EVE is operable today to provide virtualization for edge devices. EVE powered devices can be managed by any centralized manager that implements the EVE controller API. Currently the only compliant manager is Z Central by Zededa, with more expected soon. There is an open source project called Adam that is community driven and is a good way to get started in a pure OS solution.
Currently you can load EVE on an ARM board or an AMD board. For specific devices that the community has used and verified to be compatible, see the EVE in the Market or the next entry.
See our wiki page for supported platforms for an up to date list.
In addition to tested Intel and ARM CPU-based platforms, the following are recommended minimum requirements for a hardware platform to work with EVE:
EVE is designed to work with devices that are deployed in physically insecure and connected environments. First, EVE-managed devices make use of Trusted Platform Modules (TPM) or Trusted Execution Environments (TEE) when available for managing private keys for strong device and application instance identities, and implementing measured boot. This also allows the EVE device API to work without needing to store login credentials. Next, following a zero trust, secure-by-default design approach, all EVE-managed devices have all physical and unused network ports disabled by default, disallowing SSH and keyboard access.
EVE has multiple layers of network security built in. VPNs can be provisioned to cloud services. Applications are deployed with firewall rules. Firewall rules can be managed remotely, and violations are logged. EVE’s has its own highly secure overlay network for device management that is also available to hosted applications. EVE supports TLS 1.2 for secure network communications.
Yes, EVE can run Xen compatible virtual machines.
Edge containers are virtual machines with a manifest that describes the runtime environment including device resource and connectivity requirements.
The specification of this manifest will be better documented soon, but you can discern its requirements by studying the code of EVE’s configuration API.
You can run a virtual machine with Linux that runs Docker Install within it.
Any operating system which can run in a Xen compatible virtual machine should be able to run on top of EVE. Linux, Windows, Mirage OS have all been successfully tested so far.
EVE has been used successfully with EdgeX Foundry.
Applications have their own network interfaces and can be connected to different cloud services. The EVE runtime can deploy VPNs that can securely connect to public clouds. The edge container manifest includes a firewall list that dictates which internet services can be connected to the application.
Devices can be managed by any controller that implements EVE’s device API. Currently the only compliant controller is Zededa’s Z Central service. Project EVE is planning to build a simple dev & test controller soon. We welcome any other controlling services that want to implement the device API.