Re: How to expose ATS container IP to host IP

[Bryan Call <bc...@apache.org>]

Sounds like you might have problem with your ip_allow.config.  What does it look like?  Also, what does your remap.config file look like?

-Bryan



> On Apr 3, 2019, at 9:30 AM, Vasanth Mathivanan <va...@evolutiondigital.com> wrote:
> 
> Hi all,
>  
> Problem was can’t able to  connect the external world(i.e host network 10.137.x.x) in container but my ATS service are running and exposing ports are fine in container  . But  remap cannot accept the external IP ( i.e my host machine IP ) and with internal container network(i.e 172.18.0.x)   was working fine internally not outside . We have to tried with above IP’s on remap configuration but no luck from here .
>  
> [root@ceph-admin cdn]# curl -I 172.18.x.x:8004
> HTTP/1.1 403 Forbidden
> Date: Wed, 03 Apr 2019 16:22:37 GMT
> Server: ATS/6.2.2
> Accept-Ranges: bytes
> Content-Length: 4961
> Content-Type: text/html; charset=UTF-8
> Age: 1
> Connection: keep-alive
> Via: http/1.1 mycdn (ApacheTrafficServer/6.2.2 [uScMs f p eN:t cCMi p sS])
>  
> [root@ceph-admin cdn]# curl -I 10.137.x.x:8006
> HTTP/1.1 404 Not Found on Accelerator.
> Date: Wed, 03 Apr 2019 16:22:50 GMT
> Connection: keep-alive
> Via: http/1.1 mycdn (ApacheTrafficServer/6.2.2 [uScMs f p eC:tNcCMi p s ])
> Server: ATS/6.2.3
> Cache-Control: no-store
> Content-Type: text/html
> Content-Language: en
> Content-Length: 391
> 
> Thanks
> __Vasanth
> 
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10

RE: How to expose ATS container IP to host IP

[Vasanth Mathivanan <va...@evolutiondigital.com>]

Sure Bryan , you asked the needful things  will be  given below . Then I was tried on lot of ways such as bridge network ,  replacing host IP , container hostname , container IP but its finally worked on host IP in remap .Host IP would be passed from Environment Variables so such a need thing will be provide as manually when its happen on container start  like below

docker run -it -d  --net new-network  -p 8006:8006 -p 8007:8007  -e HOST="x.x.x.x" -e LIVE_PORT="8006" -e LIVE_ORIGIN="nginx" -e VOD_PORT="8007" -e VOD_ORIGIN="nginx" 440f9dc0ed92

Then environment variables would pass to the script .

For script reference given below :

https://github.com/Vasanth3g/Edge_ATS_with_Docker/blob/master/configs/runtime_config.sh

 I had one more problem with volume mounting in container which cache file as mentioned on  inside container while cant mount outside the cache file on host machine when the container start with    “-v” flags looks like “-v /tmp/ats/trafficserver:/mnt/ramdisk” (<host mount point> : <container mount point >)  .

Container remap.config

map http://10.137.x.x:8006 http://nginx plugin=header_rewrite.so @pparam=dscp/set_dscp_32.config  @plugin=header_rewrite.so @pparam=hdr_rw_live.config @plugin=collapsed_forwarding.so @plugin=cache_range_requests.so

Container Ip allow config

src_ip=0.0.0.0-255.255.255.255                    action=ip_deny  method=PUSH|PURGE|DELETE
src_ip=::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff action=ip_deny  method=PUSH|PURGE|DELETE

Note : Allowed  entire subnet

Thanks
__Vasanth


Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10

From: Bryan Call<ma...@apache.org>
Sent: Thursday, April 4, 2019 10:32 PM
To: users@trafficserver.apache.org<ma...@trafficserver.apache.org>
Subject: Re: How to expose ATS container IP to host IP

Sounds like you might have problem with your ip_allow.config.  What does it look like?  Also, what does your remap.config file look like?

-Bryan



On Apr 3, 2019, at 9:30 AM, Vasanth Mathivanan <va...@evolutiondigital.com>> wrote:

Hi all,

Problem was can’t able to  connect the external world(i.e host network 10.137.x.x) in container but my ATS service are running and exposing ports are fine in container  . But  remap cannot accept the external IP ( i.e my host machine IP ) and with internal container network(i.e 172.18.0.x)   was working fine internally not outside . We have to tried with above IP’s on remap configuration but no luck from here .

[root@ceph-admin cdn]# curl -I 172.18.x.x:8004
HTTP/1.1 403 Forbidden
Date: Wed, 03 Apr 2019 16:22:37 GMT
Server: ATS/6.2.2
Accept-Ranges: bytes
Content-Length: 4961
Content-Type: text/html; charset=UTF-8
Age: 1
Connection: keep-alive
Via: http/1.1 mycdn (ApacheTrafficServer/6.2.2 [uScMs f p eN:t cCMi p sS])

[root@ceph-admin cdn]# curl -I 10.137.x.x:8006
HTTP/1.1 404 Not Found on Accelerator.
Date: Wed, 03 Apr 2019 16:22:50 GMT
Connection: keep-alive
Via: http/1.1 mycdn (ApacheTrafficServer/6.2.2 [uScMs f p eC:tNcCMi p s ])
Server: ATS/6.2.3
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
Content-Length: 391

Thanks
__Vasanth

Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10