Hello, I have a use case for the ZET tunneler on macOS ARM64 architecture as the Ziti Desktop Edge does not provide system daemon functionality, but ZET does.
The binary artifacts for ZET macOS ARM64 are currently being built in CI but they are not listed in the available tagged release downloads. Example, see latest release artifacts with no
ziti-edge-tunnel-Darwin_arm64.zip listed here.
Oh! Happily for me, I just noticed it seems I can still download the macOS arm64 CI builds by going through the github actions artifacts page for any particular commit and clicking on the
macOS-arm64 link near the bottom of the page. The resulting archive is looks like it will work (haven’t tested it yet) and just contains one extra
-test- file. Example: avoid crash on win32 by including time.h (#598) · openziti/ziti-tunnel-sdk-c@1ffea8b · GitHub
So let me modify this post to just mention it would be easier for others to find this macOS arm64 arch if it is also added to the other release binary links.
Here’s a PR to also release
ziti-edge-tunnel for macOS arm64. I don’t have any experience with running that particular build myself, and I can’t think of any reason not to release the build as long as it’s working. Is it running happily on your arm64 macOS device?
Hi @qrkourier. I have some arm64 darwin machines ready to test and should get to doing that by end of week. I’ll post an update here once tested and confirm. Thanks!
Hi, just a quick update @qrkourier, I have the darwin arm64 build of ZET up and running on a Mac ARM64, and all is looking good so far.
Thanks for getting this build PR’d and added to the public binary release links for the next tagging.
I’ll be happy to report any odd behavior I notice going forward with the build.
@johnalotoski That’s great to hear, John. I’ll merge that change to start releasing the arm64 binary.
Would you share a sentence or two about how you’re using it on macOS and why it’s preferable to the Desktop Edge app? Thank you!
Do you happen to have in mind a way to describe the differences in mode of operation between macOS and Linux? I’m familiar with the Linux MO, but not macOS.
Questions that come to my mind include:
- Are you running it interactively in Terminal.app when you need to intercept or host a Ziti service, or have you configured it somehow as a background service?
- Does it require elevated privileges to intercept Ziti service traffic?
- Does it actively manage a tun device the way it manages
/dev/net/tun in Linux?
Generally, I’m wondering how similar or different it is in macOS, and whether we need a separate doc about it.
Yup, that thread discusses the primary reason the Ziti Desktop Edge (ZDE) isn’t an option for us in this case – we need the Ziti service to be a system daemon and operating regardless of whether a user is logged in or out and also to be operational after bootup.
If our use case was to utilize a Mac as a user machine from which we primarily do ziti dial operations, then ZDE would most likely work. In this case, these macs are remote CI builders and are primarily using ziti bind service operations, with no user logged in, and also require access after remote reboots.
So far it seems really similar in use to the Linux ZET, other than I am deleting the /tmp/config*.json files prior to start up or ZET aborts on subsequent run attempts; I’m not sure why about that, haven’t had any time to look into it.
It is grabbing a
utun device upon starting, example:
$ ifconfig utun3
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 65535
inet 100.64.0.1 --> 100.64.0.1 netmask 0xff000000
So far so good!