zping

command

v0.0.0-...-0b341d7 Latest Latest Go to latest Published: Nov 22, 2024 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openziti/sdk-golang

Links

Open Source Insights

README ¶

zping

zping provides equivalent functionality for an OpenZiti overlay network as the similarly named underlay function ping. Being a zero trust overlay network, classic underlay tooling like ping won't function properly.

zping provides end to end latency measurements between any two identities in an OpenZiti network. Like icmp, zping will provide the following metrics upon completion of the ping session:

min
max
mean latency
standard deviation.

zping uses addressable terminators to direct ping requests to specific identities.

Build the Example

Refer to the example README to build the SDK examples

Setup and Configure the Example

This README will use the ziti edge quickstart command for its example. You'll need the ziti CLI on your path to run the commands shown. If you have an OpenZiti overlay network already, some commands will not be necessary. The commands all use bash and expect you're running on a version of *nix as /tmp is referenced. Adapt accordingly if you're using Windows. The example expects the binary to be put into the build directory as specified by the "Build the Example" section above.

Diagram

Create or use an existing ziti network with at least one edge router. This can be accomplished easily by running
```
ziti edge quickstart
```
after the quickstart runs, you'll have an ephemeral network usable for testing.

Create at least two ziti identities and give them a common identity role i.e. #zping

ziti edge create identity client -o client.jwt -a "zping"
ziti edge create identity server -o server.jwt -a "zping"
ziti edge enroll client.jwt
ziti edge enroll server.jwt

Create a simple sdk service named "ziti-ping". This is the default service name zping looks for. You can override the service by using the -s flag.
```
ziti edge create service ziti-ping
```

Create a bind policy with identityRoles set to [#zping] and serviceroles set to [@ziti-ping].

ziti edge create service-policy zping.bind Bind --identity-roles "#zping" --service-roles "@ziti-ping"

Create a dial service policy with identityRoles set to [#zping] and serviceroles set to [@ziti-ping].

ziti edge create service-policy zping.dial Dial --identity-roles "#zping" --service-roles "@ziti-ping"

Ensure that you have created appropriate edge-router and service-edge-router policies allowing the identities access edge-router(s) and the edge-routers access to the service. Verify by running policy-advisor. Both identities should be able to dial and bind zping:

$ ziti edge policy-advisor identities -q
ERROR: Default Admin
  - Identity does not have access to any services. Adjust service policies.

OKAY : client (1) -> ziti-ping (1) Common Routers: (1/1) Dial: Y Bind: N

OKAY : server (1) -> ziti-ping (1) Common Routers: (1/1) Dial: Y Bind: N

ERROR: quickstart-router
  - Identity does not have access to any services. Adjust service policies.

In one window run the server

build/zping server -c server.json

example:

$ build/zping server -c server.json
INFO[0000] binding service ziti-ping

0xc00040d660 now serving

INFO[0000] new service session                           session token=52e059d2-f166-4561-b5a4-b42056bcd787
INFO[0041] new connection

In another window run the client

build/zping client -c client.json -i server

example:

$ build/zping client -c client.json -i server

Sending 100 byte pings to server:

100 bytes from server: ziti_seq=1 time=0.609ms
100 bytes from server: ziti_seq=2 time=0.670ms
100 bytes from server: ziti_seq=3 time=0.381ms
100 bytes from server: ziti_seq=4 time=0.387ms
100 bytes from server: ziti_seq=5 time=0.564ms
100 bytes from server: ziti_seq=6 time=0.455ms
100 bytes from server: ziti_seq=7 time=0.446ms
100 bytes from server: ziti_seq=8 time=0.377ms
100 bytes from server: ziti_seq=9 time=0.455ms
100 bytes from server: ziti_seq=10 time=0.502ms
100 bytes from server: ziti_seq=11 time=0.977ms
100 bytes from server: ziti_seq=12 time=0.487ms
^C
--- server ping statistics ---
12 packets transmitted and 12 packets received, 0.00% packet loss
round-trip min/max/avg/stddev 0.377/0.977/0.526/0.162 ms

Send 5 zpings from the client to the server using -n 5

$ build/zping client -c client.json -i server -n 5

Sending 100 byte pings to server:

100 bytes from server: ziti_seq=1 time=0.349ms
100 bytes from server: ziti_seq=2 time=0.690ms
100 bytes from server: ziti_seq=3 time=0.590ms
100 bytes from server: ziti_seq=4 time=0.429ms
100 bytes from server: ziti_seq=5 time=0.480ms

--- server ping statistics ---
5 packets transmitted and 5 packets received, 0.00% packet loss
round-trip min/max/avg/stddev 0.349/0.690/0.508/0.120 ms

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL