Environments

Environments in NetFoundry Frontdoor represent secure runtime contexts where your Frontdoor Agent operates to expose your backend services. Each Environment establishes a trusted connection between your local infrastructure and NetFoundry's global network, enabling you to create Shares that make your services accessible through the internet without opening firewall ports.

What is an Environment?

An Environment is a secure, isolated runtime context created when you deploy and run a NetFoundry Frontdoor Agent on your infrastructure. The Environment serves as the foundation for all your service sharing activities, providing the secure tunnel and identity management necessary to connect your backend services with NetFoundry's global network.

Each Environment maintains a unique identifier (zId) that provides cryptographic identity and is created automatically when you install and bootstrap the Frontdoor Agent on your systems. Environments establish secure, encrypted tunnels without requiring inbound firewall ports and support deployment across various operating systems and environments. They serve as the essential resource foundation required for creating Shares that expose your services publicly.

Illustration of what an Environment looks like

graph TB
    A[Your Infrastructure] --> B[Frontdoor Agent]
    B --> C[NetFoundry Infrastructure]
    C --> D[Internet Users]

    subgraph "Environment"
        subgraph "Your Network"
        A
        B
        end
    C
    end

Security and Best Practices

Environment Security

Unique Identity Each Environment receives a cryptographically secure identity that cannot be spoofed or replicated.

Encrypted Communication All traffic between your Environment and NetFoundry's network is encrypted end-to-end.

Zero-Trust Architecture Environments operate on zero-trust principles - no implicit trust is granted based on network location.

Deployment Best Practices

Strategic Placement Deploy Frontdoor Agents (and create Environments) close to your backend services to minimize latency.

Descriptive Naming Use clear, descriptive names for your Environments to make management easier:

production-web-server
development-api-gateway
staging-database-proxy

Resource Planning Consider the resource requirements of your backend services when planning Environment deployment.

Monitoring Regularly review Environment metrics to understand usage patterns and performance.

Environment Lifecycle Management

Regular Review Periodically review your Environments to identify unused or outdated instances.

Proper Cleanup Delete Environments that are no longer needed to maintain security and reduce complexity.

Documentation Maintain documentation about what services each Environment supports and its purpose.

Integration with Other Components

Relationship with Shares

Environments serve as the foundation for Shares, with every Share requiring association with a specific Environment to function properly. Shares route traffic through their associated Environment to reach backend services, and when an Environment is deleted, all its Shares immediately become inaccessible.

Connection to Agents

The Frontdoor Agent creates and manages the Environment by automatically creating an Environment during installation while maintaining the secure connection that keeps the Environment operational. Agent configuration directly affects Environment behavior and capabilities, and although stopping an Agent does not delete the Environment, it renders the Environment inaccessible until the Agent is restarted.

Frontend Integration

Environments work with Frontends through Shares to create a complete connectivity path from the public internet to your private services. Frontends receive public traffic and route it to Shares, while Shares use Environments to deliver that traffic securely to your backend services.

Common Use Cases

Production Service Exposure

Create an Environment in your production infrastructure to expose critical services including web applications, APIs, customer-facing services, and partner integration endpoints securely and efficiently.

Development and Testing

Use Environments to share development resources such as internal testing environments, staging systems for validation, and demo environments that provide stakeholders with easy access to development progress.

Multi-Location Deployment

Deploy multiple Environments across different geographic locations to establish regional service presence, support disaster recovery scenarios, and distribute load effectively across geographic regions for optimal performance.

Troubleshooting

Environment Connection Issues

Agent Connectivity If an Environment appears offline, check that the Frontdoor Agent is running and has network access.

Network Configuration Verify that your network allows outbound connections to NetFoundry's infrastructure.

Resource Availability Ensure the system hosting the Agent has sufficient resources and is healthy.

Environment Verification Confirm the target Environment exists and is active before creating Shares.

Next Steps

Learn how to create Shares using your Environments
Explore Frontends to understand how traffic reaches your Environments
Review the Environment API for programmatic management
Set up monitoring and Health Checks for your Environment-based services

What is an Environment?​

Illustration of what an Environment looks like​

Security and Best Practices​

Environment Security​

Deployment Best Practices​

Environment Lifecycle Management​

Integration with Other Components​

Relationship with Shares​

Connection to Agents​

Frontend Integration​

Common Use Cases​

Production Service Exposure​

Development and Testing​

Multi-Location Deployment​

Troubleshooting​

Environment Connection Issues​

Share Creation Problems​

Next Steps​