I decided to update my docker containers for the controller, router, and ZAC.
Typically, I just do this by stopping the container, deleting the containers, and images, and then pulling new ones.
I start everything with scripts using docker CLI.
For instance, I run the controller like so:
docker run -d --restart always \
--name ziti-controller \
-e ZITI_CTRL_ADVERTISED_ADDRESS=home.nonya.org \
-e ZITI_CTRL_EDGE_ADVERTISED_ADDRESS=home.nonya.org \
-e ZITI_USER=admin \
-e ZITI_PWD=nonya \
-e ZITI_CTRL_ADVERTISED_PORT=1280 \
-e ZITI_CTRL_EDGE_ADVERTISED_PORT=1280 \
--network plexnet \
--network-alias ziti-controller \
--network-alias ziti-edge-controller \
-p 1280:1280 \
--dns 192.168.345.1 \
-v /data/containers/ziti:/persistent \
openziti/quickstart \
/var/openziti/scripts/run-controller.sh
I have done this a couple times before, and everything just goes. This time, something broke.
system has been initialized. starting the process.
NOT OVERRIDING: env var ZITI_BIN_DIR already set. using existing value
NOT OVERRIDING: env var ZITI_BIN_ROOT already set. using existing value
NOT OVERRIDING: env var ZITI_CTRL_ADVERTISED_ADDRESS already set. using existing value
NOT OVERRIDING: env var ZITI_CTRL_ADVERTISED_PORT already set. using existing value
NOT OVERRIDING: env var ZITI_CTRL_EDGE_ADVERTISED_ADDRESS already set. using existing value
NOT OVERRIDING: env var ZITI_CTRL_EDGE_ADVERTISED_PORT already set. using existing value
NOT OVERRIDING: env var ZITI_CTRL_NAME already set. using existing value
NOT OVERRIDING: env var ZITI_ENV_FILE already set. using existing value
NOT OVERRIDING: env var ZITI_HOME already set. using existing value
NOT OVERRIDING: env var ZITI_NETWORK already set. using existing value
NOT OVERRIDING: env var ZITI_PWD already set. using existing value
NOT OVERRIDING: env var ZITI_SCRIPTS already set. using existing value
NOT OVERRIDING: env var ZITI_SHARED already set. using existing value
NOT OVERRIDING: env var ZITI_USER already set. using existing value
adding /var/openziti/ziti-bin to the path
controller initialized. unsetting ZITI_USER/ZITI_PWD from env
panic: could not generate default trust domain: error generating default trust domain from root CA: no root CA detected after chain assembly from the root identity server cert and ca bundle
goroutine 1 [running]:
github.com/openziti/ziti/controller/config.LoadConfig({0x7fffdbb3871c?, 0xc0008078c0?})
github.com/openziti/ziti/controller/config/config.go:383 +0x3445
github.com/openziti/ziti/ziti/controller.run(0xc000c16e00?, {0xc000c0e340, 0x1, 0x3a65226?})
github.com/openziti/ziti/ziti/controller/run.go:54 +0x54a
github.com/spf13/cobra.(*Command).execute(0xc000138f08, {0xc000c0e310, 0x1, 0x1})
github.com/spf13/cobra@v1.8.1/command.go:989 +0xab1
github.com/spf13/cobra.(*Command).ExecuteC(0x5a7f5c0)
github.com/spf13/cobra@v1.8.1/command.go:1117 +0x3ff
github.com/spf13/cobra.(*Command).Execute(...)
github.com/spf13/cobra@v1.8.1/command.go:1041
github.com/openziti/ziti/ziti/cmd.Execute()
github.com/openziti/ziti/ziti/cmd/cmd.go:81 +0x1a
main.main()
github.com/openziti/ziti/ziti/main.go:51 +0xf
The certificate errors make me nervous because I have some remote routers and I really do not want to break them.
Thanks for the help