Overview¶
The Anapaya CORE and EDGE product lines together are designed to enable the deployment and operations of a SCION-based Internet. The CORE product is used by Internet Service Providers (ISPs) to provide the core functionality and the backbone of the SCION Internet, while the EDGE product enables the use of the SCION Internet by transparently encapsulating IP-based traffic into SCION-based traffic (IP-in-SCION Tunneling) and ensuring optimal usage of the SCION Internet by choosing optimal network paths through SCION’s path control and multipath capabilities.
On a technical level, the CORE and the EDGE product are implemented as network appliances - both physical and virtual - that can be deployed in existing network infrastructures. One or multiple CORE and/or EDGE appliances together implement a SCION Autonomous System (SCION AS) - the basic unit of the SCION Internet. Each appliance contains a SCION control plane module (control service) and a SCION data plane module (router). The control service takes part in the SCION control plane that creates and disseminates SCION path information, and the router processes and forwards SCION packets according to the path information included in the packet header. Additionally, an EDGE appliance contains an IP-in-SCION tunneling module that encapsulates IP-based traffic into SCION-based traffic.
Given that the Anapaya CORE and EDGE network appliances are similar in their functionality and building blocks, the following sections will commonly refer to them as the appliance or Anapaya appliance. Where appropriate, the text indicates the differences between the two versions.
Interacting with an Anapaya Appliance¶
The Anapaya appliance offers a feature-rich HTTP REST API supporting the following interactions (more will be added in the future):
Manipulating the configuration of the appliance.
Inspecting the status of the appliance.
Provisioning cryptographic material, such as TRCs and certificates.
Using basic SCION tools such as
scion ping
andscion showpaths
that help with exploring the network basic troubleshooting.
The OpenAPI 3 specification of the appliance management API is available here.
The entire appliance configuration is described in a single JSON file. This facilitates backup and restore of the appliance configuration - an appliance can be restored to a previous state by enacting a backup of the configuration or even freshly provisioned by installing the appliance base image and applying the configuration.
To interact with the management API, there is a range of frontends available:
curl (or similar) to interact with the appliance via HTTP from the command line.
A web-UI directly accessible on the appliance.
Anapaya Organization Manager (OrgMan). OrgMan enables central orchestration of multiple EDGE appliances.
It is also possible to use tools like Ansible to orchestrate a fleet of appliances, however, this is out of scope of this knowledge base.
Section Appliance Configuration describes in detail the configuration of an Anapaya appliance.
Telemetry¶
Each appliance exports rich telemetry data, logs, and events to a central collector based on Prometheus. Details on the exported metrics and their semantics are described in section Telemetry.
Next Steps¶
If you are just starting out with the Anapaya appliance, we recommend that you begin with the Getting Started section.
If you are already familiar with the Anapaya appliance, we invite you to check out the Appliance Configuration section or read one of our User Guides.