System operation with Docker Containers / Docker Compose:
Docker Engine Version 20.10 or higher
Docker Compose Version 1.19 or higher
The correct 'docker pull' commands will be provided, and the image names must be replaced in the commands and configurations accordingly.
docker pull docker.stepover.de:8143/webso/frigg
docker pull docker.stepover.de:8143/webso/braga
#optional
docker pull mariadb:latest
docker pull
Environement variables and Volumes
config.ini
For frigg the config.ini must be mounted to /usr/local/tomcat/conf/config.ini
For braga the config.ini must be mounted to /opt/braga/config.ini
/path/to/config.ini:/usr/local/tomcat/conf/config.ini
/path/to/config.ini:/opt/braga/config.ini
braga storage
For braga additionally the data directory must be mounted. E.g.
/path/to/datadir:/mnt/braga_data
The data directory must be defined accordingly in the config.ini:
storage_home=/mnt/braga_data/
The volumes can either be mounted by using volumes in docker-compose or with the -v flag in docker run command (see below).
timezone
Set the timezone for frigg and braga:
If no timezone is provided, UTC will be used. The timezone of the database must be the same as frigg and braga. The environment variable can either be set using environment in docker-compose or with the -e flag in docker run.
Docker run
When running the containers, the mounted volumes and environment variables must be set in the run command:
docker run
#frigg
docker run -p 8443:8443 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
#braga
docker run -p 8080:8080 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de:8143/webso/braga
braga can be referenced by its container ip or the server ip with port-forwarding. The container ip can be obtained with docker inspect:
The server port is the port of the container in the docker bridge network. The axis_server_ip must be set accordingly:
axis_server_ip=172.18.0.2
axis_server_port=8080
docker network
To make the services accessible wihtin by name, you need to create a docker network.
The network must be added to the run command with the --network parameter.
docker run with docker network:
docker run with --network
#network
docker create webso-net
#frigg
docker run -p 8443:8443 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
#braga
docker run -p 8080:8080 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de:8143/webso/braga
braga can then be referenced by it’s container name and it’s container port.
config.ini with docker network:
config.ini
axis_server_ip=braga
axis_server_port=8080
The referenced port is not the port exposed with the run command, but the port of the container. (8080 for braga).
mariaDB and rabbitMQ container
Additionally you can run mariaDB and/or rabbitMQ as containers. To reference them by their names, a docker network must be created (see above).
docker run with mariaDB and rabbitMQ:
docker run with mariaDB and rabbitMQ
#network
docker create webso-net
#frigg
docker run -p 8443:8443 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
#braga
docker run -p 8080:8080 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de:8143/webso/braga
#mariadb
docker run -p 3306:3306 --network webso-net --volume /var/lib/mysql:/var/lib/mysql --name mariadb mariadb:latest
#rabbitmq
docker run -p 5672:5672 -p 15672:15672 --network webso-net --name rabbitmq rabbitmq:3-management
The services are now reachable with their name within the docker network and can be set in the config.ini accordingly.
config.ini with docker mariaDB and rabbitMQ
config.ini
axis_server_ip=braga
axis_server_port=8080
dabase_host=mariadb
database_port=3306
rabbitmq_server=rabbitmq
rabbitmq_port=5672
host database
A database running on the host system can be accessed with host.docker.internal from a container.
It may be neccessary to add the host when running the container on linux
docker run --add-host=host.docker.internal:host-gateway
It’s not necessary to run the mariadb container. When using a docker network, --network needs to be added (see above).
docker run with host network
docker run for host database
without docker network:
#frigg
docker run -p 8443:8443 --add-host=host.docker.internal:host-gateway --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
#braga
docker run -p 8080:8080 --add-host=host.docker.internal:host-gateway --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de:8143/webso/braga
with docker network:
#frigg
docker run -p 8443:8443 --add-host=host.docker.internal:host-gateway --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
#braga
docker run -p 8080:8080 --add-host=host.docker.internal:host-gateway --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de:8143/webso/braga
config.ini with database on host:
config.ini
dabase_host=host.docker.internal
database_port=3306
Docker compose
Instead of using the docker run command, the services can be defined with docker-compose. The docker compose file creates a network webso-net and starts the services frigg and braga. The environment variables (see above) are set in the compose file.
docker-compose.yaml
services:
frigg:
image: "docker.stepover.de:8143/webso/frigg"
container_name: frigg
expose:
- "8443"
ports:
- "8443:8443"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/usr/local/tomcat/conf/config.ini"
environment:
- TZ=Europe/Berlin
braga:
image: "docker.stepover.de:8143/webso/braga"
container_name: braga
expose:
- "8080"
ports:
- "8080:8080"
networks:
- "webso-net"
volumes:
- "/path/to/conig.ini:/opt/braga/config.ini"
- "/path/to/braga_data:/mnt/braga_data"
environment:
- TZ=Europe/Berlin
networks:
webso-net:
name: "webso-net"
Braga is referenced by it’s container name in config.ini. The braga storage_home is mounted as a volume and must be referenced in config.ini accordingly.
config.ini
axis_server_ip=braga
axis_server_port=8080
storage_home=/mnt/braga_data
database_host=<IP>
rabbit_mq_server=<IP>
mariaDB and rabbitMQ container (docker-compose)
Instead of referencing the database and rabbitMQ by their IP, you can run them containerized and reference them by their container_name. The services must be added to the docker-compose.yaml file. mariaDB is running on it’s default port 3306 and the data is mounted from the host system.
docker-compose.yaml with frigg, braga, mariadb and rabbitMQ
services:
frigg:
image: "docker.stepover.de:8143/webso/frigg"
container_name: frigg
expose:
- "8443"
ports:
- "8443:8443"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/usr/local/tomcat/conf/config.ini"
environment:
- TZ=Europe/Berlin
braga:
image: "docker.stepover.de:8143/webso/braga"
container_name: braga
expose:
- "8080"
ports:
- "8080:8080"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/opt/braga/config.ini"
- "/path/to/braga_data:/mnt/braga_data"
environment:
- TZ=Europe/Berlin
mariadb:
image: "mariadb"
container_name: mariadb
environment:
- MYSQL_ROOT_PASSWORD=secret_pw
- MYSQL_DATABASE=frigg
expose:
- "3306"
ports:
- "3306:3306"
networks:
- "webso-net"
volumes:
- "path/to/mariadb_data:/var/lib/mysql"
rabbitmq:
image: "rabbitmq:3-management"
container_name: rabbitmq
expose:
- "15672"
- "5672"
ports:
- "15672:15672"
- "5672:5672"
networks:
- "webso-net"
networks:
webso-net:
name: "webso-net"
config.ini frigg, braga, mariaDB, rabbitMQ container
axis_server_ip=braga
axis_server_port=8080
storage_home=/mnt/braga_data
database_host=mariadb
database_port=3306
rabbitmq_server=rabbitmq
rabbitmq_port=5672
host database (docker-compose)
To use a database running on a host system instead of a container, “host.docker.internal” must be added to extra_hosts. The mariadb service definition is not neccessary. The database host in config.ini must be set to host.docker.internal.
docker-compose.yaml for frigg and braga with extra_hosts
services:
frigg:
image: "docker.stepover.de:8143/webso/frigg:"
container_name: frigg
expose:
- "8443"
ports:
- "8443:8443"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/usr/local/tomcat/conf/config.ini"
environment:
- TZ=Europe/Berlin
extra_hosts:
- "host.docker.internal:host-gateway"
braga:
image: "docker.stepover.de:8143/webso/braga:"
container_name: braga
expose:
- "8080"
ports:
- "8080:8080"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/opt/braga/config.ini"
- "/path/to/braga_data:/mnt/braga_data"
environment:
- TZ=Europe/Berlin
extra_hosts:
- "host.docker.internal:host-gateway"
networks:
webso-net:
name: "webso-net"
config.ini with host-database
dabase_host=host.docker.internal
database_port=3306
TyrService Cache
When using the TyrService Cache, the cache-port of the frigg containers defined in the config tyr_cache_port (default 1110) must be exposed.
frigg docker run with TyrService Cache port exposed
#frigg
docker run -p 8443:8443 -p 1110:1110 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de:8143/webso/frigg
docker-compose with TyrService Cache port exposed
services:
frigg:
image: "docker.stepover.de:8143/webso/frigg"
container_name: frigg
expose:
- "8443"
- "1110"
ports:
- "8443:8443"
- "1110:1110"
networks:
- "webso-net"
volumes:
- "/path/to/config.ini:/usr/local/tomcat/conf/config.ini"
environment:
- TZ=Europe/Berlin
#braga, network, mariadb, rabbitMQ etc.
For additional information see l) TyrService Cache
Local tyrservice testing
When testing the Tyrservice Integration with frigg running locally, there may be problems with the SSL certificate, since certificate authorites don’t issue trusted certificates for localhost.
Therefore your Tyrservice client must either accept all certificates without checking the host.
JAVA example for a Tyrservice Client accepting all certificates
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
// Trust always
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
// Trust always
}
}};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
// Create empty HostnameVerifier
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);
Alternatively we can provide a certificate for testing issued on frigg.webso.stepover.de. The host of the certificate must then be added in the hosts file.
Example windows hosts entry C:\Windows\System32\drivers\etc\hosts
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
127.0.0.1 frigg.webso.stepover.de
