Overview
A security gateway is a proxy system designed to integrate and interconnect iPaaS and your private network service. You can use it when you want to integrate your private network service through iPaaS (deployed in the public cloud) but your private network service is inaccessible over the public network.
A security gateway consists of the Server and the Agent:
- The Server is deployed in the private network of iPaaS, and you don't need to care about it.
- The Agent is deployed in your private network. You can deploy multiple Agents in different regions or for different services and use the security gateway for forwarding data to implement data interaction between iPaaS and your private network service.
Configuring the Agent
Step 1. Download the Agent
- Log in to the iPaaS console and select Security gateway.
- Click Create and upload a public key as instructed in Generating Public and Private Keys.
- Configure the Agent IP allowlist and private network service, confirm the information, and click Save.
- Click Download Agent in the security gateway list.
- The directory structure of the decompressed Agent package is as detailed below:
- The
bindirectory contains the executable programs of the Agent, which are in sub-directoriesLinux,Windows, andMacfor use on different operating systems. - The
configsdirectory contains the configurations required for Agent execution. Inconfigs:- The
clientdirectory stores the configurations such as key required for Agent TLS communication. Such configurations correspond to those of the Server. Files in this directory cannot be deleted or modified. - The
secretdirectory stores the private key for the Agent to connect to the Server. For more information on how to generate a private key, see Generating Public and Private Keys. - The
config.yamlfile contains configurations that must be depended on for Agent execution. - The
logger_config.yamlfile contains the log configuration for Agent execution. You can modify the log level and log backup policy.
- The
- The
logdirectory stores logs generated during Agent execution. - The
scriptsdirectory stores the Agent startup/stop scripts (start.sh/stop.sh).
- The
Step 2. Configure Agent logs
You can modify the logger_config.yaml file in the ipaas-private-cloud-agent/configs directory of the Agent to modify the gateway log level and log backup policy as needed. The meaning of each parameter has been detailed in the file.
Step 3. Start the Agent
Run the startup script for your operating system to start the Agent:
Run the following command to start the Agent:
./ipaas-private-cloud-agent/scripts/mac/start.shRelevant commands
Below are the commands for stopping the Agent on different operating systems:
Run the following command to stop the Agent:
./ipaas-private-cloud-agent/scripts/stop.shGenerating Public and Private Keys
Step 1. Check the OpenSSL version
Run the following command to check whether OpenSSL has been installed:
openssl version
If the OpenSSL version information can be output normally after the command is executed, OpenSSL has been installed and you can skip step 2; otherwise, install OpenSSL as instructed below.
Step 2. Install OpenSSL
The OpenSSL installation method varies by operating system as follows:
Step 3. Generate and update public and private keys
- Run the following command to generate a private key:
openssl genrsa -out private.pem 1024
Note:Place the generated private key in the
ipaas-private-cloud-agent/configs/secretdirectory.
2. Run the following command to generate a public key for the private key. Thepublic.pemfile generated in the current directory is the public key.
openssl rsa -in private.pem -RSAPublicKey_out -out public.pem
- To generate a new private key, replace the
private.pemfile in theipaas-private-cloud-agent/configs/secretdirectory.
Yes
No
Was this page helpful?