Hi, I’ve done the docker-compose quickstart and zero trust host service. So, I want to try and explore other things. Maybe it’s not knowledgable if I ask this, but I want to know how to add assets to the red network. I want to add a web server to the red network. So how am I doing that?
I appreciate any help you can provide.
Hi @himeose, the isolation shown in the diagram for the docker-compose example is accomplished using docker networks. All you need to do is bring up a docker container that is associated to the zitired docker network. Look at the web-test-blue container:
web-test-blue:
image: crccheck/hello-world
ports:
- "80:8000"
networks:
zitiblue:
aliases:
- web-test-blue
- web-test.blue
- web.test.blue
you can see that it is associated to the zitiblue network and has three different aliases, web-test-blue, web-test.blue, and web.test.blue. All those names are available to containers on the zitiblue network. Contrast that to the ziti-controller which is associated to BOTH the zitiblue AND zitired networks. The controller always needs to be addressable by other ziti components so here, we associate both networks, to allow any OpenZiti containers to be able to talk to the controller. (and ‘public’ edge routers as well)
Docker networking is a bit complex. I hope that will give you all the information you need to keep going. I think it will.
Cheers
1 Like