gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2024-09-23 16:56:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
netmaker/docs/_build/html/architecture.html
afeiszli 4466e34f16 fixing doc version
2021-06-03 13:56:32 -04:00

997 lines
42 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="lang:clipboard.copy" content="Copy to clipboard">
<meta name="lang:clipboard.copied" content="Copied to clipboard">
<meta name="lang:search.language" content="en">
<meta name="lang:search.pipeline.stopwords" content="True">
<meta name="lang:search.pipeline.trimmer" content="True">
<meta name="lang:search.result.none" content="No matching documents">
<meta name="lang:search.result.one" content="1 matching document">
<meta name="lang:search.result.other" content="# matching documents">
<meta name="lang:search.tokenizer" content="[\s\-]+">
<link href="https://fonts.gstatic.com/" rel="preconnect" crossorigin>
<link href="https://fonts.googleapis.com/css?family=Roboto+Mono:400,500,700|Roboto:300,400,400i,700&display=fallback" rel="stylesheet">
<style>
body,
input {
font-family: "Roboto", "Helvetica Neue", Helvetica, Arial, sans-serif
}
code,
kbd,
pre {
font-family: "Roboto Mono", "Courier New", Courier, monospace
}
</style>
<link rel="stylesheet" href="_static/stylesheets/application.css"/>
<link rel="stylesheet" href="_static/stylesheets/application-palette.css"/>
<link rel="stylesheet" href="_static/stylesheets/application-fixes.css"/>
<link rel="stylesheet" href="_static/fonts/material-icons.css"/>
<meta name="theme-color" content="#3f51b5">
<script src="_static/javascripts/modernizr.js"></script>
<title>Architecture &#8212; Netmaker 0.5 documentation</title>
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<link rel="stylesheet" href="_static/material.css" type="text/css" />
<script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
<script src="_static/jquery.js"></script>
<script src="_static/underscore.js"></script>
<script src="_static/doctools.js"></script>
<link rel="author" title="About these documents" href="about.html" />
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="next" title="Quick Start" href="quick-start.html" />
<link rel="prev" title="About" href="about.html" />
</head>
<body dir=ltr
data-md-color-primary=indigo data-md-color-accent=light-blue>
<svg class="md-svg">
<defs data-children-count="0">
<svg xmlns="http://www.w3.org/2000/svg" width="416" height="448" viewBox="0 0 416 448" id="__github"><path fill="currentColor" d="M160 304q0 10-3.125 20.5t-10.75 19T128 352t-18.125-8.5-10.75-19T96 304t3.125-20.5 10.75-19T128 256t18.125 8.5 10.75 19T160 304zm160 0q0 10-3.125 20.5t-10.75 19T288 352t-18.125-8.5-10.75-19T256 304t3.125-20.5 10.75-19T288 256t18.125 8.5 10.75 19T320 304zm40 0q0-30-17.25-51T296 232q-10.25 0-48.75 5.25Q229.5 240 208 240t-39.25-2.75Q130.75 232 120 232q-29.5 0-46.75 21T56 304q0 22 8 38.375t20.25 25.75 30.5 15 35 7.375 37.25 1.75h42q20.5 0 37.25-1.75t35-7.375 30.5-15 20.25-25.75T360 304zm56-44q0 51.75-15.25 82.75-9.5 19.25-26.375 33.25t-35.25 21.5-42.5 11.875-42.875 5.5T212 416q-19.5 0-35.5-.75t-36.875-3.125-38.125-7.5-34.25-12.875T37 371.5t-21.5-28.75Q0 312 0 260q0-59.25 34-99-6.75-20.5-6.75-42.5 0-29 12.75-54.5 27 0 47.5 9.875t47.25 30.875Q171.5 96 212 96q37 0 70 8 26.25-20.5 46.75-30.25T376 64q12.75 25.5 12.75 54.5 0 21.75-6.75 42 34 40 34 99.5z"/></svg>
</defs>
</svg>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search">
<label class="md-overlay" data-md-component="overlay" for="__drawer"></label>
<a href="#architecture" tabindex="1" class="md-skip"> Skip to content </a>
<header class="md-header" data-md-component="header">
<nav class="md-header-nav md-grid">
<div class="md-flex navheader">
<div class="md-flex__cell md-flex__cell--shrink">
<a href="index.html" title="Netmaker 0.5 documentation"
class="md-header-nav__button md-logo">
<i class="md-icon">&#xe869</i>
</a>
</div>
<div class="md-flex__cell md-flex__cell--shrink">
<label class="md-icon md-icon--menu md-header-nav__button" for="__drawer"></label>
</div>
<div class="md-flex__cell md-flex__cell--stretch">
<div class="md-flex__ellipsis md-header-nav__title" data-md-component="title">
<span class="md-header-nav__topic">Netmaker Docs</span>
<span class="md-header-nav__topic"> Architecture </span>
</div>
</div>
<div class="md-flex__cell md-flex__cell--shrink">
<label class="md-icon md-icon--search md-header-nav__button" for="__search"></label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" action="search.html" method="GET" name="search">
<input type="text" class="md-search__input" name="q" placeholder="Search"
autocapitalize="off" autocomplete="off" spellcheck="false"
data-md-component="query" data-md-state="active">
<label class="md-icon md-search__icon" for="__search"></label>
<button type="reset" class="md-icon md-search__icon" data-md-component="reset" tabindex="-1">
&#xE5CD;
</button>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="result">
<div class="md-search-result__meta">
Type to start searching
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="md-flex__cell md-flex__cell--shrink">
<div class="md-header-nav__source">
<a href="https://github.com/gravitl/netmaker/" title="Go to repository" class="md-source" data-md-source="github">
<div class="md-source__icon">
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 24 24" width="28" height="28">
<use xlink:href="#__github" width="24" height="24"></use>
</svg>
</div>
<div class="md-source__repository">
Netmaker
</div>
</a>
</div>
</div>
<script src="_static/javascripts/version_dropdown.js"></script>
<script>
var json_loc = ""versions.json"",
target_loc = "../",
text = "Versions";
$( document ).ready( add_version_dropdown(json_loc, target_loc, text));
</script>
</div>
</nav>
</header>
<div class="md-container">
<nav class="md-tabs" data-md-component="tabs">
<div class="md-tabs__inner md-grid">
<ul class="md-tabs__list">
<li class="md-tabs__item"><a href="index.html" class="md-tabs__link">Netmaker 0.5 documentation</a></li>
</ul>
</div>
</nav>
<main class="md-main">
<div class="md-main__inner md-grid" data-md-component="container">
<div class="md-sidebar md-sidebar--primary" data-md-component="navigation">
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" data-md-level="0">
<label class="md-nav__title md-nav__title--site" for="__drawer">
<a href="index.html" title="Netmaker 0.5 documentation" class="md-nav__button md-logo">
<i class="md-icon">&#xe869</i>
</a>
<a href="index.html"
title="Netmaker 0.5 documentation">Netmaker Docs</a>
</label>
<div class="md-nav__source">
<a href="https://github.com/gravitl/netmaker/" title="Go to repository" class="md-source" data-md-source="github">
<div class="md-source__icon">
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 24 24" width="28" height="28">
<use xlink:href="#__github" width="24" height="24"></use>
</svg>
</div>
<div class="md-source__repository">
Netmaker
</div>
</a>
</div>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="about.html" class="md-nav__link">About</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="about.html#what-is-netmaker" class="md-nav__link">What is Netmaker?</a>
</li>
<li class="md-nav__item">
<a href="about.html#how-does-netmaker-work" class="md-nav__link">How Does Netmaker Work?</a>
</li>
<li class="md-nav__item">
<a href="about.html#use-cases-for-netmaker" class="md-nav__link">Use Cases for Netmaker</a>
</li></ul>
</li>
<li class="md-nav__item">
<input class="md-toggle md-nav__toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc"> Architecture </label>
<a href="#" class="md-nav__link md-nav__link--active">Architecture</a>
<nav class="md-nav md-nav--secondary">
<label class="md-nav__title" for="__toc">Contents</label>
<ul class="md-nav__list" data-md-scrollfix="">
<li class="md-nav__item"><a href="#architecture--page-root" class="md-nav__link">Architecture</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#core-concepts" class="md-nav__link">Core Concepts</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#wireguard" class="md-nav__link">WireGuard</a>
</li>
<li class="md-nav__item"><a href="#mesh-network" class="md-nav__link">Mesh Network</a>
</li>
<li class="md-nav__item"><a href="#netmaker" class="md-nav__link">Netmaker</a>
</li>
<li class="md-nav__item"><a href="#node" class="md-nav__link">Node</a>
</li>
<li class="md-nav__item"><a href="#systemd" class="md-nav__link">SystemD</a>
</li></ul>
</nav>
</li>
<li class="md-nav__item"><a href="#components" class="md-nav__link">Components</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#netmaker-server" class="md-nav__link">Netmaker Server</a>
</li>
<li class="md-nav__item"><a href="#netclient" class="md-nav__link">Netclient</a>
</li>
<li class="md-nav__item"><a href="#mongodb" class="md-nav__link">MongoDB</a>
</li>
<li class="md-nav__item"><a href="#netmaker-ui" class="md-nav__link">Netmaker UI</a>
</li>
<li class="md-nav__item"><a href="#coredns" class="md-nav__link">CoreDNS</a>
</li></ul>
</nav>
</li>
<li class="md-nav__item"><a href="#technical-process" class="md-nav__link">Technical Process</a>
</li>
<li class="md-nav__item"><a href="#compatible-systems-for-netclient" class="md-nav__link">Compatible Systems for Netclient</a>
</li>
<li class="md-nav__item"><a href="#limitations" class="md-nav__link">Limitations</a>
</li></ul>
</nav>
</li>
</ul>
</nav>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#core-concepts" class="md-nav__link">Core Concepts</a>
</li>
<li class="md-nav__item">
<a href="#components" class="md-nav__link">Components</a>
</li>
<li class="md-nav__item">
<a href="#technical-process" class="md-nav__link">Technical Process</a>
</li>
<li class="md-nav__item">
<a href="#compatible-systems-for-netclient" class="md-nav__link">Compatible Systems for Netclient</a>
</li>
<li class="md-nav__item">
<a href="#limitations" class="md-nav__link">Limitations</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="quick-start.html" class="md-nav__link">Quick Start</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="quick-start.html#introduction" class="md-nav__link">Introduction</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#prerequisites" class="md-nav__link">Prerequisites</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#install" class="md-nav__link">Install</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#setup" class="md-nav__link">Setup</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#deploy-nodes" class="md-nav__link">Deploy Nodes</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#manage-nodes" class="md-nav__link">Manage Nodes</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#uninstalling-the-netclient" class="md-nav__link">Uninstalling the netclient</a>
</li>
<li class="md-nav__item">
<a href="quick-start.html#uninstralling-netmaker" class="md-nav__link">Uninstralling Netmaker</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="server-installation.html" class="md-nav__link">Server Installation</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="server-installation.html#notes-on-optional-features" class="md-nav__link">Notes on Optional Features</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#system-compatibility" class="md-nav__link">System Compatibility</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#dns-mode-prereqisite-setup" class="md-nav__link">DNS Mode Prereqisite Setup</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#docker-compose-install" class="md-nav__link">Docker Compose Install</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#linux-install-without-docker" class="md-nav__link">Linux Install without Docker</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#kubernetes-install" class="md-nav__link">Kubernetes Install</a>
</li>
<li class="md-nav__item">
<a href="server-installation.html#configuration-reference" class="md-nav__link">Configuration Reference</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="client-installation.html" class="md-nav__link">Client Installation</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="client-installation.html#introduction-to-netclient" class="md-nav__link">Introduction to Netclient</a>
</li>
<li class="md-nav__item">
<a href="client-installation.html#modes-and-system-compatibility" class="md-nav__link">Modes and System Compatibility</a>
</li>
<li class="md-nav__item">
<a href="client-installation.html#prerequisites" class="md-nav__link">Prerequisites</a>
</li>
<li class="md-nav__item">
<a href="client-installation.html#configuration" class="md-nav__link">Configuration</a>
</li>
<li class="md-nav__item">
<a href="client-installation.html#installation" class="md-nav__link">Installation</a>
</li>
<li class="md-nav__item">
<a href="client-installation.html#managing-netclient" class="md-nav__link">Managing Netclient</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="external-clients.html" class="md-nav__link">External Clients</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="external-clients.html#introduction" class="md-nav__link">Introduction</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="usage.html" class="md-nav__link">Using Netmaker</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="usage.html#external-tutorials" class="md-nav__link">External Tutorials</a>
</li>
<li class="md-nav__item">
<a href="usage.html#basic" class="md-nav__link">Basic</a>
</li>
<li class="md-nav__item">
<a href="usage.html#local-network" class="md-nav__link">Local Network</a>
</li>
<li class="md-nav__item">
<a href="usage.html#site-to-site" class="md-nav__link">Site-to-Site</a>
</li>
<li class="md-nav__item">
<a href="usage.html#dual-stack-with-ipv6" class="md-nav__link">Dual Stack with IPv6</a>
</li>
<li class="md-nav__item">
<a href="usage.html#kubernetes-node-network" class="md-nav__link">Kubernetes Node Network</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="api.html" class="md-nav__link">API Reference</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="api.html#api-usage" class="md-nav__link">API Usage</a>
</li>
<li class="md-nav__item">
<a href="api.html#authentication" class="md-nav__link">Authentication</a>
</li>
<li class="md-nav__item">
<a href="api.html#format-of-calls-for-curl" class="md-nav__link">Format of Calls for Curl</a>
</li>
<li class="md-nav__item">
<a href="api.html#api-documentation" class="md-nav__link">API Documentation</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="troubleshoot.html" class="md-nav__link">Troubleshooting</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="troubleshoot.html#common-issues" class="md-nav__link">Common Issues</a>
</li>
<li class="md-nav__item">
<a href="troubleshoot.html#server" class="md-nav__link">Server</a>
</li>
<li class="md-nav__item">
<a href="troubleshoot.html#ui" class="md-nav__link">UI</a>
</li>
<li class="md-nav__item">
<a href="troubleshoot.html#agent" class="md-nav__link">Agent</a>
</li>
<li class="md-nav__item">
<a href="troubleshoot.html#coredns" class="md-nav__link">CoreDNS</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="support.html" class="md-nav__link">Support</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="support.html#faq" class="md-nav__link">FAQ</a>
</li>
<li class="md-nav__item">
<a href="support.html#issues-bugs-and-feature-requests" class="md-nav__link">Issues, Bugs, and Feature Requests</a>
</li>
<li class="md-nav__item">
<a href="support.html#contact" class="md-nav__link">Contact</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="contribute.html" class="md-nav__link">Contribute</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="contribute.html#submitting-an-issue" class="md-nav__link">Submitting an Issue</a>
</li>
<li class="md-nav__item">
<a href="contribute.html#submitting-an-enhancement" class="md-nav__link">Submitting an Enhancement</a>
</li>
<li class="md-nav__item">
<a href="contribute.html#contributing-code" class="md-nav__link">Contributing Code</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="conduct.html" class="md-nav__link">Code of Conduct</a>
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="conduct.html#our-pledge" class="md-nav__link">Our Pledge</a>
</li>
<li class="md-nav__item">
<a href="conduct.html#our-standards" class="md-nav__link">Our Standards</a>
</li>
<li class="md-nav__item">
<a href="conduct.html#our-responsibilities" class="md-nav__link">Our Responsibilities</a>
</li>
<li class="md-nav__item">
<a href="conduct.html#scope" class="md-nav__link">Scope</a>
</li>
<li class="md-nav__item">
<a href="conduct.html#enforcement" class="md-nav__link">Enforcement</a>
</li>
<li class="md-nav__item">
<a href="conduct.html#attribution" class="md-nav__link">Attribution</a>
</li></ul>
</li>
<li class="md-nav__item">
<a href="license.html" class="md-nav__link">License</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="toc">
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary">
<label class="md-nav__title" for="__toc">Contents</label>
<ul class="md-nav__list" data-md-scrollfix="">
<li class="md-nav__item"><a href="#architecture--page-root" class="md-nav__link">Architecture</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#core-concepts" class="md-nav__link">Core Concepts</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#wireguard" class="md-nav__link">WireGuard</a>
</li>
<li class="md-nav__item"><a href="#mesh-network" class="md-nav__link">Mesh Network</a>
</li>
<li class="md-nav__item"><a href="#netmaker" class="md-nav__link">Netmaker</a>
</li>
<li class="md-nav__item"><a href="#node" class="md-nav__link">Node</a>
</li>
<li class="md-nav__item"><a href="#systemd" class="md-nav__link">SystemD</a>
</li></ul>
</nav>
</li>
<li class="md-nav__item"><a href="#components" class="md-nav__link">Components</a><nav class="md-nav">
<ul class="md-nav__list">
<li class="md-nav__item"><a href="#netmaker-server" class="md-nav__link">Netmaker Server</a>
</li>
<li class="md-nav__item"><a href="#netclient" class="md-nav__link">Netclient</a>
</li>
<li class="md-nav__item"><a href="#mongodb" class="md-nav__link">MongoDB</a>
</li>
<li class="md-nav__item"><a href="#netmaker-ui" class="md-nav__link">Netmaker UI</a>
</li>
<li class="md-nav__item"><a href="#coredns" class="md-nav__link">CoreDNS</a>
</li></ul>
</nav>
</li>
<li class="md-nav__item"><a href="#technical-process" class="md-nav__link">Technical Process</a>
</li>
<li class="md-nav__item"><a href="#compatible-systems-for-netclient" class="md-nav__link">Compatible Systems for Netclient</a>
</li>
<li class="md-nav__item"><a href="#limitations" class="md-nav__link">Limitations</a>
</li></ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content">
<article class="md-content__inner md-typeset" role="main">
<h1 id="architecture--page-root">Architecture<a class="headerlink" href="#architecture--page-root" title="Permalink to this headline"></a></h1>
<a class="reference internal image-reference" href="_images/nm-diagram-2.jpg"><img alt="Netmaker Architecture Diagram" class="align-center" src="_images/nm-diagram-2.jpg" style="width: 45%;"/></a>
<p><em>Pictured Above: A diagram of Netmakers Architecture.</em></p>
<h2 id="core-concepts">Core Concepts<a class="headerlink" href="#core-concepts" title="Permalink to this headline"></a></h2>
<p>Familiarity with several core concepts will help when you encounter them later on in the documentation.</p>
<h3 id="wireguard">WireGuard<a class="headerlink" href="#wireguard" title="Permalink to this headline"></a></h3>
<p>WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the <a class="reference external" href="https://www.wireguard.com/">WireGuard</a> website, “it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.”</p>
<p>Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunnelling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no signigifant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.</p>
<h3 id="mesh-network">Mesh Network<a class="headerlink" href="#mesh-network" title="Permalink to this headline"></a></h3>
<p>When we refer to a mesh network in these documents we are typically referring to a “full mesh.”</p>
<a class="reference internal image-reference" href="_images/mesh.png"><img alt="Full Mesh Network Diagram" class="align-center" src="_images/mesh.png" style="width: 33%;"/></a>
<p>A full <a class="reference external" href="https://www.bbc.co.uk/bitesize/guides/zr3yb82/revision/2">mesh network</a> exists where each machine is able to directly talk to every other machine on the network. For example, on your home network, behind your router, all the computers are likely given private addresses and can reach each other directly.</p>
<p>This is in contrast to a hub-and-spoke network, where each machine must first pass its traffic through a relay server before it can reach other machines.</p>
<p>In certain situations you may either want or need a <em>partial mesh</em> network, where only some devices can reach each other directly, and other devices must route their traffic through a relay/gateway. Netmaker can use this model in some use cases where it makes sense. In the diagram at the top of this page, the setup is a partial mesh, because the servers (nodes A-D) are meshed, but then external clients come in via a gateway, and are not meshed.</p>
<p>Mesh networks are generally faster than other topologies, but are also more complicated to set up. WireGuard on its own gives you the means to create encrypted tunnels between devices, but it does not provide a method for setting up a full network. This is where Netmaker comes in.</p>
<h3 id="netmaker">Netmaker<a class="headerlink" href="#netmaker" title="Permalink to this headline"></a></h3>
<p>Netmaker is a platform built off of WireGuard which enables users to create mesh networks between their devices. Netmaker can create both full and partial mesh networks depending on the use case.</p>
<p>When we refer to Netmaker in aggregate, we are typically referring to Netmaker and the netclient, as well as other supporting services such as CoreDNS, MongoDB, and UI webserver.</p>
<p>From an end user perspective, they typically interact with the Netmaker UI, or even just run the install script for the netclient on their devices. The other components run in the background invisibly.</p>
<p>Netmaker does a lot of work to set configurations for you, so that you dont have to. This includes things like WireGuard ports, endpoints, public IPs, keys, and peers. Netmaker works to abstract away as much of the network management as possible, so that you can just click to create a network, and click to add a machine to a network. That said, every machine (node) is different, and may require special configuration. That is why, while Netmaker sets practical default settings, everything within Netmaker is fully configurable.</p>
<h3 id="node">Node<a class="headerlink" href="#node" title="Permalink to this headline"></a></h3>
<p>A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and recieve traffic from all of the other nodes.</p>
<h3 id="systemd">SystemD<a class="headerlink" href="#systemd" title="Permalink to this headline"></a></h3>
<p>SystemD is a system service manager for a wide array of Linux operating systems. Not all Linux distributions have adopted systemd, but, for better or worse, it has become a fairly common standard in the Linux world. That said, any non-Linux operating system will not have systemd, and many Linux/Unix distributionshave alternative system service managers.</p>
<p>Netmakers netclient, the agent which controls networking on all nodes, relies heavily on systemd as of version 0.3. This reliance is being reduced but is currently a core dependency, causing most of the limitations and incompatibilities. As Netmaker evolves, systemd will become just one of the possible service management options, allowing the netclient to be run on a wider array of devices.</p>
<h2 id="components">Components<a class="headerlink" href="#components" title="Permalink to this headline"></a></h2>
<p>Netmaker consists of several core components, which are explained in high-level technical detail below.</p>
<h3 id="netmaker-server">Netmaker Server<a class="headerlink" href="#netmaker-server" title="Permalink to this headline"></a></h3>
<p>The Netmaker server is, at its core, a golang binary. Source code can be found <a class="reference external" href="https://github.com/gravitl/netmaker">on GitHub</a>. The binary, by itself can be compiled for most systems. If you need to run the Netmaker server on a particular system, it likely can be made to work. In typical deployments, it is run as a Docker container. It can also be run as a systemd service as outlined in the non-docker install guide.</p>
<p>The Netmaker server acts as an API to the front end, and as a GRPC server to the machines in the network. GRPC is much faster and more efficient than standard API calls, which increases the speed of transactions. For this reason, the Netmaker server exposes two ports: The default for the API is 8081, and the default for GRPC is 50051. Either the API or the GRPC server can be disabled on any given Netmaker instance can be disabled, allowing you to deploy two different servers for managing the API (which is largely for the admins use) and GRPC (which is largely for the nodes use).</p>
<p>Most server settings are configurable via a config file, or by environment variables (which take precedence). If the server finds neither of these, it sets sensible defaults, including things like the servers reachable IP, ports, and which “modes” to run in.</p>
<p>These modes include client mode and dns mode. Either of these can be disabled but are enabled by default. Client mode allows you to treat the Netmaker host machine (operating system) as a network Node, installing the netclient and controlling the host network. DNS mode has the server write config settings for CoreDNS, a separate component and nameserver, which picks up the config settings to manage node DNS.</p>
<p>The Netmaker server interacts with (as of v0.3) a MongoDB instance, which holds information about nodes, networks, users, and other important data. This data is configuration data. For the most part, Netmaker serves configuration data to Nodes, telling them how they should configure themselves. The Netclient is the agent that actually does that configuration.</p>
<h3 id="netclient">Netclient<a class="headerlink" href="#netclient" title="Permalink to this headline"></a></h3>
<p>The netclient is, at its core, a golang binary. Source code can be found in the netclient folder of the Netmaker <a class="reference external" href="https://github.com/gravitl/netmaker/tree/master/netclient">GitHub Repository</a>. The binary, by itself, can be compiled for most systems. However, this binary is designed to manage a certain number of Operating Systems. As of version 0.3, it requires systemd in order to manage the host system appropriately. It may be installable, and it may even make the machine a part of the mesh network, but it will not function in entirely (see Compatible Systems for more info) without systemd.</p>
<p>The netclient is installed via a simple bash script, which pulls the latest binary and runs install command.</p>
<p>The install command registers the machine with the Netmaker server using sensible defaults, which can be overridden with a config file or environment variables. Assuming the netclient has a valid key (or the network allows manual node signup), it will be registered in the Netmaker network, which will return configuration details about how to set up the local network.</p>
<p>The netclient then sets itself up in systemd, and configures WireGuard. At this point it should be part of the network.</p>
<p>On a periodic basis (systemd timer), the netclient performs a “check in.” It will authenticate with the server, and check to see if anything has changed in the network. It will also post changes about its own local configuration if there. If there has been a change, the server will return new configurations and the netclient will reconfigure the network.</p>
<p>The check in process is what allows Netmaker to create dynamic mesh networks. As nodes are added to, removed from, and modified on the network, other nodes are notified, and make appropriate changes.</p>
<h3 id="mongodb">MongoDB<a class="headerlink" href="#mongodb" title="Permalink to this headline"></a></h3>
<p>As of v0.3, Netmaker uses MongoDB as its database, and interacts with a MongoDB instance to store and retrieve information about nodes, networks, and users. Netmaker is rapidly evolving, and MongoDB provides a flexible database structure that accelerates development. However, MongoDB is also the heaviest component of Netmaker (high cpu/memory consumption), and is set to be replaced by a lighter-weight, SQL-based database in the future.</p>
<h3 id="netmaker-ui">Netmaker UI<a class="headerlink" href="#netmaker-ui" title="Permalink to this headline"></a></h3>
<p>The Netmaker UI is a ReactJS-based static website which can be run on top of standard webservers such as Apache and Nginx. Source code can be found <a class="reference external" href="https://github.com/gravitl/netmaker-ui">here</a>. In a typical configuration, the Netmaker UI is run on Nginx as a Docker container.</p>
<p>Netmaker can be used in its entirety without the UI, but the UI makes things a lot easier for most users. It has a sensible flow and layout for managing Networks, Nodes, Access Keys, and DNS.</p>
<h3 id="coredns">CoreDNS<a class="headerlink" href="#coredns" title="Permalink to this headline"></a></h3>
<p>v0.3 introduced the concept of private DNS management for nodes. This requires a nameserver, and CoreDNS is the chosen nameserver. CoreDNS is lightweight and extensible. CoreDNS loads dns settings from a simple file, managed by Netmaker, and serves out DNS info for managed nodes. DNS can be tricky, and DNS management is currently only supported on a small set of devices, specifically those running systemd-resolved. However, the Netmaker CoreDNS instance can be added manually as a nameserver to other devices. DNS mode can also be turned off.</p>
<p>Worth considering is that CoreDNS requires port 53 on the Netmaker host system, which may cause conflicts depending on your operating system. This is explained in the <a class="reference internal" href="server-installation.html"><span class="doc">Server Installation</span></a> guide.</p>
<h2 id="technical-process">Technical Process<a class="headerlink" href="#technical-process" title="Permalink to this headline"></a></h2>
<p>Below is a high level, step-by-step overview of the flow of communications within Netmaker (assuming Netmaker has already been installed):</p>
<ol class="arabic simple">
<li><p>Admin creates a new network with a subnet, for instance 10.10.10.0/24</p></li>
<li><p>Admin creates an access key for signing up new nodes</p></li>
<li><p>Both of the above requests are routed to the server via an API call from the front end</p></li>
<li><p>Admin runs the netclient install script on any given node (machine).</p></li>
<li><p>Netclient decodes key, which contains the GRPC server location and port</p></li>
<li><p>Netclient retrieves/sets local information, including open ports for WireGuard, public IP, and generating key pairs for peers</p></li>
<li><p>Netclient reaches out to GRPC server with this information, authenticating via access key.</p></li>
<li><p>Netmaker server verifies information and creates the node, setting default values for any missing information.</p></li>
<li><p>Timestamp is set for the network (see #16).</p></li>
<li><p>Netmaker returns settings as response to netclient. Some settings may be added or modified based on the network.</p></li>
<li><p>Netclient recieves response. If successful, it takes any additional info returned from Netmaker and configures the local system/WireGuard</p></li>
<li><p>Netclient sends another request to Netmakers GRPC server, this time to retrieve the peers list (all other clients in the network).</p></li>
<li><p>Netmaker sends back peers list, including current known configurations of all nodes in network.</p></li>
<li><p>Netclient configures WireGuard with this information. At this point, the node is fully configured as a part of the network and should be able to reach the other nodes via private address.</p></li>
<li><p>Netclient begins daemon (system timer) to run check ins with the server. It awaits changes, reporting local changes, and retrieving changes from any other nodes in the network.</p></li>
<li><p>Other netclients on the network, upon checking in with the Netmaker server, will see that the timestamp has updated, and they will retrieve a new peers list, completing the update cycle.</p></li>
</ol>
<h2 id="compatible-systems-for-netclient">Compatible Systems for Netclient<a class="headerlink" href="#compatible-systems-for-netclient" title="Permalink to this headline"></a></h2>
<dl class="simple">
<dt>To manage a node automatically, the Netmaker client (netclient) requires <strong>systemd-based linux.</strong> Compatible systems include:</dt><dd><ul class="simple">
<li><p>Fedora</p></li>
<li><p>Ubuntu</p></li>
<li><p>Debian</p></li>
<li><p>Mint</p></li>
<li><p>SUSE</p></li>
<li><p>RHEL</p></li>
<li><p>Raspian.</p></li>
<li><p>Arch</p></li>
<li><p>CentOS</p></li>
<li><p>CoreOS</p></li>
</ul>
</dd>
<dt>To manage DNS (optional), the node must have systemd-resolved. Systems that have this enabled include:</dt><dd><ul class="simple">
<li><p>Arch</p></li>
<li><p>Debian</p></li>
<li><p>Ubuntu</p></li>
<li><p>SUSE</p></li>
</ul>
</dd>
</dl>
<h2 id="limitations">Limitations<a class="headerlink" href="#limitations" title="Permalink to this headline"></a></h2>
<p>Install limitations mostly include platform-specific limitations, such as needing systemd or systemd-resolved (see above). In addition the Netmaker platform has some additional limitations:</p>
<ul class="simple">
<li><p><strong>Double NAT</strong>: Netmaker is currently unable to route traffic for devices behind a “double NAT”.</p></li>
<li><p><strong>CGNAT</strong>: Netmaker is currently unable to route traffic for for devices behind a “carrier-grade NAT”.</p></li>
<li><p><strong>Windows/iPhone/Android</strong>: To reiterate the systemd limitation, Netmaker is not currently configured to support “end user” devices such as Windows desktops and phones generally. In v0.4, Netmaker will introduce external device gateways to allow this traffic (and many other sorts of devices).</p></li>
</ul>
</article>
</div>
</div>
</main>
</div>
<footer class="md-footer">
<div class="md-footer-nav">
<nav class="md-footer-nav__inner md-grid">
<a href="about.html" title="About"
class="md-flex md-footer-nav__link md-footer-nav__link--prev"
rel="prev">
<div class="md-flex__cell md-flex__cell--shrink">
<i class="md-icon md-icon--arrow-back md-footer-nav__button"></i>
</div>
<div class="md-flex__cell md-flex__cell--stretch md-footer-nav__title">
<span class="md-flex__ellipsis">
<span
class="md-footer-nav__direction"> Previous </span> About </span>
</div>
</a>
<a href="quick-start.html" title="Quick Start"
class="md-flex md-footer-nav__link md-footer-nav__link--next"
rel="next">
<div class="md-flex__cell md-flex__cell--stretch md-footer-nav__title"><span
class="md-flex__ellipsis"> <span
class="md-footer-nav__direction"> Next </span> Quick Start </span>
</div>
<div class="md-flex__cell md-flex__cell--shrink"><i
class="md-icon md-icon--arrow-forward md-footer-nav__button"></i>
</div>
</a>
</nav>
</div>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-footer-copyright">
<div class="md-footer-copyright__highlight">
&#169; Copyright 2021, Alex Feiszli.
</div>
Created using
<a href="http://www.sphinx-doc.org/">Sphinx</a> 3.5.4.
and
<a href="https://github.com/bashtage/sphinx-material/">Material for
Sphinx</a>
</div>
</div>
</div>
</footer>
<script src="_static/javascripts/application.js"></script>
<script>app.initialize({version: "1.0.4", url: {base: ".."}})</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink