Pelion Edge 2.4.0 - June 2021
- Updated LmP version to 81.
- Added secure edge container applications with Parsec and the Trust Platform Module (TPM) v2.0:
- You can access the TPM resource through Parsec APIs from within the container application.
- The storage of secure assets, such as keys, is separated on a per-client basis: Assets created by one client can't be accessed by another.
- You can use
securityContextin the Pod specifications to restrict the privileges and access control of an application to system resources.
- [edge-core] Updated Edge Core to 0.18.0:
- Starts Edge Core service
After=network-online.target, after which the gateway acquires an IP address.
- Restricts access to Mbed configuration
/userdata/mbed, setting permissions to 700 with
BYOC_MODEbuild flow, so you can inject the certificates into the image at run time rather than compile time. This enables you to create generic developer builds.
- Starts Edge Core service
- [edge-tool] Added Edge tool v0.2.0:
- Installs only when built with
- Converts the development certificate to a CBOR configuration object, which is then provided to Edge Core as a command-line argument.
- Installs only when built with
- [New board support] The following boards are now supported in LmP:
- Raspberry Pi 3B+.
- Raspberry Pi 4.
- SolidRun Hummingboard Ripple and SolidRun Hummingboard Pulse when booting from SD card over
- Added i.MX8MM SolidRun meta layer.
- [Container orchestration] Network policy controller:
- [Board-specific improvements]:
- UZ3EG - align wks.in file usage with i.MX8.
- RPI - use miniUART BT dtoverlay to enable Bluetooth.
- Use standard TTY console config.
- BLE now work correctly.
- New recipe for Nordic Semiconductor´s
pc-ble-driver, configuration in
local.confwhich defaults to off .
- [Other] Changed default image file name for MFG tool -
MFGTOOL_FLASH_IMAGE = "console-image-lmp".
- [Space conservation] Removed meta-arm-autonomy layer.
- Added support for full image update.
- Prevented duplicate deployment. Modified to check if the commit has been deployed before making the deployment. This prevents a previous deploy from being over-written, which, in turn, would break the rollback functionality.
- [Parsec] Upgraded parsec-se-driver to 0.5.0, parsec-service to 0.7.2 and parsec-tool to 0.3.0:
- Sets the Parsec socket directory permission to 0750.
- [Image] Simplified the partition layout.
- [build process] Generic
mx8mmsupport - Instead of using the i.MX8MM EVK target, you can use the i.MX8MM to generalize the support because the current changes can run on all targets, generalizing to the SoC level target
- [OS general]:
- Enabled Wi-Fi by default for all targets.
- [golang] Removed golang overrides (1.14.4) to use native version 1.15.8 provided by current Yocto branch.
- [edge-proxy] Modified
edge-proxyconfiguration to add new forwarding address for containers domain.
containers.localto the list of known hosts.
infoutility to v2.0.9 and
- [fluentbit] Reduced the default FluentBit logging level to warning.
- [mbed-fcce] Upgraded factory-configurator-client-example to v4.9.0.
- It is no longer required to specify
vendor-id=42fa7b48-1a65-43aa-890f-8c704daade54to unlock the rich node features in Pelion Device Management Portal. Portal now reads the gateway capabilities from gateway's FeatureMgmt LwM2M object 33457 and then enables the UI associated to the features.
- [info] Fixed issue whereby
rootaccess on all LmP supported boards.
- [info] Fixed issue whereby the
infocommand on the UltraZed-EG IOCC attempted to read the default Linux thermal zones, which don't exist in Xilinx BSPs. Added support for Xilinx AMS feature for correct temperature reading.
- Fixed issue whereby the LmP updates didn't accept firmware updates with numbers 10 and 100.
- The Pelion Device Management portal isn't correctly updated after a firmware campaign in some instances.
- [maestro] The FeatureMgmt config resource is initialized with a maximum 3.8KB of file content. The remaining file content is truncated during initialization. This is most likely due to the limitation of the gorilla/websocket library but needs further investigation. However, you can still push a file size of a maximum of 64KB through cloud service APIs.
cpu-temperaturedevice reports random values because the default CPU temperature file isn't the same on Yocto and LmP.
- The LmP build enables software TPM and Parsec stacks by default in all configurations, including developer certificate configurations. However, because it won't be used or set up in those configurations, the logs will show some TPM related errors. These logs can be ignored.
- Container integration with Parsec doesn't work on the the Raspberry Pi 3 Model B+.
- When using the Notification service API, if you subscribe to a translated device's LwM2M resources, which are registered with operation write (PUT) or execute (POST), you won't receive notification of the device state change.
- [AVNet ZU3EG] If you enable kernel configurations CPU_IDLE and PREEMPT, the LmP release including PetaLinux 2020.2 doesn't work in a stable manner. The default configuration has those disabled. If you have any issues with those configurations, please contact Xilinx support.
- [AVNet ZU3EG] You can program the Ethernet MAC address to the EEPROM on the board. Please see the Xilinx support documentation on how to do this with the
- When using Wi-Fi, the device shutdown can take longer than expected because Edge Core takes 1m 35s to shut down.
- Firmware update from Edge 2.2 to Edge 2.3, from Edge 2.3 to Edge 2.4 and from Edge 2.2 to Edge 2.4 isn't possible on any of the supported platforms. Partition table changes and in some cases FPGA support changes prevent the upgrading between these versions. To update between these versions, manual flashing is required. OTA update is still supported within the versions.
- There is a maximum size limit to the full registration message, which limits the number of devices Pelion Edge can host:
- Maximum registration message size is 64KB.
- Hosted devices with five typical Resources consume ~280B (the exact size depends, for example, on the length of resource paths). This limits the maximum number to 270 devices.
- The more Resources you have, the fewer devices can be supported.
- The Pelion Edge device Resources are also included in the same registration message.
- Test the limits with your configuration, and set guidance accordingly.
- Devices behind Pelion Edge don't support auto-observation.
- Pelion Device Management Client enabled devices must first boostrap to the Pelion Device Management cloud before connecting to Pelion Edge.
- No moving devices are supported (such as the device moving from Pelion Edge to another edge device.)
- LmP's base partition table is set above 10GB to support three upgrade images in OSTree. Therefore, we only support SD card installation (compared to supporting onboard EMMC or NAND) for the i.MX 8M Mini EVK and the UltraZed-EG IOCC.
- Software TPM is not designed to be resilient against power failures. Instead of disconnecting the power supply to the gateway, always perform a graceful shutdown of the edge device when using software TPM. To resolve this, follow the troubleshooting section of our documentation about using Pelion Edge with TPM.