| Info |
|---|
TunHub is a Cloudaware-managed proxy integration designed to ensure a secure connection between customer local network resources and Cloudaware CMDB. This guide explains how to set up TunHub in Cloudaware. |
To see the TunHub integration in action, request a demo.
...
Proxy configuration can be deployed to any Breeze agent that meets requirements. Up to 2 two Breeze agents (active and standby) can be designated to support single endpoint connection.
...
Customers are able to set up the TunHub integration using a self-service interface in Cloudaware Admin panel.
Breeze
...
setup
Select any existing or a new server that has access to the resources in your private network and may communicate to Cloudaware. Follow the steps below to install Breeze agent:
...
3. Once Breeze is installed, the server gets access to breeze-server.cloudaware.com and may act as TunHub proxy.
TunHub
...
setup
Create
...
a tunnel
Create a tunnel to grant Cloudaware access to your private network resources. A tunnel should contain one or more routes, which can be added on the next step.
1. Log in to Cloudaware account → Admin.
2. Find TunHub in the list of integrations. Click +Add.
...
3. Fill in out the required informationform:
...
WHERE
*Description - the integration name
**Primary Channel - Breeze Agent ID of Breeze agent installed on the host (pay attention to this field as it cannot be edited later!)
...
****Dedicated Port - check this box if it is not possible to have unique public source IP addresses for all egress TunHub connections in your organization. This will assign a dedicated port out of 30000-40000 range (ensure that your firewall allows egress for this range). Otherwise, TunHub listens on port 443 and expects the connection to be established from a unique public IP address.
4. Click Save to test the connection.
54. Review the integration details. The yellow light in 'Primary Channel' means that TunHub is waiting for the local collector proxy (Breeze) to connect.
Configure
...
routes
TunHub integration should have at least one route configured. A route is an entity that maps a private address in your network to the one which is reachable by Cloudaware. The route generates an alternate address which customers may use for adding integrations that require secure connection.
...
Integration Name | Destination Host/Port To Be Used For Field(s) |
|---|---|
URL (e.g. https://tunhub.cloudaware.com:12345) | |
URL (e.g. https://tunhub.cloudaware.com:12345) | |
Host (e.g. https://tunhub.cloudaware.com) | |
URL (e.g. https://tunhub.cloudaware.com/12345)Ports Note that ports 17774 (or 17778 for older versions) should be used as remote ports in TunHub routes. |
5. Go back to the integration details. The green light in 'Primary Channel' means that TunHub integration has been successfully added. If there is a red light, please contact support@cloudaware.com.
...
If the checkbox ‘Managed by Cloudaware' is checked, neither a managed tunnel nor its routes can be edited/deleted by a customer.
API
...
access
The Cloudaware TunHub integration enables a secure connection to private Kubernetes, VMware, SCCM, Snowflake, Rancher, Jira, and other environments. Customers can use the external Cloudaware API to programmatically request the list of TunHub gateways (tunnels) or routes, change settings for a specific gateway, and swap primary and secondary channels.
...
2. Use external.tunhub.tunnels APIs to send requests.
Sample
...
requests
the initial request to get the list of TunHub gateways (tunnels)
...