Hi
I have a VPS running public services.
I’m looking for zerotier to access non-public services on this VPS.
Traffic could be both way like:
- Prometheus pulling exporters on the VPS.
- Backup jobs (VPS side) pushing alerts on gotify, NTFY, whatever.
All stuffs on the VPS and other machines are running on Ubuntu with Docker.
Few solutions I found to bring zerotier to docker.
- install zt on host and bind container ports to ZT ip address.
- bring zt interfaces into the container
a) build custom images with both zt and the wanted service
b) build compose project and bind networks interfaces with ‘network_mode: service:my_zt_container’ - build a container with ZT which act as proxy/routers. And add routes to each containers.
Solution 1 is the easiest but the risky/public services could have access too easy to ZT network.
Solution 2.b is very easy. But makes a lot of nodes onto the ZT networks.
Solution 3 is harder from my point of view. But I think it is the good way. (I haven’t tested yet)
What do you think about it?
What are your experiences with ZT into docker?
I am here to learn.
PS: English is not my native language. Tell me if things are unclear.