gfwleak/tsg-tsg-diagnose
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、新增docker容器时间和宿主机时间同步2、修改docker-compose造成容器中的服务启动顺序不确定bug

Browse Source
This commit is contained in:
root
2020-05-25 18:50:10 +08:00
parent 8a83b065d9
commit 2bd4996776
2 changed files with 196 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

210
docker-compose/docker-compose.yml
View File

@@ -1,93 +1,117 @@
#for ssl self test #for ssl self test
version: '2.1' version: '2.2'
services: services:
badssl_test: badssl_test:
image: "badssl:ssl-self-test" image: "badssl:ssl-self-test"
container_name: "badssl_ssl_self_test" container_name: "badssl_ssl_self_test"
tty: true tty: true
networks: privileged: true
vlan_ssl_net: networks:
ipv4_address: 192.168.253.130 vlan_ssl_net:
ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010 ipv4_address: 192.168.253.130
volumes: ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010
- /root/.badssl_self_test_cert_dict:/root/cert_dict bridge_net:
command: > ipv4_address: 172.31.254.2
bash -c "cp /root/cert_dict/certs -rf /badssl.com volumes:
&& cp /root/cert_dict/common -rf /badssl.com - /root/.badssl_self_test_cert_dict:/badssl.com/unittest_certs
&& make inside-docker - /etc/localtime:/etc/localtime:ro
&& nginx command: >
&& tail -f /dev/null" bash -c "make clean-certs
&& make certs-test
wpr_test: && make inside-docker
image: "golang:wpr-alpine" && cp -r /badssl.com/certs /badssl.com/unittest_certs
container_name: "wpr_ssl_self_test" && nginx
tty: true && tail -f /dev/null"
networks:
vlan_ssl_net: wpr_test:
ipv4_address: 192.168.253.131 image: "golang:wpr-alpine"
ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1011 container_name: "wpr_ssl_self_test"
volumes: tty: true
- /root/.go_wpr_test:/root/go_wpr_test privileged: true
command: networks:
- /bin/sh vlan_ssl_net:
- -c ipv4_address: 192.168.253.131
- | ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1011
/root/wpr/wpr replay --http_port=80 --https_port=443 --host=0.0.0.0 --quiet_mode /root/wpr/archive.wprgo bridge_net:
tail -f /dev/null ipv4_address: 172.31.254.3
volumes:
ssl_unittest: - /root/.go_wpr_test:/root/go_wpr_test
image: "python:unittest-alpine" - /etc/localtime:/etc/localtime:ro
container_name: "unittest_ssl_self_test" command:
depends_on: - /bin/sh
- badssl_test - -c
- wpr_test - |
tty: true /root/wpr/wpr replay --http_port=80 --https_port=443 --host=0.0.0.0 --quiet_mode /root/wpr/archive.wprgo &
networks: tail -f /dev/null
vlan_unittest_net:
ipv4_address: 192.168.253.3 ssl_unittest:
ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012 image: "python:unittest-alpine"
volumes: container_name: "unittest_ssl_self_test"
- /root/.unittest_self_test_cafile_dict:/root/cafile_dict depends_on:
command: - badssl_test
- /bin/sh - wpr_test
- -c tty: true
- | privileged: true
cp -rf /root/cafile_dict/ca-root.crt /usr/local/share/ca-certificates networks:
update-ca-certificates vlan_unittest_net:
cat /root/unittest/badssl.test.hosts >> /etc/hosts ipv4_address: 192.168.253.3
python /root/unittest/unittest_self.py ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012
tail -f /dev/null bridge_net:
ipv4_address: 172.31.254.4
volumes:
- /root/.badssl_self_test_cert_dict:/root/cafile_dict
networks: - /etc/localtime:/etc/localtime:ro
vlan_ssl_net: command:
name: vlan_ssl_self_test_net - /bin/sh
driver: macvlan - -c
enable_ipv6: true - |
driver_opts: /root/unittest/wait-for 172.31.254.2:443 -t 60 -- echo "badssl is up"
parent: enp1s1 /root/unittest/wait-for 172.31.254.3:443 -t 60 -- echo "wpr is up"
ipam: cp -rf /root/cafile_dict/certs/sets/current/gen/crt/ca-root.crt /usr/local/share/ca-certificates
config: update-ca-certificates
- subnet: 192.168.253.0/24 cat /root/unittest/badssl.test.hosts >> /etc/hosts
ip_range: 192.168.253.128/25 python /root/unittest/unittest_self.py
gateway: 192.168.253.129 tail -f /dev/null
- subnet: fd00:a1bf:2c3d:ef5a::/63
ip_range: fd00:a1bf:2c3d:ef5a::/64
gateway: fd00:a1bf:2c3d:ef5a::1010
networks:
vlan_unittest_net: bridge_net:
name: vlan_unittest_self_test_net name: bridge_ssl_self_test_net
driver: macvlan driver: bridge
enable_ipv6: true ipam:
driver_opts: config:
parent: ens1f1 - subnet: 172.31.254.0/24
ipam: gateway: 172.31.254.1
config:
- subnet: 192.168.253.0/24
ip_range: 192.168.253.0/25 vlan_ssl_net:
gateway: 192.168.253.1 name: vlan_ssl_self_test_net
- subnet: fd00:a1bf:2c3d:ef5a::/63 driver: macvlan
ip_range: fd00:a1bf:2c3d:ef5b::/64 enable_ipv6: true
gateway: fd00:a1bf:2c3d:ef5a::1011 driver_opts:
parent: enp1s1
ipam:
config:
- subnet: 192.168.253.0/24
ip_range: 192.168.253.128/25
gateway: 192.168.253.129
- subnet: fd00:a1bf:2c3d:ef5a::/63
ip_range: fd00:a1bf:2c3d:ef5a::/64
gateway: fd00:a1bf:2c3d:ef5a::1010
vlan_unittest_net:
name: vlan_unittest_self_test_net
driver: macvlan
enable_ipv6: true
driver_opts:
parent: ens1f1
ipam:
config:
- subnet: 192.168.253.0/24
ip_range: 192.168.253.0/25
gateway: 192.168.253.1
- subnet: fd00:a1bf:2c3d:ef5a::/63
ip_range: fd00:a1bf:2c3d:ef5b::/64
gateway: fd00:a1bf:2c3d:ef5a::1011

79
unittest_python/unittest/wait-for Executable file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
TIMEOUT=15
QUIET=0
echoerr() {
if [ "$QUIET" -ne 1 ]; then printf "%s\n" "$*" 1>&2; fi
}
usage() {
exitcode="$1"
cat << USAGE >&2
Usage:
$cmdname host:port [-t timeout] [-- command args]
-q | --quiet Do not output any status messages
-t TIMEOUT | --timeout=timeout Timeout in seconds, zero for no timeout
-- COMMAND ARGS Execute command with args after the test finishes
USAGE
exit "$exitcode"
}
wait_for() {
for i in `seq $TIMEOUT` ; do
nc -z "$HOST" "$PORT" > /dev/null 2>&1
result=$?
if [ $result -eq 0 ] ; then
if [ $# -gt 0 ] ; then
exec "$@"
fi
exit 0
fi
sleep 1
done
echo "Operation timed out" >&2
exit 1
}
while [ $# -gt 0 ]
do
case "$1" in
*:* )
HOST=$(printf "%s\n" "$1"| cut -d : -f 1)
PORT=$(printf "%s\n" "$1"| cut -d : -f 2)
shift 1
;;
-q | --quiet)
QUIET=1
shift 1
;;
-t)
TIMEOUT="$2"
if [ "$TIMEOUT" = "" ]; then break; fi
shift 2
;;
--timeout=*)
TIMEOUT="${1#*=}"
shift 1
;;
--)
shift
break
;;
--help)
usage 0
;;
*)
echoerr "Unknown argument: $1"
usage 1
;;
esac
done
if [ "$HOST" = "" -o "$PORT" = "" ]; then
echoerr "Error: you need to provide a host and port to test."
usage 2
fi
wait_for "$@"