edgescale documentationa full functional sd card booted image which has docker engine builtin and...

EdgeScale DocumentationRelease 0.2

EdgeScale

Revision: 91a8665

CONTENTS

1 EdgeScale Overview 11.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Supported Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.3 Supported Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

2 Getting Started 32.1 Basic Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32.2 Quick Start Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3 Bootstrap & OTA 133.1 Bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133.2 OTA update procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

4 User Management 194.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194.2 Apply Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194.3 Create Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204.4 Set User Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214.5 Check Detail Information Of User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

5 Device Management 235.1 Device Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235.2 Create and Enroll Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235.3 Inactivate a Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245.4 Activate a Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255.5 Device Detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275.6 Delete Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285.7 Monitor Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

6 Application Management 316.1 APP Store . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316.2 Application Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

7 Solution Management 497.1 Solution Store . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

8 Monitor 538.1 Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538.2 Task . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

9 Connect to EdgeScale 55

i

9.1 Build EdgeScale Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559.2 OTA: Auto Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559.3 non-OTA: Manual Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

10 Secure Solution 5910.1 Prepare secure bootstrap image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5910.2 Prepare secure solution image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.3 Create device and bootup in secure mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.4 Enforce the secure boot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.5 Read pub key from device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6010.6 Upload device db to cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

11 ESCLI Usage 6311.1 ESCLI Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6311.2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6311.3 Common Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

12 Public Cloud IoT SDK 7112.1 Azure IoT Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7112.2 Ali-Cloud IoT Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

13 Application Notes 7713.1 Enable AI framework: tensorflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

14 Frequently Asked Questions (FAQ) 7914.1 How to fix the puppet-agent issue with LSDK1806? . . . . . . . . . . . . . . . . . . . . . . . . . . 7914.2 What’s the difference of facial recognition APPs in store? . . . . . . . . . . . . . . . . . . . . . . . 8014.3 Can the LSDK 1706 solution images still work with latest EdgeScale? . . . . . . . . . . . . . . . . . 8014.4 How to fix the following issue when board is boot up with ubuntu rootfs? . . . . . . . . . . . . . . . 8014.5 How to create a device and enroll it with escli? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

ii

CHAPTER

ONE

EDGESCALE OVERVIEW

1.1 Overview

EdgeScale is a unified, scalable, and secure device management solution for Edge Computing applications. It en-ables OEMs and developers to leverage cloud compute frameworks like AWS Greengrass, Azure IoT, and Aliyun onLayerscape devices.

EdgeScale provides the missing piece of device security and management needed for customers to securely deployand manage many Edge computing devices from the cloud. End-users and developers can use the EdgeScale clouddashboard to securely enroll Edge devices, monitor their health, attest, and deploy container applications and firmwareupdates.

EdgeScale can also be used as a development environment to build containers and generate firmware.

1.2 Supported Features

• EdgeScale dashboard for users

• Secure device enrolment

• Secure key/certificate provisioning

• OTA: firmware update (LS1043 or LS1046)

• Device status monitoring on the cloud

• Dynamic deployment of container-based applications

1.3 Supported Devices

• LS1012A: QorIQ Layerscape LS1012A Low Power Communication Processor

• LS1043A: QorIQ Layerscape LS1043A Multicore Communications Processors

• LS1046A: QorIQ Layerscape LS1046A Multicore Communications Processors

1

EdgeScale Documentation, Release 0.2

2 Chapter 1. EdgeScale Overview

CHAPTER

TWO

GETTING STARTED

2.1 Basic Concept

2.1.1 Bootstrap and Operational Image

Bootstrap image is the “golden” image used to authenticate device with EdgeScale cloud and update new versionof software image which is called operational image. The bootstrap image is a small stable flash booted image withminimal software packages which connects to EdgeScale cloud. It is seldom updated. The operational image is usuallya full functional SD card booted image which has docker engine builtin and support container based apps. If the devicedoes not support SD boot, the boot loader is supposed at flash and the root file system is stored at SD card.

2.1.2 Identification and Certificate

The identification info is a device specific private key generated at the cloud. It will be used as the initial credentialto connect EdgeScale cloud by the device. During the device on-boarding, this private key will be used to sign devicemeta data and cloud can verify this feature by the corresponding public key. After this step, EdgeScale will issue acertificate for this device used for device to cloud communications.

This private key is only genereated for device has not been provisioned by the secure manufacturing. For secureprovioning, please check the “secure solution” section

Currently this kind of data is taking the form of a shell script and downloaded from the dashboard while creatingdevice. Sometimes it is also called identification image.

2.1.3 Device Model

The device model describes the metadata and management characteristics of a device. It determines which version ofsoftware image will be installed on the device automatically.

2.2 Quick Start Guide

2.2.1 Register and Sign-in

• Register an account: open a web browser and connect to EdgeScale Portal

3

https://console.edgescale.org


It will send email to admin: [email protected]

After approval, you will get an email with a random password, please login and set a new passwd for you.

• When the account is available, you can sign in

• Follow the account setting and reset password

4 Chapter 2. Getting Started

mailto:[email protected]


2.2.2 Prepare Device

1. Create Device

• Go to Device -> My Devices and Create Device

• Fill in the form with SN number and device model info (select from suggested data)

• Submit

2.2. Quick Start Guide 5


2. Download & Provision Device Identity

• Download the device identity info

bootstrap-enroll-<device ID>-iot.gateway.ls1043ardb.nxp.sh

• Check device infomation



• Copy the script file to your Linux host

• Execute the script file (linux bash script) on the Linux host, with the SD card inserted

$ sudo ./bootstrap-enroll-2f63c75eaa50535087e623c5c0f22721.iot.gateway.ls1043ardb.nxp.→˓sh d̄ev/<device>Install Edgescale AAA service Private key to Disk /dev/sdd: 7.4 GiB, 7948206080 bytes,→˓ 15523840 sectors- Yes|No ---Yes[...]048576 bytes (1.0 MB, 1.0 MiB) copied, 0.00334797 s, 313 MB/s[...]048576 bytes (1.0 MB, 1.0 MiB) copied, 0.00155437 s, 675 MB/s

After this step, the device identity information is saved on some reserved area of SD card. Next, we need to preparethe software image for the device which includes building and install the image on the SD card.

3. Build EdgeScale agents into the image

Below is an example for enabling EdgeScale client in LSDK based image. Please check LSDK and the building tool:flex-builder for more information. This is for non-secure mode, if booting device with secure boot checking, pleaserefer the “secure solution” section.

• Preconditions

EdgeScale client depends on golang 1.9 environment. If the system is installed with old version, please update it to1.9

# rm -rf ~/go && curl -L https://redirector.gvt1.com/edgedl/go/go1.9.4.linux-amd64.→˓tar.gz | tar xz -C ~/

• Enable the EdgeScale components in LSDK

cd flexbuildsource setup.env

# vi configs/build_lsdk.cfgCONFIG_BUILD_QORIQ_EDGESCALE=y

• Build the images

# flex-builder clean# flex-builder -m <machine>

4. Manually deploy the image to SD card

In this mode, the image is installed manually on SD card, not support deploying image from cloud dashboard.

• insert the SD card into x86 host Identify the physical device with dmesg or sudo gparted, such as /dev/sdx

• umount the SD card if auto mounted

sudo umount /dev/sdx

• install the solution image

assume the solution image componentes are stored in build/images


https://lsdk.github.io

https://lsdk.github.io


$ cd build/images$ flex-installer -b bootpartition_arm64_lts_4.9.tgz -r rootfs_ubuntu_xenial_arm64.tgz

-f firmware_[ls1043ardb|ls1046ardb]_uboot_sdboot.img -s 8 -d /dev/→˓<device>

• Note: please mount the second and third partition of SD card and check bootpartition_arm64_lts_4.9.tgz androotfs_ubuntu_xenial_arm64.tgz are installed in SD card successfully. if the second partition is empty, pleaserun the following command to install:

$ cd build/images$ mount the second partition to <p2-dest-dir>$ tar zxvf bootpartition_arm64_lts_4.9.tgz -C <p2-dest-dir>$ umount <p2-dest-dir>

• insert the SD card into target board and boot.

For OTA (automatically deploy image from cloud), please refer Bootstrap.

5. Bringing the Device On-line

• Cleanly umount the SD card from the host, and insert it in the target platform

• Power up the target and stop in u-boot (CTRL-C)

• Reset to boot from SDcard

=> cpld reset sd

• Platform will start up, connect to the Internet, and register with the cloud infrastructure.

• Verify Device Certificate Enrollment with dmesg

[ 30.159672] Checking for ethernet port fm1-mac3[ 40.242777] Link detected: yes[ 45.000582] network ethernet port is fm1-mac3[ 45.004823] fm1-mac3 Link encap:Ethernet HWaddr 00:04:9f:04:1e:3c[ 45.005105] inet addr:192.168.147.137 Bcast:192.168.147.255 Mask:255.→˓255.255.0

...

[ 45.010835] Setting time from www.baidu.com[ 47.349473] Tue Apr 24 12:43:18 UTC 2018[ 47.629792] No valid certificate found, starting 3 Phases Certificate Enrollment[ 47.630061] starting Phase1[ 61.902924] starting Phase2[ 66.152794] starting Phase3[ 67.629686] create PKCS10 request[ 72.118433] Starting E-EST certificate Enrollment[ 73.265688] set Hostname to 2f63c75eaa50535087e623c5c0f22721.iot.gateway.→˓ls1043ardb.nxp

...

[ 83.353776] Start kubelet[ 83.998282] 1+0 records in[ 83.998558] 1+0 records out[ 83.998766] 512 bytes copied, 0.00045336 s, 1.1 MB/s

(continues on next page)



(continued from previous page)

[ 84.030918] ./ota-statuscheck: 17: [: x: unexpected operator[ 84.031286] ./ota-statuscheck: 21: [: x: unexpected operator[ 84.033247] 0+1 records in[ 84.033499] 1+0 records out[ 84.033741] 512 bytes copied, 0.00041832 s, 1.2 MB/s

• It is recommeded to update local time zone of the device:

$ dpkg-reconfigure tzdata

• Refresh My Devices will show the device as online

2.2.3 Deploy APP

1. Deploy APP to device

• Click APP to select one APP (filter by tag)



• Deploy

• Select device(s) and then click Deploy App



2. Monitor APP task

• Click Task to check deployment task status or click APP -> Apps Status directly

3. Running APP

Find the APP running card and click top-right icon to check App Log

• find the IP address to open the related service

For example, Image Classification APP


CHAPTER

THREE

BOOTSTRAP & OTA

3.1 Bootstrap

To enroll your device in EdgeScale, the bootstrap image needs to be programmed firstly, and then reboot the board,the OTA process will start to install corresponding solution image which is associated with selected model, finally theenrollment will be done.

The guide will introduce how to get and flash the images to finish enrollment in EdgeScale.

3.1.1 Image Download

Download the bootstrap images according to the following table. Only work with LSDK1806 solution image, can notbootup with previous LSDK release versions.

Version Platform Imagev1806 LS1012A qspi_ls1012a.imgv1806 LS1043A nor_ls1043a.imgv1806 LS1046A qspi_ls1046a.img

3.1.2 Precondition

• Setup the tftp server

• Copy the bootstrap image to tftp server

• Configure network for board to ensure it can connect to tftp server

3.1.3 Flash Image

LS1012ARDB/LS1046ARDB

• Create device in the EdgeScale dashboard and download the identification image

• Program the identification image to SD on a Linux PC

$ sudo fdisk -l # find the /dev/sdx for the SD card e.g. /dev/sdb$ sudo umount /dev/sdx$ sudo bootstrap-enroll-<deviceID>.sh /dev/sdx

• Insert SD card to the board then boot the board to enter u-boot prompt

13

https://image.edgescale.org/1806/ls1012ardb/qspi_ls1012a.img

https://image.edgescale.org/1806/ls1043ardb/nor_ls1043a.img

https://image.edgescale.org/1806/ls1046ardb/qspi_ls1046a.img


• Run the following command to flash the bootstrap image

=> tftp 0xa0000000 /tftpboot/qspi_<ls1012a/ls1046a>.img=> sf probe 0:0=> sf erase 0 +$filesize=> sf write 0xa0000000 0 $filesize

• Run the following command in u-boot environment to start the OTA process

=> reset

LS1043ARDB

• Create device in the EdgeScale dashboard and download the identification image

• Program the identification image to SD on a Linux PC

$ sudo fdisk -l # find the /dev/sdx for the SD card e.g. /dev/sdb$ sudo umount /dev/sdx$ sudo bootstrap-enroll-<deviceID>.sh /dev/sdx

• Insert SD card to the board then boot the board to enter u-boot prompt

• Run the following command to flash the bootstrap image

=> tftp 0xa0000000 /tftpboot/nor_ls1043a.img=> pro off all=> erase 0x60000000 +$filesize=> cp.b 0xa0000000 0x60000000 $filesize

• Run the following command in u-boot environment to start the OTA process

=> reset

3.2 OTA update procedure

3.2.1 Precondition

The SD storage range of 63M~64M is reserved to store OTA status information. This area is accessed both by thebootstrap image and the new SD image.

14 Chapter 3. Bootstrap & OTA


3.2.2 OTA process

• When first time start the board, the bootstrap image will be started from flash. Then it will get latest SD cardimage from cloud and install it on the SD card.

• The OS will be started from SD card normally. OTA script will check if there is a new version of image for thedevice periodically.

• If update failed, the bootstrap image will be started from flash and roll back to old SD card image.

3.2.3 Procedure

To automatically deploy the solution image to device, please refer below workflow:

• Create device, bind model and build the solution image with EdgeScale agents

Please refer Quick Start Guide.

3.2. OTA update procedure 15


• Compress all the software images as a tgz file

tar czvf dcca_lsdk1706-ls1046_image_sdboot.tgz bootpartition_arm64.tgz \firmware_ls1046ardb_uboot_sdboot.img ubuntu_xenial_arm64_rootfs.tgz

• Upload the compressed solution image to a storage server and get the downloading url link

Currently, EdgeScale will NOT host user’s binary image. Assume user has his own public storage.

• Create the solution image via EdgeScale dashboard

click Create Solution button and go to the solution create page

Model name, solution name and version are required.

Model Name: Chose a model for solution

Solution Name: The name for solution

Version: The version for solution

• Specify solution permission and tag

private: Can’t be seen by others

public: Can be seen by others

tags: Add tags to the solution

• Specify solution image location (URL link)

Specify Firmware Location An specific firmware address(Image URL)

Upload Firmware Image User can upload a local firmware image



• Click submit button and finish creating solution.

• Download and flash bootstrap image to device as previous “Bootstrap” section

3.2. OTA update procedure 17

CHAPTER

FOUR

USER MANAGEMENT

4.1 Introduction

User management includes Apply Account, Audit Account and Create Account. Before user login the system, theyshould apply account first. The administrator will check the application and create an account for user.

4.2 Apply Account

• click Apply Now button on the login page, go to apply account page. (First Name, Last Name, Email, AccountType, Company Name) these items are required.

19


• After click Apply Now button, there will be a new data(marked with red box) on Auth > Auth list page.

Administrator can audit users’ application (only administrator can see this):

• Approved: application will be passed and administrator will create an account, then send the account informationto user’s email. User can change the password according the email.

• Rejected: application will be rejected and administrator will send the reject information to user’s email.

4.3 Create Account

• click Manage > User on left banner, go to user list page.

• click Create button(marked with red frame) to go to create user page.

20 Chapter 4. User Management


• After click submit button, there will be a new data(marked with red box) on user list page.

4.4 Set User Limit

• click the setting button(marked with red box), can open the setting limit dialog:

• Device: set the max number devices that user can create

• Deploy: set the max number solution that user can deploy

4.4. Set User Limit 21


4.5 Check Detail Information Of User

• click the name on the table, go to user detail page On this page, administrator can check user’s basic informationand device, model, solution, application information of the user

22 Chapter 4. User Management

CHAPTER

FIVE

DEVICE MANAGEMENT

5.1 Device Model

The device model describes the metadata and management characteristics of a device. This metadata determines the version of firmware or solution software which will be run on the device. Currently the model composes of the following fields:

vendor.platform.type.model

• vendor is the manufacture of the device

• platform is the main CPU used on the device

• type defines the general functionality of the device, such as gateway, l2switch, firewall.

• model is the device’s model number. On most devices, it can be usually found in the label located on thefront, back, side or bottom.

For example, a reference board made by NXP could take the model string as: nxp.ls1043a.gateway.rdb

5.2 Create and Enroll Device

Click My Devices -> Create Device

• Fill in the SN number and device model (select from the dropdown list) in the following form.

23


• Please refer the Quick Start Guide and Bootstrap to enroll device manually or automatically (OTA process).

5.3 Inactivate a Device

Unenrolling a device means to disable the device functionality from the cloud. After the instruction is sent to device,the device will erase the identlification and certificate, disconnect from the cloud connection, the bootstrap image willnot be erased. The device can go through the enroll process as a new device.

24 Chapter 5. Device Management


5.4 Activate a Device

When the device is in “Inactive” state, click the Active button at the device page, the bootscript download windowwill pop up. The bootscript contains the certificate and device identification. The device can go thourgh the enrollprocess again with the script, the device will be connected to the cloud.

5.4. Activate a Device 25


5.5 Device Detail

Device detail page displays more information of the device running status: App Number: number of runningAPPs on the device

CPU Usage: percentage of CPU load

Mem Usage: percentage of memory used

EdgeScale Version: EdgeScale agents version.

Device Logs: including system log and EdgeScale agents logs

5.5. Device Detail 27


5.6 Delete Device

To delete a device, click Delete button of the corresponding device in the “DeviceList” page. It will ask for user’sconfirmation before it is deleted.



5.7 Monitor Device

When user starts a device, then a start time will send to the database, EdgeScale will receive the start time and showan mark(marked with red box) on device list page to show that the device is online. when user turns off the device, themark will be offline.

5.7. Monitor Device 29

CHAPTER

SIX

APPLICATION MANAGEMENT

6.1 APP Store

6.1.1 Introduction

APP store is the digital distribution platform for the dockerized application running on devices, it supports the appli-cation view, search, deploy and monitor on the end devices.

The following is the major function modules:

• create

• delete

• view

• update

• deploy

6.1.2 Public & Private APP

Private: The APP is only visible to the owner, it is maintained by the owner.

Public: The APP is visible to every user.

If a private APP needs to be public, the owner should be responsible for the quality asssurance.

6.2 Application Management

6.2.1 Get availalbe APPs

Click Software > App on the left navigation bar

31


1. Click My App/Public Store to view my APPs list and the public APPslist page.

2. Click APP’s name to view the details of the APP.

32 Chapter 6. Application Management


• click App permission to configure if the APP is visible to othre users.

6.2. Application Management 33


Apply for a public store: Enroll the APP into EdgeScale public app store with justification.

• Click App Documents to edit the APP documents

• Click Edit to update the basic configuration of APP

• Click Add to add more docker run arguments

6.2.2 Create APP <Experimental>

Click Create App button to create a new APP.

All the fields marked with “*” are mandatory.

Step1: input the basic info.

• App Name (mandatory): the name for APP

• Description: the description for APP

• Upload Icon: upload APP icon



Step2 : input the configuration info.

• Registry (mandatory): select the registry for APP container

• Image Name (mandatory): the image name for APP container

• Version (mandatory): the version for APP container

• Commands: shell commands, like “/bin/bash -c”, etc.

• Arguments: command arguments.

• Host Network: Connect a container to a network

• Host Port: Container host port

• Container Port: Container port

• Host Path: Container host path

• Mount Path: Container host path

• Cap Add: ddd Linux capabilities



Click submit button to create the APP.



6.2.3 Delete APP

6.2.4 Update APP document



6.2.5 Deploy APP

Deploy an APP to devices

Click Deploy button to deploy APP to the selected devices: Step:

• App Version: Choose the APP version

• More Arguments: Specify the “docker run” command arguments for deployment

• Devices: Choose devices

• Deploy App: Deploy APP to devices



Click Batch Deployment button to deploy multiple APPs to selected devices:

Step1: Select devices to deploy APPs

Step2: Select APPs



Step3: Select APP version and specify “docker run” command arguments for deployment.

Step4: Review the deploy configuration to make sure all information is correct, and then deploy.



Step5: Click “Deploy” button to begin the deployment, and then go to the monitor page.

6.2.6 Passing Arguments to APP

1. arguments setting of creating APP



2. argument of deployment



3. docker run command



4. application argument


CHAPTER

SEVEN

SOLUTION MANAGEMENT

7.1 Solution Store

7.1.1 Introduction

Solution store is a visual solution control system. It is designed as a tool for users to manage solution software.

The major components compose of:

• create

• delete

• view

• update

• deploy

7.1.2 Get Solution List

• Click Software > Solution in the left navigationa bar

• Click the solution’s title to open solution detail page:

49


7.1.3 Deploy Solution Image

If automatic OTA is configured, the device accepts solution image update command from the cloud. User can select asolution image in the store and deploy it to device(s).

Click Deploy button to deploy solution to devices:

Step1: Filter devices (According Location, Platform and Tag, system will find target devices)

Step2: Select devices to deploy solution

50 Chapter 7. Solution Management


Step3: Review deploy configuration to make sure all information is correct, and then deploy.

7.1.4 Upload a solution image

Click Create Solution button to open the “solution create” page.

All the fields marked with “*” are mandatory.

Step1: Input basic information:

Model Name: choose a model for solution Solution Name: specify the name of solution Version: specify the versionof solution

7.1. Solution Store 51


Step2: Define the permission of solution:

Permission: private solution is visible to the solution owner; public solution is visible to all the users. Tags: applytags to solution

Step3: Configure firmware settings

• Specify the firmware location - an specific firmware address (Image URL), the precondition is that correspondingsolution image needs to be uploaded to public server.

• Upload Firmware Image - user can upload a local firmware image (NOT supported yet)

Click submit button to create the new solution.

52 Chapter 7. Solution Management

CHAPTER

EIGHT

MONITOR

8.1 Devices

8.2 Task

8.2.1 Introduction

Task is designed as a tool for users to monitor the status of APPs/solutions deployment (including delete, view).

8.2.2 Get Task List

Click Task > Task List on the left navigation bar

Click task’s id to open the task detail page:

53


54 Chapter 8. Monitor

CHAPTER

NINE

CONNECT TO EDGESCALE

9.1 Build EdgeScale Client

Currently only support building EdgeScale client with flex-builder on LSDK based images. Please refer 3. BuildEdgeScale agents into the image for building instructions.

9.2 OTA: Auto Deployment

9.2.1 Introduction

A solution image can be deployed to one or more devices from the EdgeScale web page . this guide will introducehow to deploy one solution to one device.

1. Click Software > Solution on the left navigation to go to solution page.

2. Click Deploy button of selected solution (e.g. edgescalecli001-test) to go to ‘Filter’ page.

55


3. Fill in the device filter conditions and click Query Devices button to go to ‘Select devices’ page.

4. Select one device and click Next Step: Preview button to go to the ‘Preview’ Page.

56 Chapter 9. Connect to EdgeScale


5. Click Next Step: Deploy button to go to the ‘Status Monitor’ Page.

9.3 non-OTA: Manual Deployment

In this mode, the image built by flex-builder is manually installed on SD/USB/SATA storage. After this, the dockerbased application can be deployed from cloud. for more details about how to manually build and deploy the LSDKdistro with EdgeScale client to storage. please refer the lsdk doc: https://lsdk.github.io/.

1. Login EdgeScale, create device, bind device model at the dashboard and download the identification imagelike:bootstrap-enroll-<device-name>.sh

2. Boot up the board using the LSDK tiny itb image, format and create new partition on storage, then deploy theLSDK bootpartition and rootfs into the storage. e.g. for ls1046a: In u-boot:

=> setenv bootargs root=/dev/ram0 rw console=ttyS0,115200 earlycon=uart8250,mmio,→˓0x21c0500 ramdisk_size=0x10000000=> tftp a0000000 lsdk_linux_arm64_tiny.itb=> bootm 0xa0000000#ls1046ardb

In linux:

$ flex-installer -i pf -d sd$ cd /run/media/mmcblk0p3 # then download the bootpartition and rootfs you generated→˓using LSDK into this partition.$ flex-installer -i install -b <bootpartition> -r <rootfs> -m ls1046ardb -d sd$ reboot

3. Boot up the board form storage. e.g. for ls1046ardb In u-boot:

=> cpld reset sd

4. After booting up board form storage. copy and run the identification image and start the enrollment process.

$ bash bootstrap-enroll-<device-name>.sh /dev/mmcblk0$ startup.sh

9.3. non-OTA: Manual Deployment 57

https://lsdk.github.io/


58 Chapter 9. Connect to EdgeScale

CHAPTER

TEN

SECURE SOLUTION

This section is very platform dependent and Strongly suggest reading the security chapter of the LSDK document firstbefore running any real instructions on the device.

In order to build secure solution, you need to boot the board securely. Steps to do so can be found in LSDK document“security chapter”.

10.1 Prepare secure bootstrap image

• Generate key pair using CST tool

CST tool could be built from source and key pair generation is one of the functionlaity. Generally, the key pairshould be generated once and keep safe. The private key will be used to sign images and the public keywill be fused into device to verify the image signature.

# build cst tool from source$ flex-builder -c cst

$ cd <flex-builder dir>/packages/apps/cst

# generate RSA key pair: srk.pub and srk.pri, 1024bit$ ./gen_keys 1024

• Download secure bootstrap image: secure-ota-<platform>.tar from EdgeScale

Version Platform Imagev1806 LS1012A secure-ota-ls1012a.tarv1806 LS1043A secure-ota-ls1043a.tarv1806 LS1046A secure-ota-ls1046a.tar

• Signing the bootstrap image with gen-ota-image.sh

untar the downloaded file will find gen-ota-image.sh

$ export SRK_PUB=<path>/srk.pub$ export SRK_PRI=<path>/srk.pri$ export CST_PATH=<path>/cst$ bash gen-ota-image.sh

59

https://image.edgescale.org/1806/ls1012ardb/secure-ota-ls1012a.tar




10.2 Prepare secure solution image

• Specify the keys pair for secure boot in configs/build_lsdk.cfg

SECURE_PRI_KEY=/home/xx/path/srk.priSECURE_PUB_KEY=/home/xx/path/srk.pub

• Building EdgeScale agents as LSDK user guide see more at 3. Build EdgeScale agents into the image.

10.3 Create device and bootup in secure mode

• Create device via EdgeScale dashboard or escli command line tools.

• Program secure bootstrap image into device, see more at Bootstrap.

10.4 Enforce the secure boot

In production systems, secure boot is enforced via blowing the ITS fuse.

In development environment, if you are booting the board securely using SB_EN bit, you need to ensure that ITS bitis set. This can be done via code-warrior (ccs). For this you would need to put the core in boot hold-off by setting thecorresponding bit in RCW.

• Set the ITS bit through CCS when the system is in boot hold off state.

#Boot up the system

#Connect CodeWarrior/ccs

#Set the ITS bit if ITS not fused$ ccs::write_mem 32 0x1e80200 4 0 0x00000004

#Get the Core Out of Boot Hold-Off$ ccs::write_mem 32 0x1ee00e4 4 0 0x1

10.5 Read pub key from device

This public key is derived from srk.pub generated by CST tool and used for device authentication. mp_app ispart of secure object library and integrated with LSDK rootfs.

• Get MP public key:

– boot up system with secure mode

– Get public key in device with tool mp_app:

mp_app -p

Public key x part = 671fe89daca42004d648b2ad7ddeb2a0ca7e47556e73f376aab45061fca74603

Public key y part = 9519e09aab4da3a972511d3ca7e842e8bb1d02e744cc85ff4e65c0ca6fbb7376

Public key in form of x followed by y is saved in pub_key file

60 Chapter 10. Secure Solution


10.6 Upload device db to cloud

For secure enrollment of this device to the cloud, some data from the device needs to be uploaded to the cloud. Thisdata includes :

1. Manufacturing Protection Public key - Public part of the ECC key pair generated after secure boot process.Steps given in the Section “Read pub key from device”

2. Factory UID or FUID

3. OEM UID (For reading 2 and 3, please refer to the SoC SFP block memory map from the Reference Manual)

#csv file schema: FUID, OEMID, SK_PUB_X, SK_PUB_Y

$ escli device upload-db <db.csv>

10.6. Upload device db to cloud 61


62 Chapter 10. Secure Solution

CHAPTER

ELEVEN

ESCLI USAGE

11.1 ESCLI Overview

CLI is the acronym of command-line interface. EdgeScale CLI (ESCLI) is used to maximize productivity. CLI offersgreater capability than a dashboard, exposing more, finer-grained commands, especially when the task must be donerepeatedly. Such is likely to be the case if a company manages thousands or millions of nodes. For example, CLI helpdeveloper build a firmware image and push it out to multiple devices with a few commands.

11.2 Installation

ESCLI is verified with ubuntu 16.04 linux system, python version is 2.7.

$ git clone https://github.com/NXP/escli$ cd escli$ sudo python setup.py install

11.3 Common Usage

The usage of EdgeScale CLI is:

$ escli

Usage: escli [OPTIONS] COMMAND [ARGS]...

CLI to interact with Edgescale server and execute your commands, defaultconfig file is ~/edgescale/cli_conf.ini

Options:-H, --host TEXT EdgeScale host server address--debug enable debug mode, default False-h, --help Show this message and exit.

Commands:app applications managementdevice device register and management.login login to edgescalelogout Logout from Edgescalemodel model of device management.repo docker's repository registry.


63



solution solution image management.task service to deploy application or solution.vendor manufacturer vendor management.

11.3.1 Login to EdgeScale

There are two ways to login to the EdgeScale server, see below two commands, please use only one of them to loginthe EdgeScale system. Once login successfully, one token file will be generated and the user’s token will be saved infile “~/edgescale/token.txt”. And at same time, a configuration file is generated too, the default EdgeScale API servername and api version is defined in this file(~/edgescale/cli_conf.ini), you can edit it if needed.

$ escli login Input user’s name and password according the prompt.$ escli login -u <username> -p <password>

11.3.2 Device commands

With the device related commands, we can create new device, check and query the devices status.

Device command help usage

$ escli deviceUsage: escli device [OPTIONS] COMMAND [ARGS]...

device register and management.

Options:-h, --help Show this message and exit.

Commands:create create a new device.delete Remove device by id or nameget-cert Get device private key & certifcation by...list List your Devicesshow show device information.

Create one new device

$ escli device create -hUsage: escli device create [OPTIONS]

Create a new device.

Options:-d, --description TEXT Description--fuid TEXT device's fuid [required]--model_id INTEGER device model's id [required]-h, --help Show this message and exit.

Parameters notes:fuid: factory uuid, here we can type some string or number insteadmode_id: device’s model ID, can be get by command “escli model list”

64 Chapter 11. ESCLI Usage


Query the device list

$ escli device list+-----+----------------------------------------------------------+---------+----------→˓------------------+---------+| id | Device name | Status |→˓Create time | IP addr |+=====+==========================================================+=========+============================+=========+| 663 | 13d3ddee9bda56ae84e8ab578f625e3e.iot.gateway.ls1046a.nxp | offline | 2018-05-→˓31 06:03:57.123579 | None || | | |→˓ |

$ escli device list --id 663----------------------------------------------------------------------

id: 663name: 13d3ddee9bda56ae84e8ab578f625e3e.iot.gateway.ls1046a.nxpcreated_at: 2018-05-31T06:03:57.123Zlast_report: Nonemode {"platform": "ls1046a", "model": "iot", "vendor": "nxp", "type

→˓": "gateway"}certname: 13d3ddee9bda56ae84e8ab578f625e3e.iot.gateway.ls1046a.nxpuid: 13d3ddee9bda56ae84e8ab578f625e3ecpu_usage: Nonemem_usage: Nonees_version: Noneapp_num: Nonemac: 00:00:00:00:00:00

Delete device

$ escli device delete --id=xxx

Upload device meta data to cloud

With this command, we can upload device meta data to cloud in batches. A example meta data file is “exam-ple/dev_db.csv”, it contains device fuid, OEM_DI, SK_PUB_X, SK_PUB_Y.

$ escli device upload-db -f dev_data.csv.

11.3.3 Application commands

With the application commands, we can create new app, deploy apps to device, query the app status and check instancestatus.

Help usage

$ escli appUsage: escli app [OPTIONS] COMMAND [ARGS]...

applications management


11.3. Common Usage 65




Commands:create create a new applicationdel-instance delete the docker instancedelete Remove a applicationdeploy Deploy one application to deviceinstance query and list the docker instances of userlist List your Applicationsshow query and show specific application (id...

Create Application

$ escli app create -hUsage: escli app create [OPTIONS]

Create a new Application.

Options:--name TEXT application name to be created [required]--image_name TEXT docker image name eg: media_server:latest [required]--vendor_id INTEGER vendor_id default null--commands TEXT docker application command default null--args TEXT args of application command default null--pic TEXT application skin picture file default null--description TEXT Description, default null-h, --help Show this message and exit.

Query application

$ escli app list+-----+------------------------+--------------------+-----------+--------------+| id | name | display_name | is_public | description |+=====+========================+====================+===========+==============+| 398 | edgerepos-aiwebapp | edgerepos-aiwebapp | 0 | || 391 | testname1 | display1 | 0 | description1 || 385 | LSDK1806-New-feature- | New-feature-LS1046 | 0 | || | LS1046 | | | |

Deploy application to device

$ escli app deploy -hUsage: escli app deploy [OPTIONS]

Deploy one application to device

Options:--device TEXT device's name [required]--app_id INTEGER applicastion's id [required]-h, --help Show this message and exit.



Check instance status

$ escli app instance+---------------+--------+-----------------+-------------+---------+| instance_name | status | deployed_device | create_time | message |+===============+========+=================+=============+=========++---------------+--------+-----------------+-------------+---------+

Delete Application

$ escli app delete -hUsage: escli app delete [OPTIONS]

Remove a application

Options:--id INTEGER delete according to application id [required]-h, --help Show this message and exit.

11.3.4 Solution commands

With the solution commands, we can upload new solution, deploy solution to device, and edit the solution image.

Help usage

$ escli solutionUsage: escli solution [OPTIONS] COMMAND [ARGS]...

solution image management.


Commands:create create a solution imagedelete Remove solution by id or namedeploy Deploy solution image to board, use "escli...list List your solution itemsshow show a specific solution information (id...update update solution image_url and permission

Create new solution

$ escli solution create -hUsage: escli solution create [OPTIONS]

Create and upload a solution.

Options:--name TEXT solution name and version Eg:





lsdk_solutionname1:version2 [required]--image_url TEXT solution image url Eg:

http://sun.ap.testhost/testpath/testimgage.tgz[required]

--model_id INTEGER model's id, escli model list [required]--public_key TEXT image signed public key default null--private make the image as private, default False-h, --help Show this message and exit.

Edit the solution image

$ escli solution update -hUsage: escli solution update [OPTIONS]

update solution image_url and permission

Options:--id INTEGER solution id [required]--image_url TEXT solution image url Eg:

http://sun.ap.testhost/testpath/testimgage.tgz [required]--private make the image as private, default False-h, --help Show this message and exit.

11.3.5 Task commands

With the commands, we can deploy application or solution images to device, and check each task status.

Deploy one application to a device

$ escli task deploy-app -hUsage: escli task deploy-app [OPTIONS]

Create task to deploy application.

Options:--device_id TEXT device id list [required]--id INTEGER application's id [required]--app_version TEXT application's version default 1806-h, --help Show this message and exit.

Deploy one solution image to a device

$ escli task deploy-solution -hUsage: escli task deploy-solution [OPTIONS]

Create task to deploy solution image to a board given.

Options:--device_id TEXT device id list [required]





--id INTEGER solution's id [required]-h, --help Show this message and exit.

Check task status

$ escli task list+-----+-----------------+---------+------------------------------------------+| id | type | status | metadata |+=====+=================+=========+==========================================+| 478 | deploy_solution | Running | lsdk1806-ls1046-test-tc1;model_id:4 || 477 | deploy_solution | Running | lsdk1806-ls1046-test-tc1;model_id:4 || 474 | deploy_solution | Running | lsdk-1803;model_id:4 || 473 | deploy_solution | Running | LSDK1806-newFeature-1046-1806;model_id:4 || 472 | deploy_solution | Running | LSDK1806-newFeature-1046-1806;model_id:4 || 470 | deploy_solution | Running | LSDK1806-newFeature-1046-1806;model_id:4 |+-----+-----------------+---------+------------------------------------------+

11.3.6 Other commands

model

The command is used to create, delete or edit the device model.

$ escli modelUsage: escli model [OPTIONS] COMMAND [ARGS]...

model of device management.


Commands:create Create new model name, Eg: yun-ls1043a-gateway-nxpdelete Delete model by IDlist query and show the available model listupdate Update model with a new name

vendor

The command is used to create or check device vendor list.

$ escli vendor -hUsage: escli vendor [OPTIONS] COMMAND [ARGS]...

manufacturer vendor management.


Commands:create create a new manufacturer vendor, admin is required





delete Remove a vendor by vendor id, admin is requiredlist query and show the vendor list

repo

The command is used to get docker image repository.

$ escli repoUsage: escli repo [OPTIONS] COMMAND [ARGS]...

docker's repository registry.


Commands:list query and show the docker registry list


CHAPTER

TWELVE

PUBLIC CLOUD IOT SDK

This section will introduce how to integrate public cloud service privoider’s IoT SDK with EdgeScale.

12.1 Azure IoT Setup

12.1.1 Overall picture of the Azure setup

12.1.2 Hardware logistics

• Extra Ethernet cable

• Ethernet Router

• Power Strip

• SD card (8 or 32GB)

71


• Connect LS1012ARDB to a Linux PC by serial port. The port device can be found as device /dev/ttyACMx (xcan be 0, 1 etc).

12.1.3 Steps for cloud

• Register a free user account: free account.

• Follow up the setup in the iot-edge quickstart

1. Create an IoT hub with Azure CLI

2. Register an IoT Edge device

• After the device registration, a connection string will be seen

12.1.4 Steps for board

$ iotedgectl setup --edge-hostname "nxp-iot-ls1012rdb" --connection-string→˓"HostName=RoyIotHub.azure-devices.net;DeviceId=LS1012ARDB-01;→˓SharedAccessKey=yT4r08JimivFTPGrBtw7xlxvQC4OqN0qzn2/aur8K3o=" --auto-cert-gen-force-→˓no-passwords

• Replace the string with your device string generated by previous device registration

• Need use a different hostname other than “nxp-iot-ls1012rdb”, but not localhost.

$ iotedgectl start

12.1.5 Deploy a module

• Deploy a module

• View generated data

72 Chapter 12. Public Cloud IoT SDK

https://azure.microsoft.com/free

https://docs.microsoft.com/en-us/azure/iot-edge/quickstart-linux


12.2 Ali-Cloud IoT Setup

12.2.1 Overall picture of the Ali-Cloud IoT setup

12.2.2 Hardware logistics

• Extra Ethernet cable

• Ethernet Router

• Power Strip

• SD card (8 or 32GB)

• Connect LS1012ARDB or LS1043/6ARDB to a Linux PC by serial port. The port device can be found as device/dev/ttyACMx (x can be 0, 1 etc).

12.2.3 Steps for cloud

• Register a free user account: Register account

• Follow up the setup in the IoT SDK introduction

1. Create the IoT product and Create the device

2. Create topic

3. Create message queue

4. Setup the server subscribe

12.2. Ali-Cloud IoT Setup 73

https://account.aliyun.com/register/register.htm?lang=&oauth_callback=http%3A//workorder.console.aliyun.com/console.htm%3Flang%3D%23/ticket/list/

https://help.aliyun.com/document_detail/30522.html?spm=a2c4g.11186623.6.539.Q3Rizk

https://help.aliyun.com/document_detail/73724.html?spm=a2c4g.11186623.6.577.4OnT84

https://help.aliyun.com/document_detail/73725.html?spm=a2c4g.11186623.6.578.hjABLShttps://help.aliyun.com/document_detail/73725.html?spm=a2c4g.11186623.6.578.hjABLS

https://help.aliyun.com/document_detail/73732.html?spm=a2c4g.11186623.6.584.Jmlqvahttps://help.aliyun.com/document_detail/73732.html?spm=a2c4g.11186623.6.584.Jmlqva

https://help.aliyun.com/document_detail/27414.html?spm=a2c4g.11186623.6.539.o5O8IR

https://help.aliyun.com/document_detail/50496.html?spm=5176.10695662.1996646101.searchclickresult.7e191f67QiBPOjhttps://help.aliyun.com/document_detail/50496.html?spm=5176.10695662.1996646101.searchclickresult.7e191f67QiBPOj


• Then product, device, topic, and message queue can be seen:



12.2.4 Steps for board

• Download Ali IoT SDK IoT-SDKV2.0.tar.bz2 or other version

12.2. Ali-Cloud IoT Setup 75


• Replace “PRODUCT_KEY”, “DEVICE_NAME” and “DEVICE_SECRET” with your device in Ali Cloud.

• Build the binary and run them

12.2.5 Steps for MNS

• Download MNS SDK

• Get Access Key

• Install Python SDK pip install aliyun-python-sdk-core

pip install aliyun-python-sdk-iot

• Modify the MNS SDK according to the requirement

• Build the binary and run


http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/assets/attach/32305/cn_zh/1490269182462/aliyun-mns-python-sdk-1.1.4.zip?spm=5176.doc32305.2.1.4H66HN&file=aliyun-mns-python-sdk-1.1.4.ziphttp://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/assets/attach/32305/cn_zh/1490269182462/aliyun-mns-python-sdk-1.1.4.zip?spm=5176.doc32305.2.1.4H66HN&file=aliyun-mns-python-sdk-1.1.4.zip

https://ak-console.aliyun.com/#/accesskey

CHAPTER

THIRTEEN

APPLICATION NOTES

13.1 Enable AI framework: tensorflow

Please refer the application note to enable tensorflow at the device side.

77

https://s3-us-west-2.amazonaws.com/edgescale.org/release/documentation/appnote_enable_tensorflow_on_LS1046_with_LSDK_v0.1.pdf


78 Chapter 13. Application Notes

CHAPTER

FOURTEEN

FREQUENTLY ASKED QUESTIONS (FAQ)

14.1 How to fix the puppet-agent issue with LSDK1806?

Update “.PHONY qoriq-eds-puppet” section of <flexbuild dir>/packages/apps/Makefile as below:

.PHONY: qoriq-eds-puppetqoriq-eds-puppet:ifeq ($(CONFIG_BUILD_QORIQ_EDGESCALE), y)

@$(call fbprint_b,"qoriq-eds-puppet")@$(call fetch-git-tree,qoriq-eds-puppet)@if [ ! -f $(RFSDIR)/usr/aptpkg/.rfsblddone ]; then $(call build_dependent_rfs);

→˓ fi && \if [ ! -f $(RFSDIR)/proc/uptime ]; then sudo chroot $(RFSDIR) mount -t proc

→˓proc /proc; fi && \if [ ! -f $(RFSDIR)/usr/bin/ruby ]; then sudo chroot $(RFSDIR) apt install -y

→˓ruby2.5 rubygems-integration; fi && \if [ ! -f $(RFSDIR)/usr/local/bin/puppet ]; then sudo chroot $(RFSDIR) gem

→˓install puppet --version 4.10.9 -N; fi && \$(MAKE) -C qoriq-eds-puppet install INSTALL_DIR=$(RFSDIR) && \if [ "$(CONFIG_BUILD_SECURE_OBJ)" = "y" ]; then \

sudo sed -i '27 i\export OPENSSL_CONF=/etc/ssl/openssl-sobj.cnf' $(RFSDIR)/→˓usr/local/bin/puppet.sh && \

if [ ! -f $(FBDIR)/packages/apps/ruby-2.5.1/configure ]; then \wget $(ruby_src_url) && tar xzf ruby-2.5.1.tar.gz; fi && cd ruby-2.5.1 && \sed -i '1108 c\ CONF_modules_load(NULL, NULL, CONF_MFLAGS_IGNORE_MISSING_

→˓FILE);' ./ext/openssl/ossl.c && \unset DESTDIR && autoconf && \./configure --prefix=/usr --enable-multiarch --target=aarch64-linux-gnu --

→˓host=aarch64-linux-gnu --program-suffix=2.5 \--with-soname=ruby-2.5 --enable-shared --disable-rpath --runstatedir=/var/

→˓run --localstatedir=/var --sysconfdir=/etc \--enable-ipv6 --with-dbm-type=gdbm_compat \CFLAGS="-g -O2 -fstack-protector-strong -Wformat -Werror=format-security --

→˓sysroot=$(RFSDIR)" \LDFLAGS="-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now --sysroot=

→˓$(RFSDIR)" && \make exts && sudo cp -f ./.ext/aarch64-linux-gnu/openssl.so $(RFSDIR)/usr/

→˓lib/aarch64-linux-gnu/ruby/2.5.0/openssl.so; \fi && $(call fbprint_d,"qoriq-eds-puppet")

endif

79


14.2 What’s the difference of facial recognition APPs in store?

face-recognition-wechat captures the face features through Wechat min-programming, the training is done in thecloud, training is done in local board. This APP requires camera installed on board to capture facial feature forrecognition.

face-recognition-new captures the face features from web camera through laptop, it does both training and recognitionon local board.

14.3 Can the LSDK 1706 solution images still work with latestEdgeScale?

No, please upgrade to lsdk1806 solution image to ensure it can communicate with cloud normally.

14.4 How to fix the following issue when board is boot up with ubunturootfs?

E0211 16:29:14.093572 3902 kubelet_node_status.go:106] Unable to register node→˓"7a429148085b57deb6ea4c8036651234.yun.gateway.ls1043a.nxp" with API server: Post→˓https://int.app.edgescale.org:443/api/v1/nodes: x509: certificate has expired or is→˓not yet valid

The error message indicates certificate is expired on the board, the issue is caused by incorrect date setting, pleaseupdate the system time and hardware time to current time.

14.5 How to create a device and enroll it with escli?

1. Using escli model create to create a new model skip this if you want to use model existed.

2. Using command escli device create –fuid xxx –model_id yyy to create a new device, then run “bootstrap-enroll-<device>”.sh /dev/zzz, (zzz is the sd card which will be attached to device board), model_id is the model’s idcreated in step #1.

3. Using command escli solution create to create a new solution, model_id is the one created by step #1, refer to3. Build EdgeScale agents into the image for solution image build. Skip it if you want to use solution imageexisted.

4. Program bootstrap image to board’s nor/qspi flash, refer to Bootstrap for program steps.

5. Insert the SD card prepared in step #2 to board’s MMC slot.

6. Reset the board, then board will download the solution image created in step #3 automatically.

7. After solution image is installed, you will see this device is online, now it is ready to deploy application.

80 Chapter 14. Frequently Asked Questions (FAQ)