1. Product overview

Edge applications are applications that are deployed at the locations of the users. These applications are suitable for scenarios that require data to be processed in real time in a secure and reliable manner. For example, edge applications can be used for access control systems, building automation systems, and video algorithm applications.
EdgeBox provides a new deployment model for edge applications based on Kubernetes. Resources of edge hosts such as the CPU, memory, storage, and network are virtualized for scheduling, and applications are containerized for orchestration. You can use EdgeBox for lifecycle management and remote O&M of edge applications. Edgebox provides high security, high availability, reliable disaster recovery, and efficient resource utilization for the applications.
Multiple Edgeboxes can be virtualized into a single resource pool that includes resources such as the CPUs and the memory. Applications are packaged into containers and orchestrated within the resource pool. At the same time, EdgeBox ensures the reliability and security of the applications that run in the resource pool.

2. Industry analysis

The current mainstream application deployment model often requires independent software vendors (ISVs) or users to provide one or more servers in the on-premises data center. This model has several problems:

Deployment and O&M

Without standardized infrastructure for edge applications, performing day-to-day tasks such as updates, monitoring, and remote O&M of applications becomes a challenge. Users are often unable to perform on-demand updates because ISVs often do not provide a dedicated channel for application updates. Furthermore, hosts deployed at the edge often do not have a public IP address and rarely allow remote access. This further complicates O&M and monitoring operations, and ISVs must perform such operations on-site. This approach is time-consuming and costly.
Moreover, different applications may require different O&M strategies, which further increase the difficulty of maintaining the applications.

Disaster recovery and fault tolerance

Disaster recovery and fault tolerance operations for applications require a large amount of workload and training. EdgeBox solves this problem by providing a built-in KeepAlived component and middleware (such as MySQL) that creates multiple data replicas. This enables users to achieve high data and service availability in a distributed environment. EdgeBox also provides mechanisms to monitor applications and interact with containers.

Resource scheduling

ISVs often deploy different applications on different hosts to reduce interference from other applications and ensure the isolation of different applications. This inevitably leads to low resource utilization. Customers can choose to use infrastructure as a service (IaaS) solutions such as VMWare and OpenStack, but these solutions are costly and have high O&M requirements. Therefore, this solution is not suitable for small-scale edge applications. However, without such virtual infrastructures, it is also very difficult to scale applications and adjust resource utilization strategies based on actual demands.


The mainstream model for deployment of edge applications introduces a series of security challenges for IT engineers and operators to tackle. Such challenges can include physically securing the hosts, responding to abnormal requests, detecting system looping holes, and performing timely updates. These security issues are often overlooked despite the fact that they are critical to the application deployment.

Integration and coordination

Companies with multiple branches often need to connect edge applications of different branches with the cloud platform of the headquarters. Under the mainstream model, edge-to-cloud requests can be achieved. However, cloud-to-edge communication is not possible and external users cannot use the edge applications. Edge applications of different branches are isolated because there are no dedicated communication channels or centralized account management.

3. Benefits

1. Efficient deployment and O&M


2. Reliable disaster recovery and high fault tolerance


3. High security


Use case

1. Background

The Sunac property services group is a company that serves over 400 residential complexes. To reduce operating costs and improve the experience of the residents, the company wants to transform the residential complexes by using AI technologies. To standardize the AI system for delivery, integration, and continuous O&M, the group came up with the idea “A closed-loop cloud interconnected to multiple closed-looped edges”. To bring this idea to reality, the transformation process requires the following:

  1. Independent edges: The system at the edge can perform basic functions without the need to be connected to the cloud. This prevents possible single-point failures from the headquarters and potential network instability.
  2. Reliable edges: The system at the edge must support fault detection, data migration and data recovery to ensure the overall reliability of the service.
  3. Distributed replication: The overall system (including the subsystems) can be replicated and deployed to multiple residential complexes to reduce the deployment time.
  4. Remote O&M: The business system within each residential complex can be accessed remotely for monitoring, alerts, updates, and various emergency operations.

2. Solution

The Sunac property group has partnered with Alibaba Cloud IoT team to deploy their solution by using EdgeBox and Link IoT Edge. In the solution, applications can be independently managed at the edge and the company can dispatch and deploy applications from the cloud to the edge. This ensures high availability of edge applications and applications can be accessed, updated, and maintained over a remote connection. At the same time, the IoT team developed a dedicated service bus for information exchange so that the system is integrated from the cloud to the edge. By using Edgebox and implementing the solution together with Link IoT Edge, the Sunac property service group is able to quickly replicate and integrate the residence management system and greatly reduce the cost of building smart residential complexes.
The solution:
1. Migrate business applications to and subsequently host them on IoT Platform. These business applications include the pedestrian system, vehicle system, monitoring system, intercom system, and access control system.
2. Two EdgeBoxes are deployed at each residential complex. Each EdgeBox is installed with components for device access, high availability, data service, and threat detection.
3. During the deployment, applications are dispatched from the cloud to the EdgeBoxes and quickly replicated across different residential complexes.
4. To implement central management, the system is integrated with the internal management system of the Sunac property services group.

3. Results

By using Edgebox and implementing the solution together with Link IoT Edge, the Sunac property service group is able to quickly replicate and integrate the residence management system and greatly reduce the cost of building smart residential complexes.

阿里云首页 物联网应用托管服务 相关技术圈