diff options
author | marcinjb <marcinjb@chromium.org> | 2016-01-28 15:05:02 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-01-28 23:05:51 +0000 |
commit | cc9d2934094ab0dfdbaf210fe7cc2ea924b1edab (patch) | |
tree | 71b9c655212cfa55513a26d7f4373742d49ab9d3 /blimp/docs | |
parent | 47d408a4847886b442365a41ef8281ca99de0812 (diff) | |
download | chromium_src-cc9d2934094ab0dfdbaf210fe7cc2ea924b1edab.zip chromium_src-cc9d2934094ab0dfdbaf210fe7cc2ea924b1edab.tar.gz chromium_src-cc9d2934094ab0dfdbaf210fe7cc2ea924b1edab.tar.bz2 |
Set up an stunnel endpoint for the engine.
This puts an stunnel proxy in the engine's Docker container. The client
will connect on the same port, stunnel will intercept and forward the
underlying traffic to the engine which is now listening on another port.
BUG=575421
Review URL: https://codereview.chromium.org/1638153002
Cr-Commit-Position: refs/heads/master@{#372199}
Diffstat (limited to 'blimp/docs')
-rw-r--r-- | blimp/docs/container.md | 42 |
1 files changed, 25 insertions, 17 deletions
diff --git a/blimp/docs/container.md b/blimp/docs/container.md index 36a5cee..31adc80 100644 --- a/blimp/docs/container.md +++ b/blimp/docs/container.md @@ -59,31 +59,39 @@ Using the tarfile you can create a Docker image: docker build -t blimp_engine - < ./out-linux/Debug/blimp_engine_bundle.tar ``` -## Create Docker Container +## Running the Engine in a Docker Container -From the Docker image you can create a Docker container (i.e. run the engine): +After building the Docker image you can launch the engine inside the Docker +container. -```bash -docker run blimp_engine -``` +### Setting up an Environment -You can also pass additional flags: +A little prep work is necessary to enable the engine to start as it requires a +few files that are not provided by the container. You need: -```bash -docker run blimp_engine --with-my-flags -``` +* A directory (`$CONFIG_DIR`) with permissions of 0755 (ie. world accessable) +* `$CONFIG_DIR/stunnel.pem`: A PEM encoded file with a private key and a + public certificate. Permissions should be set to 644. +* `$CONFIG_DIR/client_token`: A file with a non-empty string used as the + client token (the shared secret between the client and the engine). + Persmissions should also be set to 644. -See the [blimp engine `Dockerfile`](../engine/Dockerfile) to find out what flags -are passed by default. +This setup step is only required once and can be reused for all the rest of the +runs of the engine. -### Mapping Volumes into the Docker Container +### Running the Engine -If you need to map a directory into the Docker container (eg. for necessary -files): +Once the `$CONFIG_DIR` is set up, you can launch the engine in the Docker +container: ```bash -docker run -v /path/to/srcdir:/path/to/docker/destdir blimp_engine +docker run -v $CONFIG_DIR:/engine/data -p 443:25466 blimp_engine ``` +You can also pass additional flags: + +```bash +docker run ... blimp_engine --with-my-flags +``` +See the [blimp engine `Dockerfile`](../engine/Dockerfile) to find out what flags +are passed by default. -NB: The permissions of the directory and the files outside of the Docker -container will be carried over into the container. |