Skip to main content
Star us on GitHub Star

1.0 Configure the controller

1.1 Create a VM on Digital Ocean

Login to the Digital Ocean console, create a Droplets from the dropdown menu on the upper right hand side.

Diagram

On the "Create Droplets" screen, Choose "Ubuntu", version "22.04". For the Size, choose the appropriate size for your application. For this guide, a smaller size was used. Diagram

Next, choose a ssh-key to login to the VM. (We highly discourage login to the VM using Password), then Create Droplet Diagram

1.2 Login and Setup Controller

Once the VM is created, we can get the IP address of the droplet from the Resources screen. Login to the VM by using user "root" and IP address:

ssh root@<ip>

Then follow the Host OpenZiti Anywhere to setup the controller. You must replace the EXTERNAL_DNS with the following command before running the quickstart.

export EXTERNAL_DNS="$(curl -s eth0.me)"

This ensures the Controller setup by the quickstart is advertising the external IP address of the VM.

1.3 Setup Ziti Administration Console (ZAC)

Optional

ZAC provides GUI for managing the OpenZiti network. If you prefer UI over CLI to manage network, please following the ZAC Setup Guide to setup ZAC before going to the next section.

1.4 Helpers

Following helpers are needed to complete the guides for router and services.

1.4.1 Add Environment Variables Back to the Shell

Source the environment variables when you log back in the shell

source ~/.ziti/quickstart/$(hostname -s)/$(hostname -s).env

If the environment variables are sourced correctly, you can do the following to check:

echo $ZITI_HOME

Output:

/root/.ziti/quickstart/OMSINER

1.4.2 Change Ziti edge admin password

Find the Current admin edge login password of controller (if you forget the password):

grep "export ZITI_PWD" ~/.ziti/quickstart/$(hostname -s)/$(hostname -s).env

Or if you have environment variable setup correctly:

echo $ZITI_PWD

To update the passwd

ziti edge update authenticator updb -s

Important: if you change the password, you must update the passwd (ZITI_PWD) in the "~/.ziti/quickstart/$(hostname -s)/$(hostname -s).env" file.

1.4.3 Some useful command for the Router

login the CLI

zitiLogin

Verify ER status

ziti edge list edge-routers

Delete the ER

ziti edge delete edge-routers $ROUTER_NAME
ziti edge delete edge-routers $ROUTER_ID

Update the ER

ziti edge update edge-router $ROUTER_NAME [flags]
ziti edge update edge-router $ROUTER_ID [flags]

example to update attributes: 

ziti edge update edge-router $ROUTER_NAME -a private