 16, 2021
kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters

kubequery powered by Osquery kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters kubequery will be packaged as

Uptycs Inc 52 Sep 14, 2021
Golang Integration Testing Framework For Kong Kubernetes APIs and Controllers.

Kong Kubernetes Testing Framework (KTF) Testing framework used by the Kong Kubernetes Team for the Kong Kubernetes Ingress Controller (KIC). Requireme

Kong 8 Sep 21, 2021
A batch scheduler of kubernetes for high performance workload, e.g. AI/ML, BigData, HPC

kube-batch kube-batch is a batch scheduler for Kubernetes, providing mechanisms for applications which would like to run batch jobs leveraging Kuberne

Kubernetes SIGs 875 Sep 22, 2021