Guides

In-depth technical guides and reference architectures for NetActuate services. These guides cover networking concepts, design patterns, automation workflows, and best practices that apply across multiple products.

Getting Started

• Compute Node Quickstart — fastest path to running VMs on NetActuate, with Ansible or Terraform
• AI-Assisted Provisioning — use Claude Code, Cursor, or Copilot to deploy VMs and anycast clusters
• AI-Assisted VPU Encoding — deploy a NETINT Quadra VPU and run CPU vs VPU encoding benchmarks with AI assistants
• End-to-End Anycast Global Deployment — end-to-end guide from account setup through BGP validation

Automation Patterns

• Terraform + Ansible Handoff — provision with Terraform, configure with Ansible using the inventory output pattern
• CI/CD Integration — patterns for deploying to NetActuate infrastructure from GitHub Actions, GitLab CI, and other pipeline tools

Anycast and BGP

• ECMP Load Balancing — how equal-cost multipath routing distributes traffic across multiple servers at a single location
• Redundant Anycast Groups — designing primary, secondary, and tertiary anycast architectures for DNS and other services
• Mixed Provider Anycast — best practices for announcing the same prefix from NetActuate alongside other network providers
• Bring Your Own IP — using your own IP address space on the NetActuate network

Service Architectures

• Anycast DNS with KnotDNS — production-grade anycast DNS using KnotDNS across 30+ PoPs

VM Build Options

• Building VMs with Cloud-Init — pass cloud-init or bash scripts at build time via the API
• Building VMs with Firewall Sets — apply firewall rules before the VM is reachable
• Building VMs with Multiple NICs and VLANs — attach secondary NICs to Cloud VLANs at build time
• Using Secrets Manager with Cloud-Init — inject credentials into cloud-init without plaintext storage
• Advanced VM Build — complete build request combining firewall, cloud-init, secrets, and VLANs

Cloud Networking and Routing

• Private Cloud Networking with VPC — deploy isolated private networks with bastion gateways, firewall rules, NAT, and floating IPs
• Load Balancing with VPC — HTTP (L7) and Network (L4) load balancing inside a VPC with SSL termination and health checks
• Connecting Multiple Sites with Magic Mesh — create a full-mesh BGP overlay between cloud routers at different locations
• Site-to-Site VPN with Cloud Routers — IPSec and WireGuard VPN tunnels between NetActuate and on-premises or third-party networks
• Multi-Region Application Deployment — combine VPCs, Kubernetes, routers, and storage across multiple PoP locations

Kubernetes

• Deploying Managed Kubernetes with Terraform — provision NKE clusters, retrieve kubeconfig, deploy workloads, and scale workers
• Kubernetes Anycast with k3s — self-managed k3s with MetalLB BGP for anycast service IPs
• Kubernetes Anycast with BGP Controller — automated BGP anycast on Kubernetes with health-based failover

Storage and Secrets

• Object Storage with S3 API — provision S3-compatible buckets and object stores, access with AWS CLI
• Block Storage for Persistent Data — Ceph-backed block namespaces and volumes for databases and persistent workloads
• Infrastructure Secrets with Terraform — manage secret lists and inject credentials into VMs via cloud-init
• Using Secrets Manager with Cloud-Init — inject credentials into cloud-init without plaintext storage

Infrastructure and Security

• DDoS Best Practices — layered DDoS mitigation model and Anycast group design for attack resilience
• Redundancy Layers — understanding the multiple layers of redundancy built into the NetActuate infrastructure stack
• VM Scaling — vertical scaling (resize CPU/RAM) and horizontal autoscaling (auto-provision VMs with BGP/ECMP)
• In-Place VM Scaling with Terraform — change VM plans without rebuilding, preserving IP addresses and disk contents
• VPU Encoding with NETINT Quadra — deploy a VM with a NETINT Quadra VPU and run hardware-accelerated video encoding with FFmpeg