From e6dfe6b783d347a91f68be44961532299cad40e2 Mon Sep 17 00:00:00 2001 From: Konrad Zemek Date: Sun, 24 Mar 2024 19:40:27 +0100 Subject: [PATCH] Add a Docker Compose example with Haproxy and an echo server. --- .dockerignore | 4 ++++ README.md | 4 ++++ docker-example/Dockerfile | 6 ++++++ docker-example/Dockerfile.echo | 2 ++ docker-example/docker-compose.yml | 35 +++++++++++++++++++++++++++++++ docker-example/entrypoint.sh | 12 +++++++++++ docker-example/haproxy.cfg | 7 +++++++ 7 files changed, 70 insertions(+) create mode 100644 .dockerignore create mode 100644 docker-example/Dockerfile create mode 100644 docker-example/Dockerfile.echo create mode 100644 docker-example/docker-compose.yml create mode 100644 docker-example/entrypoint.sh create mode 100644 docker-example/haproxy.cfg diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..7d43e56 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +.dockerignore +.git +.github +.gitignore diff --git a/README.md b/README.md index 5a3ea90..1865b7d 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,10 @@ Example invocation: sudo ./go-mmproxy -l 0.0.0.0:25577 -4 127.0.0.1:25578 -6 [::1]:25578 --allowed-subnets ./net-prefixes.txt ``` +### Docker examples + +You can find an example Dockerfile and a Docker Compose setup in the [docker-example directory](https://github.com/kzemek/go-mmproxy/tree/main/docker-example). + ## Benchmark ### Setup diff --git a/docker-example/Dockerfile b/docker-example/Dockerfile new file mode 100644 index 0000000..d25a7b0 --- /dev/null +++ b/docker-example/Dockerfile @@ -0,0 +1,6 @@ +FROM golang:1.21 AS builder +RUN apt-get update && apt-get install -y iptables iproute2 && apt-get clean +WORKDIR /app/src/go-mmproxy +COPY . . +RUN CGO_ENABLED=0 go build -v +ENTRYPOINT ["sh", "-x", "docker-example/entrypoint.sh"] diff --git a/docker-example/Dockerfile.echo b/docker-example/Dockerfile.echo new file mode 100644 index 0000000..fb6ba56 --- /dev/null +++ b/docker-example/Dockerfile.echo @@ -0,0 +1,2 @@ +FROM ubuntu +RUN apt-get update && apt-get install -y ncat iproute2 tcpdump inetutils-ping iptables && apt-get clean diff --git a/docker-example/docker-compose.yml b/docker-example/docker-compose.yml new file mode 100644 index 0000000..8b76cb2 --- /dev/null +++ b/docker-example/docker-compose.yml @@ -0,0 +1,35 @@ +services: + echo: + build: + context: . + dockerfile: Dockerfile.echo + command: ip route replace default via 10.5.5.3 && ncat -kvnl -e /bin/cat 0.0.0.0 9000 + cap_add: [ NET_ADMIN ] + networks: + backend: + ipv4_address: 10.5.5.2 + + go-mmproxy: + build: + context: ../ + dockerfile: docker-example/Dockerfile + command: ./go-mmproxy -l 0.0.0.0:1234 -4 10.5.5.2:9000 -p tcp -v 2 -mark 123 + privileged: true + networks: + backend: + ipv4_address: 10.5.5.3 + default: + + + haproxy: + image: haproxy:2.9 + ports: [ 8000:8000 ] + volumes: + - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg + +networks: + backend: + ipam: + config: + - subnet: 10.5.5.0/24 + gateway: 10.5.5.1 diff --git a/docker-example/entrypoint.sh b/docker-example/entrypoint.sh new file mode 100644 index 0000000..2abff3c --- /dev/null +++ b/docker-example/entrypoint.sh @@ -0,0 +1,12 @@ +echo 1 > /proc/sys/net/ipv4/conf/all/route_localnet + +# Outgoing packets +iptables -t mangle -A OUTPUT -m mark --mark 123 -j CONNMARK --save-mark +iptables -t mangle -A OUTPUT -m mark --mark 123 -j MARK --set-mark 0 +# Incoming packets +iptables -t mangle -A PREROUTING -m connmark --mark 123 -j CONNMARK --restore-mark + +ip rule add fwmark 123 lookup 100 +ip route add local 0.0.0.0/0 dev lo table 100 + +env "$@" diff --git a/docker-example/haproxy.cfg b/docker-example/haproxy.cfg new file mode 100644 index 0000000..b78826a --- /dev/null +++ b/docker-example/haproxy.cfg @@ -0,0 +1,7 @@ +frontend myfrontend + bind :8000 + default_backend mybackend + +backend mybackend + balance roundrobin + server go-mmproxy-v1 go-mmproxy:1234 send-proxy