NetFoundry and Cradlepoint SDN solution with Container technology.
The following guide provides guidance on the installation of NetFoundry Ziti Tunnel endpoint software on to a supported Cradlepoint router. Base functionality has been validated on a E300 router with Advanced features enabled.
Assumptions
1. NetFoundry account with associated network componentry.
- Network Controller
- Fabric Router(s)
- Console account {nfconsole.io)
- NetFoundry Endpoint software installed on workstation.
2. Cradlepoint NetCloud account with associated account and supported hardware/software feature.
______________________________________________________________________
Step 1. From the NetFoundry Console, create an endpoint. Download associated JWT file.
Step 2. Open JWT file with code/text editor and copy contents to clipboard.
Step 3. Insert contents of JWT file into the template Compose file below:
NF_REG_TOKEN variable sample below:
NF_REG_TOKEN=JWT Key
version: '2.4'
NOTE: the sample above is inserting the container into a default container network which utilizes the PRIMARY LAN underlay network of the device - 192.168.60.0/24.
Step 4. From the NetCloud web console we will build the container from the compose.yaml file create in step 3. Save and Commit changes in the NetCloud console. Your system will pull the container image and run the project/container on the device. Check logging for any errors and correct and validate running container.
Verify Container running in NetCloud console
Verify endpoint running in NetFoundry console
Step 5. Once the endpoint is running, we can go back to the NetFoundry web platform and create associated services and AppWAN definitions to gain access to other containers, Device Management and downstream LAN clients. From the web console, select Services on the menu on the left side and then select the Plus sign in the upper right hand corner.
Next we select Advanced Service
From the Create Service menu, create your service. You will provide the name any is ok but should reference the function of the service. For the intercept IP, you can put the desired IP, Hostname or subnet by using network address and mask...e.g. 192.168.60.0/24. You then select the protocols TCP/UDP or both and the desired ports you would like connectivity for.
Under the select endpoints dropdown list, find and select the container endpoint installed on the Cradlepoint device and hit create.
Step 6. Next we will create an AppWAN which is used to provide network access to services for desired endpoints. In this example we will give a remote user access to the "Device LAN" service and a NGINX container. From the web console, select AppWAN from the menu on the left side and then select the Plus sign in the upper right hand corner.
Step 7. Verify desired connectivity by connecting via CLI or Web browser to the IP/Ports defined in the created service.
From your installed NetFoundry client, look at the services in your client to verify they are present.
Comments
0 comments