For a bit of context before I ask the question, we want to deploy Boundary in hybird cloud.
For example, we want to deploy controller in one of AWS regions, and controller might be in same region/other region/other cloud provider.
In this case, thought every region should have public LB for worker to connect to private VPC.
But cross-regional network may not be easy, which means we may need to choose a “central” region to deploy the controller.
While I was looking for hybird cloud case, this Github Issue has one point.
Regarding worker -> controller communication. The communication needs to be in both directions:
1. The worker needs to be able to connect to the controller to register itself.
2. The controller needs to be able to connect to the worker to handle session establishment for a given client.
So my question is, so far, does boundary controoler need to be able to acees the worker?
I have two guesses. One of them is that it has always been like this but has not been mentioned obviously, and the other is that it has been optimized in the current version because I did not see the controller connect to the worker in any model diagram