Versions Compared

Old Version 133

changes.mady.by.user Naiming Shen

Saved on

compared with

New Version Current

changes.mady.by.user Christoph Ostarek

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This page is for EdgeView client side command descriptions. For information on EdgeView design and architecture, please see Design and Architecture, Graphical Workflow and FAQ.

To run EdgeView client script, the docker is required on user's laptop. The EdgeView client program is started in a script with 'docker run'. For an example of the client script, see EdgeView Client Script. The EdgeView commands are checked against EdgeView Policies to be allowed to run on devices.

...

For more detail help on EdgeView commands, see https://wikilf-lfedge.lfedgeatlassian.orgnet/wiki/display/EVE/EdgeView+Commands

The URL above points to this document.

...

See detail of the command in the section TCP Channel Commands.

Tcpdump

tcpdump/intf-name/[options] - tcpdump on the interface, can specify duration with -time, default is 60 sec

...

For the details of 'cp' command, see section Copy File Command.

Datastore

datastore - display the device current datastore: EQDN, type, cipher information

...

The 'pci' command runs the 'lspci' utility and displays all the PCI devices information.

PProf

    pprof/on|off - turn on/off pprof http debugging in pillar on port 6543

More information about pprof can be found here: https://github.com/google/pprof

The port can be forwarded to the local machine with the tcp command.

Ps

ps/<string> - display the process status information on matching string

...

For the details of 'techsupport' command, see section Tech-Support Command.

Top

top - display linux 'top' in one batch

...

TCP channel setup requires the port mapping for docker run. For EdgeView single instance, or the first instance, the port 9001 to 9005 is mapped. Each additional instance will add 5 to that range.

The 'tcp' command may be disabled for application or external hosts by policies.

The 'tcp' command is different from other EdgeView commands, the purpose of running the command is not to get back some query results or uploading files, but to setup a TCP (relay) service on the laptop with the mapped ports, and different client application(s) on the laptop will connect to the TCP service, but virtually to relay/connect to the remote TCP endpoints. Think of the TCP channel as a virtual TCP port mapping service with the user's laptop as the frontend, and the applications at remote as the backend. This virtual TCP port mapping service works across the Internet, firewall, proxy, etc.

...

To access the applications external to the EVE device (not part of the user applications), for instance a 'local profile' server which shares the LAN with the EVE device. It is similar to the above 'Access TCP Services of Application'. The only difference is the policies are controlled separately for applications and external endpoints. Obviously the user can not use 'edgeview.sh app' to find out external hosts and applications, those remote endpoints have to be learned through some other mechanism.

...

Access HTTPs Service of Remote Endpoints

See the section Proxy Command.

Proxy Command

As mentioned above, the TCP channel sets up a virtual port mapping across the Internet with the frontend on the user's laptop and the backend being the remote endpoints from the EVE device. For many TCP services, that work just fine. But HTTPs is different, it has the certificates which define the domain name or service IP addresses. When a local web browser points to "https://localhost:9001", that application service will have issues with this 'localhost' or any IP address it does not have. The browser will also have the problem of verifying the certificates the server passes over. See FAQ on proxy for detail.

EdgeView TCP channel has the 'proxy' option for this usage. It requires the EdgeView TCP channel as a 'Virtual Proxy' service. This BTY is a 'pass-through' proxy, not a MiTM proxy. As in any proxy server, your application or host points to the laptop's proxy service port, and the proxy action is mainly on the EdgeView of the remote EVE device.

...

If there is no local/private DNS server available, or the user does not know about it, but the user knows the domain name and the IP address of the server offering the HTTPs service, a static hostname mapping entry can be added to the '/etc/hosts' of the EdgeView container. (similar to docker's '--add-host' option) See the command 'Addhost' above.

Copy Files Command

...