There are two different deployment options shown below: a Docker Compose deployment, and a Nomad orchestration deployment.
Both showcase a single HTTP-based service sitting behind a Caddy proxy, accessible over ZeroTier.
The flow looks like this:
- A user makes an HTTP request to a the ZeroTier IP address
- The local ZeroTier VPN/daemon routes it magically across the internet to the ZeroTier container running via Docker
- The request ends up at the Caddy server
- Caddy reverse proxys laterally to the demo service also running via Docker
- The demo service fetches a random image from Unsplash, converts it to SVG, adds magic 🦄 dust, and returns HTML.
- Create a
.env
file with your ZeroTier network ID - Generate a new identity by running
make zerotier-identity
. Note: this will create two filesidentity.public
andidentity.secret
. - Start the demo and sidecar containers by running
make start
. - Log into the ZeroTier dashboard and authorize the newly created member.
- Verify in the docker compose logs that the
ztsc_1
container has received a ZeroTier IP address. - Access the demo service by using the ZeroTier IP address (port 80).
$ cat .env
ZT_NETWORK_ID=0000000012345678
$ make zerotier-identity
zerotier identity: 8f01205e00
$ make start
docker-compose -p ztsc-demo up --build
Building unsplash
...
Successfully built a95bbf88b5bb
Successfully tagged ztsc-demo_unsplash:latest
Recreating ztsc-demo_unsplash_1 ... done
Recreating ztsc-demo_ztsc_1 ... done
Attaching to ztsc-demo_unsplash_1, ztsc-demo_ztsc_1
unsplash_1 | 2020/05/25 06:55:01 listening on :8080
ztsc_1 | 200 join OK
ztsc_1 | waiting for ZeroTier...
ztsc_1 | waiting for ZeroTier...
ztsc_1 | ZeroTier assigned addresses: 10.147.18.92/24
ztsc_1 | starting Caddy server...
This example assumes that Nomad is already installed (see Installing Nomad).
-
Run
make zerotier-identity
if you haven't already -
Edit
demo.nomoad
and replaceZT_NETWORK_ID
,ZT_IDENTITY_PUBLIC
, andZT_IDENTITY_SECRET
with the correct values -
Start up a Nomad instance
sudo nomad agent -dev -config nomad_demo_config.hcl -network-interface=eth0
. (Note: changeeth0
to a real interface. Without this, the--dev
will force things tolocalhost
which doesn't work for this demo.) -
Run
nomad job run demo.nomad
$ nomad job run demo.nomad ==> Monitoring evaluation "f4d48351" Evaluation triggered by job "ztsc-demo" Allocation "11d5347e" created: node "9a837850", group "demo1" Evaluation within deployment: "ecfd8236" Evaluation status changed: "pending" -> "complete" ==> Evaluation "f4d48351" finished with status "complete"
-
Log into the ZeroTier dashboard and authorize the newly created member if you haven't already.
-
Open the Nomad UI by running
nomad ui
and view the job status -
Take a look at the
zerotier
job logs (Note: allocation ID will be different):$ nomad logs 11d5347e zerotier nomad logs 11d5347e zerotier ZeroTier identity: 8f01205e00 200 join OK waiting for ZeroTier... waiting for ZeroTier... waiting for ZeroTier... ZeroTier assigned addresses: 10.147.18.92/24 starting Caddy server...
-
Open a browser to
http://10.147.18.92
(Note: address will be different)