Techniques discussed herein relate to implementing a distributed computing cluster (the “cluster”) including a plurality of edge devices (e.g., devices individually configured to selectively execute within an isolated computing environment). One edge device may be configured to operate as a head node of the cluster at a given time. A request for virtual resources of the cluster may be received from a user device and directed to the first edge device of the cluster. The first edge device may determine it is not operating as a head node of the cluster. The first edge device may determine that a second edge device of the cluster is operating as the head node. In response, the first edge device may forward the request to the second edge device, wherein forwarding the request to the second edge device causes the second request to be processed by the cluster.

Techniques discussed herein relate to updating an edge device (e.g., a computing device distinct from and operating remotely with respect to a data center). The edge device can operate execute a first operating system (OS). A manifest specifying files a second OS to be provisioned to the edge device may be obtained. One or more data files corresponding to a difference between a first set of data files associated with the first OS and a second set of data files associated with the second OS may be identified. A snapshot of the first OS may be generated and stored in memory of the edge device. The edge device can then be configured with the second OS by modifying the snapshot. The booting order of the edge device may be modified to boot utilizing the second OS.

Techniques are disclosed for provisioning and managing a virtual edge device that is configured to emulate a physical edge device that executes within an isolated computing environment. The isolated computing environment may be separate from a centralized cloud computing environment that provides a plurality of services for executing customer workloads. In one example, a computer system receives a request to provision a virtual edge device. The computer system identifies a physical computing device to be provisioned as the virtual edge device based on the request. The computer system generates a set of data containers that containerizes a set of services configured to execute subsequent workloads, and then the system provisions the physical computing system with the set of data containers. In response to the customer request, the computer system provides a user interface operable for accessing and managing the virtual edge device.

Techniques are disclosed for migrating one or more services from an edge device to a cloud computing environment. In one example, a migration service receives a request to migrate a first set of services from the edge device to the cloud computing environment. The migration service identifies a hardware profile of a computing device (or devices) of the cloud computing environment that matches the edge device, and then configures the computing device to execute a second set of services that corresponds to the first set of services. The migration service establishes a communication channel between the edge device and the computing device, and then executes a set of migration operations such that the second set of services is configured to execute as the first set of services. The computing device may operate in a virtual bootstrap environment or dedicated region of the cloud computing environment.

Techniques are described for implementing a virtual smart network interface card to facilitate data transmission in an edge device providing cloud-computing operations. An edge device can implement a private virtual network that includes a private virtual network data plane. The edge device can execute a virtual machine to be connected to the private virtual network. To establish the connection, the edge device can generate a virtual network interface that includes a first endpoint and a second endpoint and is hosted within the private virtual network data plane. The edge device can associate the first endpoint with the virtual machine and associate the second endpoint with an orchestration module of the private virtual network data plane. The virtual machine can then send a data packet to the orchestration module via the virtual network interface.

Techniques discussed herein relate to providing composable edge devices. In some embodiments, a user request specifying a set of services to be executed at a cloud-computing edge device may be received by a computing device operated by a cloud computing provider. A manifest may be generated in accordance with the user request. The manifest may specify a configuration for the cloud-computing edge device. Another request can be received specifying the same or a different set of services to be executed at another edge device. Another manifest which specifies the configuration for that edge device may be generated and subsequently used to provision the request set of services on that device. In this manner, manifests can be used to compose the platform to be utilized at any given edge device.

Techniques are described for implementing a secure enclave within an edge device (e.g., an edge device of a computing cluster of edge devices). In some embodiments, a service enclave comprising a plurality of services can be implemented. The plurality of services can be implemented within respective containers and communicatively connected to one another via a virtual substrate network of the cloud-computing edge device. The virtual substrate network may be dedicated to network traffic between services of the plurality of services. A first service of the enclave may generate and transmit a message to a second service of the enclave for processing. One or more operations may be executed by the second service based on reception of the message.

Techniques are described for implementing secure communications between edge devices providing cloud computing services in an edge environment. A computing cluster can include a plurality of cloud-computing edge devices. The computing cluster can implement a distributed control plane for performing operations related to managing cloud infrastructure resources within the computing cluster. The cloud-computing edge devices can be connected to an intra-node switch to form a substrate network. The data related to control plane operations may be transmitted over the substrate from one edge device to another, such that control plane operations can be performed at any suitable edge device in the cluster. The edge devices can use an encryption protocol to encrypt the data transmitted over the substrate network via the intra-node switch.

Techniques for implementing an infrastructure orchestration service are described. In some examples, a declarative provisioner of the infrastructure orchestration service receives instructions for deployment of a resource. The declarative provisioner identifies that the deployment of the resource is a long-running task stores state information corresponding to the deployment of the resource. In certain embodiments, upon identifying that the deployment of the resource is a long-running task, the declarative provisioner pauses its execution of the long-running task. Responsive to a trigger received from the infrastructure orchestration service, the declarative provisioner resumes execution of the deployment of the resource using the state information and transmits deployment information corresponding to the deployment of the resource to the infrastructure orchestration service.

A method and a device for determining deployment information of a network are disclosed. The method for determining deployment information of a network includes: receiving, by a first network entity, a first message sent by a second network entity, where the first message carries first deployment information, and the first deployment information is deployment information of a network component; and determining, by the first network entity, second deployment information based on the first deployment information, where the second deployment information is deployment information of a network, and the network includes at least one network component. The foregoing solution can improve accuracy of determining deployment information of a network.