Skip to main content
Support OpenZiti, give us a GitHub Star Star

9 posts tagged with "golang"

Go/Golang content

View All Tags

Golang Aha! Moments: OOP

· 13 min read

Moving to Go as my primary development language was a surprisingly easy transition. Coming from a language with strong OOP roots, like Java, I quickly found many analogs for the OOP constructs I was used to, but also had to adjust my thinking.

This article walks through some of Go’s object oriented features and also discusses how some patterns common in other languages can be written in a way that’s closer to idiomatic Go. It also covers some features of Go that surprised and (in some cases) delighted me.

Zero Trust *ssh.Client

· 5 min read

A few years ago, the OpenZiti project developed and published two client tools to make ssh and scp available over an OpenZiti overlay network without requiring the sshd port to be exposed to the internet. If interested, read the original posts about zssh and zscp. Continuing with the belief that security-related code should be open source and auditable, the project is available on GitHub.

Fun with Adaptive Rate Limiting

· 9 min read

We recently had an issue where an OpenZiti network was overwhelmed with client requests when a user change unintentionally caused the request rate to spike. The fundamental problem was that if a request took too long, the client gave up, but the request was still processed. The system ended up doing work that was ignored while causing new requests to wait until they also timed out. Once the requests hit a certain threshold the system didn't degrade gracefully.

I had a fun day solving the problem, and while I'm sure that nothing here is new, I thought others might be interested in where I landed and some ideas that were rejected along the way.

Go is Amazing for Zero Trust

· 10 min read

I have the privilege of working on the OpenZiti project. OpenZiti is a free, open-source overlay network and platform focused on making it easy to implement the principles of zero trust. OpenZiti believes zero trust belongs inside applications by adopting an SDK, not bolted onto the network after the application is developed. With zero trust built into the application, it becomes secure-by-default. Since OpenZiti is primarily written in GoLang, naturally, we offer an SDK based on Go to allow you to secure your applications. But Go isn't the only SDK offered; the project also has numerous SDKs in various other languages. With one of these SDKs, you can build zero-trust principles into an application and make it secure-by-default.

Recently, I used our SDK based on Go and built an "Appetizer Demo" to give the world an idea of how easy it can be to secure applications by adopting an OpenZiti SDK. We want to make it trivial for people to experience frictionless zero trust in action. Using code, the demo shows you what it takes to include an OpenZiti SDK into an application to secure data in motion.

The Appetizer Demo doc page is live. You can go there and experience it now if you like or later after reading a bit more about it here. It'll hopefully take five minutes or less, depending on how fast you are! If you'd prefer to look at the source from GitHub first, have a look at the reflect server and/or the reflect client.

[object Object]

Introducing zrok

· 5 min read

I'm fortunate that I've had the opportunity to work on many interesting projects throughout my career. I was one of the original developers who broke ground on the OpenZiti project back in 2017. Most of my work on OpenZiti centered on the fabric, data and control plane design, and designing abstractions that would support a lot of what became the "edge" layers. It's been quite exciting to watch OpenZiti blossom and grow.

For the last six months, I've had the opportunity to re-approach the world of zero-trust and next-generation networking from the other side of the stack. Instead of working in the lowest layers of protocols and abstractions, I'm working from the perspective of end users and enabling an amazing end-user experience. I'm excited to introduce you to a new set of tools designed to empower end users at the network edge to seamlessly and transparently share resources. Imagine network sharing that is equally secure and transparent.

This new project is called... zrok.