Admin Console not connecting to Edge Controller

Well... My problem was I had goofed up the port... :frowning:

Here's a bunch of steps to try and an accompanying video I made demonstrating/narrating the steps

stop / kill any running processes

systemctl stop ziti-console
systemctl stop ziti-router
systemctl stop ziti-controller
for pid in $(pgrep ziti); do kill -9 $pid; done

cleanup old install by removing it all

rm -rf $HOME/.ziti

source the setup file but don't run expressInstall just yet

source /dev/stdin <<< "$(wget -qO- https://get.openziti.io/quick/ziti-cli-functions.sh)"; 

run unsetZitiEnv

This is to make sure your shell is clean for the express install step. You don't need
to do it this way if you start with a clean shell, but I'm demonstrating how you
clean up/start over this way and this is the safest way to do it

unsetZitiEnv

setup the password you want the controller to use

this step just makes it easier to setup the password you want to use first before
running expressInstall

ZITI_PWD="myziti"

Run expressInstall

expressInstall

source the .env file expressInstall creates

source $HOME/.ziti/quickstart/$(hostname -s)/$(hostname -s).env

start the controller:

startController

verify the controller is running

look at the log and make sure you see something like:

[ 0.703] INFO xweb/v2.(*Server).Start: starting ApiConfig to listen and serve tls on 0.0.0.0:1280 for server client-management with APIs: [edge-management edge-client fabric]

tail -5 $ZITI_HOME/$(hostname -s).log

issue zitiLogin or ziti edge login to verify you can login

zitiLogin

# you'll see something like this shown:
# Token: d93a89f3-0955-42e8-8457-fef514ae2980
# Saving identity 'default' to /root/.ziti/quickstart/localhost/ziti-cli.json

start the router

startRouter

look at the last 25 router log lines to make sure it's running and seems fine

make sure you don't see any ERROR and that the last lines look something like:

[ 2.522] INFO edge/tunnel/intercept.SetDnsInterceptIpRange: dns intercept IP range: 100.64.0.1 - 100.127.255.254

tail -25 $ZITI_HOME/$(hostname -s)-edge-router.log

install ZAC from source

git clone https://github.com/openziti/ziti-console.git "${ZITI_HOME}/ziti-console"

verify npm 8+ and node 16+ using `npm version'

npm version
{
  npm: '8.19.2',
  node: '16.18.1',
  ...
  ...
  ...

cd to code and run npm install manually

cd "${ZITI_HOME}/ziti-console"
npm install

setup zac for TLS

ln -s "${ZITI_PKI}/${ZITI_EDGE_CONTROLLER_HOSTNAME}-intermediate/certs/${ZITI_EDGE_CONTROLLER_HOSTNAME}-server.chain.pem" "${ZITI_HOME}/ziti-console/server.chain.pem"
ln -s "${ZITI_PKI}/${ZITI_EDGE_CONTROLLER_HOSTNAME}-intermediate/keys/${ZITI_EDGE_CONTROLLER_HOSTNAME}-server.key" "${ZITI_HOME}/ziti-console/server.key"

manually start ZAC and confirm both http/https listening in debug mode:

run node server debug

node server debug
Initializing TLS
TLS initialized on port: 8443
Ziti Server running on port 1408
1 Like

IT WORKS

and I know why there were 3 things that messed me up all self inflicted

  1. the NPM version was jacked up somehow the image the company provided me with had npm 18 on rhel 7.9 (hint rhel 7.9 is not compatible with it at least not in the way they want it to be)
  2. My compiler was misconfigured for the use of npm (that is on me, multiple projects and testing different things can do that)
  3. Permissions on the server certifications was incorrect somehow don’t know how but they were different when I compared my working install to the broken

Now comes the fun part of taking this software for a joyride to see if it works in offline environments

3 Likes

Thank you for all your help

HEY HEY! Glad that it helped and that you got it working! Great to hear! Can’t wait to see what you end up using it for, let us know! :slight_smile: