Skip to main content
Version: Next

Dynamic nodes

Dynamic Node feature allows users to add and remove nodes on demand. Users only need to configure a node and connect it to the unit. Everything else is managed automatically by Aos services.

Aos core design

Since a node can operate in either provisioned or unprovisioned mode, and each mode has a different set of active services, this distinction influences the overall system design.

In provisioned mode, the CM (Communication Manager) serves as the central point of interaction between the cloud and the unit. The SM (Service Manager) and UM (Update Manager) services register themselves with CM. Only after successful registration they can execute commands received from the cloud.

In contrary to others, IAM is accessed by CM directly and serves as a source of information about the node, manages certificates. In unprovisioned mode it is the only active Aos service, that's why IAM server on the main node directly manages connections to secondary node IAM clients. For that purpose it provides RegisterNode grpc method, invoked by the clients to register themselves on the unit. aos-prov scripts interacts directly with IAM server during provisioning and the latter forwards requests further to secondary nodes. Concerning IAM server on secondary nodes, their main purpose is providing general node information, certificates to local services.

There is a sequence diagram of unit provisioning below.

Currently supported deprovisioning of secondary nodes only. The sequence is shown below:

Node configuration

An Aos node has a set of configuration files located in the /etc/aos directory. These files are described in detail on the corresponding documentation page. In the context of dynamic node setup, we focus on service URLs, which represent a "use" relationship in the component diagram.

The following configuration snippets illustrate a test VM setup:

  • The main node has a static IP, while secondary nodes use dynamic IPs.
  • Secondary nodes do not interact with one another, so they can share the same local hostname.

Below are extracts from the IAM configuration files for both main and secondary nodes:

main node:

root@main:/etc/aos# cat aos_iamanager.cfg
{
  "IAMProtectedServerURL": ":8089",
  "IAMPublicServerURL": ":8090",
  ...
}

secondary node:

root@secondary:/etc/aos# cat aos_iamanager.cfg
{
  "IAMProtectedServerURL": ":8089",
  "IAMPublicServerURL": ":8090",

  "MainIAMPublicServerURL": "main:8090",
  "MainIAMProtectedServerURL": "main:8089",
  ...
}

Here MainIAM(Public/Protected)ServerURL is a server URL where IAM clients connect to(absent on the main node). IAM(Public/Protected)URL address of local IAM server.

UM/SM configuration files set up addresses to local IAM & main CM server.

root@secondary:/etc/aos# cat aos_servicemanager.cfg
{
    "IAMProtectedServerURL": "secondary:8089",
    "IAMPublicServerURL": "secondary:8090",
    "CMServerURL": "main:8093",
    ...
}
root@main:/etc/aos# cat aos_servicemanager.cfg
{
    "IAMProtectedServerURL": "main:8089",
    "IAMPublicServerURL": "main:8090",
    "CMServerURL": "main:8093",
    ...
}
root@secondary:/etc/aos# cat aos_updatemanager.cfg
{
    "IAMPublicServerURL": "secondary:8090",
    "CMServerURL": "main:8091",
    ...
}
root@main:/etc/aos# cat aos_updatemanager.cfg
{
    "IAMPublicServerURL": "main:8090",
    "CMServerURL": "main:8091",
    ...
}

aos_communicationmanager.cfg configures IAM address and parameters for SM & UM servers. This file as well as the service itself located on the main node only.

root@main:/etc/aos# cat aos_communicationmanager.cfg
{
    "IAMProtectedServerURL": "main:8089",
    "IAMPublicServerURL": "main:8090",

    "SMController": {
        "CMServerURL": ":8093",
    },
    "UMController": {
        "CMServerURL": ":8091",
    },
    ...
}