Working with Leaf Nodes

A lattice leaf node is nothing more than a wasmcloud host connected to a lattice via a NATS leaf node. Please consult the NATS documentation for detailed information on how to create, configure, manage, and deploy NATS leaf nodes.

What leaf nodes enable for lattice is a way to segment or isolate traffic and/or security boundaries. For example, you can start a NATS leaf node running on the same host as a wasmcloud process. This leaf node could have its own unique (and private) set of credentials used for connecting to the NATS server on the other side of the node. You could then configure the wasmcloud lattice configuration to anonymously connect to the leaf node running on localhost. For more information on the pros and cons of this pattern, consult the security patterns lattice reference.

This segmentation or isolation is ideal for bridging disparate infrastructure. Using leaf nodes at the “edges” or boundaries of your infrastructure allows the lattice to continue to expose a single, flat topology while NATS and leaf nodes take care of all the hard work of optimizing traffic patterns for the interest graph across an arbitrarily complex network.

For example, you could use a leaf node to service all of the lattice traffic for an on-premise sub-portion of the network, which could be a warehouse or a retail facility or even a cluster of IoT devices. This leaf node could then connect back to a cloud, the same cloud connected to by multiple other leaf nodes that allow traffic bridging from wasmcloud hosts running in browsers, on IoT devices, on laptops, and in multiple clouds.

We are not exaggerating at all when we say that the true power of the wasmcloud lattice comes from NATS and NATS leaf nodes.