Deploying on a Real Network

This section explains how to configure the Manta platform on a real network, where each node runs on a different device, and the Manta Manager and Mosquitto broker are deployed on another device (either the same or separate machines).

1. Configure the Manager to Accept Remote Connections

By default, the Manta Manager listens only on localhost. To allow connections from other devices on the network, you need to specify the correct network interface.

Run the following command on the device hosting the Manager:

$ manta_manager -d -vvv --host "0.0.0.0" --mqtt_host <mqtt_host>

Explanation:

  • --host "0.0.0.0": Allows the Manager to accept connections from any network interface on the machine.

    • If you want to restrict access to a specific network interface (e.g., only allow connections from a local network), specify the corresponding IP address instead of 0.0.0.0.

    • Example: --host 192.168.1.100 will allow connections only from the local network associated with that IP.

  • --mqtt_host <mqtt_host>: Specifies the MQTT broker’s address that the Manager and nodes will connect to.

    • Note: <mqtt_host> and <manager_host> can be the same machine or separate ones.

Important:

  • <manager_host> and <mqtt_host> must be accessible from the nodes within their network.

  • If deploying across different networks, use the public IP address or a hostname registered in a public DNS instead of a private local IP.

2. Configure the Nodes to Connect to the Manager

Each node must explicitly connect to the Manta Manager using its network address. On each node, run:

$ manta_node -d -vvv --m_host <manager_host>

Explanation:

  • --m_host <manager_host>: Instructs the node where to find the Manager.

  • Do not use --random_id or --ls_port, as these options are primarily for simulations on a single machine.

Important:

  • <manager_host> must be accessible from all nodes.

  • If the nodes are on different networks, use a public IP or DNS hostname instead of a local private IP.

3. Configure Mosquitto for Remote Access

By default, Mosquitto only accepts local connections. To allow remote connections, update its configuration:

  1. Open the Mosquitto configuration file:

    $ sudo nano /etc/mosquitto/mosquitto.conf

  2. Add or modify the following lines:

    listener 1883 0.0.0.0
allow_anonymous true

  3. Restart Mosquitto:

    $ sudo systemctl restart mosquitto

Important:

  • <mqtt_host> must be accessible from both the Manager and all nodes.

  • If the devices are on different networks, use the public IP address or a DNS hostname.

4. Configure the Firewall

If the nodes still cannot connect, verify that the firewall on the Manager allows incoming connections.

  1. Check the firewall status:

    $ sudo ufw status verbose

  2. If the firewall is enabled, allow the necessary ports:

    $ sudo ufw allow 50051/tcp  # Manta Manager port (unsecured mode)
$ sudo ufw allow 50050/tcp  # Secured connection port (certificate retrieval)
$ sudo ufw allow 1883/tcp   # Mosquitto broker port (default)

  3. Reload the firewall rules:

    $ sudo ufw reload

Important:

  • The ports you need to open depend on the configuration of the Manta Manager and the Mosquitto broker.

  • If you have configured Mosquitto to use a different port (e.g., 8883 for secure MQTT), you must allow that port instead of 1883.

  • If using custom ports for the Manta Manager (--port or --secured_port flags), ensure those ports are open.

  • Always verify the connectivity by checking if the nodes can reach the Manager and MQTT broker.