extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-02-02 11:29:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v0.4.0' into v0.4_backend_mode_tunnel

Browse Source
This commit is contained in:
Michael Quigley 2023-04-17 11:55:09 -04:00
commit c28dd75910
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
10 changed files with 21 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci-build.yml vendored
View File

@ -91,12 +91,12 @@ jobs:
- name: Set Up Container Image Tags for zrok CLI Container - name: Set Up Container Image Tags for zrok CLI Container
env: env:
RELEASE_REPO: openziti/zrok ZROK_CONTAINER_IMAGE_REPO: ${{ vars.ZROK_CONTAINER_IMAGE_REPO || 'openziti/zrok' }}
ZROK_VERSION: ${{ steps.slug.outputs.branch_tag }} ZROK_CONTAINER_IMAGE_TAG: ${{ steps.slug.outputs.branch_tag }}
id: tagprep_cli id: tagprep_cli
run: | run: |
DOCKER_TAGS="" DOCKER_TAGS=""
DOCKER_TAGS="${RELEASE_REPO}:${ZROK_VERSION}" DOCKER_TAGS="${ZROK_CONTAINER_IMAGE_REPO}:${ZROK_CONTAINER_IMAGE_TAG}"
echo "DEBUG: DOCKER_TAGS=${DOCKER_TAGS}" echo "DEBUG: DOCKER_TAGS=${DOCKER_TAGS}"
echo DOCKER_TAGS="${DOCKER_TAGS}" >> $GITHUB_OUTPUT echo DOCKER_TAGS="${DOCKER_TAGS}" >> $GITHUB_OUTPUT

2
README.md
View File

@ -36,7 +36,7 @@ See the [Concepts and Getting Started Guide](docs/getting-started.md) for a full
The single `zrok` binary contains everything you need to operate `zrok` environments and also host your own service instances. Just add an OpenZiti network and you're up and running. The single `zrok` binary contains everything you need to operate `zrok` environments and also host your own service instances. Just add an OpenZiti network and you're up and running.
See the [Self-Hosting Guide](docs/guides/v0.3_self_hosting_guide.md) for details on getting your own `zrok` service instance running. This builds on top of the [OpenZiti Quick Start](https://docs.openziti.io/docs/learn/quickstarts/network/) to have a running `zrok` service instance in minutes. See the [Self-Hosting Guide](docs/guides/self_hosting_guide.md) for details on getting your own `zrok` service instance running. This builds on top of the [OpenZiti Quick Start](https://docs.openziti.io/docs/learn/quickstarts/network/) to have a running `zrok` service instance in minutes.
## Building ## Building

2
cmd/zrok/adminBootstrap.go
View File

@ -27,7 +27,7 @@ func newAdminBootstrap() *adminBootstrap {
command := &adminBootstrap{cmd: cmd} command := &adminBootstrap{cmd: cmd}
cmd.Run = command.run cmd.Run = command.run
cmd.Flags().BoolVar(&command.skipCtrl, "skip-ctrl", false, "Skip controller (ctrl) identity bootstrapping") cmd.Flags().BoolVar(&command.skipCtrl, "skip-ctrl", false, "Skip controller (ctrl) identity bootstrapping")
cmd.Flags().BoolVar(&command.skipFrontend, "skip-frontend", false, "Slip frontend identity bootstrapping") cmd.Flags().BoolVar(&command.skipFrontend, "skip-frontend", false, "Skip frontend identity bootstrapping")
return command return command
} }

4
docker/images/zrok/Dockerfile
View File

@ -1,5 +1,5 @@
# this builds docker.io/openziti/zrok # this builds docker.io/openziti/zrok
FROM registry.access.redhat.com/ubi8/ubi-minimal FROM docker.io/openziti/ziti-cli:0.27.9
# This build stage grabs artifacts that are copied into the final image. # This build stage grabs artifacts that are copied into the final image.
# It uses the same base as the final image to maximize docker cache hits. # It uses the same base as the final image to maximize docker cache hits.
@ -20,7 +20,7 @@ LABEL name="openziti/zrok" \
USER root USER root
### add licenses to this directory ### add licenses to this directory
RUN mkdir -m0755 /licenses RUN mkdir -p -m0755 /licenses
COPY ./LICENSE /licenses/apache.txt COPY ./LICENSE /licenses/apache.txt
RUN mkdir -p /usr/local/bin RUN mkdir -p /usr/local/bin

2
docs/core-features/hosting.md
View File

@ -5,7 +5,7 @@ sidebar_position: 200
## Self-Hosted ## Self-Hosted
`zrok` is not limited to a managed offering. You can [host your own](../guides/self-hosting/v0.3_self_hosting_guide.md) instance of `zrok` as well. `zrok` is `zrok` is not limited to a managed offering. You can [host your own](../guides/self-hosting/self_hosting_guide.md) instance of `zrok` as well. `zrok` is
also freely available as open source software hosted by GitHub under a very permissive Apache v2 license. also freely available as open source software hosted by GitHub under a very permissive Apache v2 license.
## Managed Service ## Managed Service

2
docs/getting-started.md
View File

@ -430,7 +430,7 @@ You use the `zrok reserve` command to create _reserved shares_. Reserved shares
## Self-Hosting a Service Instance ## Self-Hosting a Service Instance
Interested in self-hosting your own `zrok` service instance? See the [self-hosting guide](./guides/self-hosting/v0.3_self_hosting_guide.md) for details. Interested in self-hosting your own `zrok` service instance? See the [self-hosting guide](./guides/self-hosting/self_hosting_guide.md) for details.
[openziti]: https://docs.openziti.io/docs/learn/introduction/ "OpenZiti" [openziti]: https://docs.openziti.io/docs/learn/introduction/ "OpenZiti"
[ zrok-download]: https://zrok.io "Zrok Download" [ zrok-download]: https://zrok.io "Zrok Download"

11
docs/guides/metrics-and-limits/configuring-metrics.md
View File

@ -30,7 +30,7 @@ events:
You'll want to adjust the `events/jsonLogger/handler/path` to wherever you would like to send these events for ingestion into `zrok`. There are additional OpenZiti options that control file rotation. Be sure to consult the OpenZiti docs to tune these settings to be appropriate for your environment. You'll want to adjust the `events/jsonLogger/handler/path` to wherever you would like to send these events for ingestion into `zrok`. There are additional OpenZiti options that control file rotation. Be sure to consult the OpenZiti docs to tune these settings to be appropriate for your environment.
By default the OpenZiti events infrastructure reports and batches events in 1 minute buckets. 1 minute is too large of an interval to provide a snappy `zrok` metrics experience. So, let's increase the frequency to every 5 seconds. Add this to the `network` stanza of your OpenZiti controller: By default, the OpenZiti events infrastructure reports and batches events in 1 minute buckets. 1 minute is too large of an interval to provide a snappy `zrok` metrics experience. So, let's increase the frequency to every 5 seconds. Add this to the `network` stanza of your OpenZiti controller's configuration:
```yaml ```yaml
network: network:
@ -38,9 +38,10 @@ network:
metricsReportInterval: 5s metricsReportInterval: 5s
``` ```
And you'll want to add this stanza to the router configuration for every router on your OpenZiti network: And you'll want to add this stanza to the tail-end of the router configuration for every router on your OpenZiti network:
```yaml ```yaml
# this must be the last router configuration stanza
metrics: metrics:
reportInterval: 5s reportInterval: 5s
intervalAgeThreshold: 5s intervalAgeThreshold: 5s
@ -92,12 +93,12 @@ metrics:
queue_name: events queue_name: events
influx: influx:
url: "http://127.0.0.1:8086" url: "http://127.0.0.1:8086"
bucket: zrok bucket: zrok # the bucket and org must be
org: zrok org: zrok # created in advance in InfluxDB
token: "<secret token>" token: "<secret token>"
``` ```
This configures the `zrok` controller to consume usage events from the AMQP queue, and configures the InfluxDB metrics store. This configures the `zrok` controller to consume usage events from the AMQP queue, and configures the InfluxDB metrics store. The InfluxDB organization and bucket must be created in advance. The `zrok` controller will not create these for you.
## Testing Metrics ## Testing Metrics

2
docs/guides/self-hosting/v0.3_nginx_tls_guide.md → docs/guides/self-hosting/nginx_tls_guide.md
View File

@ -11,7 +11,7 @@ sidebar_label: Nginx TLS
## Before You Begin ## Before You Begin
I'll assume you have a running zrok controller and public frontend and wish to front both with Nginx providing server TLS. Go back to [Self-Hosting Guide](./v0.3_self_hosting_guide.md) if you still need to spin those up. I'll assume you have a running zrok controller and public frontend and wish to front both with Nginx providing server TLS. Go back to [Self-Hosting Guide](./self_hosting_guide.md) if you still need to spin those up.
## Choose a Reverse Proxy Address ## Choose a Reverse Proxy Address

6
docs/guides/self-hosting/v0.3_self_hosting_guide.md → docs/guides/self-hosting/self_hosting_guide.md
View File

@ -47,7 +47,7 @@ Create a controller configuration file in `etc/ctrl.yml`. The controller does no
# /___|_| \___/|_|\_\ # /___|_| \___/|_|\_\
# controller configuration # controller configuration
v: 2 v: 3
admin: admin:
secrets: secrets:
@ -179,7 +179,9 @@ Nice work! The `zrok` controller is fully configured now that you have created t
## Configure the Public Frontend ## Configure the Public Frontend
Create `etc/http-frontend.yml`. You must reiterate the pattern you expressed in the public frontend URL template as a `host_match` pattern, and you may change the default address where the frontend will listen for public access requests. The frontend does not provide server TLS, but you may front the server with a reverse proxy. It is essential the reverse proxy forwards the `Host` header supplied by the viewer. This example will expose the non-TLS listener for the frontend. Create `etc/http-frontend.yml`. This frontend config file has a `host_match` pattern that represents the DNS zone you're using with this instance of zrok. Incoming HTTP requests with a matching `Host` header will be handled by this frontend. You may also specify the interface address where the frontend will listen for public access requests.
The frontend does not provide server TLS, but you may front the server with a reverse proxy. It is essential the reverse proxy forwards the `Host` header supplied by the viewer. This example will expose the non-TLS listener for the frontend.
```yaml ```yaml
host_match: zrok.quigley.com host_match: zrok.quigley.com

2
etc/ctrl.yml
View File

@ -47,7 +47,7 @@ endpoint:
# #
email: email:
host: smtp.server.com host: smtp.server.com
port: 587 port: 587 # this must be a STARTTLS port, not the TLS port (465)
username: "" username: ""
password: "" password: ""
from: ziggy@zrok.io from: ziggy@zrok.io