I am using Docker, and my Ziti controller is working. I followed the steps in the Quick Start guide. Can someone help me with this? I am new to OpenZiti.
Hi @abidinhadjali, welcome to the community and to OpenZiti (and zrok/BrowZer),
There's a whole section dedicated to the ziti admin console Ziti Admin Console | OpenZiti
There's a small note on that page stating this
So assuming you used the docker compose setup, or use a similar container name,
You would enter https://ziti-edge-controller:1280 as the controller's URL
Hth
Thanks, @TheLumberjack! But I only ran the Docker section, not Docker Compose. I followed the steps and installed ZAC, but there's always an issue when I fill in the login page—it says the controller is not found or not online. So, I asked about the edge controller name and URL.
It's the same issue if you run docker or docker compose. If you ran docker, you must ensure the two containers are on the same docker network or that the controller is exposed to the ZAC container in some way.
Can you show me the precise two commands you ran, first the controller docker command and second the zac docker command?
If they are not on the same docker network, you need to provide a url to the controller that is routable from within the ZAC container
for the controler i run this command "docker run
--name ziti-controller
-e ZITI_CTRL_ADVERTISED_ADDRESS=ziti-edge-controller
--network myFirstZitiNetwork
--network-alias ziti-controller
--network-alias ziti-edge-controller
-p 1280:1280
-it
--rm
-v myPersistentZitiFiles:/persistent
openziti/quickstart
/var/openziti/scripts/run-controller.sh" and for ZAC i run this command "mkdir -p $HOME/.ziti/zac-pki
docker run -it --rm --name temp
-v myPersistentZitiFiles:/persistent
-v $HOME/.ziti/zac-pki:/zac-pki busybox
cp /persistent/pki/ziti-edge-controller-intermediate/keys/ziti-edge-controller-server.key /zac-pki
docker run -it --rm --name temp
-v myPersistentZitiFiles:/persistent
-v $HOME/.ziti/zac-pki:/zac-pki busybox
cp /persistent/pki/ziti-edge-controller-intermediate/certs/ziti-edge-controller-server.chain.pem /zac-pki"
thanks. and the command to start the zac? did you omit that by mistake? i see the two copy commands but not how you started it. You should add the --network directive to the zac to make it easier on yourself imo.
Here, I'll just show you the commands I ran.... notice i set the password to admin: -e ZITI_PWD="admin" \ the url relative to the container i used in this setup is https://ziti-edge-controller:1280
docker run \
--name ziti-controller \
-e ZITI_CTRL_ADVERTISED_ADDRESS=ziti-edge-controller \
-e ZITI_PWD="admin" \
--network myFirstZitiNetwork \
--network-alias ziti-controller \
--network-alias ziti-edge-controller \
-p 1280:1280 \
-it \
--rm \
-v myPersistentZitiFiles:/persistent \
openziti/quickstart \
/var/openziti/scripts/run-controller.sh
mkdir -p $HOME/.ziti/zac-pki
docker run -it --rm --name temp \
-v myPersistentZitiFiles:/persistent \
-v $HOME/.ziti/zac-pki:/zac-pki busybox \
cp /persistent/pki/ziti-edge-controller-intermediate/keys/ziti-edge-controller-server.key /zac-pki
docker run -it --rm --name temp \
-v myPersistentZitiFiles:/persistent \
-v $HOME/.ziti/zac-pki:/zac-pki busybox \
cp /persistent/pki/ziti-edge-controller-intermediate/certs/ziti-edge-controller-server.chain.pem /zac-pki
docker run --rm \
--name zac \
-p 1408:1408 \
-p 8443:8443 \
-v "$HOME/.ziti/zac-pki/ziti-edge-controller-server.key":/usr/src/app/server.key \
-v "$HOME/.ziti/zac-pki/ziti-edge-controller-server.chain.pem":/usr/src/app/server.chain.pem \
--network myFirstZitiNetwork \
openziti/zac
set the zac url
using user/password admin/admin
and fwiw I realized today we can simplify these steps if you mount the same persistent volume. You can also start the zac with this command, and not need to do the docker cp steps...:
docker run --rm \
--name zac \
-p 1408:1408 \
-p 8443:8443 \
-v myPersistentZitiFiles:/persistent \
-e ZAC_SERVER_KEY="/persistent/pki/ziti-edge-controller-intermediate/keys/ziti-edge-controller-server.key" \
-e ZAC_SERVER_CERT_CHAIN="/persistent/pki/ziti-edge-controller-intermediate/certs/ziti-edge-controller-server.chain.pem" \
--network myFirstZitiNetwork \
openziti/zac
Thanks I really appreciate the help so much!