Minimal changes to get Docker running#2
Conversation
- errors left are:
```
kt-server_1 | I0605 14:30:28.741205 7 frontend.go:248] Listening on 0.0.0.0:8080
kt-server_1 | 2017/06/05 14:30:28 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: dial tcp 0.0.0.0:8080: getsockopt: connection refused"; Reconnecting to {0.0.0.0:8080 <nil>}
```
```
kt-signer_1 | E0605 14:34:39.994320 7 signer.go:155] GetSignedMapRoot(6078530097245576956): sql: no rows in result set
kt-signer_1 | E0605 14:34:39.996193 7 signer.go:70] CreateEpoch failed: sql: no rows in result set
```
and rarely:
```
db_1 | 2017-06-05T14:36:46.840558Z 51 [Note] Aborted connection 51 to db: 'test' user: 'test' host: '172.17.0.6' (Got an error reading communication packets)
```
- add default for LISTENADDR from "" to "0.0.0.0" - change db host - working default CERTIP in prepare_server.sh - fix command: s/docker-compose up trillian-map -d/docker-compose up -d trillian-map
README.md
Outdated
| ```sh | ||
| go run $GOPATH/src/github.com/google/trillian/cmd/createtree/main.go --admin_server=localhost:8090 --pem_key_path=testdata/log-rpc-server.privkey.pem --pem_key_password="towel" --signature_algorithm=ECDSA --tree_type=LOG | ||
| go run $GOPATH/src/github.com/google/trillian/cmd/createtree/main.go --admin_server=localhost:8090 --pem_key_path=testdata/log-rpc-server.privkey.pem --pem_key_password="towel" --signature_algorithm=ECDSA --tree_type=MAP | ||
| MAP_IP=`docker inspect keytransparency_trillian-map_1 | grep -E '"IPAddress": ' | tail -n 1 | cut -d \" -f 4` |
There was a problem hiding this comment.
Looks like the format command is a bit more canonical way to do this:
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name_or_id
https://stackoverflow.com/questions/17157721/how-to-get-a-docker-containers-ip-address-from-the-host
| --addr="$HOST:$RPC_PORT" \ | ||
| --db="${DB_USER}:${DB_PASSWORD}@tcp(${DB_HOST})/${DB_DATABASE}" \ | ||
| --vrf="$VRF_KEY_PATH" \ | ||
| --vrf="$VRF_PRIV" \ |
There was a problem hiding this comment.
Is this change a mistake? I don't see a corresponding VRF_PRIV ENV variable above
There was a problem hiding this comment.
Good catch! I wanted consistent naming with prepare_server.sh and the docker-compose.yml file where this variable is also called VRF_PRIV (that's why everything still worked when firing up docker-compose). I missed that I didn't rename the default in this particular Dockerfile, though. (all are named VRF_PRIV now).
| if err != nil { | ||
| return nil, err | ||
| } | ||
| signer, err := keys.NewFromPrivatePEM(string(pemB), *signingKeyPassword) |
There was a problem hiding this comment.
There's a convenience method for this: NewFromPrivatePEMPath
There was a problem hiding this comment.
Thanks! I changed it to NewFromPrivatePEMFile. Just a note: Now, there is a minor difference in behavior though: with NewFromPrivatePEM one could provide an empty password which isn't possible with NewFromPrivatePEMFile anymore (and I think that makes more sense, too).
gdbelvin
left a comment
gdbelvin
left a comment
There was a problem hiding this comment.
Thanks for this PR!
A couple changes are needed to clean things up and I'll merge it.
2 participants
Most relevant changes:
docker-compose up -d trillian-mapin Readmecmd/keytransparency-server/Dockerfiletrillian/testfileswhile kt usesgenfiles).envfile and provide defaults in docker-compose.yml instead@gdbelvin: I can split this up in smaller PRs if you prefer that.