Skip to main content

Anapaya EDGE/CORE/GATE appliance

The Anapaya appliance is the integrated software platform powering the Anapaya EDGE, CORE, and GATE products. It enables seamless deployment and management of SCION networks, offering robust tools for network operations and administration.

The Anapaya appliance offers a specification-compliant implementation of the SCION data plane, control plane, and PKI. For interoperability with traditional IP networks, it includes IP-in-SCION tunneling and a BGP daemon. All components are managed through a unified interface, simplifying configuration and control via the appliance API.

How to interact with the Anapaya appliance

The Anapaya appliance offers a feature-rich HTTP REST API supporting the following interactions:

  • Configuring the appliance.
  • Inspecting the health of the appliance.
  • Provisioning cryptographic material, such as TRCs and certificates.
  • Managing secrets.
  • Using basic SCION tools such as scion ping and scion showpaths that help with exploring the network and basic troubleshooting.
  • Collecting debug information for troubleshooting.

The full API documentation is available under appliance API

To interact with the appliance API, there is a range of options available:

  • Use the Anapaya CONSOLE, a central orchestration tool, for managing all your Anapaya appliances via your browser.
  • Use the appliance-cli to interact with the appliance via a command-line interface.
  • Use the HTTP REST API directly with tools like curl or automation tools like Ansible.

Configuration

The entire Anapaya appliance configuration is stored in a single JSON file. This facilitates backup and restore of the appliance configuration - an appliance can be restored to a previous state by applying a configuration backup, or freshly provisioned by installing the appliance base image and then applying the configuration file.

For security reasons, secrets such as forwarding keys and sensitive credentials are not stored in the configuration file. This prevents accidental leaks when sharing or backing up appliance configurations. Secrets must be provisioned separately using the management API, CLI, or orchestration tools. Always ensure that secrets are handled according to your organization's security policies and best practices. Refer to the Secrets management to learn more about managing secrets on the Anapaya appliance.

Telemetry

Each appliance exports rich telemetry data, logs, and events to a central collector based on Prometheus. Details on the exported metrics and their semantics are described in section Monitoring.

Next steps

Follow the Getting started section to set up your Anapaya appliance.