Setup KubeEdge


To use KubeEdge, you will need to have docker installed. If you don’t, please follow these steps to install docker.

Install docker

For ubuntu:

# Install Docker from Ubuntu's repositories:
apt-get update
apt-get install -y

# or install Docker CE 18.06 from Docker's repositories for Ubuntu or Debian:
apt-get update && apt-get install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL | apt-key add -
add-apt-repository \
   "deb [arch=amd64] \
   $(lsb_release -cs) \
apt-get update && apt-get install docker-ce=18.06.0~ce~3-0~ubuntu

For centOS:

# Install Docker from CentOS/RHEL repository:
yum install -y docker

# or install Docker CE 18.06 from Docker's CentOS repositories:
yum install yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
    --add-repo \
yum update && yum install docker-ce-18.06.1.ce

KubeEdge’s Cloud(edgecontroller) connects to Kubernetes master to sync updates of node/pod status. If you don’t have Kubernetes setup, please follow these steps to install Kubernetes using kubeadm.

Install kubeadm/kubectl

For Ubuntu:

apt-get update && apt-get install -y apt-transport-https curl
curl -s | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb kubernetes-xenial main
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl

For CentOS:

at <<EOF > /etc/yum.repos.d/kubernetes.repo

# Set SELinux in permissive mode (effectively disabling it)  

setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

systemctl enable --now kubelet

Install Kubernetes

To initialize Kubernetes master, follow the below step:

kubeadm init

After initializing Kubernetes master, we need to expose insecure port 8080 for edgecontroller/kubectl to work with http connection to api-server Please follow below steps to enable http port in apiserver

vi /etc/kubernetes/manifests/kube-apiserver.yaml
# Add the following flags in spec: containers: -command section
- --insecure-port=8080
- --insecure-bind-address=

KubeEdge uses MQTT for communication between deviceTwin and devices. KubeEdge supports 3 MQTT modes:

  • 0 - internalMqttMode: internal mqtt broker is enabled
  • 1 - bothMqttMode: internal as well as external broker are enabled
  • 2 - externalMqttMode: only external broker is enabled

Use mode field in edge.yaml to select the desired mode

    server: tcp:// # external mqtt broker url.
    internal-server: tcp:// # internal mqtt broker url.
    mode: 0 # 0: internal mqtt broker enable only. 1: internal and external mqtt broker enable. 2: external mqtt broker enable only.
    qos: 0 # 0: QOSAtMostOnce, 1: QOSAtLeastOnce, 2: QOSExactlyOnce.
    retain: false # if the flag set true, server will store the message and can be delivered to future subscribers.
    session-queue-size: 100 # A size of how many sessions will be handled. default to 100.

To use kubeedge in double mqtt or external mode, make sure you have mosquitto in your environment. If you do not already have it, you may install as follows.

Install mosquitto

For ubuntu:

apt install mosquitto

For centOS:

yum install mosquitto

See mosquitto official website for more information.


KubeEdge has certificate based authentication/authorization between cloud and edge. Certificates can be generated using openssl. Please follow the steps below to generate certificates.

Install openssl

If openssl is not already present using below command to install openssl

apt-get install openssl

Generate Certificates

RootCA certificate and a cert/key pair is required to have a setup for KubeEdge. Same cert/key pair can be used in both cloud and edge.

# Generete Root Key
openssl genrsa -des3 -out rootCA.key 4096
# Generate Root Certificate
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt
# Generate Key
openssl genrsa -out kubeedge.key 2048
# Generate csr, Fill required details after running the command
openssl req -new -key kubeedge.key -out kubeedge.csr
# Generate Certificate
openssl x509 -req -in kubeedge.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out kubeedge.crt -days 500 -sha256 


Clone KubeEdge

git clone $GOPATH/src/
cd $GOPATH/src/

Build Cloud

cd $GOPATH/src/
make # or `make edgecontroller`

Build Edge

cd $GOPATH/src/
make # or `make edgecontroller`

KubeEdge can also be cross compiled to run on ARM based processors. Please click Cross Compilation for the instructions.

Run KubeEdge

Run Cloud

cd $GOPATH/src/
# run edge controller
# `conf/` should be in the same directory as the binary
# verify the configurations before running cloud(edgecontroller)

Run Edge

We have provided a sample node.json to add a node in kubernetes. Please make sure edge-node is added in kubernetes. Run below steps to add edge-node

kubectl apply -f $GOPATH/src/
# run mosquitto
mosquitto -d -p 1883

# run edge_core
# `conf/` should be in the same directory as the binary
# verify the configurations before running edge(edge_core)
# or
nohup ./edge_core > edge_core.log 2>&1 &

If you are using HuaweiCloud IEF, then the edge node you created should be running (check it in the IEF console page).

Deploy Application

Try out a sample application deployment by following below steps

kubectl apply -f $GOPATH/src/

Note: Currently, for edge node, we must use hostPort in the Pod container spec so that the pod comes up normally, or the pod will be always in ContainerCreating status. The hostPort must be equal to containerPort and can not be 0.

Run Edge Unit Tests

make edge_test

To run unit tests of a package individually

cd <path to package to be tested>
go test -v

Run Edge Integration Tests

make edge_integration_test

Details and use cases of integration test framework

Please find the link to use cases of intergration test framework for kubeedge