add Linux package for router #1801

qrkourier · 2024-03-06T06:59:36Z

No description provided.

qrkourier · 2024-03-08T19:57:54Z

ziti/cmd/create/config_templates/router.yml

@@ -40,8 +40,8 @@ link:
 {{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}#{{ end }}  - binding: tunnel
 {{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}#{{ end }}    options:
 {{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}#      mode: host #tproxy|host{{ else }}      mode: {{ .Router.TunnelerMode }} #tproxy|host{{ end }}
-{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }}      resolver: udp://{{ .Router.Edge.AdvertisedHost }}:53{{ end }}
-{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }}      lanIf: {{ .Router.Edge.LanInterface }}{{ end }}
+{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }}      resolver: {{ .Router.Edge.Resolver }}{{ end }}


use xgress default udp://127.0.0.1:53, not hostname, which is invalid, and make it configurable with ZITI_ROUTER_TPROXY_RESOLVER.

qrkourier · 2024-03-10T01:23:49Z

.github/workflows/publish-docker-images.yml


      - name: Build & Push Multi-Platform Router Container Image to Hub
        uses: docker/build-push-action@v3
        with:
          builder: ${{ steps.buildx.outputs.name }}
-          context: ${{ github.workspace }}/dist/docker-images/ziti-router/
+          context: ${{ github.workspace }}/
+          file: ${{ github.workspace }}/dist/docker-images/ziti-router/Dockerfile


elevate the build context to the root dir of the repo to enable sharing the entrypoint/bootstrap scripts that are also used by the Linux package

qrkourier · 2024-03-10T01:24:53Z

dist/cloudfront/get.openziti.io/routes.yml

@@ -38,3 +38,7 @@
 - get: /zdew/
  raw: /openziti/desktop-edge-win/main/release-streams/
  file: latest.json
+
+- get: /dist/


add a shortcut so we can provide examples in docs like wget https://get.openziti.io/docker-images/ziti-router/compose.yml

qrkourier · 2024-03-10T01:25:23Z

dist/dist-packages/linux/nfpm-openziti-router.yaml

@@ -0,0 +1,35 @@
+# nfpm configuration file


This file extends the pattern used by the CLI and controller Linux packages.

qrkourier · 2024-03-10T01:26:49Z

dist/dist-packages/linux/openziti-router/bootstrap.bash

@@ -0,0 +1,77 @@
+#!/usr/bin/env bash


This router bootstrapping script defines the default run state for a router deployed as a Linux package or container (except K8s, which has its default state).

qrkourier · 2024-03-10T01:33:00Z

dist/docker-images/ziti-router/Dockerfile

+      microdnf -y install --setopt=install_weak_deps=0 --setopt=tsflags=nodocs ${INSTALL_PKGS}
+
+# set a var for entrypoint.bash to find this script
+ENV ZITI_ROUTER_BOOTSTRAP_BASH=/bootstrap.bash


setting default values in the image allows using the ziti-router container without docker compose

qrkourier · 2024-03-10T01:34:26Z

dist/docker-images/ziti-router/README.md

give an overview of the router container and explain in detail how to use it in tproxy mode to provide an intercepting sidecar to another application container in a Docker network

qrkourier · 2024-03-10T01:35:10Z

dist/docker-images/ziti-router/compose.yml

a generic compose file for the router container may be used with any router mode

dist/docker-images/ziti-router/entrypoint.sh

quickstart/docker/all-in-one/compose.yml

qrkourier · 2024-03-15T22:33:00Z

ziti/cmd/create/create_config_environment.go

@@ -85,14 +85,15 @@ func NewCmdCreateConfigEnvironment() *cobra.Command {
 		PreRun: func(cmd *cobra.Command, args []string) {
 			data.PopulateConfigValues()
 			// Set router identities
-			SetZitiRouterIdentity(&data.Router, validateRouterName(""))
+			SetZitiRouterIdentity(&data.Router, validateRouterName(os.Getenv(constants.ZitiEdgeRouterNameVarName)))


bugfix: was ignoring the env var

qrkourier · 2024-03-15T22:34:04Z

ziti/cmd/create/create_config_environment.go

 			// Set up other identity info
 			SetControllerIdentity(&data.Controller)
 			SetEdgeConfig(&data.Controller)
 			SetWebConfig(&data.Controller)

 			environmentOptions.EnvVars = []EnvVar{
 				{constants.ZitiHomeVarName, constants.ZitiHomeVarDescription, data.ZitiHome},
+				{constants.ZitiNetworkNameVarName, constants.ZitiNetworkNameVarDescription, data.HostnameOrNetworkName},


include ZITI_NETWORK_NAME in environment generator so it can be preserved when set

qrkourier · 2024-03-15T22:34:34Z

ziti/cmd/create/create_config_environment.go

@@ -126,6 +127,7 @@ func NewCmdCreateConfigEnvironment() *cobra.Command {
 				{constants.ZitiRouterIdentityCAVarName, constants.ZitiRouterIdentityCAVarDescription, data.Router.IdentityCA},
 				{constants.ZitiEdgeRouterIPOverrideVarName, constants.ZitiEdgeRouterIPOverrideVarDescription, data.Router.Edge.IPOverride},
 				{constants.ZitiEdgeRouterAdvertisedAddressVarName, constants.ZitiEdgeRouterAdvertisedAddressVarDescription, data.Router.Edge.AdvertisedHost},
+				{constants.ZitiEdgeRouterResolverVarName, constants.ZitiEdgeRouterResolverVarDescription, data.Router.Edge.Resolver},


include the new ZITI_ROUTER_TPROXY_RESOLVER in the generated env

qrkourier · 2024-03-15T22:35:30Z

ziti/cmd/helpers/env_helpers.go

@@ -202,6 +203,9 @@ func NormalizePath(input string) string {
 func GetRouterAdvertisedAddress() string {
 	return getFromEnv(constants.ZitiEdgeRouterAdvertisedAddressVarName, HostnameOrNetworkName)
 }
+func GetZitiEdgeRouterResolver() string {
+	return getFromEnv(constants.ZitiEdgeRouterResolverVarName, defaultValue(xgress_edge_tunnel.DefaultDnsResolver))


get the default resolver URI from xgress_edge_tunnel

qrkourier · 2024-03-22T17:40:10Z

Package builds

RPM, DEB for amd64, arm, arm64 available for download from fork builds of "release-next": https://github.com/qrkourier/ziti/actions/workflows/main.yml?query=branch%3Arelease-next

Container image builds

amd64, arm64:

docker pull kbinghamnetfoundry/ziti-router:release-next

README: https://github.com/openziti/ziti/blob/linux-package-router/dist/docker-images/ziti-router/README.md

Ops Doc Preview

https://ziti-doc-git-deploy-router-openziti.vercel.app/docs/reference/deployments/router/deployment

…ner ziti-router

…testing locally

add Docker controller example

qrkourier force-pushed the linux-package-router branch from 5ece993 to c8950cb Compare March 6, 2024 07:31

qrkourier changed the title ~~add Linux package openziti-router~~ add Linux package for router Mar 6, 2024

qrkourier force-pushed the linux-package-router branch 2 times, most recently from a3c08f0 to fd887bc Compare March 8, 2024 19:53

qrkourier force-pushed the linux-package-controller branch from da52f66 to acb38db Compare March 8, 2024 20:09

qrkourier force-pushed the linux-package-router branch 4 times, most recently from 39c86c2 to cedd6a6 Compare March 10, 2024 01:44

qrkourier commented Mar 11, 2024

View reviewed changes

qrkourier force-pushed the linux-package-controller branch 5 times, most recently from 461c4b5 to 8ed2af3 Compare March 14, 2024 20:30

qrkourier force-pushed the linux-package-router branch from cedd6a6 to 491d4d9 Compare March 15, 2024 22:16

qrkourier commented Mar 15, 2024

View reviewed changes

qrkourier force-pushed the linux-package-controller branch from 8ed2af3 to c2b37a9 Compare March 19, 2024 22:08

qrkourier force-pushed the linux-package-router branch 2 times, most recently from b2c6b35 to 528a471 Compare March 19, 2024 22:27

qrkourier marked this pull request as ready for review March 22, 2024 05:01

qrkourier requested review from a team as code owners March 22, 2024 05:01

qrkourier force-pushed the linux-package-controller branch from c2b37a9 to 5ea1fe0 Compare March 22, 2024 15:03

qrkourier force-pushed the linux-package-router branch from d1fc5ff to 8dfdae4 Compare March 22, 2024 16:31

qrkourier force-pushed the linux-package-router branch 2 times, most recently from 6206dd2 to 90203a4 Compare March 25, 2024 17:35

qrkourier added 2 commits March 25, 2024 13:41

add Linux package openziti-router; add bootstrapping to Docker contai…

9625a6f

…ner ziti-router

add option to set router tproxy DNS IP range in generated config and env

6b401c2

qrkourier added 2 commits March 25, 2024 13:41

grant net bind kernel capability if tproxy mode and privileged port

3f260af

disable router tunnel binding by default

60fe207

qrkourier force-pushed the linux-package-router branch from 90203a4 to 60fe207 Compare March 25, 2024 17:42

qrkourier added 3 commits March 26, 2024 14:46

set optional prerelease revision tag on packages and containers when …

d4c063c

…testing locally

add controller container project file and example

3ff331f

Merge pull request #1884 from openziti/docker-controller

2fe25cc

add Docker controller example

qrkourier merged commit ec47737 into linux-package-controller Apr 2, 2024
11 checks passed

qrkourier deleted the linux-package-router branch April 2, 2024 16:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add Linux package for router #1801

add Linux package for router #1801

qrkourier commented Mar 6, 2024

qrkourier Mar 8, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 10, 2024

qrkourier Mar 15, 2024

qrkourier Mar 15, 2024

qrkourier Mar 15, 2024

qrkourier Mar 15, 2024

qrkourier commented Mar 22, 2024 •

edited

Loading

add Linux package for router #1801

add Linux package for router #1801

Conversation

qrkourier commented Mar 6, 2024

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

qrkourier commented Mar 22, 2024 • edited Loading

Package builds

Container image builds

Ops Doc Preview

qrkourier commented Mar 22, 2024 •

edited

Loading