-
Notifications
You must be signed in to change notification settings - Fork 154
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add Linux package for router #1801
Conversation
5ece993
to
c8950cb
Compare
a3c08f0
to
fd887bc
Compare
da52f66
to
acb38db
Compare
39c86c2
to
cedd6a6
Compare
@@ -40,8 +40,8 @@ link: | |||
{{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}#{{ end }} - binding: tunnel | |||
{{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}#{{ end }} options: | |||
{{ if or .Router.IsFabric (eq .Router.TunnelerMode "none") }}# mode: host #tproxy|host{{ else }} mode: {{ .Router.TunnelerMode }} #tproxy|host{{ end }} | |||
{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }} resolver: udp://{{ .Router.Edge.AdvertisedHost }}:53{{ end }} | |||
{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }} lanIf: {{ .Router.Edge.LanInterface }}{{ end }} | |||
{{ if and (not .Router.IsFabric) (eq .Router.TunnelerMode "tproxy") }} resolver: {{ .Router.Edge.Resolver }}{{ end }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use xgress default udp://127.0.0.1:53
, not hostname, which is invalid, and make it configurable with ZITI_ROUTER_TPROXY_RESOLVER
.
|
||
- name: Build & Push Multi-Platform Router Container Image to Hub | ||
uses: docker/build-push-action@v3 | ||
with: | ||
builder: ${{ steps.buildx.outputs.name }} | ||
context: ${{ github.workspace }}/dist/docker-images/ziti-router/ | ||
context: ${{ github.workspace }}/ | ||
file: ${{ github.workspace }}/dist/docker-images/ziti-router/Dockerfile |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
elevate the build context to the root dir of the repo to enable sharing the entrypoint/bootstrap scripts that are also used by the Linux package
@@ -38,3 +38,7 @@ | |||
- get: /zdew/ | |||
raw: /openziti/desktop-edge-win/main/release-streams/ | |||
file: latest.json | |||
|
|||
- get: /dist/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add a shortcut so we can provide examples in docs like wget https://get.openziti.io/docker-images/ziti-router/compose.yml
@@ -0,0 +1,35 @@ | |||
# nfpm configuration file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file extends the pattern used by the CLI and controller Linux packages.
@@ -0,0 +1,77 @@ | |||
#!/usr/bin/env bash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This router bootstrapping script defines the default run state for a router deployed as a Linux package or container (except K8s, which has its default state).
microdnf -y install --setopt=install_weak_deps=0 --setopt=tsflags=nodocs ${INSTALL_PKGS} | ||
|
||
# set a var for entrypoint.bash to find this script | ||
ENV ZITI_ROUTER_BOOTSTRAP_BASH=/bootstrap.bash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
setting default values in the image allows using the ziti-router container without docker compose
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
give an overview of the router container and explain in detail how to use it in tproxy mode to provide an intercepting sidecar to another application container in a Docker network
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a generic compose file for the router container may be used with any router mode
461c4b5
to
8ed2af3
Compare
cedd6a6
to
491d4d9
Compare
@@ -85,14 +85,15 @@ func NewCmdCreateConfigEnvironment() *cobra.Command { | |||
PreRun: func(cmd *cobra.Command, args []string) { | |||
data.PopulateConfigValues() | |||
// Set router identities | |||
SetZitiRouterIdentity(&data.Router, validateRouterName("")) | |||
SetZitiRouterIdentity(&data.Router, validateRouterName(os.Getenv(constants.ZitiEdgeRouterNameVarName))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bugfix: was ignoring the env var
// Set up other identity info | ||
SetControllerIdentity(&data.Controller) | ||
SetEdgeConfig(&data.Controller) | ||
SetWebConfig(&data.Controller) | ||
|
||
environmentOptions.EnvVars = []EnvVar{ | ||
{constants.ZitiHomeVarName, constants.ZitiHomeVarDescription, data.ZitiHome}, | ||
{constants.ZitiNetworkNameVarName, constants.ZitiNetworkNameVarDescription, data.HostnameOrNetworkName}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
include ZITI_NETWORK_NAME in environment generator so it can be preserved when set
@@ -126,6 +127,7 @@ func NewCmdCreateConfigEnvironment() *cobra.Command { | |||
{constants.ZitiRouterIdentityCAVarName, constants.ZitiRouterIdentityCAVarDescription, data.Router.IdentityCA}, | |||
{constants.ZitiEdgeRouterIPOverrideVarName, constants.ZitiEdgeRouterIPOverrideVarDescription, data.Router.Edge.IPOverride}, | |||
{constants.ZitiEdgeRouterAdvertisedAddressVarName, constants.ZitiEdgeRouterAdvertisedAddressVarDescription, data.Router.Edge.AdvertisedHost}, | |||
{constants.ZitiEdgeRouterResolverVarName, constants.ZitiEdgeRouterResolverVarDescription, data.Router.Edge.Resolver}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
include the new ZITI_ROUTER_TPROXY_RESOLVER in the generated env
@@ -202,6 +203,9 @@ func NormalizePath(input string) string { | |||
func GetRouterAdvertisedAddress() string { | |||
return getFromEnv(constants.ZitiEdgeRouterAdvertisedAddressVarName, HostnameOrNetworkName) | |||
} | |||
func GetZitiEdgeRouterResolver() string { | |||
return getFromEnv(constants.ZitiEdgeRouterResolverVarName, defaultValue(xgress_edge_tunnel.DefaultDnsResolver)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
get the default resolver URI from xgress_edge_tunnel
8ed2af3
to
c2b37a9
Compare
b2c6b35
to
528a471
Compare
c2b37a9
to
5ea1fe0
Compare
d1fc5ff
to
8dfdae4
Compare
Package builds
Container image builds
Ops Doc Preview |
6206dd2
to
90203a4
Compare
90203a4
to
60fe207
Compare
add Docker controller example
No description provided.