Private IP Communication Implementation

Objective

Enable private IP communication between eBlobbers and zs3server by leveraging AWS VPC internal networking. This eliminates public IP traffic between these components and ensures secure, cost-efficient communication.

Technical Architecture

1. Network Infrastructure

VPC Design

VPC CIDR: 10.0.0.0/16
Subnets:
- Public Subnet: 10.0.1.0/24 (eBlobbers + Parity Blobbers)
- Private Subnet: 10.0.2.0/24 (zs3server)

Routing Architecture

Internet ↔ Internet Gateway ↔ Public Subnet (Blobbers)
NAT Gateway ↔ Private Subnet (zs3server)

Security Groups

Public SG (allow-web-and-ssh): Attached to blobber instances for internet access.
Private SG (allow-private-communication): Attached to zs3server, restricting traffic to VPC-only communication.

2. Instance Placement Strategy

Blobber Instances

Location: Public subnet (10.0.1.0/24)
Access: Internet-facing for external sync.
Communication: Private IP communication to zs3server.

zs3server Instance

Location: Private subnet (10.0.2.0/24)
Access: Outbound internet via NAT Gateway (for updates, package downloads).
Communication: Private IP endpoints for blobber interactions.

Technical Implementation

1. Terraform Infrastructure

New Resources

Private subnet for zs3server
NAT Gateway for outbound internet
Private route table (linked to NAT Gateway)
Security group for private communication

Modified Resources

zs3server moved into private subnet
Security groups updated for private-only communication

2. Blobber Configuration

Dynamic Private IP Discovery: Blobbers automatically discover zs3server private IP.
Auto-Generated Config Files: Ensures updated configurations without manual intervention.
Continuous Health Monitoring: Keeps communication stable and fault-tolerant.

Implementation Status

Component

Status

Completion

Notes

Infrastructure

✅ Done

100%

VPC, subnets, NAT Gateway, routing

Security Groups

✅ Done

100%

Access control rules applied

Blobber Config

✅ Done

100%

Dynamic IP discovery + monitoring

Technical Deep-Dive

Network Flow

Blobber (10.0.1.x) → Private IP → ZS3Server (10.0.2.x:8080)

Security Implementation

Network isolation: zs3server in private subnet
Security groups enforce access policies
Audit logging tracks all requests

Success Metrics

Private subnet created and verified
NAT Gateway operational
Security groups configured correctly
Private IP communication active between blobbers and zs3server

PreviousOnboarding Flow for ZUS Cache (AWS Marketplace)NextZüs Cache Preliminary Datasheet

Last updated 6 months ago

hashtagObjective

hashtagTechnical Architecture

hashtag1. Network Infrastructure

hashtag2. Instance Placement Strategy

hashtagTechnical Implementation

hashtag1. Terraform Infrastructure

hashtag2. Blobber Configuration

hashtagImplementation Status

hashtagTechnical Deep-Dive

hashtagSuccess Metrics

Objective

Technical Architecture

1. Network Infrastructure

2. Instance Placement Strategy

Technical Implementation

1. Terraform Infrastructure

2. Blobber Configuration

Implementation Status

Technical Deep-Dive

Success Metrics