Kdi Service, short for Keysight Distributed Infrastructure service, revolutionizes how test and measurement equipment interacts within a network. This comprehensive guide delves into the architecture, components, and functionalities of the KDI service, highlighting its benefits for modern testing environments.
KDI Fabric Architecture
KDI Fabric: The Foundation of Distributed Testing
The KDI service operates within a networked environment known as the KDI Fabric. This fabric consists of interconnected nodes, securely communicating via KDI Framework components. At its core lies the KDI Root, acting as the central server responsible for managing and monitoring all connected nodes, ensuring secure connectivity and data integrity.
KDI Root: The Central Hub
The KDI Root serves as the central management hub for the entire KDI Fabric. It maintains a comprehensive database of registered users, connected nodes (KDI Leaf nodes), their associated applications, and any cloud connections.
Key Features of KDI Root:
- Node Management: The KDI Root oversees the registration of new nodes. Any new node attempting to join the fabric requires administrator approval, ensuring network security and controlled access.
- Secure Communication: Leveraging KDIS (KDI Authentication Service) and a token-based authentication mechanism, the KDI Root establishes a secure communication framework within the fabric.
- Granular Authorization Control: OpenFGA integration provides fine-grained access control, managing permissions based on relationships between resources, users, and nodes.
- KDI Management UI: This web application provides a centralized interface for managing user credentials, processing node registration requests, and monitoring the entire fabric. It offers a comprehensive overview of all fabric members and their status.
KDI Leaf: Extending the Network
A KDI Leaf represents any device equipped with a KDI Controller (KDIC) and connected to the KDI Root. These devices can range from PCs and test stations to various instruments, seamlessly integrating into the KDI Fabric.
KDIC: Enabling Seamless Communication
The Keysight Distributed Infrastructure Controller (KDIC) is a fundamental software component residing on both KDI Root and KDI Leaf nodes. It facilitates seamless communication and data exchange within the KDI Fabric.
KDIS: Securing the Fabric
The KDI Authentication Service (KDIS) acts as a secure gateway, authenticating and authorizing all incoming connections to the KDI Root. This ensures only authorized users and devices can access the fabric. KDIS supports both internal users and federated user accounts managed by Keysight. Hydra, an open-source authentication and authorization framework, is integrated with KDIS to manage user access and token issuance.
OpenFGA: Fine-Grained Access Control
OpenFGA, an open-source authorization system, empowers KDI service with relationship-based access control (ReBAC). This enables granular control over resource access by defining permissions based on the relationships between users, nodes, and other resources.
KDIU and KDIP: Internal Components
KDI Updater (KDIU) and KDI Proxy (KDIP) are essential internal components responsible for automated software installations and secure internal communication within the KDI Fabric. These components are not directly exposed for external use.
Database: Persistent Data Storage
KDI service utilizes SQLite for persistent data storage on the KDI Root. Keysight’s cloud-based solution, KDIG Cloud, leverages PostgreSQL for its storage needs. This ensures data integrity and reliability across different deployments.
KDI Gateway: Connecting Multiple Fabrics
The KDI Gateway (KDIG) facilitates communication between multiple KDI Fabrics. Each fabric connecting to KDIG receives a unique Fabric ID, enabling centralized management and access to Keysight Cloud services.
Global Service and KDI Client: Expanding Capabilities
Non-KDI services can advertise their connection details through a Global Service Description File on the KDI Root. This allows KDI Clients, applications connecting to the KDI Fabric, to access and utilize these services directly.
Conclusion: KDI Service – A Powerful Solution for Distributed Testing
KDI service provides a robust and secure foundation for distributed testing environments. Its modular architecture, secure communication protocols, and granular access control mechanisms ensure efficient management and utilization of test resources. The KDI service enables seamless integration of various instruments and devices, streamlining testing workflows and enhancing overall productivity.
