zrok admin delete frontend 6R9jQvR6q69B
This marks the fronted as deleted but It is shown by ziti edge list identities.
I have tried to create another frontends:
zrok admin create frontend zitiId pub https://{token}.domain.name:port
zrok admin create frontend zitiId pub2 https://{token}.domain.name:port
zrok=> select token, public_name, deleted from frontends;
token | public_name | deleted
--------------+-------------+---------
6R9jQvR6q69B | public | t
N1xVmCYxRbru | pub | f
i6bSE4UAj5yc | pub2 | f
(3 rows)
But pub, pub2 are not shown by ziti edge list identities.
The second question is how to start, let's say pub2 frontend.
Apparently zrok access public /opt/openziti/etc/zrok/frontend.yml wants "public".
ERROR]: unable to create http frontend (error loading config: config file (/var/lib/zrok-frontend/.zrok/identities/public.json) is not found)
"public" is the hard-coded default public frontend in zrok, so distributed environments running zrok share public will, by default, request a share token that is associated with that frontend.
Here's an overview of self-hosted frontend management.
When bootstrapping the Ziti network with zrok admin bootstrap, the default public frontend "public" is created in zrok and enrolled with Ziti in ~/.zrok.
However, as is typical in deployed environments where ~/.zrok is not shared by the zrok controller and public frontend processes, you must run zrok admin bootstrap --skip-frontend (example in bootstrapping script) and separately enroll an identity named "public" with Ziti and create the frontend in zrok (example in boostrapping script).
The default public frontend can also be configured for a specific zrok environment.
zrok config set defaultFrontend "pub2"
That's fine. Thank you.
Could you also clarify an additional point about zrok's frontends.
After the public frontend has been deleted using zrok admin delete frontend_token there is still the record in the database. This record is marked as deleted. So repeating the creation of the public frontend won't work.
zrok admin create frontend ziti_id public https://{token}.domain.name:port
[ERROR]: create frontend request failed: name already exists ([POST /frontend][400] createFrontendBadRequest)
I need to open the database and delete this record manually.
zrok=> delete from frontends where id=1;
DELETE 1
After the record has been removed I can create the public frontend again.
Probably, zrok delete frontend does not remove the record because of the constraint,
TABLE "frontend_grants" CONSTRAINT "frontend_grants_frontend_id_fkey" FOREIGN KEY (frontend_id) REFERENCES frontends(id)
1 Like
Nice find! I'll raise an issue to track fixing the delete operation.