Platform Services
The following platform services are available for developers to configure and use in their applications.
Storage
The storage service [name: jetson-storage] manages external (additional) storage that can be attached to the Jetson. This is needed when the storage drive where the Root File System (RFS) is flashed is not sufficient for recording and storing videos, log files, etc. This service detects attached storage drives (NVMe, SATA), formats and mounts them, and then creates the filesystem (/data) on them.
For Orin AGX based system (which have an internal eMMC that is flashed with BSP) an external NVMe or SATA drive may be used for storage. For NX based system (which don’t have an internal drive) an NVMe drive should be used to flash the BSP, and a SATA drive should be used for storage.
The storage service also creates various logging volumes and sets up quotas and users/groups (based on configuration) so that the quotas can be enforced through system users associated with each microservice. Disk encryption option is available through LUKS capability provided by BSP. The details about the storage service are available in Jetson Storage.
Networking
The networking service [name: jetson-networking] helps to manage the IP cameras that may be connected to your Jetson through a POE switch. It sets up the network subsystem on the device, it detects and sets up the network interfaces for external communication (eth0) and camera connectivity (eth1) that can be used with VST microservice. For systems have only one in-built interface, e.g devkits, it will be used for external communication, and a USB Ethernet dongle needs to be connected to an external POE switch for the cameras.
This service does network configurations to support the different Ethernet interfaces and isolate the network domains for cameras. It does customized DHCP configuration so that attached ethernet cameras can acquire an IP address. The details about the networking service are available in Jetson Networking.
Firewall
The firewall service [name: jetson-firewall] starts up the uncomplicated firewall (UFW) with predefined rules suitable for running any of the platform services using docker compose. Since docker compose containers run on the default host network, the firewall is used to block external access to the containers and allow traffic to only the configured open ports.
For running applications that use additional microservices, further rules should be added for them. This service needs to be explicitly enabled with right configuration. See the Firewall Service for the details about the firewall service.
Redis
The Redis service [name: jetson-redis] is generally used as a message bus for data exchange between microservices, and/or as a timeseries database. The ai-nvr reference app microservices demonstrates both of these patterns. Applications can also readily customize and use it as a standalone offering.
An out of the box configuration for Redis is based on standard best practices such as retention, snapshotting and limits. The Redis timeseries module is also enabled as part of the Redis offering. Users can modify the config as per their needs. The details about the Redis service are available in Redis.
Ingress
The Ingress service [name: jetson-ingress] enables a standard mechanism to present APIs as an out of the box service. Incoming requests are routed to the appropriate microservices based on configured routes thereby keeping the underlying microservices architecture abstracted away from the API consumer.
Ingress enables presentation and access of APIs supported by both platform services and Metropolis microservices and applications. There are separate nginx config files used to maintain the rules for each of the layers (platform & application). The details about the Ingress service are available in API Gateway (Ingress).
IoTGateway
The iotgateway service [name: jetson-iot-gateway]] supports always on, bi-directional TCP connection with the cloud, to allow devices that are behind the firewall to communicate with the cloud. Incoming traffic is forwarded to registered internal endpoints (typically Ingress). This service needs to be explicitly enabled with right configuration. The details about the iotgateway service are available in IOTGateway.
Monitoring
The monitoring service [name: jetson-monitoring] includes Prometheus, Grafana, Push Gateway, ITS Monitoring. It provides hooks for applications to enable monitoring. The Grafana endpoint is exposed through Ingress service for visualization. The details about the monitoring service are available in Monitoring.
SysMonitoring
The sysmonitoring service [name: jetson-sys-monitoring] provides system utilization, e.g. CPU, memory, disk (collected using node-exporter) to the monitoring service (via Prometheus scraping) for viewing in the Grafana dashboard. The details about the sysmonitoring service are available in Monitoring.
GPUMonitor
The gpumonitoring service [name: jetson-gpu-monitoring] provides GPU stats (collected using the tegrastats utility) to the monitoring service (via push gateway) for viewing in the Grafana dashboard. The details about the gpumonitoring service are available in Monitoring.
Starting and Stopping Platform Services
All the platform services are implemented as standard Linux services and can be started and stopped via systemctl commands.
Before starting, note the following prerequisites:
Connect any necessary hardware needed by the service, for e.g. external drive for storage service, or POE switch for networking service
Do any necessary software configuration, for e.g., Nginx config for ingress service, or rules for firewall service
Retrieve API key for NGC where the containers are hosted (see the Quick Start Guide)
Login to nvcr.io using your NGC API key before you start services for the first time:
sudo docker login nvcr.io -u "\$oauthtoken" -p <NGC-API-KEY>
If you plan to use the storage service, start it first, as it mounts the storage drive and provides the directory structure used by the other services. Also note that the network service requires you to reboot the system after enabling, for the network interface updates to take effect.
A service may be started with the command
sudo systemctl start <service-name>
for e.g. sudo systemctl start jetson-redis
Similarly a service may be stopped with the command
sudo systemctl stop <service-name>
for e.g. sudo systemctl stop jetson-redis
If you would like the service to start automatically at system bootup time, then enable it as follows:
sudo systemctl enable <service-name> --now
for e.g. sudo systemctl enable jetson-storage --now
Note that the “–now” is an optional parameter, which starts the service immediately instead of waiting till the next boot.
Similarly, to disable above and also stop the service, use the following:
sudo systemctl diable <service-name> --now
for e.g. sudo systemctl disable jetson-storage --now