How do you use a terminator?

Building/Development
1

I am not that familiar with what a terminator is.. I understand the text below.. but raises more questions than provide answers

ie what is the difference between a router and a terminator?

https://openziti.github.io/ziti/services/overview.html?tabs=create-service-ui

  • Termination - Ziti only provides access to a network service, it does not provide the service itself. The service must be able to get network traffic to whatever application or application cluster is actually providing the service, whether that provider has Ziti embedded or has no knowledge of Ziti
2

Someone else might have a complete answer, but I can provide how I think about it.

Terminators are configuration that informs the overlay where data can exit the overlay. This location is essential because it defines what Ziti Identity or Router is expected to be the last piece of software to handle the traffic and deal with end-to-end encryption.

Terminators are both statically configured and dynamically created at run time. Static configuration is for routers, which are expected to exist as part of the overlay itself.

Dynamic terminators are created indirectly by identities that connect via Edge Routers when issuing bind requests. They are ephemeral and only exist as long as the Ziti Identity that ā€œbound the serviceā€ remains connected. The ability to successfully issue bind requests for a service by a Ziti Identity is controlled by policies.

1 Like
3

thanks for the noteā€¦ I was watching the video attached and I think that this relates to the zitified ssh and scp apps.

refer to 27:35ā€¦ where it makes reference to an identity terminatorā€¦ I believe is the name of the end point that you want to ssh toā€¦ for example

4

Yes. those two in particular make use of ā€œaddressable terminatorsā€. Addressable terminators are the ability to relatively dial an identity directly not ā€œjust a serviceā€. And yes when doing a zssh/zscp the ā€˜atā€™ ( @zsshServer ) is the name of the identity. Under the hood the code is specifically dialing that identity

1 Like
5

For a deeper dive into terminators, check out this video: Apr 8th - Configuring HA Services - YouTube
There will be a follow up where we dive deeper into how to configure HA and health checks.

1 Like
6

This is an awesome video :slight_smile:

1 Like