zrok/assets/js/b2f554cd.00ae2bac.js

1 line
7.2 KiB
JavaScript
Raw Normal View History

"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[477],{10:e=>{e.exports=JSON.parse('{"blogPosts":[{"id":"/introducing_zrok","metadata":{"permalink":"/blog/introducing_zrok","source":"@site/blog/introducing_zrok.md","title":"Introducing zrok","description":"I\'m fortunate that I\'ve had the opportunity to work on many interesting projects throughout my career. I was one of the original developers who broke ground on the OpenZiti project back in 2017. Most of my work on OpenZiti centered on the fabric, data and control plane design, and designing abstractions that would support a lot of what became the \\"edge\\" layers. It\'s been quite exciting to watch OpenZiti blossom and grow over the years.","date":"2023-02-01T15:08:09.000Z","formattedDate":"February 1, 2023","tags":[],"readingTime":4.595,"hasTruncateMarker":false,"authors":[],"frontMatter":{}},"content":"I\'m fortunate that I\'ve had the opportunity to work on many interesting projects throughout my career. I was one of the original developers who broke ground on the [OpenZiti](https://github.com/openziti/ziti) project back in 2017. Most of my work on OpenZiti centered on the [fabric](https://github.com/openziti/fabric), data and control plane design, and designing abstractions that would support a lot of what became the \\"edge\\" layers. It\'s been quite exciting to watch OpenZiti blossom and grow over the years. \\n\\nFor the last six months, I\'ve had the opportunity to re-approach the world of zero-trust and next-generation networking from the other side of the stack. Instead of working in the lowest layers of protocols and abstractions, I\'m working from the perspective of usability and enabling an amazing end-user experience. I\'m excited to introduce you to a new set of tools designed to empower users at the network edge to seamlessly and transparently share resources. Imagine network sharing that is equally secure and transparent.\\n\\nThis new project is called... `zrok`.\\n\\n`zrok` focuses on streamlining sharing for both developers and end users alike. `zrok` takes inspiration from several other offerings that streamline developer endpoint sharing. Starting from that recipe, `zrok` adds powerful capabilities that are made possible by building on the foundation provided by OpenZiti.\\n\\nHere are some of the things that make `zrok` different...\\n\\n## Private Sharing\\n\\nMost of the offerings in this space allow you to easily create \\"tunnels\\" that allow outbound-only access to local HTTP resources without punching any holes in a firewall. These tools make these kinds of tunnels effortless to create; with a single command, you\'ve got a public URL that you can share to allow access to your endpoint.\\n\\n`zrok` expands on this model by supporting something that we\'re calling \\"private sharing\\". Private sharing allows you to share securely on the zero-trust overlay network, without exposing anything to the public internet. You\'re still sharing with a single command, but your resources are only available to other `zrok` users through the zero-trust overlay network.\\n\\nIn this model, no user ever has to enable any inbound access. All network access is handled through the secure, zero-trust overlay network. `zrok` handles all of the control plane management of the overlay network, deeply simplifying the experience. This secure sharing model remains the single-command affair that users have come to expect.\\n\\nAnd if you want public sharing, `zrok` has that also. Our private sharing modes are an additional capability that `zrok` adds to the recipe. `zrok` supports fleets of \\"public frontends\\" that can be geographically deployed wherever your internet users need them.\\n\\n## Files; Repositories; Video... Decentralized\\n\\nMost of the other offerings in this space are focused on sharing low-level network resources. These tools are often used by developers or operations staff to allow access to a private HTTP endpoint or to facilitate a callback to a private endpoint through a webhook. It\'s considered table stakes