The host.v1 config is referring to the server, hostname, IP address to use that it relative to where the traffic leaves ziti". The postgres demo uses docker-compose, and there’s a network alias for “postgres-db” for the docker compose file. The traffic leaves the router and a connection is made on the underlay to “postgres-db”. Docker DNS resolves “postgres-db” to “whatever” the IP address is, and then docker routes the packets to the proper place. For ZAC - you’re deploying everything locally (controller, router, and zac) so relative to the router, you can get to the ZAC at “localhost”. I can make a diagram if you need one, in case this still isn’t clear.
I would expect NEITHER example to use bindUsingEdgeIdentity. You don’t need that at all. It should be set to false for both. This is for the ‘addressable terminators’ functionality and is used in the zssh demo - not making ZAC dark.
a “host.v2” is just an array of “host.v1” configurations. I’d steer clear of host.v2, you probably won’t need that until you know you do…
the key question here from me is “for what”. To access ZAC? You can use 127.0.0.1 (or really anything in the 127.0.0.0/8 address space), localhost, the private IP of the device, the public IP, the hostname of the device. it all depends on how you start ZAC but by default you could use any of those things. The key is what I wrote above. The value must be addressable from whereever you’re exiting the OpenZiti overlay. Hopefully that makes sense