Deploying on a Real Network =========================== This section explains how to configure the Manta platform on a real network, where each node runs on a different device, and the Manta Manager and Mosquitto broker are deployed on another device (either the same or separate machines). 1. Configure the Manager to Accept Remote Connections ----------------------------------------------------- By default, the Manta Manager listens only on `localhost`. To allow connections from other devices on the network, you need to specify the correct network interface. Run the following command on the device hosting the Manager: .. code:: console $ manta_manager -d -vvv --host "0.0.0.0" --mqtt_host **Explanation:** - :code:`--host "0.0.0.0"`: Allows the Manager to accept connections from **any network interface** on the machine. - If you want to restrict access to a specific network interface (e.g., only allow connections from a local network), specify the corresponding **IP address** instead of `0.0.0.0`. - Example: :code:`--host 192.168.1.100` will allow connections only from the local network associated with that IP. - :code:`--mqtt_host `: Specifies the MQTT broker's address that the Manager and nodes will connect to. - **Note:** :code:`` and :code:`` **can be the same machine** or separate ones. **Important:** - :code:`` and :code:`` must be **accessible from the nodes** within their network. - If deploying across different networks, use the **public IP address** or a **hostname registered in a public DNS** instead of a private local IP. 2. Configure the Nodes to Connect to the Manager ------------------------------------------------ Each node must explicitly connect to the Manta Manager using its network address. On each node, run: .. code:: console $ manta_node -d -vvv --m_host **Explanation:** - :code:`--m_host `: Instructs the node where to find the Manager. - **Do not use** :code:`--random_id` or :code:`--ls_port`, as these options are primarily for simulations on a single machine. **Important:** - :code:`` must be accessible from all nodes. - If the nodes are **on different networks**, use a **public IP** or **DNS hostname** instead of a local private IP. 3. Configure Mosquitto for Remote Access ---------------------------------------- By default, Mosquitto **only accepts local connections**. To allow remote connections, update its configuration: 1. Open the Mosquitto configuration file: .. code:: console $ sudo nano /etc/mosquitto/mosquitto.conf 2. Add or modify the following lines: .. code:: ini listener 1883 0.0.0.0 allow_anonymous true 3. Restart Mosquitto: .. code:: console $ sudo systemctl restart mosquitto **Important:** - :code:`` must be accessible from both the **Manager** and all **nodes**. - If the devices are on different networks, use the **public IP address** or a **DNS hostname**. 4. Configure the Firewall ------------------------- If the nodes still cannot connect, verify that the firewall on the Manager allows incoming connections. 1. Check the firewall status: .. code:: console $ sudo ufw status verbose 2. If the firewall is enabled, allow the necessary ports: .. code:: console $ sudo ufw allow 50051/tcp # Manta Manager port (unsecured mode) $ sudo ufw allow 50050/tcp # Secured connection port (certificate retrieval) $ sudo ufw allow 1883/tcp # Mosquitto broker port (default) 3. Reload the firewall rules: .. code:: console $ sudo ufw reload **Important:** - The ports you need to open **depend on the configuration** of the Manta Manager and the Mosquitto broker. - If you have configured Mosquitto to use a **different port** (e.g., 8883 for secure MQTT), you must allow that port instead of :code:`1883`. - If using **custom ports** for the Manta Manager (:code:`--port` or :code:`--secured_port` flags), ensure those ports are open. - Always verify the connectivity by checking if the nodes can reach the Manager and MQTT broker.