From: John Keeney Date: Thu, 4 Jun 2020 11:51:47 +0000 (+0000) Subject: Merge "Step version for release" X-Git-Tag: BronzeRC0 X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=8ac0b866bf53aaa35baf8eaed1343b0b028242f9;hp=7afdea4b4f75dfd9cd8ea8adbdd11a9e28042074;p=sim%2Fa1-interface.git Merge "Step version for release" --- diff --git a/near-rt-ric-simulator/Dockerfile b/near-rt-ric-simulator/Dockerfile index 2c5dfcd..b079d73 100644 --- a/near-rt-ric-simulator/Dockerfile +++ b/near-rt-ric-simulator/Dockerfile @@ -24,6 +24,7 @@ RUN pip install connexion[swagger-ui] #install nginx RUN apt-get update RUN apt-get install -y nginx=1.14.* +RUN apt-get install -y nginx-extras #install curl RUN apt-get install -y curl diff --git a/near-rt-ric-simulator/README.md b/near-rt-ric-simulator/README.md index 5152042..a55d8d7 100644 --- a/near-rt-ric-simulator/README.md +++ b/near-rt-ric-simulator/README.md @@ -154,7 +154,12 @@ file "pass" stores the password when you run the shell script Start the a1-interface container without specifing external certificates: 'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 a1test' -It will listen to http 8085 port and https 8185 port(using default certificates) at the same time. +It will listen to https 8185 port(using default certificates) by default. +Http can be enabled on port 8085 using an environment variable "ALLOW_HTTP". +If this environment variable is left out or set to false, the nginx server will send +"444 Connection Closed Without Response" when making a call using http. +Example command to enable http: +'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=OSC\_2.1.0 -e ALLOW_HTTP=true a1test' This certificates/key can be overriden by mounting a volume when using "docker run" or "docker-compose" In 'docker run', use field: @@ -163,7 +168,7 @@ In 'docker-compose.yml', use field: volumes: - ./certificate:/usr/src/app/cert:ro -In docker run the full command could look like this:
'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test' +In docker run the full command could look like this:
'docker run -it -p 8085:8085 -p 8185:8185 -e A1\_VERSION=STD\_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test' http port 8085 and https port 8185 The variable for A1 version is set with the '-e' flag. With logging of remote host enabled "-e REMOTE_HOSTS_LOGGING=1 " diff --git a/near-rt-ric-simulator/nginx.conf b/near-rt-ric-simulator/nginx.conf index f21e173..3087a3f 100644 --- a/near-rt-ric-simulator/nginx.conf +++ b/near-rt-ric-simulator/nginx.conf @@ -3,6 +3,8 @@ worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; +env ALLOW_HTTP; + events { worker_connections 768; # multi_accept on; @@ -27,9 +29,26 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; + perl_set $allow_http 'sub { return $ENV{"ALLOW_HTTP"}; }'; + server { # simple reverse-proxy - listen 8085; + listen 8085; listen [::]:8085; + server_name localhost; + if ($allow_http != true) { + return 444; + } + + # serve dynamic requests + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:2222; + } + } + + server { # simple reverse-proxy listen 8185 ssl; listen [::]:8185 ssl; server_name localhost; @@ -37,7 +56,6 @@ http { ssl_certificate_key /usr/src/app/cert/key.crt; ssl_password_file /usr/src/app/cert/pass; - # serve dynamic requests location / { proxy_set_header Host $host; diff --git a/near-rt-ric-simulator/test/1.1.x-alpha.2/build_and_start.sh b/near-rt-ric-simulator/test/1.1.x-alpha.2/build_and_start.sh index 4cabff3..8b8da57 100755 --- a/near-rt-ric-simulator/test/1.1.x-alpha.2/build_and_start.sh +++ b/near-rt-ric-simulator/test/1.1.x-alpha.2/build_and_start.sh @@ -27,6 +27,6 @@ docker build -t a1test . echo "Starting $1 mode" #Run the container in interactive mode, unsecure port 8085, secure port 8185. -docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=1.1.x-alpha.2 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test +docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=1.1.x-alpha.2 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test diff --git a/near-rt-ric-simulator/test/OSC_2.1.0/build_and_start.sh b/near-rt-ric-simulator/test/OSC_2.1.0/build_and_start.sh index 9537d30..2c8cba4 100755 --- a/near-rt-ric-simulator/test/OSC_2.1.0/build_and_start.sh +++ b/near-rt-ric-simulator/test/OSC_2.1.0/build_and_start.sh @@ -27,5 +27,5 @@ docker build -t a1test . echo "Starting $1 mode" #Run the container in interactive mode, unsecure port 8085, secure port 8185. -docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test +docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test diff --git a/near-rt-ric-simulator/test/STD_1.1.3/build_and_start.sh b/near-rt-ric-simulator/test/STD_1.1.3/build_and_start.sh index 0d48fbf..0bd0f1c 100755 --- a/near-rt-ric-simulator/test/STD_1.1.3/build_and_start.sh +++ b/near-rt-ric-simulator/test/STD_1.1.3/build_and_start.sh @@ -27,4 +27,4 @@ docker build -t a1test . echo "Starting ric-sim" #Run the container in interactive mode, unsecure port 8085, secure port 8185 -docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test \ No newline at end of file +docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 --volume "$PWD/certificate:/usr/src/app/cert" a1test \ No newline at end of file