When stars align: studies in data quality, knowledge graphs, and machine lear...
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
1. LF EDGE FDO Project
Walk Through
April 2024
Randy Templeton
Software Architect, Intel
2. 2
FIDO Device Onboard (FDO)
•The LF Edge FIDO Device Onboarding (FDO) project is an open-source
implementation of the Fido Alliance proposed standard for automatic
onboarding of IoT devices
•FDO v1.1 Proposed Standard
•LF Edge Project for FDO
•FDO Project on GitHub
3. 3
Steps Covered
To build and run FDO containers the only prerequisite is docker
•Downloading prebuilt pri-fidoiot assets
•Building the docker containers
•Setup security credentials for the containers
•Running containers
•Running the sample device
•Invoking REST APIs
• Enable development Workers
6. 6
Building FDO Project on Ubuntu 22.04
•Look at the latest tagged releases and download the tar.gz for v1.1.8
7. 7
Building FDO Project on Ubuntu 22.04
•Extract the pri-fidoiot-1.1.5.1.tar.tz in your home directory
8. 8
Building FDO Project on Ubuntu 22.04
•Now open a terminal in the newly extracted pri-fidoiot directory
9. 9
Building FDO Project on Ubuntu 22.04
•Change directory to the build folder
•If docker not installed, then install docker
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
10. 10
Building FDO Project on Ubuntu 22.04
•If you add your user to the docker group, then logout and back in
11. 11
Building FDO Project on Ubuntu 22.04
•In the build directory replace the references to fdouser with your user
name in docker-compose.yml and Dockerfile
12. 12
Building FDO Project on Ubuntu 22.04
•Also add the release tag to you’re pri-fidoiot directory
13. 13
Building FDO Project on Ubuntu 22.04
•Start the docker build container
•For latest docker use “docker compose” vs “docker-compose”
•docker compose up –build
•After the docker build container runs then then the next step is to
setup security
14. 14
Setting up security credentials
•cd into ~/pri-fidoiot-1.1.5.1/component-samples/demo/scripts
•Run the following scripts in order:
• sh demo_ca.sh
• sh web_csr_req.sh
• sh user_csr_req.sh
• ./keys_gen.sh
15. 15
Setting up security credentials
•cd into the secrets directory
•chmod 664 server-key.pem
•Copy the secrets directory into all the demo container directories
(db,aio,owner,rv,reseller)
•Copy the service.env into all container directories except db
(aio,owner,rv,reseller)
16. 16
Running containers
•First run the db container (from component-samples/demo)
• cd db
• Edit /custom/config-file.cnf
• docker compose up --build
17. 17
Running containers
•In a new terminal window (from component-samples/demo)
•cd aio
•docker compose up --build
18. 18
Run the sample device
•In a new terminal window (from component-samples/demo)
•cd device
•docker compose up –build
•The first time you run the device it will perform DI
•[INFO ] Type 13 []
•[INFO ] DI complete, Guid is ...
19. 19
Run the sample device
•Running the device subsequent times will perform To1/To1
•docker compose up
• [INFO ] Type 71 …
• [INFO ] TO2 completed successfully.
• [INFO ] Starting Fdo Completed
32. 32
Enable development Workers
▪ In service.yml – workers section
▪ Uncommenting the following workers for development
• org.fidoalliance.fdo.protocol.DebugExceptionConsumer – allows stack traces to be
logged
• org.fidoalliance.fdo.protocol.UntrustedRendezvousAcceptFunction – allows RV
server to accept any owner key
▪ Comment out the following
• org.fidoalliance.fdo.protocol.StandardExceptionConsumer
• org.fidoalliance.fdo.protocol.db.TrustedRendezvousAcceptFunction
▪ Rebuild the container after making the service.yml change