Experience ZeroTier: Zero-trust networking for the cloud

ZeroTier enables you to “securely connect any device, anywhere.” With ZeroTier software, you can create your own secure networks between on-premises cloud, desktop, and mobile devices.

I recently video streamed a conversation with Sean OMeara, the Vice President of Engineering at ZeroTier. In less than an hour, he showed me how to use ZeroTier to directly connect the world’s devices. Follow our conversation to learn more about the technology and how you can use it.

What is ZeroTier?

Picture yourself at a party wanting to share a cute picture of your puppy on your phone to the person you are talking to. To send that photo to their phone, it must leave your phone and bounce off a datacenter somewhere on the other side of the continent and then back to the person’s phone.

Why not communicate directly and securely with the person in front of you? ZeroTier can help you do that via its secure networking.

Let’s begin

We begin in the browser, logging into the ZeroTier console. Sean shows how to create a network, acquiring a ZeroTier identity number. He sends me a network ID that I was able to join, connecting my network with his, and naming and authorizing them.

With ZeroTier, our machines can talk to each other, which, of course, wouldn’t normally be possible with residential ISPs.

Join a network by following the instructions in these docs.

Set up VL1 and VL2 networking

After creating our networks, Sean showed me how to set up VL1 and VL2 networking, which make up the two conceptually separate but closely coupled layers of ZeroTier.

  • VL1 is the underlying peer-to-peer transport layer
  • VL2 is an Ethernet layer that provides operating systems and apps with a familiar communication medium.

Using root servers, we were able to create the peer-to-peer connection, sending packets to each other and staying always in the ZeroTier network. VL1 sets up the connection, and VL2, provided there is Internet connectivity, has an IP address on the ZeroTier network that doesn’t change. Additionally, Sean shows how ZeroTier can be installed on a router.

Walk through the Terraform Multicloud Lab

Sean now sets up a Terraform workspace that can talk to the ZeroTier Central API and describe our network infrastructure, having drivers for most any cloud you can think of. His command line includes IBM, AWS, OCI, Alicloud, and Azure.

He launches GitHub to show the Terraform Multicloud Quickstart, where you create a lab and gather all of the credentials for the different cloud products and feed them to Terraform. If you don’t have Terraform experience, there is also a Terraform Quickstart that makes things easier. This high-level overview shows what is required to create a multicloud lab that gives you access to cloud providers that are, essentially, on the same ethernet switch.

Modify flow control rules

To manage traffic efficiently between networks, you need to know how to modify the ZeroTier’s flow control rules in ZeroTier.

In this video, Sean pings different clouds to illustrate the various traffic displaying on the command line. Packets can be dropped or directed–basically anything you can do with an Ethernet card you can do here.

View of Docker networking across clouds

ZeroTier allows containers to easily talk to each other. This quick video shows how containers running a Docker engine on Alibaba can talk to Kubernetes on another cloud.

Connecting S/390 and PPC on ZeroTier

Sometimes you will need a secure way to connect directly to the server. Int his video clip. Sean shows how to access an S/390 using IBM One, and also Power 9, all running in ZeroTier. Amazing!

Running ZeroTier on OpenShift

ZeroTier is able to bridge an S390 box to a free Red Hat OpenShift cluster on AWS. It is incredible! In this video clip, see how this connection is made.

Printing an image of my face across continents

To wrap things up, Sean prints an “image” of my face served from an OpenShift cluster and printed from an S390 across the continent to Sean’s printer in Berlin. What a way to finish an incredible discussion and demo illustrating the power of ZeroTier.

Next steps

The guided tour of ZeroTier has come to an end. To take the next step on your own, dive into the Terraform Quickstart. Or, if you have experience using Terraform, try the Terraform MultiCloud Quickstart covered earlier. Come join the ZeroTier party.

And in case you missed it, listen to my description of using ZeroTier on a plane to access Alexa from my home!