...

Text file src/github.com/google/certificate-transparency-go/trillian/examples/deployment/docker/ctfe/README.md

Documentation: github.com/google/certificate-transparency-go/trillian/examples/deployment/docker/ctfe

     1# Dockerized Test Deployment
     2
     3This brings up a CTFE with its own trillian instance and DB server for users to
     4get a feel for how deploying CTFE works. This is not recommended as a way of
     5serving production logs!
     6
     7## Requirements
     8
     9- Docker and Docker Compose Plugin
    10- go tooling
    11- git checkouts of:
    12  - github.com/google/trillian
    13  - github.com/google/certificate-transparency-go
    14
    15The instructions below assume you've checked out the repositories within
    16`/workspaces/`, but if you have them in another location then just use a different
    17path when you run the command.
    18
    19```bash
    20# Terminal 1
    21export GIT_HOME=/workspaces
    22```
    23
    24```bash
    25# Terminal 2
    26export GIT_HOME=/workspaces
    27```
    28
    29## Deploying
    30
    31We will use 2 terminal sessions to the machine you will use for hosting the
    32docker containers. Each of the code stanzas below will state which terminal to
    33use. This makes it easier to see output logs and to avoid repeatedly changing
    34directory.
    35
    36First bring up the trillian instance and the database:
    37
    38```bash
    39# Terminal 1
    40cd ${GIT_HOME}/certificate-transparency-go/trillian/examples/deployment/docker/ctfe/
    41docker compose up
    42```
    43
    44This brings up everything except the CTFE. Now to provision the logs.
    45
    46```bash
    47# Terminal 2
    48cd ${GIT_HOME}/trillian/
    49docker exec -i ctfe-db mariadb -pzaphod -Dtest < ./storage/mysql/schema/storage.sql
    50```
    51
    52The CTFE requires some configuration files. First prepare a directory containing
    53these, and expose it as a docker volume. These instructions prepare this config
    54at `/tmp/ctfedocker` but if you plan on keeping this test instance alive for
    55more than a few hours then pick a less temporary location on your filesystem.
    56
    57```bash
    58# Terminal 2
    59CTFE_CONF_DIR=/tmp/ctfedocker
    60mkdir ${CTFE_CONF_DIR}
    61TREE_ID=$(go run github.com/google/trillian/cmd/createtree@master --admin_server=localhost:8090)
    62sed "s/@TREE_ID@/${TREE_ID}/" ${GIT_HOME}/certificate-transparency-go/trillian/examples/deployment/docker/ctfe/ct_server.cfg > ${CTFE_CONF_DIR}/ct_server.cfg
    63cp ${GIT_HOME}/certificate-transparency-go/trillian/testdata/fake-ca.cert ${CTFE_CONF_DIR}
    64docker volume create --driver local --opt type=none --opt device=${CTFE_CONF_DIR} --opt o=bind ctfe_config
    65```
    66
    67Now that this configuration is available, you can bring up the CTFE:
    68
    69```bash
    70# Terminal 1
    71<Ctrl C> # kill the previous docker compose up command
    72docker compose --profile frontend up
    73```
    74
    75This will bring up the whole stack. Assuming there are no errors in the log,
    76then the following command should return tree head for tree size 0.
    77
    78```bash
    79# Terminal 2
    80cd ${GIT_HOME}/certificate-transparency-go
    81go run ./client/ctclient get-sth --log_uri http://localhost:8080/testlog
    82```

View as plain text