Overview
The following foundation services are available for developers to configure and use in their applications.
Service |
Name |
Description |
Dependency |
|---|---|---|---|
Video Storage Toolkit (VST) |
jetson-vst |
Enables camera discovery, video storage, hardware accelerated video decode and streaming |
Redis |
Redis |
jeston-redis |
Provides a shared message bus and storage for microservices |
None |
Ingress |
jeston-ingress |
Enables a standard mechanism to present microservice APIs to clients |
None |
Storage |
jeston-storage |
Provisions external storage and allocate to various microservices |
None |
Networking |
jeston-networking |
Manages network interfaces for connecting to IP cameras |
None |
Monitoring |
jeston-monitoring |
Helps visualize collected metrics using Grafana dashboard |
None |
System Monitoring |
jeston-sys-monitoring |
Collects system usage metrics |
Monitoring |
GPU Monitoring |
jeston-gpu-monitoring |
Collects gpu usage metrics |
Monitoring |
IOT Gateway |
jeston-iot-gateway |
Enables remote, secure access of device APIs for rich clients such as mobile apps |
None |
Firewall |
jeston-firewall |
Controls ingress and egress network traffic to the system |
None |
Video Storage Toolkit (VST)
VST [name: jetson-vst] provides efficient management of cameras and videos on Jetson based platforms. It is particularly suitable for AI based video analytics systems by providing hardware accelerated video decoding, streaming and storage from multiple video sources. VST also includes reference web user-interface for management of your devices, viewing streams, creating and viewing Tripwires (TW) and Region of Interests (ROI) with live analytics. The details about the VST service are available in VST.
Redis
The Redis service [name: jetson-redis] is generally used as a message bus for data exchange between microservices, and/or as a timeseries database. The ai-nvr reference app microservices demonstrates both of these patterns. Applications can also readily customize and use it as a standalone offering.
An out of the box configuration for Redis is based on standard best practices such as retention, snapshotting and limits. The Redis timeseries module is also enabled as part of the Redis offering. Users can modify the config as per their needs. The details about the Redis service are available in Redis.
Ingress
The Ingress service [name: jetson-ingress] enables a standard mechanism to present APIs as an out of the box service. Incoming requests are routed to the appropriate microservices based on configured routes thereby keeping the underlying microservices architecture abstracted away from the API consumer.
Ingress enables presentation and access of APIs supported by both foundation services and Metropolis microservices and applications. There are separate nginx config files used to maintain the rules for each of the layers (foundation & application). The details about the Ingress service are available in API Gateway (Ingress).
Storage
The storage service [name: jetson-storage] manages external (additional) storage that can be attached to the Jetson. This is needed as the Root File System (RFS) flashed on the eMMC (AGX) or NVMe (NX/Nano) is not sufficient for recording and storing videos, log files, etc. This service detects attached storage drives (NVMe, SATA), formats and mounts them, and then creates the filesystem (/data) on them.
For Orin AGX based systems (which have an internal eMMC that is flashed with BSP) an external NVMe or SATA drives may be used for storage. For Orin NX and Nano based systems (which don’t have an internal drive) an NVMe drive should be used to flash the BSP, and SATA drives can be used for additional storage.
The storage service also creates various logging volumes and sets up quotas and users/groups (based on configuration) so that the quotas can be enforced through system users associated with each microservice. Disk encryption option is available through LUKS capability provided by BSP. The details about the storage service are available in Storage.
Networking
The networking service [name: jetson-networking] helps to manage the IP cameras that may be connected to your Jetson through a POE switch. It sets up the network subsystem on the device, it detects and sets up the network interfaces for external communication (eth0) and camera connectivity (eth1) that can be used with VST microservice. For systems have only one in-built interface, e.g devkits, it will be used for external communication, and a USB Ethernet dongle needs to be connected to an external POE switch for the cameras.
This service does network configurations to support the different Ethernet interfaces and isolate the network domains for cameras. It does customized DHCP configuration so that attached ethernet cameras can acquire an IP address. The details about the networking service are available in Networking.
Monitoring
The monitoring service [name: jetson-monitoring] includes Prometheus, Grafana, Push Gateway, ITS Monitoring. It provides hooks for applications to enable monitoring. The Grafana endpoint is exposed through Ingress service for visualization. The details about the monitoring service are available in Monitoring.
System Monitoring
The sysmonitoring service [name: jetson-sys-monitoring] provides system utilization, e.g. CPU, memory, disk (collected using node-exporter) to the monitoring service (via Prometheus scraping) for viewing in the Grafana dashboard. The details about the sysmonitoring service are available in Monitoring.
GPU Monitoring
The gpumonitoring service [name: jetson-gpu-monitoring] provides GPU stats (collected using the tegrastats utility) to the monitoring service (via push gateway) for viewing in the Grafana dashboard. The details about the gpumonitoring service are available in Monitoring.
IoT Gateway
The iotgateway service [name: jetson-iot-gateway]] supports always on, bi-directional TCP connection with the cloud, to allow devices that are behind the firewall to communicate with the cloud. Incoming traffic is forwarded to registered internal endpoints (typically Ingress). This service needs to be explicitly enabled with right configuration. The details about the iotgateway service are available in IOTGateway.
Firewall
The firewall service [name: jetson-firewall] starts up the uncomplicated firewall (UFW) with predefined rules suitable for running any of the foundation services using docker compose. Since docker compose containers run on the default host network, the firewall is used to block external access to the containers and allow traffic to only the configured open ports.
For running applications that use additional microservices, further rules should be added for them. This service needs to be explicitly enabled with right configuration. See the Firewall Service for the details about the firewall service.
Starting and Stopping Foundation Services
All the foundation services are implemented as standard Linux services and can be started and stopped via systemctl commands. When you start a service, it automatically starts any other services needed by it.
Before starting, note the following prerequisites:
Connect any necessary hardware needed by the service, for e.g. external drive for storage service, or POE switch for networking service
Do any necessary software configuration, for e.g., Nginx config for ingress service, or rules for firewall service
Retrieve API key for NGC where the containers are hosted (see the Quick Start Guide)
If you plan to use the storage service, start it first, as it mounts the storage drive and provides the directory structure used by the other services. Also note that the network service requires you to reboot the system after enabling, for the network interface updates to take effect.
A service may be started with the command
sudo systemctl start <service-name>
for e.g. sudo systemctl start jetson-redis
Similarly a service may be stopped with the command
sudo systemctl stop <service-name>
for e.g. sudo systemctl stop jetson-redis
If you would like the service to start automatically at system bootup time, then enable it as follows:
sudo systemctl enable <service-name> --now
for e.g. sudo systemctl enable jetson-storage --now
Note that the “–now” is an optional parameter, which starts the service immediately instead of waiting till the next boot.
Similarly, to disable above and also stop the service, use the following:
sudo systemctl diable <service-name> --now
for e.g. sudo systemctl disable jetson-storage --now
if you would like to montior the messages from a service as it is starting up, use the following in a separate terminal:
journalctl -fe -u <service-name>.service
for e.g. journalctl -fe -u jetson-storage.service