1) What is EdgeView
EdgeView is a tool to allow user to interact with the remote edge devices and applications. EdgeView is implemented as a Docker container. The EdgeView container on the remote device serves as a 'server' function for EdgeView, and the same container on the user laptop serves as a 'client' function. The EdgeView client and server hops through the Dispatcher to communicate to each other. For more detail description of the EdgeView, see the EdgeView Architecture document. EVE has EdgeView support since release 8.5.0.
2) Where to get EdgeView
EdgeView is built as a Docker container, it can be pulled from docker registry with 'lfedge/eve-edgeview'. The source code is at EVE repository in pkg/edgeviw.
3) How do I start EdgeView
4) What is EdgeView Security Mechanism
First of all, to enable EdgeView on an EVE device to allow users remote access into it, this needs to be allowed and enabled on the controller side. EdgeView configuration is part of the EVE device configuration. The EdgeView configuration also defines policies for this particular session. See EdgeView Policies for details.
A JWT token is generated when the EdgeView session is enabled for the EVE device. The token is signed by the controller and verified by the EVE device when it receives the EdgeView configuration from the controller. The token is the expiration time which is defined by the controller for this session. When the token expires, the EdgeView session, which connects to the dispatcher, will be torn down.
The remote user needs to acquire the same JWT token in order to establish the EdgeView session into the device or applications.
Both the device and the user's laptop connect to the dispatcher defined in the JWT token through HTTPs, in which the packets are encrypted. All the messages inside the EdgeView session is either authenticated or encrypted by a random 'nonce' when the JWT token is created in the controller. Thus even if the dispatcher server is compromised, the EdgeView messages can not be modified or viewed.
5) Why not just use SSH
SSH works fine if the user laptop and the edge device are in the same network, either they are all on the Internet or all in a private VPN network. If the edge device is behind NAT, firewall, LTE or proxy server, and the user's laptop is not, then SSH will not work. Also in the case of the user's laptop and the device belong to the same network, if multiple users want to access the device, they all need to share the private SSH key (or add multiple public keys onto the device) which sometimes is not desirable.