Hi Ziti Team, I have just installed ziti via docker containers and I just ran the Ziti Admin Console. I am unable to login to the ZAC though. Whenever I try I am getting an authentication request failed error. Do you know where to look to find my username and password.The ziti_user and ziti_pwd fields in the ziti.env file do not work.
Hey @Rocket! Did you use the quickstart with plain ol’ Docker or Docker Compose?
You got the error message inside the Ziti Console web UI when you pressed the LOGIN button, right?
Like you, I expected the ZITI_USER
and ZITI_PWD
vars to be defined in the ziti.env
file, and I expected to be able to log in to the Ziti Console or with ziti
CLI using those user and password values.
Hey @qrkourier . I am using plain docker and yes I got the error message in the web UI. I am not sure where to find the username and password value for the ZAC.
Do have a file like ziti.env
in a directory that you’re mounting in the container with a docker run
option like this?
-v ~/docker-volume/myFirstZitiNetwork/ziti.env:/persistent/ziti.env
I expected the ziti.env
file to have ZITI_USER
and ZITI_PWD
values assigned that are valid for login. Is the file just a placeholder or do you have some assignments in there?
Another way to see the password is to inspect the output from the controller container.
I’d better page in @gberl002 because I couldn’t get this working either.
Yes I ran that docker option. I am not able to figure out what the issue is. I was given a random password when creating the controller and I was prompted to change it. I changed the random password, but the new one won’t let me login to the ZAC. I am not sure how to fix this
@Rocket As @qrkourier mentioned, you should be able to find the password either in the ziti.env
file on the shared volume or, in the docker container output.
If you happen to be running in detached mode, you can use docker logs <container-name>
to check, you’ll find the password is output right in the beginning.
Oh, I just sent my response at the same time…
How did you change the password? Did you just change the env var, use the ziti commands to do it, set ZITI_PWD as an env var on the container, or did you run in interactive mode and choose a pwd?
I usually change the password as it doesn’t require finding and copying the password. But, for this to work you need to source the ziti.env
and the ziti-cli-functions.sh
files. It would look like this:
source /path/to/ziti-cli-functions.sh
source /path/to/ziti.env
zitiLogin
ziti edge update authenticator updb --identity "Default Admin" --password "your_new_password"
One thing to note, though, if you change the password, you need to update the ziti.env
with the new password so when you source it in the future to run any commands, you’re using the right password.
When I was creating the controller it asked if I wanted to change the password from the random one just like how your log is showing. I changed the password, and it is not working. I think the issue is that I do not have a ziti.env file in my persistent directory. Do you guys think this is the issue and if so how do I redeploy the controller to fix this?
If you don’t have a .env file then I have a feeling you might have missed a step in the quickstart. The .env file should be created by you before the docker container is spun up.
echo "#ziti.env file" > ~/docker-volume/myFirstZitiNetwork/ziti.env
Or whatever your path is, if you didn’t use the default path from the quickstart.
I do have a ziti.env file in ~/docker-volume/myFirstZitiNetwork/ziti.env, but I do not have one in my persistent directory. Is that how it should be?
Ah, no it shouldn’t be like that. It sounds like something got messed up with the volume mapping. Can you provide the docker run command you used (unless it’s straight from the doc). If you used it straight from the doc, something else is going wrong, in which case I would ask if you can provide your controller’s container logs.
IMPORTANT: Be sure to obfuscate your password if you’re copying the logs. Do a search for password
and PWD
and that should show you all the places it appears.
I ran the command straight from the doc. Here are the container logs. They show me changing the password, but the password I changed it to still doesn’t work unless the username is wrong. The username is set to admin though and it still doesn’t work.
Could you please confirm you’re running the latest image?
docker pull openziti/quickstart:latest
Your output is looking like it’s an old image. I’m still a little confused as to how the container’s log is saying it saved the env file to /persistent/ziti.env
but you’re not seeing it but I’ll do some poking around on my end in the meantime and see what it could be.