Introducing Edge Image Builder
Working at the edge introduces a number of complications not seen in a traditional data center. The scale increases dramatically, with edge deployments easily reaching tens of thousands of nodes and devices. Network complexities, such as low-bandwidth or fully air-gapped environments, complicate the initial provisioning and workload deployment. The need for easily auditable, reproducible, and customized base images becomes paramount to the long-term stability and maintainability of the environment.
Edge Image Builder (EIB), one of the components of SUSE Edge 3.0, helps mitigate these concerns by providing a mechanism to customize SL Micro base images to include all of the configurations and workload artifacts needed by edge deployments. EIB is an open source project that provides a simple, text-based definition through which a vanilla SL Micro image can be rebuilt to include the following:
- Operating system configurations, such as users, systemd units, and kernel arguments.
- Network configuration, leveraging all of the features provided by nmstate.
- RPM installation, including build-time dependency resolution and package fetching to include in the customized image.
- Kubernetes installation and configuration for either single-node or HA deployments, using either RKE2 or k3s.
- Kubernetes workloads are defined by either a manifest or Helm chart and include build-time image fetching.
- Node registration at boot to other SUSE management products, such as SUSE Manager and Elemental.
- User-defined custom scripts and files, allowing near limitless configuration beyond what is explicitly supported by EIB.
The resulting image contains all of the configuration and binary artifacts (RPMs, container images, etc.) necessary to provision the node at first boot, providing true zero-touch provisioning even in the case of low-bandwidth connections and air-gapped scenarios. A single image can be reused across multiple nodes, including advanced situations such as deploying HA Kubernetes clusters and individualized network configuration per node. By leveraging a declarative, YAML-based definition format, EIB easily fits into existing GitOps and CI/CD pipelines, generating reproducible images with full accountability of their contents.
Jason Dobies, Director of Edge Engineering at SUSE, recently presented the Edge Image Builder project at one of the bi-weekly meetings of the CNCF IoT Edge Working Group. The recording can be found on their YouTube channel.
The Edge Image Builder project is an open source project that is driven by the SUSE Edge team. We welcome feedback via GitHub issues and encourage you to check the project repository to learn more!
Related Articles
Jan 19th, 2024
Security Controls for the OWASP Kubernetes Top 10
Apr 26th, 2024