ziti
ziti copied to clipboard
openziti
Request for ziti helm chart
Considering ziti quickstart runs in docker, is this a valid assumption that ziti can be deployed in a Kubernetes cluster? and if yes, can I please request a helm chart for ziti deployment?
Hi @abvaidya! Yes, you can most definitely run an edge-router, whole openziti network, whatever you like within a kubernetes cluster. A helm chart for deployment of the whole stack has been on the docket for a long time but not done yet.
The good news is that you can deploy a node into your cluster right now via helm and have a secure, private kubernetes cluster with no ingress controllers declared by simply running the ziti-edge-tunnel helm chart that's already out there.
I used this helm chart quite a bit. Recently it was used as part of deploying a zitified prometheus instance into a kubernetes cluster. You can see how I used it in the prometheus blog or in the kubeztl article.
We have the charts out on github in our 'test kitchen' for now if you're interested in checking them out you can find them here. We publish a small bit of doc via pages too https://openziti-test-kitchen.github.io/helm-charts/
If you need more help - you'll be best of posting over in our discourse at https://openziti.discourse.group/. It's got a lower volume of email for us devs and we spot posts on the forum a bit easier than issues. It also has more visibility than just the people following the ziti repo.
Let me know if that solves your issue or not. Cheers, thanks for taking the time to post a request!
Hi. I've build some helm charts for ziti-controller, ziti-router and ziti-console - they are available here
It would be cool if somebody could double check if it's working for his enviroment before I make a PR. I've adopted the quickstart and build up a kubenetes quickstart variant
Cheers & Happy Holidays, Chris
Hi Chris. Happy holidays and cheers to you as well. Most/many of the maintainers are enjoying the holidays. We'll check in after the new year (or sooner if someone finds the time)
Thanks for the issue/future pr! :)
@marvkis @marvin-enthus Will you please GPG sign your commits so I can preserve your authorship when merging? I want to get the charts you wrote into a branch so I can tinker with them. I created a matching controller-router-charts branch for you to target with a pull request.
Hi @qrkourier,
Sorry for taking a bit longer - I'm quite busy these days and it feels like I havn't uses GPG for 10 years ;)
I hope the PR is fine now ;)
Cheers, Chris
Hi,
I was wondering about the name of ziti-host how does it fit in? Wouldn't be ziti-edge-tunneler a better name for the container / chart?
Bye, Chris
I was wondering about the name of
ziti-hosthow does it fit in? Wouldn't beziti-edge-tunnelera better name for the container / chart?
Hi Chris! I'm loving your work on the charts. I've only had a chance to review the controller so far, but I'll get to the rest soon.
As for the container image openzit/ziti-host, the name has not been popular and it's a common point of confusion. ziti-host is a particular use case for the preferred tunneler binary, ziti-edge-tunnel. That use case is the hosting-only mode of the tunneler (reverse proxy only, no interception or nameserver), and so that image runs ziti-edge-tunnel run-host. There is already a container image named openziti/ziti-edge-tunnel that runs ziti-edge-tunnel run, which "run" mode is the intercepting proxy with nameserver.
Here's the readme about these images: https://docs.openziti.io/docs/reference/tunnelers/linux/container/