Discover the Power of Wildcard DNS with OpenZiti

Find AI Tools
No difficulty
No complicated process
Find ai tools

Discover the Power of Wildcard DNS with OpenZiti

Table of Contents:

  1. Introduction
  2. Setting up the Docker Compose File
  3. Exposing the Service for Z Desktop Edge for Windows
  4. Attaching to the ZD Edge Controller
  5. Creating an Attribute to Mark ZD Edge Router as Public
  6. Creating an Edge Router Policy
  7. Authorizing Edge Routers to Use Services
  8. Providing Access to the Blue Network
  9. Enrolling an Identity for ZD Edge Tunnel
  10. Running a ZD Edge Tunnel in Docker
  11. Creating Configuration for the Simple Service
  12. Creating Configuration for the Bind
  13. Creating Host Config
  14. Creating Service Policy
  15. Creating Dial Policy
  16. Setting up Wildcard DNS
  17. Creating Intercept for Wildcard DNS
  18. Creating Service and Bind Policy for Wildcard DNS
  19. Testing the Services

Introduction

In this video tutorial, we will be using the Docker Compose file to Create a network and expose a service for Z Desktop Edge for Windows. We will be working with a Hidden web test blue service within a private Docker network and expose it using both a simple service and wildcard DNS.

Setting up the Docker Compose File

Before we begin, let's make sure we have a clean slate by running the command "docker-compose down" in the Windows terminal. This ensures that we start with a brand new Docker Compose. With that out of the way, we can proceed to attach to the running ZD edge controller using the command "docker exec -it [CONTAINER_ID] /bin/bash". This makes it easier to perform tasks like logging into the controller.

Exposing the Service for Z Desktop Edge for Windows

Once We Are logged in, the first step is to create an attribute that marks our ZD edge router as public. We can achieve this by using the command "zd edge update edge router [ROUTER_NAME] -a public". This attribute allows us to create an edge router policy that connects all public edge routers to all identities.

Attaching to the ZD Edge Controller

In order to provide access to the blue network, which contains the hidden web test blue, we will be using a ZD edge tunnel. First, we need to create an identity and enroll it. Once that is done, we can proceed to set up the Docker environment to run the ZD edge tunnel. This involves allowing net admin to be added to the Docker container and installing wget and unzip.

Creating an Attribute to Mark ZD Edge Router as Public

To mark our ZD edge router as public, we need to create an attribute using the command "zd edge update edge router [ROUTER_NAME] -a public". This attribute allows us to create an edge router policy that connects all public edge routers to all identities.

Creating an Edge Router Policy

Next, we create an edge router policy that ties all public edge routers to all identities. This is done using the command "zds create edge router policy all endpoints public -a drivers for the edgewater roles of public -a identity rules of all". This configuration allows any identity to attach to the ZD overlay for any edge routers that have the public attribute.

Authorizing Edge Routers to Use Services

To authorize all edge routers to use all services, we use the command "zds authorize all the edge routers to use all the services -a just for simplicity's sake". This ensures that all edge routers have access to the services provided in the Docker network.

Providing Access to the Blue Network

In order to provide access to the blue network, which contains the hidden web test blue service, we need to create an identity. This is achieved by running a ZD edge tunnel inside a Docker container. We enroll the identity and configure the Docker environment to run the ZD edge tunnel. This involves allowing net admin to be added to the Docker container and installing wget and unzip.

Enrolling an Identity for ZD Edge Tunnel

To provide access to the ZD desktop page for Windows, we need to enroll an identity. This is done by creating an identity file and copying it out of the Docker container. Once the identity is available, it can be added using the command "zd edge add identity [IDENTITY_NAME]".

Running a ZD Edge Tunnel in Docker

To enable access to the service, we run a ZD edge tunnel inside a Docker container. This is achieved by running the command "zd edge tunnel run -i [IDENTITY_NAME]".

Creating Configuration for the Simple Service

To create a configuration for the simple service, we use the command "zd edge create config -t tcp -n intercept -s simple_web_test -p 80-80". This configuration allows the service to intercept traffic on port 80.

Creating Configuration for the Bind

To create a configuration for the bind, we use the command "zd edge create config -t bind -n bind_config -s web_test_blue -p 8000-8000". This configuration allows the ZD edge tunnel to provide access to the web test blue service.

Creating Host Config

After creating the necessary configurations, we can proceed to create the host config using the command "zd edge create host config -v1". This config binds the previous configurations together.

Creating Service Policy

To create a service policy, we use the command "zd edge create service policy -b basic_web_test -b bind_config -s blue". This policy allows the ZD edge tunnel to bind the service, enabling access to the blue network.

Creating Dial Policy

Finally, to create the dial policy, we use the command "zd edge create dial policy -s blue". This policy allows the ZD desktop edge for Windows clint to dial the service and establish a connection.

Setting up Wildcard DNS

To set up wildcard DNS, we create an intercept that intercepts '.blue' on port 8000-8000 using the command "zd edge create intercept -u tcp -i '.blue' -p 8000-8000".

Creating Intercept for Wildcard DNS

After creating the intercept, we proceed to create a bind configuration for the wildcard DNS using the command "zd edge create config -t bind -n bind_config_wildcard -s wildcard -p 8000-8000 -f true". This configuration enables the forwarding of intercepted traffic.

Creating Service and Bind Policy for Wildcard DNS

With the bind configuration in place, we can create a service policy and a bind policy for the wildcard DNS using the command "zd edge create service policy -b basic_web_test -b bind_config_wildcard -s wildcard_blue" and "zd edge create bind policy -s wildcard -dial". These policies allow access to websites with the domain '*.blue' and forward the port ranges specified.

Testing the Services

To test the services, we can use the curl command. For example, we can run "curl http://web.test.blue:8000" to access the hidden web test blue service. We can also test wildcard DNS by running "curl http://web.test.blue" or "curl http://web-test.blue".

Highlights:

  • Creating a Docker network using the Docker Compose file
  • Exposing services for Z Desktop Edge for Windows
  • Attaching to the ZD edge controller
  • Creating attributes and policies for ZD edge routers
  • Providing access to the blue network
  • Enrolling an identity for ZD edge tunnel
  • Running a ZD edge tunnel in Docker
  • Creating configurations and policies for services and binds
  • Setting up wildcard DNS
  • Testing the services

FAQ:

Q: What is Z Desktop Edge for Windows? A: Z Desktop Edge for Windows is a tool that allows you to expose services from a hidden Docker network using Docker Compose.

Q: How does ZD edge tunnel work? A: ZD edge tunnel creates a secure connection between your local machine and the hidden Docker network, allowing you to access the services within the network.

Q: Can I use wildcard DNS with ZD Desktop Edge for Windows? A: Yes, you can set up wildcard DNS to intercept and forward traffic for specific domain names within the Docker network.

Q: Are there any limitations to using Z Desktop Edge for Windows? A: Z Desktop Edge for Windows requires Docker and a compatible operating system. Additionally, proper configurations and policies need to be set up to ensure secure access to the services.

Q: Can I access services from the hidden network using any identity? A: Yes, you can authorize all identities to access the services within the Docker network by creating appropriate policies and configurations.

Q: Does Z Desktop Edge for Windows support TCP and UDP protocols? A: Yes, Z Desktop Edge for Windows supports both TCP and UDP protocols for intercepting and forwarding traffic.

Q: How can I test the services after setting them up? A: You can use the curl command to test the services by making HTTP requests to the specified URLs and ports.

Q: Are there any security measures in place when using Z Desktop Edge for Windows? A: Z Desktop Edge for Windows provides secure access to the Docker network by requiring proper authentication and authorization for the services.

Most people like

Are you spending too much time looking for ai tools?
App rating
4.9
AI Tools
100k+
Trusted Users
5000+
WHY YOU SHOULD CHOOSE TOOLIFY

TOOLIFY is the best ai tool source.

Browse More Content