How does Service Dialing work? Documentation Discrepancy

Support General Questions
1

I have been reading the documentation to understand how "Service Dial" works.

On the "Data Flow Explainer” page. It says that:

When an SDK wants to connect to an OpenZiti hosted service, it will initiate the following sequence of events:

  1. Authenticate to the controller

  2. Create a Session for the desired service

  3. Connect to one or more edge routers

  4. Send a Dial request to the selected edge router

  5. The edge router will send a create circuit request to the controller

I have bolded step 4. because it is different than what is described in the page “Service Dial”, which says:

The SDK will issue a Dial Request to the Controller. This message will include the service being dialed, the selected initial Edge Router, and authentication information

The data flow descriptions, and diagrams on each of these pages does not match, and I’m wondering which one is correct. Any ideas?

Based on my understanding from various pages in the documentation, these are the “Service Dial” steps I know to be "correct" from all the different pages:

Steps For Dialing

  1. The "SDK Application" authenticates to the controller via. the "edge client API"
    • After successful authentication, the controller returns an "API Session".
  2. The "SDK Application" makes a request to the controller to create a new "Service Session" specific to the OpenZiti hosted service it wants to connect to. This is done via. the "edge client API"
    • The request to the controller must include the "API Session" token for authorization.
    • The controller returns a "Service Session" token.
  3. The "SDK Application" makes a connection request to the routers listed in the "Service Session" token.
    • The request to the routers must include the "API Session" token for authorization.
  4. The "SDK Application" makes a request to the CONTROLLER? or ROUTER? (which one is correct?) to dial a specific OpenZiti hosted service.
    • The request to the <router? or controller?>? must include the "API Session" token to validate the connection to the "edge client API", and the "Service Session" token for authorization.
  5. What happens next is described differently in the two pages I mentioned above.
  6. ???

Any insight would be appreciated, thanks!

2

The Data Flow Explainer is correct. The 'Service Dial' page is conflating two steps to one (sdk sending a dial to the router, router sending a create circuit request to the controller). We could probably collapse those two doc pages into one to avoid confusion.

Hope that helpful,
Paul

1 Like