ZeroTier Own network controller // connection
-
Re: ZeroTier Review
Hello Dear Community,
I played wth ZeroTier some and use it by their hosted service some time now and also set up a cluster by first defining it "old-style" by building the planets file (in attic/world) and distributing it to the corresponding nodes. It worked and now tried building the network controller from the source what also worked without problem. Can talk to it with REST API and will probably deploy it in a k8s cluster with service that makes the automation for authorization etc.
What I didnt get is after I build the network controller part from source with the make option for controller as referenced (ZT_ENABLE_NETWORK_CONTROLLER), how do I tell the nodes to join exactly this private network controller? I mean they all have by installing zerotier the hardcoded roots / planet definition as default or am I mistaken?
Thx for any help and be healthy at this time!
-
I've never bothered to setup my own ZT network controller, so I have no idea.
I think @dafyre did a long time ago, Maybe he can help.
-
Hi @JaredBusch yeah I read your input. I think its easier if used for a productive env since customers would prefer sometimes an own setup with own network HA controllers.
-
Why even bother jumping through all these hoops when Wireguard is so easy?
https://www.wireguard.com/quickstart/ -
Because I already use Wireguard but want to play with ZT @travisdh1
Again I noticed the new ZT has no option of ZT_ENABLE... anymore but is included in the general binary build. Still the same problem of deactivating the public roots (ALICE/BOB) and telling the nodes to just contact my private controller.
-
@travisdh1 said in ZeroTier Own network controller // connection:
Why even bother jumping through all these hoops when Wireguard is so easy?
https://www.wireguard.com/quickstart/They're not the same. ZeroTier does a ton of auto configuring for you. And you don't have to host your own infrastructure for it to work.
-
@JaredBusch said in ZeroTier Own network controller // connection:
I've never bothered to setup my own ZT network controller, so I have no idea.
I think @dafyre did a long time ago, Maybe he can help.
He did. Back when it was only like 5-10 free devices (I forget what the number was). But since you get 100 free now there's not much point unless you really need a lot.
-
@stacksofplates said in ZeroTier Own network controller // connection:
@travisdh1 said in ZeroTier Own network controller // connection:
Why even bother jumping through all these hoops when Wireguard is so easy?
https://www.wireguard.com/quickstart/They're not the same. ZeroTier does a ton of auto configuring for you. And you don't have to host your own infrastructure for it to work.
But @Magrossm isn't just using ZeroTier, they are trying to setup their own server. That's vastly more complicated!
-
@Magrossm said in ZeroTier Own network controller // connection:
Hi @JaredBusch yeah I read your input. I think its easier if used for a productive env since customers would prefer sometimes an own setup with own network HA controllers.
The controller is just for authentication and to build the network. You would still need to run your own moons in your DC but that doesn't stop the traffic from using their planet if ZT thinks it would be faster. I haven't set up my moon up so I'm not sure the whole process. Last I heard, you can't completely decouple yourself from their planet.
-
@travisdh1 said in ZeroTier Own network controller // connection:
@stacksofplates said in ZeroTier Own network controller // connection:
@travisdh1 said in ZeroTier Own network controller // connection:
Why even bother jumping through all these hoops when Wireguard is so easy?
https://www.wireguard.com/quickstart/They're not the same. ZeroTier does a ton of auto configuring for you. And you don't have to host your own infrastructure for it to work.
But @Magrossm isn't just using ZeroTier, they are trying to setup their own server. That's vastly more complicated!
The controller isn't complicated. It's about as complicated as setting default routes and links for wireguard.
-
@stacksofplates said in ZeroTier Own network controller // connection:
@travisdh1 said in ZeroTier Own network controller // connection:
@stacksofplates said in ZeroTier Own network controller // connection:
@travisdh1 said in ZeroTier Own network controller // connection:
Why even bother jumping through all these hoops when Wireguard is so easy?
https://www.wireguard.com/quickstart/They're not the same. ZeroTier does a ton of auto configuring for you. And you don't have to host your own infrastructure for it to work.
But @Magrossm isn't just using ZeroTier, they are trying to setup their own server. That's vastly more complicated!
The controller isn't complicated. It's about as complicated as setting default routes and links for wireguard.
Well, depending on the language you use for the controller I guess.
-
Here's a UI for the controller someone built:
-
@stacksofplates actually I did manually, building the planets file in the working directory myself. Its a bit hacky but works. Problem is the nodes need the same planets file. I thought maybe there is an easier way.
-
@Magrossm said in ZeroTier Own network controller // connection:
@stacksofplates actually I did manually, building the planets file in the working directory myself. Its a bit hacky but works. Problem is the nodes need the same planets file. I thought maybe there is an easier way.
Ah ok they must have finally enabled that. I never looked into it after a couple of years ago. If you have any automation/configuration management set up you should be able to drop that on all of the systems pretty easily.
-
Well i tried it with my own planet file and it doesnt work anymore. The zerotier client never updates itself and is offline for all planets. If I take their planets in, it comes offline. It seems you cannot decouple yourself and so for any teal business case in Europe I can forget this solution since nobody is gonna go this way.
-
Dear all, after some hrs and a great advise of a found personal resource, I got it to work with 3 planets, online and accepting connections. Gonna use the public but for testing it suffices
Thx to anyones input and stay safe/healthy!
-
@Magrossm said in ZeroTier Own network controller // connection:
Dear all, after some hrs and a great advise of a found personal resource, I got it to work with 3 planets, online and accepting connections. Gonna use the public but for testing it suffices
Thx to anyones input and stay safe/healthy!
What did you do to get this to work?
-
@stacksofplates
basically you have to update the planet definition and also include the public identity into the fold. Then they find each other and are online. I will bow try to make it work as a cluster. Keep this post updated...