Thanks to visit codestin.com
Credit goes to github.com

Skip to content

make HA clustered mode the default for Docker and Linux distributions of ziti controller #2872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

make HA clustered mode the default for Docker and Linux distributions of ziti controller #2872

wants to merge 2 commits into from
+904 −367

Conversation

@qrkourier
Copy link
Member

@qrkourier qrkourier commented Mar 5, 2025
edited
Loading

Bootstrap a new cluster (spiffe://ziti.example.com/controller/ctrl1) with any of the following:

# explicit node name, trust domain, and address
ZITI_CLUSTER_NODE_NAME=ctrl1
ZITI_CLUSTER_TRUST_DOMAIN=ziti.example.com
ZITI_CTRL_ADVERTISED_ADDRESS=ctrl1.ziti.example.com

or

ZITI_CLUSTER_NODE_NAME=ctrl1
ZITI_CLUSTER_TRUST_DOMAIN=ziti.example.com
# ZITI_CTRL_ADVERTISED_ADDRESS=ctrl1.ziti.example.com # implied address

or

# ZITI_CLUSTER_NODE_NAME=ctrl1 # implied node name
# ZITI_CLUSTER_TRUST_DOMAIN=ziti.example.com # implied trust domain
ZITI_CTRL_ADVERTISED_ADDRESS=ctrl1.ziti.example.com

Join an existing cluster with:

ZITI_CTRL_ADVERTISED_ADDRESS=ctrl3.ziti.example.com
ZITI_CLUSTER_NODE_PKI=/tmp/tmp.POuFPSqvcY

...or by building the new joiner's address with node name and trust name.

where ZITI_CLUSTER_NODE_PKI is a tree like:

├── intermediate
│   ├── certs
│   │   ├── client.cert
│   │   ├── client.chain.pem
│   │   ├── intermediate.cert
│   │   ├── intermediate.chain.pem
│   │   ├── server.cert
│   │   └── server.chain.pem
│   ├── crlnumber
│   ├── crls
│   ├── index.txt
│   ├── index.txt.attr
│   ├── keys
│   │   ├── client.key
│   │   ├── intermediate.key
│   │   └── server.key
│   └── serial
└── root
    ├── certs
    │   ├── intermediate.cert
    │   └── root.cert
    ├── crlnumber
    ├── crls
    ├── index.txt
    ├── index.txt.attr
    ├── keys
    └── serial

which can be created with tar -cvf /tmp/ctrl2.tar --exclude root/keys/ ./ziti-controller/pki/

@qrkourier qrkourier linked an issue Mar 5, 2025 that may be closed by this pull request
Docker/Linux controller - clustered mode #2809
Open
@qrkourier qrkourier mentioned this pull request Mar 13, 2025
Closed
@qrkourier qrkourier linked an issue Mar 13, 2025 that may be closed by this pull request
Ziti Controller Bootstrap Domain name #2517
Open
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from 599e6ae to b282d56 Compare March 14, 2025 14:20
@qrkourier
Copy link
Member Author

Docker and Linux deployments are 90%. I'm planning to re-add database init now that it's more clear how to accomplish that in a reverse-compatible way.

dovholuknf
dovholuknf reviewed Mar 14, 2025
View reviewed changes
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from b282d56 to 98dd0d0 Compare March 19, 2025 19:39
@qrkourier qrkourier marked this pull request as ready for review March 19, 2025 19:57
@qrkourier qrkourier requested review from a team as code owners March 19, 2025 19:57
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from ee64660 to b90caff Compare March 24, 2025 20:14
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from d3c26e6 to bcff633 Compare April 1, 2025 23:52
@qrkourier qrkourier marked this pull request as draft April 1, 2025 23:52
@qrkourier qrkourier changed the title 2809 dockerlinux controller clustered mode make HA clustered mode the default for Docker and Linux distributions of ziti controller Apr 3, 2025
@qrkourier qrkourier removed a link to an issue May 1, 2025
Ziti Controller Bootstrap Domain name #2517
Open
@qrkourier qrkourier linked an issue May 1, 2025 that may be closed by this pull request
support IP SAN (IPv4 advertised address) for controller package and container image #1993
Open
@qrkourier qrkourier marked this pull request as ready for review May 1, 2025 16:54
@qrkourier qrkourier requested a review from dovholuknf May 1, 2025 16:54
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from 143d0bb to 017297e Compare May 8, 2025 15:53
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from 017297e to bbcb94c Compare May 21, 2025 20:57
@plorenz
Copy link
Member

plorenz commented Jun 10, 2025

Can you squash this when you merge, please?

@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch 3 times, most recently from ed0774c to 80cb3da Compare June 10, 2025 18:05
@qrkourier
Copy link
Member Author

I'm waiting for the clustered mode beta to be promoted to GA before I ship this change to use clustered mode by default in production Docker and Linux deployments.

@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from 80cb3da to 75d24c4 Compare July 11, 2025 13:45
@qrkourier qrkourier force-pushed the 2809-dockerlinux-controller---clustered-mode branch from 75d24c4 to 4e757be Compare September 9, 2025 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@plorenz plorenz plorenz approved these changes

@dovholuknf dovholuknf Awaiting requested review from dovholuknf

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Docker/Linux controller - clustered mode support IP SAN (IPv4 advertised address) for controller package and container image

3 participants

@qrkourier @plorenz @dovholuknf