Docker Compose: no ziti edge list service-edge-router-policies configured

Not sure if this is expected, but when I setup a fresh Docker environment, there are no service edge router policies defined.

This is preventing the terminator from being hosted. I know I have some commands somewhere…

ziti edge list service-edge-router-policies





The init container runs a small script that adds them.

Ahh… I disabled that one… I now know why it’s needed :slight_smile:

I have a micro compute and need to be mindful of the resources I use… so I disabled it to keep it really lean.

PS… I found this command which should fix my problem.

ziti edge create service-edge-router-policy all-routers --edge-router-roles “#all” --service-roles “#all


ziti edge list terminators
│ ID                                   │ SERVICE          │ ROUTER           │ BINDING │ ADDRESS                              │ IDENTITY │ COST │ PRECEDENCE │ DYNAMIC COST │
│ d5c0df87-98f7-438e-b3de-8bede254263c │ private-postgres │ ziti-edge-router │ tunnel  │ d5c0df87-98f7-438e-b3de-8bede254263c │          │    0 │ default    │            0 │

Is there anything else this script does that I should be mindful of?

The ‘init container’ script? At this time, no. It’s tiny. You can look at what it does here: ziti/ at release-next · openziti/ziti · GitHub


echo "*****************************************************"
#### Add service policies

# Allow all identities to use any edge router with the "public" attribute
ziti edge create edge-router-policy all-endpoints-public-routers --edge-router-roles "#public" --identity-roles "#all"

# Allow all edge-routers to access all services
ziti edge create service-edge-router-policy all-routers-all-services --edge-router-roles "#all" --service-roles "#all"
1 Like

Thanks… very helpful