diff --git a/compose.yaml b/compose.yaml index 3d5b71c..514cc26 100644 --- a/compose.yaml +++ b/compose.yaml @@ -2,7 +2,6 @@ services: kasvc-0: &kasvc build: context: kasvc - network: host platforms: - linux/x86_64 platform: linux/x86_64 @@ -54,11 +53,9 @@ services: kaproxy: build: context: kaproxy - network: host platforms: - linux/x86_64 platform: linux/x86_64 - privileged: true ports: - 8079:8080 networks: @@ -71,7 +68,6 @@ services: kaclient: build: context: kaclient - network: host platforms: - linux/x86_64 platform: linux/x86_64 diff --git a/kaclient/Dockerfile b/kaclient/Dockerfile index 386b1a7..0308a1f 100644 --- a/kaclient/Dockerfile +++ b/kaclient/Dockerfile @@ -1,6 +1,6 @@ FROM archlinux:latest - -RUN pacman -Sy curl --noconfirm +RUN pacman -Syyu --noconfirm +RUN pacman -S curl --noconfirm COPY run.sh / CMD ["/run.sh"] diff --git a/kaproxy/Dockerfile b/kaproxy/Dockerfile index 7ba2843..a62541f 100644 --- a/kaproxy/Dockerfile +++ b/kaproxy/Dockerfile @@ -2,97 +2,16 @@ FROM archlinux:latest EXPOSE 8080 RUN pacman -Syyu --noconfirm -RUN pacman -S base-devel glibc gcc-libs perf --noconfirm +RUN pacman -S base-devel glibc gcc-libs --noconfirm COPY nginx /nginx WORKDIR /nginx RUN auto/configure \ --with-debug \ --with-http_ssl_module \ - --with-cc-opt="-ggdb -fno-omit-frame-pointer" + --with-cc-opt=-pg RUN make RUN make install COPY nginx.conf / -WORKDIR / - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key0.pem \ - -out cert0.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key1.pem \ - -out cert1.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key2.pem \ - -out cert2.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key3.pem \ - -out cert3.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key4.pem \ - -out cert4.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key5.pem \ - -out cert5.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key6.pem \ - -out cert6.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key7.pem \ - -out cert7.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key8.pem \ - -out cert8.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" - -RUN openssl req -x509 \ - -newkey rsa:4096 \ - -keyout key9.pem \ - -out cert9.pem \ - -sha256 -nodes \ - -days 3650 \ - -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=www.example.com" COPY dhparam.pem / COPY www.example.com.crt / diff --git a/kaproxy/nginx.conf b/kaproxy/nginx.conf index d86499c..a8f9734 100644 --- a/kaproxy/nginx.conf +++ b/kaproxy/nginx.conf @@ -15,65 +15,44 @@ http { ssl_certificate /www.example.com.crt; ssl_certificate_key /www.example.com.key; access_log /tmp/access.log; - proxy_socket_keepalive on; location /0 { - proxy_ssl_certificate /cert0.pem; - proxy_ssl_certificate_key /key0.pem; proxy_pass http://kasvc-0:8080; } location /1 { - proxy_ssl_certificate /cert1.pem; - proxy_ssl_certificate_key /key1.pem; proxy_pass http://kasvc-1:8080; } location /2 { - proxy_ssl_certificate /cert2.pem; - proxy_ssl_certificate_key /key2.pem; proxy_pass http://kasvc-2:8080; } location /3 { - proxy_ssl_certificate /cert3.pem; - proxy_ssl_certificate_key /key3.pem; proxy_pass http://kasvc-3:8080; } location /4 { - proxy_ssl_certificate /cert4.pem; - proxy_ssl_certificate_key /key4.pem; proxy_pass http://kasvc-4:8080; } location /5 { - proxy_ssl_certificate /cert5.pem; - proxy_ssl_certificate_key /key5.pem; proxy_pass http://kasvc-5:8080; } location /6 { - proxy_ssl_certificate /cert6.pem; - proxy_ssl_certificate_key /key6.pem; proxy_pass http://kasvc-6:8080; } location /7 { - proxy_ssl_certificate /cert7.pem; - proxy_ssl_certificate_key /key7.pem; proxy_pass http://kasvc-7:8080; } location /8 { - proxy_ssl_certificate /cert8.pem; - proxy_ssl_certificate_key /key8.pem; proxy_pass http://kasvc-8:8080; } location /9 { - proxy_ssl_certificate /cert9.pem; - proxy_ssl_certificate_key /key9.pem; proxy_pass http://kasvc-9:8080; } } diff --git a/kaproxy/run.sh b/kaproxy/run.sh index 89f8203..7e68009 100755 --- a/kaproxy/run.sh +++ b/kaproxy/run.sh @@ -1,14 +1,5 @@ #!/bin/bash -function p_invoke() { - perf record -F1000 --call-graph dwarf -o /perf.data \ - -- /nginx/objs/nginx \ - -p /tmp \ - -e /tmp/error.log \ - -c /nginx.conf \ - -g "daemon off;" -} - function invoke() { /nginx/objs/nginx \ -p /tmp \ @@ -32,7 +23,7 @@ function sigcont_handler() { trap 'sigint_handler' INT trap 'sigcont_handler' CONT -p_invoke & +invoke & wait echo "NGINX down. waiting until signalled..." sleep infinity diff --git a/kasvc/Dockerfile b/kasvc/Dockerfile index 117be5c..8573f13 100644 --- a/kasvc/Dockerfile +++ b/kasvc/Dockerfile @@ -1,5 +1,6 @@ FROM archlinux:latest -RUN pacman -Sy glibc gcc-libs --noconfirm +RUN pacman -Syyu --noconfirm +RUN pacman -S glibc gcc-libs --noconfirm EXPOSE 8080 COPY keepalive-svc / CMD ["/keepalive-svc"]