The 7 Things I Know About Cyber Security After 25 Years | April 2024
Are you ready to be edgy? Bringing applications to the edge of the network
1. Are You Ready to be Edgy?
Bringing Your Applications to the Edge of the Network
Megan O’Keefe Steve Louie
2. Disclaimer
This demo and our team’s prototypes in Edge Computing are not
part of any official Cisco products.
2
3. Hello!
• We are Software Engineers at Cisco
• Based out of Massachusetts, USA
• We work on customer-facing prototypes in Cloud, video, and data
center technologies
• Last 18 months = Edge Computing
3
4. On Deck
1. Why Edge Computing?
2. What is the Edge?
3. Cool Edge Use Cases
4. Edge-Ready Apps
5. Edge + Kubernetes
6. Demo!
4
6. The Latency Problem
• Evolution of wireline and 5G mobile access
technologies
• Proliferation of IoT sensors, devices, and connected
Things
• Need for low-latency and real-time, data-driven decision
making (machine learning)
• Web / OTT / App companies vying for subscriber
proximity
à Meeting all these needs requires an evolution of
network, compute, storage, security, app orchestration
6
Edge
ML
IoT
5G
7. What is Edge Computing?
Edge Computing is the process of moving intensive workloads
from the Cloud out to the Edge of the network.
7
8. Edge Computing…
• Extends the Cloud to the network Edge
• Is not a replacement for the Cloud
• Has lots of shapes…
8
Edge
Edge
Edge
9. Benefits of Edge Computing
9
Low Latency
(VR/AR)
High Bandwidth
(Video Processing)
Temporary/Secure Data
(Facial Recognition)
10. Edge Computing Use Cases
10
Consumer
• Gaming
• VR/AR
• Secure messaging
Enterprise
• Machine learning
• Collaboration
• Virtual desktop
• Firewall
Web / OTT
• Edge as a Service
• CDN
• Video optimization
Service Provider
• C-RAN
• NFV
IoT
• Healthcare
• Energy
• Lighting
• Transportation
• Public safety
• Disaster detection
• Industrial robotics
• Agriculture
• Drones
• Wearables
11. Edge Use Case: Enterprise ML
11
Train models
in the Cloud
Serve models
at the Edge
12. Edge Use Case: Healthcare
12
Edge Microdatacenter
on Private
Hospital Network
Patient
Monitors
Electronic
Health Records
RFID-Tagged
People, Things
Diagnostic
Equipment
Surgery
Robotics
Inventory
Tracking
Compliant
Data
13. Edge-Ready Applications
Architecture
• API-, Microservices-Driven – Application can be
deconstructed to run in Cloud, at the Edge
• Hierarchical Topology – Edge workloads and Cloud
workloads have different purposes
• Minimal Size, Maximum Portability – Small, ideally
<100MB application images built for maximum
portability across environments
13
14. Edge-Ready Applications
Scalability
• Edge components must be highly
scalable across thousands of clusters
• Resource consumption must scale
linearly with additional Edge resources
Fault Tolerance
• Edge microservices can run offline
• Failure resiliency – Graceful handling of
network partitioning events and
hardware failures
14
15. Edge-Ready Applications
Storage
• Cache ephemeral state at the edge as much as possible
• Sync persistent state with the public Cloud
Network
• Have a set of common service hostnames for your apps to
enable anycast edge DNS routing
Security
• Multitenancy (multiple users per Edge deployment)
• Private Registry – signed, secure images
15
16. Why Kubernetes at the Edge?
16
Edge Tenets à Kubernetes
Vast diversity of Edge use cases Kubernetes is workload-agnostic (containers, VMs, functions).
Edge has many shapes Kubernetes supports many nodes and works on a variety of
hardware platforms.
Edge is flexible and dynamic Kubernetes was built to support apps moving around and being
spun up and down.
Edge must be repeatable,
consistent
Kubernetes provides a consistent platform that has been proven
in production at scale.
Edge should be familiar to
developers
Kubernetes adoption is huge! Why re-invent the wheel for Edge?
17. Workflow: Edge Kubernetes
17
Edge
Manager
Each Edge Cluster
is autonomous
End-device traffic
routes to the closest
Edge Cluster
Public Cloud /
Central DC
Edge Cluster
Edge Application
Edge Cluster
Edge Application
Edge Cluster
Edge Application
19. Edge Manager
Central DNS
Edge Platform Architecture
19
Device Flow
1. Anycast DNS for app
destination
2. Device talks to
nearest instance
Edge Cluster
Edge
DNS
Edge Cluster
Edge
DNS
Edge Cluster
Edge
App
Edge
DNS
Edge
App
20. Optikon = Edge App Management
Edge
Cluster
Central
Cluster
Optikon
UI
Cluster-
Registry
API Server
Optikon API (Go)
Helm
Client
Cluster
Registry Client
Central
CoreDNS
Helm
Tiller
Edge
CoreDNS
16
21. 21
central
Cluster Registry
UI Helm Mgr
DNS
Optikon Demo - Setup
copenhagen-1
Helm Tiller
DNS
prom
nginx
copenhagen-2
Helm Tiller
DNS
prom
nginx
copenhagen-3
Helm Tiller
DNS
prom
Client-1 Client-2
22. Optikon – What’s Next?
22
• Cross-cluster auto-scaling / “fuzzy” deployments
• Integrate multi-cluster load balancing + traffic policy (Istio)
• Work with SIG Multi-cluster to help define best practices, use cases for
additional tools
• Scaling Optikon to lots of Edge Kubernetes clusters
github.com/optikon
23. Key Takeaways
1. High bandwidth + low latency use cases à Edge
2. Use cases include IoT, caching, machine learning
3. Edge applications = flexible, scalable, secure
Cloud-native applications
4. Our approach to Edge orchestration: 1 central
Kubernetes cluster + 1 cluster per Edge site
5. CNCF projects = awesome building blocks to build
new stuff! 🎉
23