Networking
- This section provides an overview of various networking components for the aerOS deployment. These networking components ensure that:
All aerOS services deployed within each aerOS domain are securely and efficiently exposed. Selected APIs are used to access aerOS core services and enable federation and orchestration among aerOS domains integrated acrros the continuum.
IoT service components which are distributed accross multiple aerOS domain and still need to operate as a single service/applciation can securely connect and receive direct access among them.
- A convenient sequence for the deployment and configuration of components supporting aerOS networking would be:
Deploy MetalLB
Deploy Ingress resource and controller
Deploy KrackenD
Deploy Certificate manager
Deploy Wireguard VPN server
Finaly if we need to access domain from public interent a 1-1 NAT from a public IP to aerOS domain LAN IP is needed. (In this case FQDN bound to this public IP should be taken into account when configuring Certification manager for TLS).
Please follow the next sections for a detailed description and deployment guide of these components.