Is anyone deploying MAAS regiond in the cloud, and rackd on-prem?

davehauk · 5 February 2024 19:01

Hey everyone, done some digging around in the docs and the forums, but didn’t find anything relevant. I’m wondering if anyone is running MAAS with regiond in the cloud, and rackd on prem? I assume this is possible over a VPN, however i was wondering about TLS or multual TLS (mTLS) between the two to protect communications?

Reason being, i’m looking at managing a small number of racks (10-30) spread out all over the world in private datacenters that aren’t connected to each other. It seems prohibitive to set up a complete instance of MAAS at each site, so my thought was to deploy regiond in the cloud, and connect each rackd to that instance. I don’t want VPN networking, because we don’t want traffic flows between the datacenters for isolation, but would love to have a single point of provisioning.

Thoughts? Ideas? experience to share?

Thanks in advance!

alexsander-souza · 6 February 2024 17:37

Hi @davehauk ,

disclaimer: this setup is not officially supported by MAAS. We are aware that some people managed to make it work, but your millage may vary. Make sure you at least have enough bandwidth to transfer images in a timely manner.

About the VPN routing, you can:

disable IP forwarding in the region controllers; or
look at DMVPN or similar point-to-multi-point VPN solutions, where you can block traffic between sites through the central node.