Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDOAlliance
327 views
32 slides
May 20, 2024
Slide 1 of 32
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
About This Presentation
FIDO Taipei Workshop: Securing the Edge with FDO
Slide Content
LF EDGE FDO Project
Walk Through
April 2024
Randy Templeton
Software Architect, Intel
Walk Through
April 2024
Randy Templeton
Software Architect, Intel
2
FIDO Device Onboard (FDO)
•The LF Edge FIDO Device Onboarding (FDO) project is an open-source
implementation of the Fido Alliance proposed standard for automatic
onboarding of IoT devices
•FDO v1.1 Proposed Standard
•LF Edge Project for FDO
•FDO Project on GitHub
FIDO Device Onboard (FDO)
•The LF Edge FIDO Device Onboarding (FDO) project is an open-source
implementation of the Fido Alliance proposed standard for automatic
onboarding of IoT devices
•FDO v1.1 Proposed Standard
•LF Edge Project for FDO
•FDO Project on GitHub
3
Steps Covered
To build and run FDO containers the only prerequisite is docker
•Downloading prebuilt pri-fidoiot assets
•Building the docker containers
•Setup security credentials for the containers
•Running containers
•Running the sample device
•Invoking REST APIs
• Enable development Workers
Steps Covered
To build and run FDO containers the only prerequisite is docker
•Downloading prebuilt pri-fidoiot assets
•Building the docker containers
•Setup security credentials for the containers
•Running containers
•Running the sample device
•Invoking REST APIs
• Enable development Workers
4
Download prebuilt FDO Project
•Release-fidoiot - tag/v1.18 downloads assets
Download prebuilt FDO Project
•Release-fidoiot - tag/v1.18 downloads assets
5
Building FDO Project on Ubuntu 22.04
•Look at the pri-fidoiot project
Building FDO Project on Ubuntu 22.04
•Look at the pri-fidoiot project
6
Building FDO Project on Ubuntu 22.04
•Look at the latest tagged releases and download the tar.gz for v1.1.8
Building FDO Project on Ubuntu 22.04
•Look at the latest tagged releases and download the tar.gz for v1.1.8
7
Building FDO Project on Ubuntu 22.04
•Extract the pri-fidoiot-1.1.5.1.tar.tz in your home directory
Building FDO Project on Ubuntu 22.04
•Extract the pri-fidoiot-1.1.5.1.tar.tz in your home directory
8
Building FDO Project on Ubuntu 22.04
•Now open a terminal in the newly extracted pri-fidoiot directory
Building FDO Project on Ubuntu 22.04
•Now open a terminal in the newly extracted pri-fidoiot directory
9
Building FDO Project on Ubuntu 22.04
•Change directory to the build folder
•If docker not installed, then install docker
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
Building FDO Project on Ubuntu 22.04
•Change directory to the build folder
•If docker not installed, then install docker
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
10
Building FDO Project on Ubuntu 22.04
•If you add your user to the docker group, then logout and back in
Building FDO Project on Ubuntu 22.04
•If you add your user to the docker group, then logout and back in
11
Building FDO Project on Ubuntu 22.04
•In the build directory replace the references to fdouser with your user
name in docker-compose.yml and Dockerfile
Building FDO Project on Ubuntu 22.04
•In the build directory replace the references to fdouser with your user
name in docker-compose.yml and Dockerfile
12
Building FDO Project on Ubuntu 22.04
•Also add the release tag to you’re pri-fidoiot directory
Building FDO Project on Ubuntu 22.04
•Also add the release tag to you’re pri-fidoiot directory
13
Building FDO Project on Ubuntu 22.04
•Start the docker build container
•For latest docker use “docker compose” vs “docker-compose”
•docker compose up –build
•After the docker build container runs then then the next step is to
setup security
Building FDO Project on Ubuntu 22.04
•Start the docker build container
•For latest docker use “docker compose” vs “docker-compose”
•docker compose up –build
•After the docker build container runs then then the next step is to
setup security
14
Setting up security credentials
•cd into ~/pri-fidoiot-1.1.5.1/component-samples/demo/scripts
•Run the following scripts in order:
•sh demo_ca.sh
•sh web_csr_req.sh
•sh user_csr_req.sh
•./keys_gen.sh
Setting up security credentials
•cd into ~/pri-fidoiot-1.1.5.1/component-samples/demo/scripts
•Run the following scripts in order:
•sh demo_ca.sh
•sh web_csr_req.sh
•sh user_csr_req.sh
•./keys_gen.sh
15
Setting up security credentials
•cd into the secrets directory
•chmod 664 server-key.pem
•Copy the secrets directory into all the demo container directories
(db,aio,owner,rv,reseller)
•Copy the service.env into all container directories except db
(aio,owner,rv,reseller)
Setting up security credentials
•cd into the secrets directory
•chmod 664 server-key.pem
•Copy the secrets directory into all the demo container directories
(db,aio,owner,rv,reseller)
•Copy the service.env into all container directories except db
(aio,owner,rv,reseller)
16
Running containers
•First run the db container (from component-samples/demo)
•cd db
•Edit /custom/config-file.cnf
•docker compose up --build
Running containers
•First run the db container (from component-samples/demo)
•cd db
•Edit /custom/config-file.cnf
•docker compose up --build
17
Running containers
•In a new terminal window (from component-samples/demo)
•cd aio
•docker compose up --build
Running containers
•In a new terminal window (from component-samples/demo)
•cd aio
•docker compose up --build
18
Run the sample device
•In a new terminal window (from component-samples/demo)
•cd device
•docker compose up –build
•The first time you run the device it will perform DI
•[INFO ] Type 13 []
•[INFO ] DI complete, Guid is ...
Run the sample device
•In a new terminal window (from component-samples/demo)
•cd device
•docker compose up –build
•The first time you run the device it will perform DI
•[INFO ] Type 13 []
•[INFO ] DI complete, Guid is ...
19
Run the sample device
•Running the device subsequent times will perform To1/To1
•docker compose up
•[INFO ] Type 71 …
•[INFO ] TO2 completed successfully.
•[INFO ] Starting Fdo Completed
Run the sample device
•Running the device subsequent times will perform To1/To1
•docker compose up
•[INFO ] Type 71 …
•[INFO ] TO2 completed successfully.
•[INFO ] Starting Fdo Completed
20
Invoking Rest APIs
•Install postman
•sudo snap install postman –edge
•postman
Invoking Rest APIs
•Install postman
•sudo snap install postman –edge
•postman
21
Invoking Rest APIs
•Click “skip and go to the app” on the bottom left
Invoking Rest APIs
•Click “skip and go to the app” on the bottom left
22
Invoking Rest APIs
•Perform a quick http health check API
Invoking Rest APIs
•Perform a quick http health check API
23
Invoking Rest APIs
•Prepare invoking APIs with HTTPs – go to settings
Invoking Rest APIs
•Prepare invoking APIs with HTTPs – go to settings
24
Invoking Rest APIs
•Go to certificate and turn on CA Certificates
•select files from component-samples/demo/aio/secrets folder)
Invoking Rest APIs
•Go to certificate and turn on CA Certificates
•select files from component-samples/demo/aio/secrets folder)
25
Invoking Rest APIs
•Add client certificates
Invoking Rest APIs
•Add client certificates
26
Invoking Rest APIs
•Certificate settings
Invoking Rest APIs
•Certificate settings
27
Invoking Rest APIs
•Update host files to resolve host.docker.hosts
•sudo gedit /etc/hosts
Invoking Rest APIs
•Update host files to resolve host.docker.hosts
•sudo gedit /etc/hosts
28
Invoking Rest APIs
•Now perform https health check
Invoking Rest APIs
•Now perform https health check
29
Invoking Rest APIs
•Add Content-Type header for invoking APIs
Invoking Rest APIs
•Add Content-Type header for invoking APIs
30
Invoking Rest APIs
•Invoke rvinfo api
Invoking Rest APIs
•Invoke rvinfo api
31
Invoking Rest APIs
•Use POST to update values
Invoking Rest APIs
•Use POST to update values
32
Enable development Workers
▪In service.yml – workers section
▪Uncommenting the following workers for development
•org.fidoalliance.fdo.protocol.DebugExceptionConsumer – allows stack traces to be
logged
• org.fidoalliance.fdo.protocol.UntrustedRendezvousAcceptFunction – allows RV
server to accept any owner key
▪Comment out the following
•org.fidoalliance.fdo.protocol.StandardExceptionConsumer
•org.fidoalliance.fdo.protocol.db.TrustedRendezvousAcceptFunction
▪Rebuild the container after making the service.yml change
Enable development Workers
▪In service.yml – workers section
▪Uncommenting the following workers for development
•org.fidoalliance.fdo.protocol.DebugExceptionConsumer – allows stack traces to be
logged
• org.fidoalliance.fdo.protocol.UntrustedRendezvousAcceptFunction – allows RV
server to accept any owner key
▪Comment out the following
•org.fidoalliance.fdo.protocol.StandardExceptionConsumer
•org.fidoalliance.fdo.protocol.db.TrustedRendezvousAcceptFunction
▪Rebuild the container after making the service.yml change
Tags
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 327
- Slides 32
- Age 563 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
49 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
48 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
35 views
21
Know for Certain
DaveSinNM
23 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views