jmg
/
fbsdembdev
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Information and documentation on building an embedded board test lab.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 Commits
1 Branch
120 KiB
 
 
 
 
Tree: c5e99b389f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c5e99b389f'
${ noResults }
fbsdembdev/lab.doc.md.html

165 lines
7.7 KiB
Raw Blame History 

  1. <meta charset="utf-8">

  2. <meta http-equiv="refresh" content="2">

  3. 

  4. Embedded Board dev cluster

  5. ==========================

  6. 

  7. This is the description of how the cluster is architected and setup.  There

  8. are a few design decisions that are likely to be different in other

  9. environments, but this made the most sense for mine.

  10. 

  11. Goal

  12. ----

  13. 

  14. The goal of this setup is to allow people to be able to install and test

  15. images on various boards remotely.

  16. 

  17. ###  Definitions

  18. 

  19. - User - A person or entity that is able to reserve a system, and test with it.

  20. - Host system - The machine that controls and provides access to the systems.

  21. 

  22. ###  Features

  23. 

  24. - Remote power control

  25. - serial console access

  26. - Network boot

  27. - Internet connectivity for boards w/ ethernet

  28. - Isolation between board environments

  29.   Likely implemented via VLANs+jails w/ VNET to provide complete control

  30. - Long term goals:

  31.   - Emulated microSD cards

  32. 

  33. ### Physical Architecture

  34. 

  35. The following diagrams the connections between the components.  It is expected

  36. that the connections for the RockPro64 is followed similarly for other embedded

  37. devices.

  38. 

  39. In the case of the Switch, the RockPro64 will be put on a VLAN which will be

  40. delivered to the Host machine tagged.  This will allow a jail in the host

  41. machine to have a direct control over the broadcast domain for the device.

  42. This will allow running dhcp/bootp/tftp services for netbooting by running dnsmasq

  43. or another service.  As fusefs is now jail friendly, the root FS could even be

  44. mounted via sshfs

  45. 

  46. The PoE part of the switch will be used for power control.  PoE splitters (~$10)

  47. are readily available and inexpensive, and the cost per port is realatively

  48. inexpensive considering that power consumption will also be provided.

  49. 

  50. **************************************************************************

  51. *                                                                        *

  52. * +--------------+                                   +-----------------+ *

  53. * | Host machine +-------------------------+         |    Internet     | *

  54. * +-+------------+                         |         +-+---------------+ *

  55. *   |                                      |           |                 *

  56. *   |                                      |           |                 *

  57. *   |                                      |           |                 *

  58. * +-+------------+     +----------------+  |         +-+---------------+ *

  59. * |   USB Hub    +-----+ Serial adapter |  +---------+ PoE/VLAN Switch | *

  60. * +--------------+     +-+--------------+            +-+---------------+ *

  61. *                        |                             |                 *

  62. *                        |                             |                 *

  63. *                        |                             |                 *

  64. *                      +-+--------------+  Network   +-+---------------+ *

  65. *                      |   RockPro64    +------------+  PoE Splitter   | *

  66. *                      +-+--------------+            +-+---------------+ *

  67. *                        |                Power        |                 *

  68. *                        +-----------------------------+                 *

  69. *                                                                        *

  70. **************************************************************************

  71. 

  72. ### Logical Architecture

  73. 

  74. No user will be able to log into the host machine directly.  The only user

  75. interface exposed on the host will be via an RPC interface, e.g.

  76. `echo function xxx | ssh labhost labcli`, or via a socket from within

  77. the jail.

  78. 

  79. The user will be able to log into the jail that is created during the

  80. reservation.  Any modifications to the jail will be rolled back and

  81. discarded after the system has been released, or the reservation has

  82. expired.

  83. 

  84. Workflow

  85. --------

  86. 

  87. # Functions

  88. 

  89. The functions that take a device handle can be executed from within the device jail

  90. and the device handle of that device jail will be used.  An error will be raised if

  91. a device handle is provided and it does not match the current jail.

  92. 

  93. These are the functions a user can execute:

  94. 1. List device classes (onlyavailable=false)

  95.    List the device classes that are known about.  If onlyavailable is true, than only

  96.    ones that are currently available for claiming are returned.

  97. 2. Device status (claimed=false)

  98.    List all the device statuses currently.  This includes that status, claimed or

  99.    unclaimed.  If the device is claimed, it includes the user to claimed it.  If claimed

  100.    is true, only list devices that are currently claimed by you.  The default is to list

  101.    all devices.

  102. 3. Claim device (device class, power=false)

  103.    A user can use this to lock a device.  This will return a device handle with the

  104.    device information, such as the device's jail's IP address, or an error.  Once they

  105.    have obtained a device, it will not be allocated to another user till they have release

  106.    this device (or in the future a timeout has been hit).  The user's ssh keys will be

  107.    automatically populated in that jail.  By default, the device will be in the power off

  108.    state.  When a default configuration is provided for the board, it can be automatically

  109.    powered on to make it easier to integrate w/ systems like CI.

  110. 4. Reinit device (device handle)

  111.    This will remove the current jail, and recreate it as if it was claimed for the first

  112.    time.  This can be done so you can get the jail in a clean state w/o risk losing the

  113.    lock by freeing it and then reclaiming it.  If you have not claimed the device, an

  114.    error will be returned.  If the reinit fails, an error will be returned, but the claim

  115.    will be maintained.

  116. 5. Release device (device handle)

  117.    Release a claim on the device handle returned by claim device.  This will make it

  118.    available to users again.  All data in the jail will be deleted.  It will return an

  119.    error if you do have have a claim on the device.

  120. 6. Power off (device handle)

  121.    Turn off the power to the device.

  122. 7. Power on (device handle)

  123.    Turn on the power to the device.

  124. 

  125. # Services provided in the device jail

  126. 

  127. Once logged in, the jail will have the following services:

  128. 1. ssh

  129.    Incoming ssh must be provided for the user to login.

  130. 2. One interface for internet

  131.    nat setup so that all traffic appears from jail's IP.

  132. 3. One interface for device

  133. 4. Serial port for console access

  134.    The configuration will identify which device to put in the jail.  For

  135.    USB devices, they will be able to be specified via a list of ports on

  136.    the hubs so that there is no issue w/ device probe order.

  137. 5. dhcpd for device w/ tftp already configured

  138. 6. inetd w/ tftpd setup

  139. 7. nfsd setup w/ exports configured

  140. 8. power control for device

  141. 

  142. As the user will have root access, all of these can be modified after.

  143. 

  144. Future Work

  145. ===========

  146. 

  147. There are a number of ideas to make developing boards remotely more doable.

  148. We can use devices that support OTG, to be USB devices for test boards.  This

  149. means you can simulate a keyboard and or a mouse.  With the combination of a

  150. HDMI to ethernet adapter (there are cheap ones for ~$40/each), a developer can

  151. work on making X or other GUI work remotely.

  152. 

  153. Questions

  154. =========

  155. 

  156. Should the host key for the device be kept between invocations.

  157. Pros: Users don't have to munch the known_hosts every time.

  158. Cons: Malicious user could impersonate the jail as they can copy out the key.

  159. 

  160. IPv6 support?

  161. 	I have enough that each device can get a /64, but this remove privacy in

  162. 	that the network will tell which device was active at the time

  163. 

  164. <!-- Markdeep: --><style class="fallback">body{visibility:hidden;white-space:pre;font-family:monospace}</style><script src="markdeep.min.js" charset="utf-8"></script><script src="https://casual-effects.com/markdeep/latest/markdeep.min.js" charset="utf-8"></script><script>window.alreadyProcessedMarkdeep||(document.body.style.visibility="visible")</script>