trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Payne <>
Subject Re: ATS running inside docker
Date Mon, 08 Jan 2018 04:05:48 GMT
On a side note. I put together an internal POC that instantiates a
high performance ATS docker container within a multi-tenant
I used cgroups  to allocate cpu/memory resources from within the same
NUMA node.
I also used a docker plugin to pass through SRIOV VFs, also within the
same NUMA node as the above.
I'll clean up some of the lab details and then post in the next couple days.

On Tue, Jan 2, 2018 at 12:17 PM, James Peach <> wrote:
>> On Jan 2, 2018, at 9:11 AM, ezko <> wrote:
>> hi,
>> i'm trying to run ATS 7.1 inside a docker
>> my entry point is:
>> ENTRYPOINT ["/bin/bash"]
>> CMD ["-c","traffic_cop"]
>> which seems OK because traffic_cop seems to run in the foreground , so the
>> container can be monitored for orchestration. Is there a better entry point
>> for running ATS ?
> Nope, traffic_cop is correct.
>> my remap file:
>> map http://localhost:8080/cache/ http://{cache}
>> map http://{cache}
>> is an inner IP which the container instance got (it's not
>> constant)
>> My problem is with the port mapping.
>> When running in the default bridge mode with published ports for example:
>> docker run -d --name ats7.1 -e TS_ROOT='/' -p 7070:8080 -t centos_ats_7.1
>> docker port ats7.1
>> 8080/tcp ->
>> using the IP works (because i explicitly added a remap rule):
>> curl
>> but using the port mapping doesn't work
>> curl http://localhost:7070/cache/
>> I'm getting:
>> status 404 (Not Found on Accelerator) for 'http://localhost/cache/'
> Traffic Server needs a remap rule that matches whatever is in the Host header of the
HTTP request. In this case, I'd expect the Host header contains "localhost:7070". Remember
that remap is matching on the HTTP request contents, *not* on IP addresses.
> When running in a container, you might want to use host network and map block devices
directly with the devices cgroup or privileged mode.
> J

View raw message