almost all the attacks are targeting client side ("adjacent attacker to force a supplicant" ) . A paper from the person that found the flaws has been released, check his twitter.
Am I to understand that lightweight access points connected to a wireless controller is not affected by the vulnerabilities of Krackattacks?
This vulnerability affects anything with a wireless NIC. It's not just wireless AP but also wireless clients as well. Patching the client will fix 9 out of 10 vulnerabilities but not CVE-2017-13082.