-
Notifications
You must be signed in to change notification settings - Fork 592
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(agw): fix certificate issue for containerized AGW deployment #13862
fix(agw): fix certificate issue for containerized AGW deployment #13862
Conversation
Thanks for opening a PR! 💯
Howto
More infoPlease take a moment to read through the Magma project's
If this is your first Magma PR, also consider reading
|
a4fc463
to
7d38c7c
Compare
fceb588
to
25e7135
Compare
e99ef11
to
c38e530
Compare
c38e530
to
dd3cfd4
Compare
lte/gateway/docker/README.md
Outdated
@@ -47,6 +47,13 @@ docker-compose build | |||
docker-compose up | |||
``` | |||
|
|||
Optional: If you want to connect to an orc8r, copy the `rootCA.pem` from the orc8r |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should happen before we run docker-compose up
for the first time, so we should move this up.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we mount the directory anyway I would have assumed that the order doesn't really matter, but I can change it if that is better
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the AGW will read the certificate on startup and probably not re-read it when it is copied later when the AGW is already running.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have moved it before the docker setup.
dd3cfd4
to
3911d1e
Compare
3911d1e
to
a4336b7
Compare
a4336b7
to
08f87bf
Compare
fixes the mount path for the rootCA.pem certificate, so a containerized deployment outside the dev VM can still access it Signed-off-by: Sebastian Wolf <sebastian.wolf@tngtech.com>
Signed-off-by: Sebastian Wolf <sebastian.wolf@tngtech.com>
08f87bf
to
6546140
Compare
…ma#13862) * fix(agw): fix certificate issue for containerized AGW deployment fixes the mount path for the rootCA.pem certificate, so a containerized deployment outside the dev VM can still access it Signed-off-by: Sebastian Wolf <sebastian.wolf@tngtech.com> * chore: add option to update rootCA.pem in deployment docs Signed-off-by: Sebastian Wolf <sebastian.wolf@tngtech.com> Signed-off-by: Sebastian Wolf <sebastian.wolf@tngtech.com>
Signed-off-by: Sebastian Wolf sebastian.wolf@tngtech.com
Summary
Resolves issue #13682.
This PR fixes the issue where a containerized deployment on bare metal tries to mount the
rootCA.pem
certificate from the directory$MAGMA_ROOT/.cache/test_certs/
, which does not exist. Instead, it will be mounted from/var/opt/magma/certs/
, where it is previously copied to when following the documentation.This should not affect the containerized AGW setup inside the dev VM, as spinning up the VM creates the certificate in both locations: at
$MAGMA_ROOT/.cache/test_certs/
(mounted from host) and at/var/opt/magma/certs/
in the VM.Test Plan
Additional Information