info_tfgrid/collections/tech/primitives/network/webgw.md

38 lines
2.2 KiB
Markdown
Raw Permalink Normal View History

2024-04-23 12:20:22 +00:00
# Web Gateway
2024-02-27 11:11:12 +00:00
2024-04-04 10:29:06 +00:00
The Web Gateway is a mechanism to connect private networks to the open Internet in such a way that there is no direct connection between the Internet and the secure workloads running in the ZMachines.
2024-02-27 11:11:12 +00:00
![](img/webgateway.jpg)
2024-04-04 10:29:06 +00:00
### Key Benefits
2024-03-18 12:28:08 +00:00
2024-02-27 11:11:12 +00:00
- Separation between where compute workloads are and where services are exposed
2024-04-04 10:29:06 +00:00
- Redundancy: Each app can be exposed on multiple web gateways at once
- Support for many interfaces
2024-02-27 11:11:12 +00:00
- Helps resolve shortage of IPv4 addresses
### Implementation
2024-04-04 10:29:06 +00:00
Some 3Nodes support gateway functionality (this is configured by the farmers). A 3Node with gateway configuration can then accept gateway workloads and forward traffic to ZMachines that only have Planetary Network or IPv6 addresses.
2024-02-27 11:11:12 +00:00
2024-04-04 10:29:06 +00:00
The gateway workloads consist of a name (prefix) that first needs to be reserved on the blockchain. Then, the list of backend IPs. There are other flags that can be set to control automatic TLS (please check Terraform documentation for the exact details of a reservation).
2024-02-27 11:11:12 +00:00
2024-04-04 10:29:06 +00:00
Once the 3Node receives this workload, the network configures proxy for this name and the Planetary Network IPs.
2024-02-27 11:11:12 +00:00
### Security
2024-04-04 10:29:06 +00:00
ZMachines have to have a Planetary Network IP or any other IPv6 (IPv4 is also accepted). This means that any person connected to the Planetary Network can also reach the ZMachine without the need for a proxy.
2024-02-27 11:11:12 +00:00
2024-04-04 10:29:06 +00:00
So it's up to the ZMachine owner/maintainer to make sure it is secured and that only the required ports are open.
2024-02-27 11:11:12 +00:00
### Redundant Network Connection
![](img/redundant_net.jpg)
### Unlimited Scale
![](img/webgw_scaling.jpg)
2024-04-04 10:29:06 +00:00
The network architecture is a pure scale-out network system. It can scale to unlimited size, there is simply no bottleneck. Network "supply" is created by network farmers, and network "demand" is done by TF Grid users.
2024-02-27 11:11:12 +00:00
2024-04-04 10:29:06 +00:00
Supply and demand scale independently. For supply, there can be unlimited network farmers providing web gateways on their own 3Nodes, and unlimited compute farmers providing 3Nodes for compute and storage. The demand side is driven by developers creating software that runs on the grid, system integrators creating solutions for enterprises, and so on. Globally, there is exponentially-growing demand for data processing and storage use cases.