zrok
zrok copied to clipboard
openziti
Un-bootstrap (`zrok` <-> Ziti Lifecycle)
It would be nice to have a zrok admin debootstrap command. I would use this to complete the lifecycle of a zrok instance. Today, whenever I iterate, I need to manually clean up any Ziti objects that were created by zrok admin bootstrap.
I think it's just these four entities that are created by zrok admin bootstrap:
# zrok admin debootstrap
ziti edge delete identity ctrl
ziti edge delete identity frontend
ziti edge delete edge-router-policy ctrl
ziti edge delete edge-router-policy frontend
Will be considered as part of a larger effort to revist the Ziti network lifecycle concepts alongside future zrok goals (#301).
Backlog for v0.5 for now.
After spending some more time with zrok it's clear that a CLI utility for managing the ziti entities via zrok will be useful. This BASH script mirrors the the ziti mgmt API operations performed by the zrok controller when a share is deleted.
#!/bin/bash -eux
verb=${1:-list}
case $verb in
delete) where="where";;
*) where="";;
esac
shareToken=$2
ziti edge ${verb} serps $where "tags.zrokShareToken=\"${shareToken}\""
ziti edge ${verb} sps $where "tags.zrokShareToken=\"${shareToken}\" and type=2"
ziti edge ${verb} sps $where "tags.zrokShareToken=\"${shareToken}\" and type=1"
ziti edge ${verb} configs $where "tags.zrokShareToken=\"${shareToken}\""
ziti edge ${verb} services $where "name=\"${shareToken}\""
The list of entities that need de-bootstrapping seems to have shrunk in 0.4. Now, it's only one identity and one ERP, both named "public." I no longer see the identity nor ERP named "ctrl."