Running ZeroTier in ephemeral / CI environment

alexjkounta · December 8, 2020, 2:59am

Hello, has anyone set up ZeroTier to run as part of an ephemeral environment? I would like to use ZeroTier VPN to connect CI servers with our cloud resources. To do this I would need to:

Install ZT in the CI environment
Create a new identity
Automatically approve the identity to connect to our network
Remove the identity after use

(We can’t hardcode an identity, because multiple CI runs might be executing executing at once.)

I’m interested in approaches anyone else has taken for any of these steps.

zt-travis · December 8, 2020, 4:59pm

Hello!
There are many options.
How about running ZeroTier on just the VM Host and not each individual container?

alexjkounta · December 8, 2020, 10:05pm

Since the CI environment is SaaS, that’s not an option

zt-travis · December 9, 2020, 4:53pm

Hopefully ZeroTier is able to connect out through their network…

You could:

Pass your my.zerotier.com API token into your CI config, and have it authorize itself and delete itself.
Use a public network, but then you can’t delete nodes. You could delete and make a new network periodically.
Use an Ad-Hoc Network

system · December 16, 2020, 4:53pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.