Scaling edge deployments involves unique challenges due to the distributed nature of edge computing. Trying to leverage tools specially built to manage workloads inside one (or a few) data centers brings challenges and raises a few questions for IT/OT teams:
How do you handle parallel deployments across numerous (hundreds or thousands) of edge sites?
How do you oversee and manage the lifecycle of a large number of edge hosts and diverse kinds of workloads such as virtual machines and containers?
How do you audit your deployment for compliance?
As answers to these challenges, VMware Edge Compute Stack leverages a central cloud management system in conjunction with Git as the source of the desired-state configuration for not only the applications running on it, but also the infrastructure hosting them. This approach streamlines this process, ensuring consistency and efficiency across thousands of edge locations.
Let’s go into more details on how this is done.
Central cloud management
A central cloud management platform simplifies the administration of distributed edge deployments by:
Providing a unified interface for deploying, monitoring and managing edge nodes.
Enabling remote updates and maintenance, reducing the need for on-site interventions.
Ensuring compliance with corporate policies and security standards across all edge locations.
Speeding adoption and ROI
GitOps for edge deployments with VMware Edge Compute Stack
VMware Edge Compute Stack leverages Git as the single source of truth for infrastructure and application configurations. This is sometimes called IAAC (infrastructure as code).
Figure 1: GitOps advantages for edge computing deployment. This example of a hierarchical Git repository shows scalability and reduced complexity when managing configurations across a fleet of hosts. It facilitates scalability, consistency (single source of truth), audit and compliance checks, and collaboration.
Here’s how it enhances edge deployment:
Audit and compliance with version control: All configurations are stored in Git, providing a clear history of changes and the ability to revert to previous states if necessary.
Automated deployments: Leveraging Flux CD, changes pushed to the Git repository automatically trigger deployment processes, ensuring that edge nodes (infrastructure and applications) are always in sync with the desired state.
Consistency: Using Git ensures that all edge nodes are deployed with the exact same configuration for global parameters, reducing the risk of configuration drift and errors, while still allowing for site specific configurations where needed.
Collaboration: Teams can collaborate on configuration changes through pull requests and code reviews, ensuring high-quality and secure deployments.
Git design for scaling
To efficiently manage thousands of sites, it is crucial to optimize the Git repository design. Below are some suggestions on how to go about it.
Modular structure
Organize the repository into modular directories (e.g., `sites/`, `templates/`, `scripts/`). Each site has its directory under `sites/`, containing only site-specific configurations.
Templates and inheritance
Use templates for common configurations and apply them across multiple sites. This reduces redundancy and makes updates easier.
Implement inheritance in configuration files to manage site-specific overrides while keeping common settings centralized.
Lightweight files
Ensure configuration files are lightweight by avoiding unnecessary information and focusing on essential configurations.
Split large configuration files into smaller, manageable chunks.
Figure 2: Kustomize and hierarchical Git structure
Git design with role-based control
When using a central management cloud service like VMware Edge Cloud Orchestrator to deploy edge computing infrastructure and workloads, one common concern is the need to split and delegate the configuration and control of edge locations to regional teams. This can be efficiently addressed using a Git-based structure as described in the section about scale combined with role-based access control (RBAC).
Git hosting services like GitHub, GitLab and others offer built-in RBAC capabilities, such as:
Repository access: Set permissions at the repository level to restrict access to certain branches or submodules based on roles.
Branch protection rules: Implement branch protection rules to enforce reviews and approvals before merging changes, ensuring compliance with governance policies.
By structuring the Git repository to support modular, regional/site-level configurations and implementing RBAC, organizations can effectively delegate control to regional teams while maintaining overall governance and consistency. This approach ensures that regional teams have the flexibility to manage their configurations while adhering to global policies and standards.
Conclusion
Scaling edge deployments efficiently requires robust tools and practices and a platform to facilitate it. By combining central cloud management with GitOps as provided by VMware Edge Compute Stack and an optimized Git repository design, organizations can achieve consistent, reliable, and scalable edge deployments, leveraging the best of both centralized and distributed management paradigms.
Learn more
This blog is part of a series exploring the real challenges of deploying and managing applications at the edge, and how VMware Edge Compute Stack helps companies overcome those obstacles to meet their business goals.
