NASP/rpki
63
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rpki/deploy/server/DEPLOYMENT.md
xiuting.xu cdf9372929 增加环境变量
2026-05-18 11:42:33 +08:00

1.8 KiB
Raw Blame History

Deployment (Docker Compose)

This project runs src/main.rs as a long-running server that:

  1. loads latest .ccr from a configured directory,
  2. applies optional SLURM filtering,
  3. starts RTR server.

The container runs rpki directly as PID 1.

Files

  • deploy/server/Dockerfile
  • deploy/server/docker-compose.yml

Runtime Paths in Container

  • CCR directory: /app/data
  • RocksDB directory: /app/rtr-db
  • SLURM directory: /app/slurm
  • TLS cert directory (optional): /app/certs

Path Configuration via .env

  • RPKI_RTR_CCR_HOST_DIR: host CCR directory mounted into container
  • RPKI_RTR_SLURM_HOST_DIR: host SLURM directory mounted into container
  • RPKI_RTR_CCR_DIR: in-container CCR directory path
  • RPKI_RTR_SLURM_DIR: in-container SLURM directory path
  • RPKI_RTR_DB_HOST_DIR: host RocksDB directory
  • RPKI_RTR_LOG_HOST_DIR: host log directory
  • RPKI_RTR_DB_PATH: in-container RocksDB directory

Runtime Configuration via .env

  • Core: RPKI_RTR_STRICT_CCR_VALIDATION, RPKI_RTR_SOURCE_REFRESH_INTERVAL_SECS, RPKI_RTR_MAX_DELTA, RPKI_RTR_MAX_CONCURRENT_HANDSHAKES, RUST_LOG
  • TCP mode: RPKI_RTR_MAX_CONNECTIONS
  • TLS mode: RPKI_RTR_ENFORCE_TLS_CLIENT_SAN_IP_MATCH, RPKI_RTR_TLS_CERT_PATH, RPKI_RTR_TLS_KEY_PATH, RPKI_RTR_TLS_CLIENT_CA_PATH, RPKI_RTR_TLS_CERTS_HOST_DIR
  • SSH mode: RPKI_RTR_SSH_HOST_PORT, RPKI_RTR_SSH_CONTAINER_PORT, RPKI_RTR_SSH_AUTH_MODE, RPKI_RTR_SSH_USERNAME, RPKI_RTR_SSH_SUBSYSTEM_NAME, RPKI_RTR_SSH_HOST_KEY_PATH, RPKI_RTR_SSH_AUTHORIZED_KEYS_PATH, RPKI_RTR_SSH_KEYS_VOLUME, RPKI_RTR_SSH_CERTS_HOST_DIR

Start

docker compose -f deploy/server/docker-compose.yml up -d --build

Stop

docker compose -f deploy/server/docker-compose.yml down

Logs

docker compose -f deploy/server/docker-compose.yml logs -f rpki-rtr