tweaks for hosting quickstart

This commit is contained in:
Ken Bingham 2023-01-19 09:53:28 -05:00 committed by GitHub
parent 1be754d12d
commit 82e0bdc78a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -19,7 +19,9 @@ Do you want to keep the generated admin password 'XO0xHp75uuyeireO2xmmVlK91T7B9f
```
You'll need that generated password (`XO0xHp75uuyeireO2xmmVlK91T7B9fpD`) when building your `zrok` controller configuration.
## Build a Configuration
## Configure the Controller
Create a controller configuration file in `etc/ctrl.yml`.
```yaml
# _____ __ ___ | | __
@ -48,7 +50,7 @@ ziti:
password: "XO0xHp75uuyeireO2xmmVlK91T7B9fpD"
```
The `admin` section defines privileged administrative credentials (and should be set in you `ZROK_ADMIN_TOKEN` environment variable in shells where you want to remotely access admin capabilities).
The `admin` section defines privileged administrative credentials and must be set in the `ZROK_ADMIN_TOKEN` environment variable in shells where you want to run `zrok admin`.
The `endpoint` section defines where your `zrok` controller will listen.
@ -60,22 +62,22 @@ The `ziti` section defines how the `zrok` controller should communicate with you
The `zrok` binaries are configured to work with the global `zrok.io` service, and default to using `api.zrok.io` as the endpoint for communicating with the service.
To work with a local `zrok` deployment, you'll need to set the `ZROK_API_ENDPOINT` environment variable to point to the address where your `zrok` controller will be listening, as configured in the configuration file above.
To work with a local `zrok` deployment, you'll need to set the `ZROK_API_ENDPOINT` environment variable to point to the address where your `zrok` controller will be listening, according to `endpoint` in the configuration file above.
In my case, I've set:
```
```bash
$ export ZROK_API_ENDPOINT=http://localhost:18080
```
## Bootstrap Ziti for zrok
With your Ziti network running and your configuration saved to a local file (I refer to mine as `etc/dev.yml` in these examples), you're ready to bootstrap the Ziti network.
With your Ziti network running and your configuration saved to a local file (I refer to mine as `etc/ctrl.yml` in these examples), you're ready to bootstrap the Ziti network.
Use the `zrok admin bootstrap` command to bootstrap like this:
```
$ zrok admin bootstrap etc/dev.yml
```bash
$ zrok admin bootstrap etc/ctrl.yml
[ 0.002] INFO main.(*adminBootstrap).run: {
...
}
@ -115,8 +117,8 @@ The `zrok` bootstrap process wants us to create a "public frontend" for our serv
The `zrok admin create frontend` command requires a running `zrok` controller, so let's start that up first:
```
$ zrok controller etc/dev.yml
```bash
$ zrok controller etc/ctrl.yml
[ 0.003] INFO main.(*controllerCommand).run: {
...
}
@ -131,21 +133,30 @@ $ zrok controller etc/dev.yml
[ 0.085] INFO zrok/controller.(*metricsAgent).listen: started
```
With our `ZROK_ADMIN_TOKEN` environment variable set, we can create our public frontend like this:
With our `ZROK_ADMIN_TOKEN` and `ZROK_API_ENDPOINT` environment variables set, we can create our public frontend like this:
```
```bash
$ zrok admin create frontend sqJRAINSiB public http://{token}.zrok.quigley.com:8080
[ 0.037] INFO main.(*adminCreateFrontendCommand).run: created global public frontend 'WEirJNHVlcW9'
```
Now our `zrok` controller is fully configured.
## Configure the Public Frontend
Create `etc/http-frontend.yml`. You must reiterate the pattern you expressed in the public frontend URL template as a `host_match` pattern, and you may change the default address where the frontend will listen for public access requests.
```yaml
host_match: zrok.quigley.com
address: 0.0.0.0:8080
```
## Start Public Frontend
In another terminal window, run:
```
$ zrok access public
```bash
$ zrok access public etc/http-frontend.yml
[ 0.002] INFO main.(*accessPublicCommand).run: {
...
}
@ -156,7 +167,7 @@ This process uses the `frontend` identity created during the bootstrap process t
## Invite Yourself
```
```bash
$ zrok invite
New Email: michael@quigley.com
Confirm Email: michael@quigley.com