Skip to content

fleet-config.md

Latest commit

 

History

History
115 lines (90 loc) · 3.37 KB

fleet-config.md

File metadata and controls

115 lines (90 loc) · 3.37 KB

Fleet Configuration

Ze supports centralized configuration management for multi-node deployments. A central hub serves configuration to remote ze instances over TLS.

Status: Implemented. Named hub blocks, per-client auth, managed client lifecycle (fetch, reconnect, heartbeat), and ze start managed mode are functional.

Architecture

    Central Hub                        Remote Nodes
    ┌──────────┐                  ┌──────────┐
    │  ze hub  │ ◄── TLS ────── │ ze edge-01│
    │          │                  └──────────┘
    │ configs/ │ ◄── TLS ────── ┌──────────┐
    │ edge-01  │                  │ ze edge-02│
    │ edge-02  │                  └──────────┘
    └──────────┘

The hub stores per-client configurations. Each remote node connects, authenticates, and receives its configuration.

Bootstrap

Initialize a new ze instance:

ze init                             # Interactive setup
ze init --managed                   # Managed client (connects to hub)
ze init --force                     # Replace existing database

ze init prompts for:

  • SSH username and password
  • Host and port for the SSH server
  • Instance name (e.g., edge-01)

Non-Interactive

echo -e "admin\nsecret\n10.0.0.1\n2222\nedge-01" | ze init --managed

Hub Configuration

The hub declares which clients can connect:

plugin {
    hub {
        server local {
            ip 127.0.0.1;
            port 1790;
            secret "local-plugin-secret";
        }
        server central {
            ip 0.0.0.0;
            port 1791;
            secret "remote-plugin-secret";
            client edge-01 { secret "client-1-token"; }
            client edge-02 { secret "client-2-token"; }
        }
    }
}

Each client authenticates with its unique secret token.

Client Configuration

A managed client specifies its hub connection:

plugin {
    hub {
        server local {
            ip 127.0.0.1;
            port 1790;
            secret "local-secret";
        }
        client edge-01 {
            host 10.0.0.1;
            port 1791;
            secret "client-1-token";
        }
    }
}

Config Management

On the hub, manage client configurations through the config editor:

ze config edit edge-01.conf         # Edit config for edge-01
ze config archive backup edge-01.conf  # Archive to named destination
ze config history edge-01.conf      # View rollback history

Resilience

  • Partition tolerance: Clients cache their last known config locally
  • Fallback: If the hub is unreachable, the client starts with cached config
  • Reconnect: Clients automatically reconnect and receive updated config

CLI Overrides

Flag Description
--server <addr> Override hub address
--name <name> Override instance name
--token <secret> Override auth token