#173 update docker run command to specify exposed port numbers and ho…

…stname
AthenZ · Jul 18, 2017 · a43d749 · a43d749
1 parent 838b4b4
commit a43d749
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 24 deletions.
diff --git a/docker/start.sh b/docker/start.sh
@@ -75,8 +75,12 @@ fi
 
 echo "---starting athenz ui---"
 cd /opt/athenz/athenz-ui*/
-export ZMS_SERVER=$public_hostname
-export UI_SERVER=$public_hostname
+if [ -z "${ZMS_SERVER}" ]; then
+    export ZMS_SERVER=$public_hostname
+fi
+if [ -z "${UI_SERVER}" ]; then
+    export UI_SERVER=$public_hostname
+fi
 bin/athenz_ui start
 
 cd /opt/athenz/athenz-zts*/var/zts_server/keys

diff --git a/docs/setup_docker.md b/docs/setup_docker.md
@@ -10,18 +10,12 @@
 ---------------
 
 ### Docker
------------
+----------
 
 Please checkout https://docs.docker.com/engine/installation/ for docker installation.
 
 ## Launch instance
--------------------
-
-Once docker is successfully installed, launch Athenz by executing the following docker command:
-
-```shell
-$ docker run -itd -P athenz/athenz
-```
+------------------
 
 The docker container includes all three Athenz Services - ZMS, ZTS and UI. Internally
 they're running on the following ports:
@@ -32,25 +26,31 @@ they're running on the following ports:
 |   ZTS   | 8443 |
 |   UI    | 9443 |
 
-To access these services, first determine the corresponding ports exposed by docker.
-Run the following commands to extract the container id assigned to the `athenz/athenz`
-image and then use extracted container id as the value for the CONTAINER_ID parameter
-in the second command to inspect the ports exposed by docker:
+and those three ports must be exposed and available on the docker host as well.
+
+Once docker is successfully installed, launch Athenz by executing the following docker command.
 
 ```shell
-$ docker ps --filter "ancestor=athenz/athenz" -q
-$ docker inspect --format '{{json .NetworkSettings.Ports}}' CONTAINER_ID
+$ docker run -itd -p 9443:9443 -p 4443:4443 -p 8443:8443 -e ZMS_SERVER=<server-hostname> -e UI_SERVER=<server-hostname> athenz/athenz
 ```
 
-The output from the inspect command would be similar to:
+To access Athenz UI, open your browser with url
 
-`{"4443/tcp":[{"HostIp":"0.0.0.0","HostPort":"32776"}],"8443/tcp":[{"HostIp":"0.0.0.0","HostPort":"32775"}],"9443/tcp":[{"HostIp":"0.0.0.0","HostPort":"32774"}]}`
+```
+https://<server-hostname>:9443/athenz
+```
 
-In this setup UI port 9443 is exposed on port 32774. So to access Athenz UI from
-the same box, open the web browser with url https://localhost:32774. Since the
-services are running with self-signed certificates, configure your browser to
+Since the services are running with self-signed certificates, configure your browser to
 ignore the warnings regarding the UI server certificate.
 
+The administrator must first access the ZMS Server endpoint in the browser to
+accept the exception since the Athenz UI contacts ZMS Server to get an authorized
+token for the user when logging in. The administrator must access:
+
+```
+https://<server-hostname>:4443/zms/v1/schema
+```
+
 The container is configured with the following default user details:
 
  |  User  | Password |
@@ -59,7 +59,7 @@ The container is configured with the following default user details:
 
 
 ## Start/Stop Athenz
------------------------
+--------------------
 
 Run `docker ps` to get the CONTAINER_ID first and then use the extracted
 container id with docker stop command:
@@ -69,9 +69,11 @@ $ docker ps --filter "ancestor=athenz/athenz" -q
 $ docker stop CONTAINER_ID
 ```
 
-To start Athenz, execute the following command (replace CONTAINER_ID with
-the extract id from the docker ps command):
+To start Athenz, execute the following commands first to determine the stopped
+Athenz container id and then start the container with docker start command:
 
 ```shell
+$ docker container ls -a
 $ docker start CONTAINER_ID
 ```
+