Skip to main content

Crate zlayer_overlay

Crate zlayer_overlay 

Source
Expand description

ZLayer Overlay - Encrypted overlay networking via boringtun

Provides encrypted overlay networks using boringtun (Cloudflare’s Rust userspace WireGuard implementation) with DNS service discovery, automatic bootstrap on node init/join, IP allocation, and health checking.

No kernel WireGuard module or wireguard-tools required – uses TUN devices (Linux /dev/net/tun, macOS utun) and configures peers via the UAPI protocol.

§Modules

  • allocator - IP address allocation for overlay networks
  • bootstrap - Overlay network initialization and joining
  • config - Configuration types for overlay networks
  • dns - DNS server for service discovery
  • error - Error types for overlay operations
  • health - Health checking for peer connectivity
  • transport - Overlay transport (boringtun device management via UAPI)

§Example

§Initialize as cluster leader

use zlayer_overlay::bootstrap::OverlayBootstrap;
use std::path::Path;

let bootstrap = OverlayBootstrap::init_leader(
    "10.200.0.0/16",
    51820,
    Path::new("/var/lib/zlayer"),
).await?;

// Start the overlay network (creates boringtun TUN device)
bootstrap.start().await?;

println!("Overlay IP: {}", bootstrap.node_ip());
println!("Public key: {}", bootstrap.public_key());

§Join an existing overlay

use zlayer_overlay::bootstrap::OverlayBootstrap;
use std::path::Path;

let bootstrap = OverlayBootstrap::join(
    "10.200.0.0/16",           // Leader's CIDR
    "192.168.1.100:51820",     // Leader's endpoint
    "leader_public_key",       // Leader's public key
    "10.200.0.1".parse()?,     // Leader's overlay IP
    "10.200.0.5".parse()?,     // Our allocated IP
    51820,                      // Our listen port
    Path::new("/var/lib/zlayer"),
).await?;

bootstrap.start().await?;

§With DNS service discovery

use zlayer_overlay::OverlayBootstrap;
use std::path::Path;

// Enable DNS service discovery on the overlay
let mut bootstrap = OverlayBootstrap::init_leader(
    "10.200.0.0/16",
    51820,
    Path::new("/var/lib/zlayer"),
)
.await?
.with_dns("overlay.local.", 15353)?;  // Zone and port

bootstrap.start().await?;

// Peers are auto-registered:
// - node-0-1.overlay.local -> 10.200.0.1 (leader)
// - leader.overlay.local -> 10.200.0.1 (alias)

// Query DNS from another machine:
// dig @10.200.0.1 -p 15353 node-0-1.overlay.local

§Health checking

use zlayer_overlay::health::OverlayHealthChecker;
use std::time::Duration;

let checker = OverlayHealthChecker::new("zl-overlay0", Duration::from_secs(30));

// Check all peers
let health = checker.check_all().await?;
println!("Healthy: {}/{}", health.healthy_peers, health.total_peers);

// Start continuous monitoring
checker.run(|public_key, healthy| {
    println!("Peer {} is now {}", public_key, if healthy { "UP" } else { "DOWN" });
}).await;

Re-exports§

pub use allocator::IpAllocator;
pub use bootstrap::BootstrapConfig;
pub use bootstrap::BootstrapState;
pub use bootstrap::OverlayBootstrap;
pub use bootstrap::PeerConfig;
pub use bootstrap::DEFAULT_INTERFACE_NAME;
pub use bootstrap::DEFAULT_KEEPALIVE_SECS;
pub use bootstrap::DEFAULT_OVERLAY_CIDR;
pub use error::OverlayError;
pub use error::Result;
pub use health::OverlayHealth;
pub use health::OverlayHealthChecker;
pub use health::PeerStatus;
pub use config::*;
pub use dns::*;
pub use transport::*;

Modules§

allocator
IP address allocation for overlay networks
bootstrap
Overlay network bootstrap functionality
config
Overlay network configuration
dns
DNS server for service discovery over overlay networks
error
Error types for overlay network operations
health
Health checking for overlay network peers
transport
Encrypted overlay transport layer

Constants§

DEFAULT_WG_PORT
Default overlay listen port (re-exported from zlayer-core). Default overlay listen port (WireGuard protocol).