[trafficcontrol] branch master updated: Add TP standalone dockerfiles (#3491)

Tue, 16 Apr 2019 08:53:22 -0700 

This is an automated email from the ASF dual-hosted git repository.

dgelinas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git


The following commit(s) were added to refs/heads/master by this push:
     new 7787fb6  Add TP standalone dockerfiles (#3491)
7787fb6 is described below

commit 7787fb670af63968a99343bc97867ca7ae03bc99
Author: Robert Butts <[email protected]>
AuthorDate: Tue Apr 16 09:53:02 2019 -0600

    Add TP standalone dockerfiles (#3491)
---
 CHANGELOG.md                                    |  5 +-
 infrastructure/docker/README.md                 | 19 +++++++
 infrastructure/docker/traffic_portal/Dockerfile | 38 ++++++++++++++
 infrastructure/docker/traffic_portal/run.sh     | 66 +++++++++++++++++++++++++
 4 files changed, 126 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c4035e5..6615ded 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,9 +5,9 @@ The format is based on [Keep a 
Changelog](http://keepachangelog.com/en/1.0.0/).
 
 ## [Unreleased]
 ### Added
-- Traffic Router: TR now generates a self-signed certificate at startup and 
uses it as the default TLS cert. 
+- Traffic Router: TR now generates a self-signed certificate at startup and 
uses it as the default TLS cert.
   The default certificate is used whenever a client attempts an SSL handshake 
for an SNI host which does not match
-  any of the other certificates. 
+  any of the other certificates.
 - Traffic Ops Golang Endpoints
   - /api/1.4/users `(GET,POST,PUT)`
   - /api/1.1/deliveryservices/xmlId/:xmlid/sslkeys `GET`
@@ -24,6 +24,7 @@ The format is based on [Keep a 
Changelog](http://keepachangelog.com/en/1.0.0/).
 - Added monitoring.json snapshotting. This stores the monitoring json in the 
same table as the crconfig snapshot. Snapshotting is now required in order to 
push out monitoring changes.
 - To traffic_ops_ort.pl added the ability to handle ##OVERRIDE## delivery 
service ANY_MAP raw remap text to replace and comment out a base delivery 
service remap rules. THIS IS A TEMPORARY HACK until versioned delivery services 
are implemented.
 - Snapshotting the CRConfig now deletes HTTPS certificates in Riak for 
delivery services which have been deleted in Traffic Ops.
+- Traffic Portal standalone Dockerfile
 
 ### Changed
 - Traffic Router, added TLS certificate validation on certificates imported 
from Traffic Ops
diff --git a/infrastructure/docker/README.md b/infrastructure/docker/README.md
index 7a8b6a4..e661ec0 100644
--- a/infrastructure/docker/README.md
+++ b/infrastructure/docker/README.md
@@ -171,3 +171,22 @@ curl -vs -o /dev/null -H "Host: edge.ds1.c23.example.net" 
"http://192.0.2.104/te
 # Test the HTTP delivery service. Should return a 302 and a 200.
 curl -Lvs -o /dev/null "http://tr.ds2.c23.example.net/test.ism/manifest";
 ```
+
+
+Traffic Portal
+-------------
+
+Traffic Portal is not required by the CDN to function, but provides a web 
interface to manage Traffic Ops.
+
+You can also create a standalone Traffic Portal Docker container and point it 
at a Traffic Ops not in Docker.
+
+You will need a Traffic Portal RPM, and a running Traffic Ops instance to 
point it to.
+
+The following commands will build a Docker image and container for Traffic 
Portal:
+
+
+```
+docker build --no-cache --rm --tag traffic_portal:3.0.x 
--build-arg=RPM=traffic_portal.rpm .
+
+docker run --name tp --hostname tp --net cdnet --publish 40443:443 --env 
TO_SERVER=my-traffic-ops-fqdn --env TO_PORT=443 --env DOMAIN=cdnet --detach -- 
traffic_portal:3.0.x
+```
diff --git a/infrastructure/docker/traffic_portal/Dockerfile 
b/infrastructure/docker/traffic_portal/Dockerfile
new file mode 100644
index 0000000..63555db
--- /dev/null
+++ b/infrastructure/docker/traffic_portal/Dockerfile
@@ -0,0 +1,38 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+############################################################
+# Dockerfile to build Traffic Portal container images
+# Based on CentOS 7.2
+############################################################
+
+FROM centos/systemd
+
+RUN curl -sL https://rpm.nodesource.com/setup_6.x | bash -
+
+ARG RPM=traffic_portal.rpm
+ADD $RPM /
+
+RUN yum install -y epel-release
+RUN yum install -y jq nodejs openssl gettext bind-utils net-tools /$(basename 
$RPM)
+
+RUN rm /$(basename $RPM)
+
+RUN yum clean all
+
+ADD run.sh /
+CMD /run.sh
diff --git a/infrastructure/docker/traffic_portal/run.sh 
b/infrastructure/docker/traffic_portal/run.sh
new file mode 100755
index 0000000..0d20b5d
--- /dev/null
+++ b/infrastructure/docker/traffic_portal/run.sh
@@ -0,0 +1,66 @@
+#!/usr/bin/env bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+set -o errexit
+
+NAME="Traffic Portal Application"
+NODE_BIN_DIR="/usr/bin"
+NODE_PATH="/opt/traffic_portal/node_modules"
+FOREVER_BIN_DIR="/opt/traffic_portal/node_modules/forever/bin"
+APPLICATION_PATH="/opt/traffic_portal/server.js"
+PIDFILE="/var/run/traffic_portal.pid"
+LOGFILE="/var/log/traffic_portal/traffic_portal.log"
+MIN_UPTIME="5000"
+SPIN_SLEEP_TIME="2000"
+
+envvars=(TO_SERVER TO_PORT DOMAIN)
+for v in "${envvars}"; do
+       if [[ -z $$v ]]; then echo "$v is unset"; exit 1; fi
+done
+
+CONF_DIR="/opt/traffic_portal/conf"
+
+mkdir -p "${CONF_DIR}"
+
+KEY_FILE="${CONF_DIR}/key.pem"
+CERT_FILE="${CONF_DIR}/cert.pem"
+openssl req -nodes -x509 -newkey rsa:4096 -keyout "${KEY_FILE}" -out 
"${CERT_FILE}" -days 365 -subj "/CN=${DOMAIN}"
+
+CONF_FILE="/etc/traffic_portal/conf/config.js"
+
+sed -i -e "/^\s*base_url:/ s@'.*'@'https://$TO_SERVER:$TO_PORT/api/'@" 
"${CONF_FILE}"
+sed -i -e "/^\s*cert:/ s@'.*'@'${CERT_FILE}'@" "${CONF_FILE}"
+sed -i -e "/^\s*key:/ s@'.*'@'${KEY_FILE}'@" "${CONF_FILE}"
+
+props=/opt/traffic_portal/public/traffic_portal_properties.json
+tmp=$(mktemp)
+
+jq --arg TO_SERVER "$TO_SERVER:$TO_PORT" '.properties.api.baseUrl = 
"https://"+$TO_SERVER' <$props >$tmp
+mv $tmp $props
+
+# Add node to the path for situations in which the environment is passed.
+PATH=$FOREVER_BIN_DIR:$NODE_BIN_DIR:$PATH
+forever \
+    --pidFile $PIDFILE \
+    -a \
+    -l $LOGFILE \
+    --minUptime $MIN_UPTIME \
+    --spinSleepTime $SPIN_SLEEP_TIME \
+    start $APPLICATION_PATH
+
+tail -f /dev/null

Reply via email to