k) Docker setup

Owned by Leonard Schubert
Last updated: Apr 15, 2024
8 min read

  • System operation with Docker Containers / Docker Compose:

  • Docker Engine Version 20.10 or higher

  • Docker Compose Version 1.19 or higher

The correct 'docker pull' commands will be provided, and the image names must be replaced in the commands and configurations accordingly.

docker pull docker.stepover.de/webso/frigg docker pull docker.stepover.de/webso/braga #optional docker pull mariadb:latest docker pull

Environement variables and Volumes

config.ini

For frigg the config.ini must be mounted to /usr/local/tomcat/conf/config.ini

For braga the config.ini must be mounted to /opt/braga/config.ini

/path/to/config.ini:/usr/local/tomcat/conf/config.ini /path/to/config.ini:/opt/braga/config.ini

braga storage

For braga additionally the data directory must be mounted. E.g.

/path/to/datadir:/mnt/braga_data

The data directory must be defined accordingly in the config.ini:

storage_home=/mnt/braga_data/

The volumes can either be mounted by using volumes in docker-compose or with the -v flag in docker run command (see below).

timezone

Set the timezone for frigg and braga:

TZ="EUROPE/BERLIN"

If no timezone is provided, UTC will be used. The timezone of the database must be the same as frigg and braga. The environment variable can either be set using environment in docker-compose or with the -e flag in docker run.

Docker run

When running the containers, the mounted volumes and environment variables must be set in the run command:

docker run

#frigg docker run -p 8443:8443 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg #braga docker run -p 8080:8080 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de/webso/braga

braga can be referenced by its container ip or the server ip with port-forwarding. The container ip can be obtained with docker inspect:

docker inspect braga

The server port is the port of the container in the docker bridge network. The axis_server_ip must be set accordingly:

axis_server_ip=172.18.0.2 axis_server_port=8080

docker network

To make the services accessible wihtin by name, you need to create a docker network.

The network must be added to the run command with the --network parameter.

docker run with docker network:

#network docker create webso-net #frigg docker run -p 8443:8443 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg #braga docker run -p 8080:8080 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de/webso/braga

braga can then be referenced by it’s container name and it’s container port.

config.ini with docker network:

axis_server_ip=braga axis_server_port=8080

The referenced port is not the port exposed with the run command, but the port of the container. (8080 for braga).

mariaDB and rabbitMQ container

Additionally you can run mariaDB and/or rabbitMQ as containers. To reference them by their names, a docker network must be created (see above).

docker run with mariaDB and rabbitMQ:

#network docker create webso-net #frigg docker run -p 8443:8443 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg #braga docker run -p 8080:8080 --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de/webso/braga #mariadb docker run -p 3306:3306 --network webso-net --volume /var/lib/mysql:/var/lib/mysql --name mariadb mariadb:latest #rabbitmq docker run -p 5672:5672 -p 15672:15672 --network webso-net --name rabbitmq rabbitmq:3-management

The services are now reachable with their name within the docker network and can be set in the config.ini accordingly.

config.ini with docker mariaDB and rabbitMQ

axis_server_ip=braga axis_server_port=8080 dabase_host=mariadb database_port=3306 rabbitmq_server=rabbitmq rabbitmq_port=5672

host database

A database running on the host system can be accessed with host.docker.internal from a container.

It may be neccessary to add the host when running the container on linux

docker run --add-host=host.docker.internal:host-gateway

It’s not necessary to run the mariadb container. When using a docker network, --network needs to be added (see above).

docker run with host network

without docker network:

#frigg docker run -p 8443:8443 --add-host=host.docker.internal:host-gateway --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg #braga docker run -p 8080:8080 --add-host=host.docker.internal:host-gateway --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de/webso/braga

with docker network:

#frigg docker run -p 8443:8443 --add-host=host.docker.internal:host-gateway --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg #braga docker run -p 8080:8080 --add-host=host.docker.internal:host-gateway --network webso-net --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/opt/braga/config.ini --volume /path/to/datadir:/mnt/braga_data --name braga docker.stepover.de/webso/braga

 

config.ini with database on host:

dabase_host=host.docker.internal database_port=3306

Docker compose

Instead of using the docker run command, the services can be defined with docker-compose. The docker compose file creates a network webso-net and starts the services frigg and braga. The environment variables (see above) are set in the compose file.

docker-compose.yaml

services: frigg: image: "docker.stepover.de/webso/frigg" container_name: frigg expose: - "8443" ports: - "8443:8443" networks: - "webso-net" volumes: - "/path/to/config.ini:/usr/local/tomcat/conf/config.ini" environment: - TZ=Europe/Berlin braga: image: "docker.stepover.de/webso/braga" container_name: braga expose: - "8080" ports: - "8080:8080" networks: - "webso-net" volumes: - "/path/to/conig.ini:/opt/braga/config.ini" - "/path/to/braga_data:/mnt/braga_data" environment: - TZ=Europe/Berlin networks: webso-net: name: "webso-net"

Braga is referenced by it’s container name in config.ini. The braga storage_home is mounted as a volume and must be referenced in config.ini accordingly.

config.ini

axis_server_ip=braga axis_server_port=8080 storage_home=/mnt/braga_data database_host=<IP> rabbit_mq_server=<IP>

mariaDB and rabbitMQ container (docker-compose)

Instead of referencing the database and rabbitMQ by their IP, you can run them containerized and reference them by their container_name. The services must be added to the docker-compose.yaml file. mariaDB is running on it’s default port 3306 and the data is mounted from the host system.

services: frigg: image: "docker.stepover.de/webso/frigg" container_name: frigg expose: - "8443" ports: - "8443:8443" networks: - "webso-net" volumes: - "/path/to/config.ini:/usr/local/tomcat/conf/config.ini" environment: - TZ=Europe/Berlin braga: image: "docker.stepover.de/webso/braga" container_name: braga expose: - "8080" ports: - "8080:8080" networks: - "webso-net" volumes: - "/path/to/config.ini:/opt/braga/config.ini" - "/path/to/braga_data:/mnt/braga_data" environment: - TZ=Europe/Berlin mariadb: image: "mariadb" container_name: mariadb environment: - MYSQL_ROOT_PASSWORD=secret_pw - MYSQL_DATABASE=frigg expose: - "3306" ports: - "3306:3306" networks: - "webso-net" volumes: - "path/to/mariadb_data:/var/lib/mysql" rabbitmq: image: "rabbitmq:3-management" container_name: rabbitmq expose: - "15672" - "5672" ports: - "15672:15672" - "5672:5672" networks: - "webso-net" networks: webso-net: name: "webso-net"
axis_server_ip=braga axis_server_port=8080 storage_home=/mnt/braga_data database_host=mariadb database_port=3306 rabbitmq_server=rabbitmq rabbitmq_port=5672

host database (docker-compose)

To use a database running on a host system instead of a container, “host.docker.internal” must be added to extra_hosts. The mariadb service definition is not neccessary. The database host in config.ini must be set to host.docker.internal.

services: frigg: image: "docker.stepover.de/webso/frigg:" container_name: frigg expose: - "8443" ports: - "8443:8443" networks: - "webso-net" volumes: - "/path/to/config.ini:/usr/local/tomcat/conf/config.ini" environment: - TZ=Europe/Berlin extra_hosts: - "host.docker.internal:host-gateway" braga: image: "docker.stepover.de/webso/braga:" container_name: braga expose: - "8080" ports: - "8080:8080" networks: - "webso-net" volumes: - "/path/to/config.ini:/opt/braga/config.ini" - "/path/to/braga_data:/mnt/braga_data" environment: - TZ=Europe/Berlin extra_hosts: - "host.docker.internal:host-gateway" networks: webso-net: name: "webso-net"
dabase_host=host.docker.internal database_port=3306

TyrService Cache

When using the TyrService Cache, the cache-port of the frigg containers defined in the config tyr_cache_port (default 1110) must be exposed.

#frigg docker run -p 8443:8443 -p 1110:1110 --env TZ="EUROPE/BERLIN" --volume /path/to/config.ini:/usr/local/tomcat/conf/config.ini --name frigg docker.stepover.de/webso/frigg
services: frigg: image: "docker.stepover.de/webso/frigg" container_name: frigg expose: - "8443" - "1110" ports: - "8443:8443" - "1110:1110" networks: - "webso-net" volumes: - "/path/to/config.ini:/usr/local/tomcat/conf/config.ini" environment: - TZ=Europe/Berlin #braga, network, mariadb, rabbitMQ etc.

For additional information see l) TyrService Cache

Local tyrservice testing

When testing the Tyrservice Integration with frigg running locally, there may be problems with the SSL certificate, since certificate authorites don’t issue trusted certificates for localhost.

Therefore your Tyrservice client must either accept all certificates withoch checking the host.

TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { // Trust always } public void checkServerTrusted(X509Certificate[] certs, String authType) { // Trust always } }}; // Install the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); // Create empty HostnameVerifier HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String arg0, SSLSession arg1) { return true; } }; sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(hv);

Alternatively we can provide a certificate for testing. The host of the certificate must then be added in the hosts file.

# Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost 127.0.0.1 frigg.webso.stepover.de