From 84866c1d86626cf862552e80a1f78ea3c3c98c2f Mon Sep 17 00:00:00 2001 From: "xiuting.xu" Date: Sat, 9 May 2026 10:12:51 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=83=A8=E7=BD=B2=E6=96=87?= =?UTF-8?q?=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- deploy/bird/Dockerfile | 2 ++ deploy/bird/docker-compose.ssh.yml | 9 ++++++- deploy/bird/docker-compose.yml | 10 ++++++-- deploy/bird/entrypoint.sh | 2 +- deploy/client/Dockerfile | 3 ++- deploy/client/docker-compose.clients.yml | 30 ++++++++++++++++-------- deploy/client/docker-compose.ssh.yml | 10 ++++++-- deploy/client/docker-compose.tcp.yml | 10 ++++++-- deploy/client/docker-compose.tls.yml | 10 ++++++-- deploy/client/docker-compose.yml | 10 ++++++-- deploy/server/docker-compose.ssh.yml | 11 +++++++-- deploy/server/docker-compose.tcp.yml | 7 ++++++ deploy/server/docker-compose.tls.yml | 7 ++++++ deploy/server/docker-compose.yml | 7 ++++++ tests/test_server_transports.rs | 5 ++-- tests/test_session.rs | 14 ++++++++--- 16 files changed, 117 insertions(+), 30 deletions(-) diff --git a/deploy/bird/Dockerfile b/deploy/bird/Dockerfile index adfa407..516f7ab 100644 --- a/deploy/bird/Dockerfile +++ b/deploy/bird/Dockerfile @@ -36,6 +36,7 @@ FROM debian:bookworm-slim RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates \ gettext-base \ + tzdata \ netcat-openbsd \ libreadline8 \ libncurses6 \ @@ -46,6 +47,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ COPY --from=builder /usr/sbin/bird /usr/sbin/bird COPY --from=builder /usr/sbin/birdc /usr/sbin/birdc COPY --from=builder /etc/bird /etc/bird +ENV TZ=Asia/Shanghai COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh \ diff --git a/deploy/bird/docker-compose.ssh.yml b/deploy/bird/docker-compose.ssh.yml index 40fe27f..5ec2c4f 100644 --- a/deploy/bird/docker-compose.ssh.yml +++ b/deploy/bird/docker-compose.ssh.yml @@ -2,9 +2,16 @@ services: bird-rpki-client: environment: BIRD_CONFIG_TEMPLATE_PATH: "/config/bird.conf.ssh.template" - RPKI_HOST: "0.0.0.0" + RPKI_HOST: "rpki-rtr" RPKI_PORT: "${RPKI_RTR_SSH_PORT:-22}" OBSERVE_PROTO: "rpki_ssh" volumes: - ./bird.conf.ssh.template:/config/bird.conf.ssh.template:ro - ../../certs:/config/ssh:ro + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/bird/docker-compose.yml b/deploy/bird/docker-compose.yml index 7fd7613..02244fd 100644 --- a/deploy/bird/docker-compose.yml +++ b/deploy/bird/docker-compose.yml @@ -7,11 +7,10 @@ services: BIRD_VERSION: "3.2.1" container_name: bird-rpki-client restart: unless-stopped - network_mode: host environment: BIRD_CONFIG_TEMPLATE_PATH: "/config/bird.conf.template" - RPKI_HOST: "0.0.0.0" + RPKI_HOST: "rpki-rtr-tcp" RPKI_PORT: "323" OBSERVE_PROTO: "rpki_tcp" @@ -33,3 +32,10 @@ services: volumes: - ./bird.conf.template:/config/bird.conf.template:ro - ../../logs/bird:/app/logs + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/bird/entrypoint.sh b/deploy/bird/entrypoint.sh index 13da678..c42df67 100644 --- a/deploy/bird/entrypoint.sh +++ b/deploy/bird/entrypoint.sh @@ -120,7 +120,7 @@ print_first_n_objects() { } print_snapshot() { - echo "==== $(date -u +"%Y-%m-%dT%H:%M:%SZ") RPKI snapshot ($PROTO) ====" + echo "==== $(date +"%Y-%m-%dT%H:%M:%S%:z") RPKI snapshot ($PROTO) ====" birdc -s "$SOCK_PATH" show protocols all "$PROTO" || true if [ "$SHOW_ASPA" = "1" ]; then diff --git a/deploy/client/Dockerfile b/deploy/client/Dockerfile index d783b12..3fea4a8 100644 --- a/deploy/client/Dockerfile +++ b/deploy/client/Dockerfile @@ -14,10 +14,11 @@ RUN cargo build --release --bin rtr_debug_client FROM debian:bookworm-slim AS runtime RUN apt-get update \ - && apt-get install -y --no-install-recommends ca-certificates \ + && apt-get install -y --no-install-recommends ca-certificates tzdata \ && rm -rf /var/lib/apt/lists/* WORKDIR /app +ENV TZ=Asia/Shanghai COPY --from=builder /build/target/release/rtr_debug_client /usr/local/bin/rtr_debug_client COPY --chmod=755 deploy/client/entrypoint.sh /usr/local/bin/rtr-debug-client-entrypoint.sh diff --git a/deploy/client/docker-compose.clients.yml b/deploy/client/docker-compose.clients.yml index bd64331..efde91c 100644 --- a/deploy/client/docker-compose.clients.yml +++ b/deploy/client/docker-compose.clients.yml @@ -3,40 +3,50 @@ version: "3.9" services: rtr-client-1: image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no + networks: + - rpki_net rtr-client-2: image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no + networks: + - rpki_net rtr-client-3: image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no + networks: + - rpki_net rtr-client-4: image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no + networks: + - rpki_net rtr-client-5: image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/client/docker-compose.ssh.yml b/deploy/client/docker-compose.ssh.yml index 538f011..a09fdf0 100644 --- a/deploy/client/docker-compose.ssh.yml +++ b/deploy/client/docker-compose.ssh.yml @@ -6,10 +6,9 @@ services: context: ../.. dockerfile: deploy/client/Dockerfile image: rpki-rtr-debug-client:latest - network_mode: host command: [ - "127.0.0.1:${RPKI_RTR_SSH_PORT:-22}", + "rpki-rtr-ssh:${RPKI_RTR_SSH_PORT:-22}", "2", "reset", "--ssh", @@ -28,3 +27,10 @@ services: restart: no stdin_open: true tty: true + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/client/docker-compose.tcp.yml b/deploy/client/docker-compose.tcp.yml index 16fa4ca..99e2479 100644 --- a/deploy/client/docker-compose.tcp.yml +++ b/deploy/client/docker-compose.tcp.yml @@ -4,10 +4,16 @@ services: context: ../.. dockerfile: deploy/client/Dockerfile image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no stdin_open: true tty: true + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/client/docker-compose.tls.yml b/deploy/client/docker-compose.tls.yml index 987a35f..34c69d0 100644 --- a/deploy/client/docker-compose.tls.yml +++ b/deploy/client/docker-compose.tls.yml @@ -6,10 +6,9 @@ services: context: ../.. dockerfile: deploy/client/Dockerfile image: rpki-rtr-debug-client:latest - network_mode: host command: [ - "127.0.0.1:324", + "rpki-rtr-tls:324", "2", "reset", "--tls", @@ -30,3 +29,10 @@ services: restart: no stdin_open: true tty: true + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/client/docker-compose.yml b/deploy/client/docker-compose.yml index 16fa4ca..99e2479 100644 --- a/deploy/client/docker-compose.yml +++ b/deploy/client/docker-compose.yml @@ -4,10 +4,16 @@ services: context: ../.. dockerfile: deploy/client/Dockerfile image: rpki-rtr-debug-client:latest - network_mode: host - command: ["127.0.0.1:323", "2", "reset", "--keep-after-error", "--summary-only"] + command: ["rpki-rtr-tcp:323", "2", "reset", "--keep-after-error", "--summary-only"] volumes: - ../../logs/client:/app/logs restart: no stdin_open: true tty: true + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/server/docker-compose.ssh.yml b/deploy/server/docker-compose.ssh.yml index cb17b40..ccba9ed 100644 --- a/deploy/server/docker-compose.ssh.yml +++ b/deploy/server/docker-compose.ssh.yml @@ -10,12 +10,12 @@ services: restart: no ports: - "323:323" - - "${RPKI_RTR_SSH_PORT:-22}:${RPKI_RTR_SSH_PORT:-22}" + - "${RPKI_RTR_SSH_HOST_PORT:-2222}:22" environment: RPKI_RTR_ENABLE_TLS: "false" RPKI_RTR_ENABLE_SSH: "true" RPKI_RTR_TCP_ADDR: "0.0.0.0:323" - RPKI_RTR_SSH_ADDR: "0.0.0.0:${RPKI_RTR_SSH_PORT:-22}" + RPKI_RTR_SSH_ADDR: "0.0.0.0:22" RPKI_RTR_SSH_HOST_KEY_PATH: "/app/certs/ssh_host_rsa_key" RPKI_RTR_SSH_AUTHORIZED_KEYS_PATH: "/app/certs/rtr-authorized_keys" RPKI_RTR_SSH_USERNAME: "rpki-rtr" @@ -35,3 +35,10 @@ services: - ../../data:/app/slurm:ro - ../../certs:/app/certs:ro - ../../logs/server:/app/logs + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/server/docker-compose.tcp.yml b/deploy/server/docker-compose.tcp.yml index 05be793..657b1db 100644 --- a/deploy/server/docker-compose.tcp.yml +++ b/deploy/server/docker-compose.tcp.yml @@ -27,3 +27,10 @@ services: - ../../rtr-db:/app/rtr-db - ../../data:/app/slurm:ro - ../../logs/server:/app/logs + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/server/docker-compose.tls.yml b/deploy/server/docker-compose.tls.yml index 59382a9..f7bed57 100644 --- a/deploy/server/docker-compose.tls.yml +++ b/deploy/server/docker-compose.tls.yml @@ -33,3 +33,10 @@ services: - ../../data:/app/slurm:ro - ../../tests/fixtures/tls:/app/certs:ro - ../../logs/server:/app/logs + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/deploy/server/docker-compose.yml b/deploy/server/docker-compose.yml index bccb99f..2816232 100644 --- a/deploy/server/docker-compose.yml +++ b/deploy/server/docker-compose.yml @@ -41,3 +41,10 @@ services: - ../../logs/server:/app/logs # TLS mode example: # - ../../certs:/app/certs:ro + networks: + - rpki_net + +networks: + rpki_net: + name: rpki_net + driver: bridge diff --git a/tests/test_server_transports.rs b/tests/test_server_transports.rs index 174f064..5934e0c 100644 --- a/tests/test_server_transports.rs +++ b/tests/test_server_transports.rs @@ -1,8 +1,9 @@ +use arc_swap::ArcSwap; use std::fs; use std::io::BufReader; use std::net::SocketAddr; use std::path::{Path, PathBuf}; -use std::sync::{Arc, RwLock}; +use std::sync::Arc; use std::time::Duration; use rustls::{ClientConfig, RootCertStore}; @@ -45,7 +46,7 @@ fn load_pem_key(path: &Path) -> PrivateKeyDer<'static> { } fn test_cache() -> SharedRtrCache { - Arc::new(RwLock::new( + Arc::new(ArcSwap::from_pointee( RtrCacheBuilder::new() .session_ids(SessionIds::from_array([42, 42, 42])) .serials([100, 100, 100]) diff --git a/tests/test_session.rs b/tests/test_session.rs index bfc0c37..3729e0b 100644 --- a/tests/test_session.rs +++ b/tests/test_session.rs @@ -157,9 +157,17 @@ async fn start_tls_session_server_with_cert( return; }; - let _ = - handle_tls_connection(cache, stream, peer_addr, acceptor, notify_rx, shutdown_rx, None) - .await; + let _ = handle_tls_connection( + cache, + stream, + peer_addr, + acceptor, + true, + notify_rx, + shutdown_rx, + None, + ) + .await; }); (addr, shutdown_tx, handle)