November 2023: Feature releases & highlights

Scale tests, UI support for secret distribution status

November has been a real edge month for the engineering team.

One primary characteristic that sets the Edge apart from the Cloud is the large number of sites. While the cloud has a limited number of regions, edge deployments can easily span tens of thousands of sites. That is one of the reasons why we architected Avassa ground up for the edge rather than retrofitting a cloud solution. We now publish measurements for our engineering scale tests in this November 2023 highlights. We also publish a video showing the Web UI managing thousands of sites and still being responsive and showing real-time state.

From a feature perspective, we have added functionality in the Control Tower Web UI to inspect secrets and images distributed to the sites. We have also improved the visibility of which application version is being deployed.

Scale tests

Think about the number of sites you need to support. Make sure you have a solution that scales accordingly. This is a challenge we hear in many discussions. They have come to a dead end with other solutions when running thousands (or even hundreds) of sites. In most cases, there are technical limitations, but also pricing-wise. We have a pricing model that scales. But what about performance? To help you out there looking for solutions, we are now publishing our internal engineering test measurements. It shows how well we scale to thousands of sites. The test and results are described in a separate article. Happy edge reading!

Web UI with thousands of sites

The above article showed how well the platform scales to thousands of sites. Another challenge is the Web UI. As you have seen across all the releases, we invest heavily in usability for deploying and monitoring edge sites and applications in real time. But what about the responsiveness of the Web UI for large-scale deployments? Have a look and enjoy!

Secrets and images at the sites

Before describing the new features in the Web UI, let us start with an overview of how secrets and images are distributed to the sites. When you define an application in the Control Tower, you refer to URLs to the registries for the constituent containers. The first thing the Control Tower does is to”cache” those images into the built-in registry. You might wonder why: “Why don’t the edge sites download the images directly from the registries?” In the edge use case, it is common that the edge nodes are on networks where this might be blocked. By caching the images into the Control Tower, the edge sites can download the images from the reverse connection over the call-home channel. Secondly, when an application is deployed at many sites, these sites will download the images to the hosts on the site. The images are also replicated amongst the hosts in the site so that any host can make an application fail-over without connection to the internet/Control Tower. This motivates the built-in registry in the Edge Enforcer.

🆕 You can now more easily validate that the image for the application in the Control Tower is the same as on the site.

In the screen shot below you can easily see the image in the Control Tower as well as on the site:

Screenshot of the Avassa Control Tower Web UI showing image validation, displaying image details in the Control Tower and on the site.

And now, the secrets. The Avassa secrets manager is a distributed secrets manager. One central instance is in the Control Tower, and one instance is at each site. You start off by defining a vault and associated secrets in the Control Tower. Then you choose how to distribute secrets to sites:

Do not distribute: secrets stay in the Control Tower; this is useful, for example, to store authentication information to registries that are only used by the Control Tower in application definitions.
To sites by deployments: in this case, a secret is defined to follow a certain application deployment. This means that the secret is distributed wherever an application is deployed to that site. The secret is removed from the corresponding site if the application is un-deployed.
All sites. The secret will be distributed to all sites in the environment.

🆕 There is now a new tab in the Web UI where you can inspect secrets at a site

Screenshot of the Avassa Control Tower Web UI showing the new secrets inspection tab, displaying vault, secret, and version information.

Note that secrets and images might be modified locally. With the offline capabilities described in release highlights for October, Avassa now supports that a site local admin can use the Avassa command line tool at a site to add and modify images and secrets. This further motivates the visibility of site local data in the Web UI.

Enhanced deployment view

Application definitions in Avassa have an explicit version identity and are immutable. If you modify the application, the version identity needs to be modified. So you might, for example, have an application A with versions 1.0, 1.1, and 1.2. The deployment definition refers to an explicit version, so you can say that you want to deploy version 1.1 to a set of sites.

🆕 We have enhanced the visibility in the Web UI to show which version is being deployed and which versions are currently running on the sites.

In the example below, you can clearly see that the ongoing deployment refers to version 1.2.

Screenshot of the Avassa Control Tower Web UI showing the enhanced deployment view, highlighting the deployed application version.

That’s all from the Avassa product and engineering team before the Christmas holidays. We hope you all scale up your festivities!

LET’S KEEP IN TOUCH

Sign up for our newsletter

We’ll send you occasional emails to keep you posted on updates, feature releases, and event invites, and you can opt out at any time.

Highlighted resources

What is Edge AI? Key Benefits & Why You Should Use It

Smooth Sailing at the Edge: How to Migrate Legacy VMs to Containers with Avassa

Edge Observability – Shifting Left for Proactive Monitoring