JBevillC commented on issue #3270: Add CiaB expose-ports.yml, remove default expose URL: https://github.com/apache/trafficcontrol/pull/3270#issuecomment-459077492 Rob, I reviewed this PR and everything works with changes to the main CiaB docker-compose.yml. I noticed the optional containers still had the expose ports baked in, so I went ahead and PR'd the changes to your branch. My testing procedure: ``` # from ./infrastructure/cdn-in-a-box alias mydc="docker-compose "` \ `"-f $PWD/docker-compose.yml "` \ `"-f $PWD/docker-compose.expose-ports.yml "` \ `"-f $PWD/optional/docker-compose.socksproxy.yml "` \ `"-f $PWD/optional/docker-compose.socksproxy.expose-ports.yml "` \ `"-f $PWD/optional/docker-compose.vnc.yml "` \ `"-f $PWD/optional/docker-compose.vnc.expose-ports.yml " mydc kill && mydc rm -fv && docker volume prune -f make very-clean && make -j 7 mydc build mydc up ``` Output from `mydc ps`: ``` $ mydc ps Name Command State Ports -------------------------------------------------------------------------------------------------------------------------- cdn-in-a-box_db_1_f396593a9871 docker-entrypoint.sh postgres Up 0.0.0.0:5432->5432/tcp cdn-in-a-box_dns_1_92688e3205bb /sbin/entrypoint.sh /usr/s ... Up 0.0.0.0:9353->53/tcp, 53/udp cdn-in-a-box_edge_1_b950b8c7a528 /bin/sh -c /run.sh Up 0.0.0.0:9000->80/tcp cdn-in-a-box_enroller_1_e4b91ff6a298 /bin/sh -c /run.sh Up cdn-in-a-box_mid_1_7d3e434a9251 /bin/sh -c /run.sh Up 0.0.0.0:9100->80/tcp cdn-in-a-box_origin_1_27b3134e9a44 /bin/sh -c /run.sh Up 0.0.0.0:9200->80/tcp cdn-in-a-box_socksproxy_1_19c749771207 /run.sh Up 0.0.0.0:9080->1080/tcp cdn-in-a-box_tccache_1_6528e62f7369 /bin/sh -c exit Exit 0 cdn- /bin/sh -c /run.sh Up 0.0.0.0:80->80/tcp in-a-box_trafficmonitor_1_47e8ba19ea54 cdn-in-a-box_trafficops- /bin/sh -c /run.sh Up 0.0.0.0:60443->443/tcp perl_1_3fe4a3118e92 cdn-in-a-box_trafficops_1_ac908a5f25bd /bin/sh -c /run-go.sh Up 0.0.0.0:6443->443/tcp cdn- /bin/sh -c /run.sh Up 0.0.0.0:443->443/tcp in-a-box_trafficportal_1_19c4ff275bfa cdn- /bin/sh -c /run.sh Up 0.0.0.0:3333->3333/tcp, in-a-box_trafficrouter_1_7c533ec1c0a8 0.0.0.0:3443->443/tcp, 0.0.0.0:3053->53/tcp, 0.0.0.0:3080->80/tcp cdn- /bin/sh -c /run.sh Up 0.0.0.0:8087->8087/tcp, in-a-box_trafficvault_1_a49fe8a99114 0.0.0.0:8098->8098/tcp cdn-in-a-box_vnc_1_fbf418f1179c /bin/sh -c /run.sh Up 0.0.0.0:5909->5909/tcp ``` Once the traffic router starts up, I was able to request demo1 delivery service via HTTPS: ``` $ mydc exec trafficops /bin/bash -c 'curl -o /dev/null -Lvs https://video.demo1.mycdn.ciab.test/' * About to connect() to video.demo1.mycdn.ciab.test port 443 (#0) * Trying 172.21.0.9... * Connected to video.demo1.mycdn.ciab.test (172.21.0.9) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=*.demo1.mycdn.ciab.test,O=CDN-in-a-Box,L=Denver,ST=Colorado,C=US * start date: Jan 30 18:39:35 2019 GMT * expire date: Jan 30 18:39:35 2020 GMT * common name: *.demo1.mycdn.ciab.test * issuer: [email protected],CN=CDN-in-a-Box Intermediate CA,OU=CDN-in-a-Box,O=CDN-in-a-Box,L=Denver,ST=Colorado,C=US > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: video.demo1.mycdn.ciab.test > Accept: */* > < HTTP/1.1 302 Found < Location: https://edge.demo1.mycdn.ciab.test/ < Content-Length: 0 < Date: Wed, 30 Jan 2019 19:28:55 GMT < * Connection #0 to host video.demo1.mycdn.ciab.test left intact * Issue another request to this URL: 'https://edge.demo1.mycdn.ciab.test/' * About to connect() to edge.demo1.mycdn.ciab.test port 443 (#1) * Trying 172.21.0.13... * Connected to edge.demo1.mycdn.ciab.test (172.21.0.13) port 443 (#1) * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=*.demo1.mycdn.ciab.test,O=CDN-in-a-Box,L=Denver,ST=Colorado,C=US * start date: Jan 30 18:39:35 2019 GMT * expire date: Jan 30 18:39:35 2020 GMT * common name: *.demo1.mycdn.ciab.test * issuer: [email protected],CN=CDN-in-a-Box Intermediate CA,OU=CDN-in-a-Box,O=CDN-in-a-Box,L=Denver,ST=Colorado,C=US > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: edge.demo1.mycdn.ciab.test > Accept: */* > < HTTP/1.1 200 OK < Content-Type: text/html < Accept-Ranges: bytes < ETag: "3812539862" < Last-Modified: Thu, 10 Jan 2019 22:53:33 GMT < Cache-Control: public, max-age=300 < Access-Control-Allow-Origin: * < Access-Control-Allow-Headers: Accept, Origin, Content-Type < Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS < Content-Length: 1881 < Date: Wed, 30 Jan 2019 19:28:54 GMT < Server: ATS/7.1.4 < Age: 1 < Via: http/1.1 mid.infra.ciab.test (ApacheTrafficServer/7.1.4 [uScMsSfWpSeN:t cCMi p sS]), http/1.1 edge.infra.ciab.test (ApacheTrafficServer/7.1.4 [uScMsSfWpSeN:t cCMi pSs ]) < Connection: keep-alive < { [data not shown] * Connection #1 to host edge.demo1.mycdn.ciab.test left intact ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
