We will show what aspects of hawkBit need to be completed or implemented to use it in a production environment.
We will look at hawkBit's extension points and how they can be used and show some practices for deploying and managing a hawkBit-based product.
1. hawkBit in Production
How to make hawkBit ready for production
Andrea Zoleo & Nicola La Gloria
Kynetics LLC - Santa Clara, CA
2. Agenda
● Who we are
● hawkBit overview
● Requirements for production
● Deployment scenarios
● Good practices for production deployment
● Conclusion
3. About us
● We provide OSes and Applications for embedded systems
○ Android
○ Open Embedded framework
● UpdateFactory
○ Software as a Service to update remote devices at scale
○ Based on Eclipse hawkBit
● Members of the Eclipse Foundation
○ Maintainers and commiters of Eclipse Hara Project
○ IoT Working group
○ Edge Native Working Group and Steering Committee
4. What is hawkBit?
A back-end framework for rolling out software updates to devices connected to IP based networking infrastructure.
5. hawkBit use cases and features
● CRUD for targets and distributions
● software update history
● pre-commission of targets
● plug and play of targets
● manage and monitor operations
● target grouping & filtering
● partial downloads support
● rollout/campaign management
7. Requirements for production
● Integration with an User Profiling
● Customization of Authentications/Authorization
○ For different access modes: UI, DMF, DDI, Management API
○ Support of MFA
● Resilience
● Download performance
● Ancillary services (metrics, constraints, fault detection…)
9. ● Single Tenant deployment vs Multi Tenant deployment
○ Data isolation/analysis
○ Customization (i.e metrics, non-functional requirements, etc.)
○ Updates
○ Backup
● VMs vs containers
○ Simplicity & set-up cost
○ Elasticity/Deployment velocity
○ Manual management / IaC
○ Integration with cloud/ancillary services
Deployment Scenarios (4)
10. Scenario 1 - single tenant deployment with VMs
● Pro
○ Simple to bring up
○ Allows data isolation (snapshots)
○ Allows per tenant customization
● Cons
○ Requires ETL for data analysis
○ Requires separate per-tenant update server updates
■ Updates are slow
○ Can become quite expensive
○ Not really elastic in load requirements changes
11. Scenario 2 - multi tenant deployment with VMs
● Pro
○ Simple to bring up
○ Simplified data analysis
○ Single update for all tenants
○ Less expensive
● Cons
○ Data are partitioned but not isolated
○ Per tenant customization isn’t possible
○ Updates are slow
○ Not really elastic in load requirements changes
12. Scenario 3 - single tenant deployment with containers
● Pro
○ Allows data isolation (snapshots)
○ Allows per tenant customization
○ Infrastructure updates are faster
○ Cost effective
○ Elastic
● Cons
○ Requires a container orchestration (e.g. K8S)
○ Requires ETL for data analysis
○ Requires separate per-tenant hawkBit server updates
13. Scenario 4 - multi tenant deployment with containers
● Pro
○ Simplified data analysis
○ Single update for all tenants
○ Updates are fast
○ Cost effective
○ Elastic
● Cons
○ Requires a container orchestration (e.g. K8S)
○ Data are partitioned but not isolated
○ Per tenant customization isn’t possible
14. Workflow and best practices
● Use containers if you can
● Use cloud services for
○ Relational database and snapshots
○ Distributed cache
○ Content delivery network
○ Fault detection
○ Log management and inspection
● Use pipelines - CI/CD for hawkBit updates
● Use IaC for maintaining the infrastructure
● Make load tests
○ using the Virtual Devices (Eclipse Hara)
15. Conclusions
● Data
○ Isolation
○ Analysis
○ Backup
● hawkBit
○ Customisation
○ Updates simplicity
○ Updates velocity
● Infrastructure
○ Resilience
○ Elasticity
○ Integration
● SDLC
○ CB / CI / CD
○ IaC
There are trade off to consider on deploying hawkBit
16. Let’s create your own hawkBit[enstein]
Thank you
Andrea Zoleo
andrea.zoleo@kynetics.com
Nicola La Gloria
nicola.lagloria@kynetics.com