I have started to test out ZeroTier as an alternative to traditional VPN for my home lab. I’m not unhappy about how VPN works with my Ubiquity USG setup, but I need something more intrinsic and independant of whereever my workloads would run and not depend on a connection to homelap or me connecting to it for access to these. In my opinion VPN is great for high performance site-to-site tunnels or for roadworkers out and about needing to connect to the “office/data center” i.e some aggregate of workloads in close proximity. They’re not well suited for scattered ephemeral workloads and I do not want to maintain scripting handeling a cumpersome setup processes for each new VM/contrainer or VPN site-to-site tunnels between my homelab, worklab and a couple of public cloud providers (those guys even charge for VPN connections). For my requirements a simple to setup and encrypted overlay solution is a far better option as I tend to spin up short lived workloads on everything between my own raspberry pi cluster, worklab and clouds like AWS and Google.
There are great VPN alternatives available like WireGuard or Tinc with powerfull features not found elswhere. Though they’re still more comparable to traditional VPN - plus they’re still more complex to setup than ZeroTier.
Anyway, let dig into ZeroTier!
Continue reading