From 0d37b7b66522d6a8415be8b0361df398fa1f5d6e Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Wed, 17 Aug 2016 15:12:48 -0700 Subject: [PATCH 1/5] zt-kubernetes tutorial outline --- doc/ext/ztkube.md | 96 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 doc/ext/ztkube.md diff --git a/doc/ext/ztkube.md b/doc/ext/ztkube.md new file mode 100644 index 000000000..483a0ff61 --- /dev/null +++ b/doc/ext/ztkube.md @@ -0,0 +1,96 @@ +Kubernetes + ZeroTier +==== + +A self-authorizing Kubernetes deployment on a ZeroTier private network. + +This is a quick tutorial for setting up a Kubernetes deployment which can self-authorize each new replica onto your private ZeroTier network with no additional configuration needed when you scale. The Kubernetes-specific instructions and content is based on the [hellonode](http://kubernetes.io/docs/hellonode/) tutorial. + + + +## Preliminary tasks + +**Step 1: Go to [my.zerotier.com](https://www.my.zerotier.com) and generate an API key. This key will be used by ZeroTier to automatically authorize new instances of your VMs to join your deployment network during replication. + +**Step 2: Create a new `private` network. Take note of the network ID: `nwid` + +**Step 3: Follow the instructions from the [hellonode](ttp://kubernetes.io/docs/hellonode/) tutorial and set up your development system (install Google Cloud SDK). + + + + +## Construct docker container + +Step 4: Create necessary files for inclusion in Dockerfile + - `mkdir ztkube` + +### Add the following files to the `ztkube` directory. These files will be compiled into the Docker image. + + +Create an empty file to specify the private deployment network you created in *Step 2*: + - `.conf` + + - The `entrypoint.sh` script will start the ZeroTier service in the VM, attempt to join your deployment network and automatically authorize the new VM if your network is set to private. + +``` +./zerotier +zerotier-cli join $(NWID).conf +zerotier-cli net-auth $(NWID) $(DEVID) +``` + +The cli tool config `.zerotierCliSettings`, this should contain your API keys to authorize new devices on your network. In this example the default controller is hosted by us at [my.zerotier.com](https://www.my.zerotier.com). YOu can host your own network controller and you'll need to modify the cli config accordingly: + +``` +{ + "configVersion": 1, + "defaultCentral": "@my.zerotier.com", + "defaultController": "@my.zerotier.com", + "defaultOne": "@local", + "things": { + "local": { + "auth": "XXXXXXXXXXXXXXXXXXXXXXXX", + "type": "one", + "url": "http://127.0.0.1:9993/" + }, + "my.zerotier.com": { + "auth": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "type": "central", + "url": "https://my.zerotier.com/" + }, + } +} +``` + + + +`Dockerfile` + +``` +FROM node:4.4 +EXPOSE 8080 +COPY server.js . +COPY zerotier . +COPY zerotier-cli . +COPY entrypoint.sh . +COPY .zerotierCliSettings ?> +CMD node server.js +``` + +Step 5: Lastly, build the image: +`docker build -t gcr.io/$PROJECT_ID/hello-node .` + +Step 6: Build and push the docker image to your *Container Registry* + +`gcloud docker push gcr.io/$PROJECT_ID/hello-node:v1` + +Step 7: Create Kubernetes Cluster +`gcloud config set compute/zone us-central1-a` +`gcloud container clusters create hello-world` +`gcloud container clusters get-credentials hello-world` + +Step 8: Create your pod +`kubectl run hello-node --image=gcr.io/$PROJECT_ID/hello-node:v1 --port=8080` + +Step 9: Scale +`kubectl scale deployment hello-node --replicas=4` + +Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't configured your local CLI, you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> *. From ba78676ace0ffb2c0d43f2897341f1664b7c3037 Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Wed, 17 Aug 2016 15:28:48 -0700 Subject: [PATCH 2/5] kubernetes tutorial update --- doc/ext/ztkube.md | 46 ++++++++++++++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/doc/ext/ztkube.md b/doc/ext/ztkube.md index 483a0ff61..6670e926c 100644 --- a/doc/ext/ztkube.md +++ b/doc/ext/ztkube.md @@ -3,33 +3,32 @@ Kubernetes + ZeroTier A self-authorizing Kubernetes deployment on a ZeroTier private network. -This is a quick tutorial for setting up a Kubernetes deployment which can self-authorize each new replica onto your private ZeroTier network with no additional configuration needed when you scale. The Kubernetes-specific instructions and content is based on the [hellonode](http://kubernetes.io/docs/hellonode/) tutorial. +This is a quick tutorial for setting up a Kubernetes deployment which can self-authorize each new replica onto your private ZeroTier network with no additional configuration needed when you scale. The Kubernetes-specific instructions and content is based on the [hellonode](http://kubernetes.io/docs/hellonode/) tutorial. All of the files discussed below can be found [here](); ## Preliminary tasks -**Step 1: Go to [my.zerotier.com](https://www.my.zerotier.com) and generate an API key. This key will be used by ZeroTier to automatically authorize new instances of your VMs to join your deployment network during replication. +**Step 1: Go to [my.zerotier.com](https://my.zerotier.com) and generate an API key. This key will be used by ZeroTier to automatically authorize new instances of your VMs to join your deployment network during replication.**a -**Step 2: Create a new `private` network. Take note of the network ID: `nwid` +**Step 2: Create a new `private` network. Take note of the network ID: `nwid`** -**Step 3: Follow the instructions from the [hellonode](ttp://kubernetes.io/docs/hellonode/) tutorial and set up your development system (install Google Cloud SDK). +**Step 3: Follow the instructions from the [hellonode](ttp://kubernetes.io/docs/hellonode/) tutorial and set up your development system (install Google Cloud SDK).** ## Construct docker container -Step 4: Create necessary files for inclusion in Dockerfile +**Step 4: Create necessary files for inclusion in Dockerfile** - `mkdir ztkube` -### Add the following files to the `ztkube` directory. These files will be compiled into the Docker image. +Add the following files to the `ztkube` directory. These files will be compiled into the Docker image. Create an empty file to specify the private deployment network you created in *Step 2*: - `.conf` - - The `entrypoint.sh` script will start the ZeroTier service in the VM, attempt to join your deployment network and automatically authorize the new VM if your network is set to private. ``` ./zerotier @@ -37,7 +36,7 @@ zerotier-cli join $(NWID).conf zerotier-cli net-auth $(NWID) $(DEVID) ``` -The cli tool config `.zerotierCliSettings`, this should contain your API keys to authorize new devices on your network. In this example the default controller is hosted by us at [my.zerotier.com](https://www.my.zerotier.com). YOu can host your own network controller and you'll need to modify the cli config accordingly: + - The CLI tool config file `.zerotierCliSettings` should contain your API keys to authorize new devices on your network. In this example the default controller is hosted by us at [my.zerotier.com](https://my.zerotier.com). Alternatively, you can host your own network controller but you'll need to modify the CLI config file accordingly. ``` { @@ -61,8 +60,7 @@ The cli tool config `.zerotierCliSettings`, this should contain your API keys to ``` - -`Dockerfile` + - The `Dockerfile` will copy the ZeroTier service as well as the ZeroTier CLI to the image: ``` FROM node:4.4 @@ -75,22 +73,38 @@ COPY .zerotierCliSettings ?> CMD node server.js ``` -Step 5: Lastly, build the image: + - The `entrypoint.sh` script will start the ZeroTier service in the VM, attempt to join your deployment network and automatically authorize the new VM if your network is set to private. + +**Step 5: Lastly, build the image:** + `docker build -t gcr.io/$PROJECT_ID/hello-node .` -Step 6: Build and push the docker image to your *Container Registry* + + +**Step 6: Push the docker image to your *Container Registry** `gcloud docker push gcr.io/$PROJECT_ID/hello-node:v1` -Step 7: Create Kubernetes Cluster + + +**Step 7: Create Kubernetes Cluster** + `gcloud config set compute/zone us-central1-a` + `gcloud container clusters create hello-world` + `gcloud container clusters get-credentials hello-world` -Step 8: Create your pod + + +**Step 8: Create your pod** + `kubectl run hello-node --image=gcr.io/$PROJECT_ID/hello-node:v1 --port=8080` -Step 9: Scale + + +**Step 9: Scale** + `kubectl scale deployment hello-node --replicas=4` -Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't configured your local CLI, you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> *. +Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't [configured your local CLI](), you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> *. From 1833c6155603c05ff56b260a27dcaa0037836c15 Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Wed, 17 Aug 2016 15:35:00 -0700 Subject: [PATCH 3/5] kubernetes tutorial update --- doc/ext/ztkube.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/doc/ext/ztkube.md b/doc/ext/ztkube.md index 6670e926c..be176a334 100644 --- a/doc/ext/ztkube.md +++ b/doc/ext/ztkube.md @@ -9,9 +9,9 @@ This is a quick tutorial for setting up a Kubernetes deployment which can self-a ## Preliminary tasks -**Step 1: Go to [my.zerotier.com](https://my.zerotier.com) and generate an API key. This key will be used by ZeroTier to automatically authorize new instances of your VMs to join your deployment network during replication.**a +**Step 1: Go to [my.zerotier.com](https://my.zerotier.com) and generate an API key. This key will be used by ZeroTier to automatically authorize new instances of your VMs to join your deployment network during replication.** -**Step 2: Create a new `private` network. Take note of the network ID: `nwid`** +**Step 2: Create a new `private` network. Take note of the network ID, henceforth: `nwid`** **Step 3: Follow the instructions from the [hellonode](ttp://kubernetes.io/docs/hellonode/) tutorial and set up your development system (install Google Cloud SDK).** @@ -24,17 +24,8 @@ This is a quick tutorial for setting up a Kubernetes deployment which can self-a - `mkdir ztkube` Add the following files to the `ztkube` directory. These files will be compiled into the Docker image. - - -Create an empty file to specify the private deployment network you created in *Step 2*: - - `.conf` - - -``` -./zerotier -zerotier-cli join $(NWID).conf -zerotier-cli net-auth $(NWID) $(DEVID) -``` + + - Create an empty `.conf` file to specify the private deployment network you created in *Step 2*: - The CLI tool config file `.zerotierCliSettings` should contain your API keys to authorize new devices on your network. In this example the default controller is hosted by us at [my.zerotier.com](https://my.zerotier.com). Alternatively, you can host your own network controller but you'll need to modify the CLI config file accordingly. @@ -73,7 +64,13 @@ COPY .zerotierCliSettings ?> CMD node server.js ``` - - The `entrypoint.sh` script will start the ZeroTier service in the VM, attempt to join your deployment network and automatically authorize the new VM if your network is set to private. + - The `entrypoint.sh` script will start the ZeroTier service in the VM, attempt to join your deployment network and automatically authorize the new VM if your network is set to private: + +``` +./zerotier +zerotier-cli join $(NWID).conf +zerotier-cli net-auth $(NWID) $(DEVID) +``` **Step 5: Lastly, build the image:** @@ -81,11 +78,12 @@ CMD node server.js -**Step 6: Push the docker image to your *Container Registry** +**Step 6: Push the docker image to your *Container Registry*** `gcloud docker push gcr.io/$PROJECT_ID/hello-node:v1` +## Deploy! **Step 7: Create Kubernetes Cluster** @@ -107,4 +105,6 @@ CMD node server.js `kubectl scale deployment hello-node --replicas=4` -Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't [configured your local CLI](), you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> *. +## Verify + +Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't [configured your local CLI](), you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> nwid*. From c84ce76c59823cc52cc4985be209321c9ce1208f Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Wed, 17 Aug 2016 17:22:05 -0700 Subject: [PATCH 4/5] examples files for kube int --- doc/ext/kubernetes/.zerotierCliSettings | 18 ++++++++++++++++++ doc/ext/kubernetes/Dockerfile | 8 ++++++++ doc/ext/kubernetes/entrypoint.sh | 3 +++ doc/ext/kubernetes/server.js | 8 ++++++++ doc/ext/{ => kubernetes}/ztkube.md | 4 ++-- 5 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 doc/ext/kubernetes/.zerotierCliSettings create mode 100644 doc/ext/kubernetes/Dockerfile create mode 100644 doc/ext/kubernetes/entrypoint.sh create mode 100644 doc/ext/kubernetes/server.js rename doc/ext/{ => kubernetes}/ztkube.md (90%) diff --git a/doc/ext/kubernetes/.zerotierCliSettings b/doc/ext/kubernetes/.zerotierCliSettings new file mode 100644 index 000000000..abe4cf6c4 --- /dev/null +++ b/doc/ext/kubernetes/.zerotierCliSettings @@ -0,0 +1,18 @@ +{ + "configVersion": 1, + "defaultCentral": "@my.zerotier.com", + "defaultController": "@my.zerotier.com", + "defaultOne": "@local", + "things": { + "local": { + "auth": "XXXXXXXXXXXXXXXXXXXXXXXX", + "type": "one", + "url": "http://127.0.0.1:9993/" + }, + "my.zerotier.com": { + "auth": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "type": "central", + "url": "https://my.zerotier.com/" + }, + } +} \ No newline at end of file diff --git a/doc/ext/kubernetes/Dockerfile b/doc/ext/kubernetes/Dockerfile new file mode 100644 index 000000000..030fac61e --- /dev/null +++ b/doc/ext/kubernetes/Dockerfile @@ -0,0 +1,8 @@ +FROM node:4.4 +EXPOSE 8080 +COPY server.js . +COPY zerotier . +COPY zerotier-cli . +COPY entrypoint.sh . +COPY .zerotierCliSettings ?> +CMD node server.js \ No newline at end of file diff --git a/doc/ext/kubernetes/entrypoint.sh b/doc/ext/kubernetes/entrypoint.sh new file mode 100644 index 000000000..0d26bd8f3 --- /dev/null +++ b/doc/ext/kubernetes/entrypoint.sh @@ -0,0 +1,3 @@ +./zerotier +zerotier-cli join $(NWID).conf +zerotier-cli net-auth $(NWID) $(DEVID) \ No newline at end of file diff --git a/doc/ext/kubernetes/server.js b/doc/ext/kubernetes/server.js new file mode 100644 index 000000000..a4b08bb8a --- /dev/null +++ b/doc/ext/kubernetes/server.js @@ -0,0 +1,8 @@ +var http = require('http'); +var handleRequest = function(request, response) { + console.log('Received request for URL: ' + request.url); + response.writeHead(200); + response.end('Hello World!'); +}; +var www = http.createServer(handleRequest); +www.listen(8080); diff --git a/doc/ext/ztkube.md b/doc/ext/kubernetes/ztkube.md similarity index 90% rename from doc/ext/ztkube.md rename to doc/ext/kubernetes/ztkube.md index be176a334..2f70cbad6 100644 --- a/doc/ext/ztkube.md +++ b/doc/ext/kubernetes/ztkube.md @@ -1,7 +1,7 @@ Kubernetes + ZeroTier ==== -A self-authorizing Kubernetes deployment on a ZeroTier private network. +A self-authorizing Kubernetes cluster deployment over a private ZeroTier network. This is a quick tutorial for setting up a Kubernetes deployment which can self-authorize each new replica onto your private ZeroTier network with no additional configuration needed when you scale. The Kubernetes-specific instructions and content is based on the [hellonode](http://kubernetes.io/docs/hellonode/) tutorial. All of the files discussed below can be found [here](); @@ -107,4 +107,4 @@ zerotier-cli net-auth $(NWID) $(DEVID) ## Verify -Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't [configured your local CLI](), you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> nwid*. +Now, after a minute or so you can use `zerotier-cli net-members ` to show all of your VM instances on your ZeroTier deployment network. If you haven't [configured your local CLI](https://github.com/zerotier/ZeroTierOne/tree/dev/cli), you can simply log into [my.zerotier.com](https://my.zerotier.com), go to *Networks -> nwid* to check that your VMs are indeed members of your private network. From 183434d30e985c41dd1a4b5737cfeb370f914a67 Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Wed, 17 Aug 2016 17:29:14 -0700 Subject: [PATCH 5/5] examples files for kube int --- doc/ext/kubernetes/Dockerfile | 24 +++++++++++++++++------- doc/ext/kubernetes/entrypoint.sh | 4 +++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/doc/ext/kubernetes/Dockerfile b/doc/ext/kubernetes/Dockerfile index 030fac61e..ee2b8dab5 100644 --- a/doc/ext/kubernetes/Dockerfile +++ b/doc/ext/kubernetes/Dockerfile @@ -1,8 +1,18 @@ FROM node:4.4 -EXPOSE 8080 -COPY server.js . -COPY zerotier . -COPY zerotier-cli . -COPY entrypoint.sh . -COPY .zerotierCliSettings ?> -CMD node server.js \ No newline at end of file +EXPOSE 8080/tcp 9993/udp + +# Install ZT network conf files +RUN mkdir -p /var/lib/zerotier-one/networks.d +ADD *.conf /var/lib/zerotier-one/networks.d/ +ADD zerotier / +ADD zerotier-cli / +ADD .zerotierCliSettings ?> + +# Install App +ADD server.js / + +# script which will start/auth VM on ZT network +ADD entrypoint.sh / +RUN chmod -v +x /entrypoint.sh + +CMD ["./entrypoint.sh"] \ No newline at end of file diff --git a/doc/ext/kubernetes/entrypoint.sh b/doc/ext/kubernetes/entrypoint.sh index 0d26bd8f3..7d4242c8b 100644 --- a/doc/ext/kubernetes/entrypoint.sh +++ b/doc/ext/kubernetes/entrypoint.sh @@ -1,3 +1,5 @@ ./zerotier zerotier-cli join $(NWID).conf -zerotier-cli net-auth $(NWID) $(DEVID) \ No newline at end of file +zerotier-cli net-auth $(NWID) $(DEVID) + +# node server.js \ No newline at end of file