Your First Service - Zero Trust Host Access

I get the following error when doing step #4 of the Guide from Your First Service | OpenZiti

ziti edge create config http.host.v1 host.v1 '{"protocol":"tcp", "address":"'"${http_server}"'", "port":80}'
error: error creating configs instance in Ziti Edge Controller at https://serveroek.mywire.org:8441/edge/management/v1. Status code: 400 Bad Request, Server returned: {
"error": {
"cause": {
"field": "address",
"reason": "address is invalid: address: Must not validate the schema (not)",
"value": ""
},
"code": "COULD_NOT_VALIDATE",
"message": "The supplied request contains an invalid document or no valid accept content were available, see cause",
"requestId": "HeEm5vrlx"
},
"meta": {
"apiEnrollmentVersion": "0.0.1",
"apiVersion": "0.0.1"
}
}

I initially used zitiLogin and then #1, #2 and #3 successfully created the two identities and the intercept.v1 configuration. When I copy https://serveroek.mywire.org:8441/edge/management/v1 into my browser it does show the following content:

{
"data": {
"apiVersions": {
"edge": {
"v1": {
"apiBaseUrls": [
"https://serveroek.mywire.org:8441/edge/client/v1"
],
"path": "/edge/client/v1"
}
},
"edge-client": {
"v1": {
"apiBaseUrls": [
"https://serveroek.mywire.org:8441/edge/client/v1"
],
"path": "/edge/client/v1"
}
},
"edge-management": {
"v1": {
"apiBaseUrls": [
"https://serveroek.mywire.org:8441/edge/management/v1"
],
"path": "/edge/management/v1"
}
}
},
"buildDate": "2024-02-10T05:53:17Z",
"capabilities": ,
"revision": "7c53aa006529",
"runtimeVersion": "go1.21.6",
"version": "v0.32.2"
},
"meta": {}
}

Any Ideas why this might not work? Or what I could do to make it work?

Hi @rhansen, welcome to the community and to OpenZiti!

This problem happens now-and-then... We should tighten up that example and maybe make it bespoke to how you deploy your network, and not require docker...

Let's take a step back and just get an overview of where you're at. It'll help me help you. How'd you deploy your OpenZiti overlay network? Can you just give me the topology of how it's laid out a little bit?

Generally sepaking the address is invalid: address error from the first message you posted means the address field -- this here: "address":"'"${http_server}"'" is probably incorrect, probably because the http_server variable isn't quite set right.

We can simplify it by just using straight ziti commands, without the messiness of variables causing confusion though.

From that guide, the main takeaway is that to make a first service using tunnelers (the way most people start), the following things need to be configured/setup:

• a hosting identity needs to exist - you do that by creating an identity however you like (ziti cli or ZAC)
• a dialing identity needs to exist - you do that by creating an identity however you like (ziti cli or ZAC)
• a config needs to exist specifying the 'client' side (also referred to as the intercept or dial side sometimes)
• a config needs to exist specifying the 'offload' side (also referred to as the host or bind side sometimes)
• a service needs to exist that ties those two configs together
• a service-policy needs to exist that authorizes the client/dial/intercepting identity to 'dial' the service
• a service-policy needs to exist that authorizes the host/server/bind identity to 'bind' the service

Those are all represented on that page in the "Configuring the Overlay - Overview" section as steps 1 through 7 and I've just re-paraphrased the content here...

Your step 4 seems to be failing because http_server isn't set, is my guess.

Assuming you have started a demo server like the page shows:

docker run -d --rm --name web-test -p 80:8000 openziti/hello-world

Step 4 would look something like this

ziti edge create config http.host.v1 host.v1 '{"protocol":"tcp", "address":"127.0.0.1", "port":80}'

You need to use the correct value for the address. shown above, I've used 127.0.0.1 but that address needs to be something the "hosting" tunneler side can reach. So if you're say, running your ziti-edge-tunnel host in AWS, well then you should start that docker conatiner in AWS (ideally on that same machine) and then you can jsut use 127.0.0.1...

That help? I dunno if this is too much info or if this is helpful...

Hi @TheLumberjack,

thanks for the response. I apologise I have been away and have not responded because of that. I have a very simply linux server on a VM showing a webpage. I wanted to use this example to make my initial contact with OpenZiti as simply as possible.

Unfortunately, I have gone a few steps backwards, since now my Ziti commands are no longer found. Do you know why this might be the case?

I have run sudo systemctl -q status ziti-controller --lines=0 --no-pager and sudo systemctl -q status ziti-router --lines=0 --no-pager and the controller and router both started automatically after reboot as intended, but the commands no longer work.

Thanks for the help

The expressInstall will download the ziti binary and put it into the location of the quickstart for you. That's generally convenient, but it's easy to lose track of that. It also adds that location to your "path" so that the ziti command is always found. If you want to use the ziti-cli-function.sh script has a "getZiti" that I use all the time which will fetch the latest ziti for you and put it on the path: source /dev/stdin <<< "$(wget -qO- https://get.openziti.io/ziti-cli-functions.sh)"; getZiti "yes"... do be careful, you should know what version you're running. I tend to "only ever want the latest", so for me this is great but if you want control over the version, you should know what ziti version you're installing, where it is etc. My guess is that you never got to this point the last time around...

Your binaries are likely located at the default path for the quickstart:

$HOME/.ziti/quickstart/$(hostname)/ziti-bin/ziti-v0.*

For me that path looks like this:

/home/ubuntu/.ziti/quickstart/ip-172-31-47-200/ziti-bin/ziti-v0.33.1

To get ziti back working, add the correct path to your $PATH environment variable.

hth

That worked and my Ziti commands are working again.

When I try to Login with ziti edge login it promts me for a password and I enter the automatically generated password that ziti generated (this worked the first time around before I made the original post) and now It is saying, that there is an invalid Auth:

Using controller url: https://serveroek.mywire.org:8441/edge/management/v1 from identity 'default' in config file: /home/useroek/.config/ziti/ziti-cli.json
Using username: admin from identity 'default' in config file: /home/useroek/.config/ziti/ziti-cli.json
Enter password:
error: unable to authenticate to https://serveroek.mywire.org:8441/edge/management/v1. Status code: 401 Unauthorized, Server returned: {
"error": {
"code": "INVALID_AUTH",
"message": "The authentication request failed",
"requestId": "Hw92V03RK"
},
"meta": {
"apiEnrollmentVersion": "0.0.1",
"apiVersion": "0.0.1"
}
}

So you copied the big long password that express install generates and saved it somewhere, and you haven't re-run expressInstall, right?

Your password is also saved into a .env file. if you grep it with:

grep ZITI_PWD $HOME/.ziti/quickstart/$(hostname)/$(hostname).env

you'll find it:

if [[ "$ZITI_PWD" == "" ]]; then export ZITI_PWD="__YOUR_PWD_HERE__!";

You're sure you have that same password? Does it contain a # character or ' or something else that's interfering with your terminal?

I did copy it and it seems that it copied all but the last character and then it worked again. I have since logged into the edge controller of a college using the ZAC in a browser but not I cannot log into my own edge server anymore using the ziti CLI commands.

Instead of promting a password after ziti edge login I now get the following:

Using controller url: https://serveroek.mywire.org:8441/edge/management/v1 from identity 'default' in config file: /home/useroek/.config/ziti/ziti-cli.json
[  30.002]    INFO ziti/ziti/cmd/helpers.StandardErrorMessage: Connection error: Get https://serveroek.mywire.org:8441/.well-known/est/cacerts: dial tcp: lookup serveroek.mywire.org: i/o timeout
Unable to connect to the server: dial tcp: lookup serveroek.mywire.org: i/o timeout

My guess is that the server is offline? Can you connect to that url? You sure it's running?

If it's running then make sure the docker port is exposed properly. It's easy for local or web firewalls to get in the way of connecting.

The server was running and the URL was available the whole time. I then ran
sudo apt list --upgradable
and got a whole list of packages to upgrade:

Listing... Done
libapache2-mod-php8.2/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
libapache2-mod-php8.3/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-cli/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-common/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]php8.2-mbstring/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-mysql/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-opcache/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-readline/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2-zip/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.2/jammy 8.2.17-1+ubuntu22.04.1+deb.sury.org+1 all [upgradable from: 8.2.15-1+ubuntu22.04.1+deb.sury.org+1]
php8.3-cli/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]
php8.3-common/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]
php8.3-opcache/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]
php8.3-readline/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 amd64 [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]php8.3/jammy 8.3.4-1+ubuntu22.04.1+deb.sury.org+1 all [upgradable from: 8.3.3-1+ubuntu22.04.1+deb.sury.org+1]
ziti-edge-tunnel/jammy 0.22.25 amd64 [upgradable from: 0.22.24]

When I then run
sudo apt upgrade
I get the following and am not sure how to fix this issue (possibly has nothing to do with OpenZiti)

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
libapache2-mod-php8.2 libapache2-mod-php8.3 php8.2 php8.2-cli php8.2-common php8.2-mbstring php8.2-mysql php8.2-opcache php8.2-readline php8.2-zip php8.3 php8.3-cli php8.3-common php8.3-opcache
php8.3-readline ziti-edge-tunnel
16 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 12.5 MB of archives.
After this operation, 6,144 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Ign:1 https://packages.openziti.org/zitipax-openziti-deb-stable jammy/main amd64 ziti-edge-tunnel amd64 0.22.25
Ign:2 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-zip amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:3 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-readline amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:1 https://packages.openziti.org/zitipax-openziti-deb-stable jammy/main amd64 ziti-edge-tunnel amd64 0.22.25
Ign:4 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-opcache amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:1 https://packages.openziti.org/zitipax-openziti-deb-stable jammy/main amd64 ziti-edge-tunnel amd64 0.22.25
Ign:5 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mysql amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Err:1 https://packages.openziti.org/zitipax-openziti-deb-stable jammy/main amd64 ziti-edge-tunnel amd64 0.22.25
Temporary failure resolving 'packages.openziti.org'
Ign:6 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mbstring amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:7 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.2 amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:8 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-cli amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:9 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-common amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:10 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-readline amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:11 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-opcache amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:12 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.3 amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:13 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-cli amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:14 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-common amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:15 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2 all 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:16 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3 all 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:2 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-zip amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:3 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-readline amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:4 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-opcache amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:5 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mysql amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:6 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mbstring amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:7 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.2 amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:8 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-cli amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:9 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-common amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:10 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-readline amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:11 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-opcache amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:12 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.3 amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:13 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-cli amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:14 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-common amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:15 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2 all 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:16 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3 all 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:2 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-zip amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:3 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-readline amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:4 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-opcache amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:5 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mysql amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:6 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mbstring amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:7 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.2 amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:8 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-cli amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:9 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-common amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:10 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-readline amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:11 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-opcache amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:12 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.3 amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:13 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-cli amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:14 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-common amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Ign:15 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2 all 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Ign:16 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3 all 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Err:2 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-zip amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:3 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-readline amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:4 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-opcache amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:5 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mysql amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:6 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-mbstring amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:7 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.2 amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:8 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-cli amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:9 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2-common amd64 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:10 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-readline amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:11 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-opcache amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:12 Index of /ondrej/php/ubuntu jammy/main amd64 libapache2-mod-php8.3 amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:13 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-cli amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:14 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3-common amd64 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:15 Index of /ondrej/php/ubuntu jammy/main amd64 php8.2 all 8.2.17-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
Err:16 Index of /ondrej/php/ubuntu jammy/main amd64 php8.3 all 8.3.4-1+ubuntu22.04.1+deb.sury.org+1
Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-zip_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-readline_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-opcache_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-mysql_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-mbstring_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/libapache2-mod-php8.2_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-cli_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2-common_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/php8.3-readline_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/php8.3-opcache_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/libapache2-mod-php8.3_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/php8.3-cli_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/php8.3-common_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_amd64.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.2/php8.2_8.2.17-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_all.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://ppa.launchpadcontent.net/ondrej/php/ubuntu/pool/main/p/php8.3/php8.3_8.3.4-1%2Bubuntu22.04.1%2Bdeb.sury.org%2B1_all.deb Temporary failure resolving 'ppa.launchpadcontent.net'
E: Failed to fetch https://packages.openziti.org/zitipax-openziti-deb-stable/pool/ziti-edge-tunnel/jammy/amd64/ziti-edge-tunnel-0.22.25-1.deb Temporary failure resolving 'packages.openziti.org'
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

I tried running sudo apt-get update before running sudo apt upgrade and have tried sudo apt update --fix-missing but with no success.

Yeah, I don't think that apt-related output isn't relevant to this thread and I'm not going to be able to address any of that unfortunately. From your message I saw:

unable to connect to the server: dial tcp: lookup serveroek.mywire.org

That generally indicates a problem somewhere else, like the server isn't running, or DNS isn't working etc.

If you run ziti edge login your.server:port you should be prompted for a username and password. If you're getting a connection error, you need to diagnose that first. I personally rely on openssl s_client -connect to verify the server is online at that point.

Are you still having troubles with ziti edge login telling you Connection error: Get https://serveroek.mywire.org:8441/.well-known/est/cacerts: dial tcp: lookup serveroek.mywire.org: i/o timeout

I can't connect to it either. Is the firewall blocking connections?

It was not the firewall. Somehow the .yaml file did not contain the default gateway and the server could not connect because of that. That works for now though thanks for the feedback!

I am currently trying to install the ZAC console and am stuck at step 5 of step 2 for cloning from Github where one sohuld run the following:

ln -s "${ZITI_PKI}/${ZITI_CTRL_EDGE_NAME}-intermediate/certs/${ZITI_CTRL_EDGE_ADVERTISED_ADDRESS}-server.chain.pem" "${ZITI_HOME}/ziti-console/server.chain.pem"
ln -s "${ZITI_PKI}/${ZITI_CTRL_EDGE_NAME}-intermediate/keys/${ZITI_CTRL_EDGE_ADVERTISED_ADDRESS}-server.key" "${ZITI_HOME}/ziti-console/server.key"

I am not entirely sure though, where to find those variables using the CLI such as the ${ZITI_CTRL_EDGE_NAME} or the ${ZITI_CTRL_EDGE_ADVERTISED_ADDRESS}?

As to those environment variables.... They assume that you ran the expressInstall quickstart in that same shell (which I'd expect is unlikely at this point) or that you have sourced the environment. Currently, the express install leaves behind an .env file you can use to put those variables back into your shell. You can run: source $HOME/.ziti/quickstart/$(hostname)/$(hostname).env and those environment variables will be available to you.

Do you mean the controller's yaml file had an incorrectly specified address in it? Perhaps just the 'hostname' was shown? If that's the case, you definitely want to check your PKI was created properly, it's a vital step of the expressInstall script. It's possible you haven't gotten far enough to check that yet, but it's really important otherwise none of the connectivity will work.

Once you source that .env file, try connecting to it using this command and openssl:

openssl s_client \
	-connect $ZITI_CTRL_EDGE_ADVERTISED_ADDRESS:$ZITI_CTRL_EDGE_ADVERTISED_PORT </dev/null | \
	openssl x509 -text

After you run that, scroll back a page and find this block:

            X509v3 Subject Alternative Name:
                DNS:ec2-3-18-113-172.us-east-2.compute.amazonaws.com, DNS:ip-172-31-47-200, DNS:localhost, IP Address:127.0.0.1, IP Address:3.18.113.172

MAKE SURE you see your expected address in the DNS fields (or if IP only, the IP field). Notice mine shows my DNS entry from AWS: ec2-3-18-113-172.us-east-2.compute.amazonaws.com

hth