...
1# Dockerized Test Deployment
2
3This brings up a CTFE with its own trillian instance and DB server for users to
4get a feel for how deploying CTFE works. This is not recommended as a way of
5serving production logs!
6
7## Requirements
8
9- Docker and Docker Compose Plugin
10- go tooling
11- git checkouts of:
12 - github.com/google/trillian
13 - github.com/google/certificate-transparency-go
14
15The instructions below assume you've checked out the repositories within
16`/workspaces/`, but if you have them in another location then just use a different
17path when you run the command.
18
19```bash
20# Terminal 1
21export GIT_HOME=/workspaces
22```
23
24```bash
25# Terminal 2
26export GIT_HOME=/workspaces
27```
28
29## Deploying
30
31We will use 2 terminal sessions to the machine you will use for hosting the
32docker containers. Each of the code stanzas below will state which terminal to
33use. This makes it easier to see output logs and to avoid repeatedly changing
34directory.
35
36First bring up the trillian instance and the database:
37
38```bash
39# Terminal 1
40cd ${GIT_HOME}/certificate-transparency-go/trillian/examples/deployment/docker/ctfe/
41docker compose up
42```
43
44This brings up everything except the CTFE. Now to provision the logs.
45
46```bash
47# Terminal 2
48cd ${GIT_HOME}/trillian/
49docker exec -i ctfe-db mariadb -pzaphod -Dtest < ./storage/mysql/schema/storage.sql
50```
51
52The CTFE requires some configuration files. First prepare a directory containing
53these, and expose it as a docker volume. These instructions prepare this config
54at `/tmp/ctfedocker` but if you plan on keeping this test instance alive for
55more than a few hours then pick a less temporary location on your filesystem.
56
57```bash
58# Terminal 2
59CTFE_CONF_DIR=/tmp/ctfedocker
60mkdir ${CTFE_CONF_DIR}
61TREE_ID=$(go run github.com/google/trillian/cmd/createtree@master --admin_server=localhost:8090)
62sed "s/@TREE_ID@/${TREE_ID}/" ${GIT_HOME}/certificate-transparency-go/trillian/examples/deployment/docker/ctfe/ct_server.cfg > ${CTFE_CONF_DIR}/ct_server.cfg
63cp ${GIT_HOME}/certificate-transparency-go/trillian/testdata/fake-ca.cert ${CTFE_CONF_DIR}
64docker volume create --driver local --opt type=none --opt device=${CTFE_CONF_DIR} --opt o=bind ctfe_config
65```
66
67Now that this configuration is available, you can bring up the CTFE:
68
69```bash
70# Terminal 1
71<Ctrl C> # kill the previous docker compose up command
72docker compose --profile frontend up
73```
74
75This will bring up the whole stack. Assuming there are no errors in the log,
76then the following command should return tree head for tree size 0.
77
78```bash
79# Terminal 2
80cd ${GIT_HOME}/certificate-transparency-go
81go run ./client/ctclient get-sth --log_uri http://localhost:8080/testlog
82```
View as plain text