docker - MockServer:模拟外部 http/https 响应拒绝 80/443 上的连接
问题描述
我试图实现的是模拟 google oauth2 端点的响应。这是我的设置:
# docker-compose.yml
version: '3.8'
services:
busybox:
image: yauritux/busybox-curl:latest
command: tail -f /dev/null
networks:
- our-network
api-mock:
image: mockserver/mockserver
networks:
our-network:
aliases:
- oauth2.googleapis.com
environment:
MOCKSERVER_INITIALIZATION_JSON_PATH: /api-mock/expectations_init.json
MOCKSERVER_WATCH_INITIALIZATION_JSON: 'true'
volumes:
- ./api-mock/:/api-mock
ports:
- 1080:1080
networks:
our-network:
我们的 Mockserver 期望
# ./api-mock/expectations_init.json
[
{
"httpRequest": {
"method": "GET",
"path": "/token",
"secure": true
},
"httpResponse": {
"statusCode": 200,
"body": "Hello World - secure"
}
},
{
"httpRequest": {
"method": "GET",
"path": "/token",
"secure": false
},
"httpResponse": {
"statusCode": 200,
"body": "Hello World"
}
}
]
我的项目结构
stackoverflow
- ./api-mock
- expectations_init.json
- docker-compose.yml
要运行这个最小的例子,只需运行
docker-compose up -d
查看 mockserver 的仪表板
localhost:1080/mockserver/dashboard
我期望的工作是:
docker exec stackoverflow_busybox_1 curl -k https://oauth2.googleapis.com/token
# curl: (7) Failed connect to oauth2.googleapis.com:443; Connection refused
相反,起作用的是:
docker exec stackoverflow_busybox_1 curl -k https://oauth2.googleapis.com:1080/token
# Hello World - secure
同样在这里,预计工作:
docker exec stackoverflow_busybox_1 curl -k http://oauth2.googleapis.com/token
# curl: (7) Failed connect to oauth2.googleapis.com:80; Connection refused
而是起作用的方法:
docker exec stackoverflow_busybox_1 curl -k http://oauth2.googleapis.com:1080/token
# Hello World
我错过了什么配置以在不通过端口的情况下获得响应,因为我无法控制供应商代码正在调用的 URL。我在模拟服务器的文档中找不到这个用例的任何提示来实现这一点。也许这是 docker/docker-compose 的问题?
此致
解决方案
此设置效果很好,尤其是在使用 mockserver 转发请求时:
nginx 虚拟主机:
server {
listen 80 default;
location / {
return 418;
}
}
server {
listen 443 ssl;
ssl_certificate /etc/ssl/certs/local.pub.pem;
ssl_certificate_key /etc/ssl/private/local.key.pem;
ssl_session_cache shared:SSL:16m;
ssl_session_timeout 10m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
ssl_prefer_server_ciphers on;
location / {
return 418;
}
}
码头工人-compose.yml
version: '3.8'
services:
nginx:
build:
context: .
dockerfile: docker/nginx/Dockerfile
networks:
- our-network
busybox:
image: yauritux/busybox-curl:latest
command: tail -f /dev/null
networks:
- our-network
api-mock: *api-mock
image: mockserver/mockserver
user: root
command: -serverPort 80
networks:
our-network:
aliases:
- oauth2.googleapis.com
environment:
MOCKSERVER_INITIALIZATION_JSON_PATH: /api-mock/expectations_init.json
MOCKSERVER_WATCH_INITIALIZATION_JSON: 'true'
volumes:
- ./api-mock/:/api-mock
ports:
- 1080:80
api-mock-secure:
<<: *api-mock
command: -serverPort 443
ports:
- 1081:443
networks:
our-network:
期望_init.json
[
{
"httpRequest": {
"method": "GET",
"path": "/token",
"headers": {
"Host": [ "oauth2.googleapis.com" ]
},
"secure": true
},
"httpResponse": {
"statusCode": 200,
"body": "Hello World - secure\n"
}
},
{
"httpRequest": {
"method": "GET",
"path": "/token",
"headers": {
"Host": [ "oauth2.googleapis.com" ]
},
"secure": false
},
"httpResponse": {
"statusCode": 200,
"body": "Hello World\n"
}
},
{
"httpRequest": {
"secure": false
},
"httpForward": {
"host": "nginx",
"port": 80,
"scheme": "HTTP"
}
},
{
"httpRequest": {
"secure": true
},
"httpForward": {
"host": "nginx",
"port": 443,
"scheme": "HTTPS"
}
}
]
感谢 Stefano
推荐阅读
- javascript - 会员网上柜台
- javascript - 打字稿缺少分号 linting 错误
- python - Pytorch 张量将带有 x 和 y 坐标的 z 值放入网格中
- javascript - 点赞按钮 + 卡片布局无法正常工作
- ruby-on-rails - 使用 bulma 时如何修复富文本格式
- python - 如何让客户端套接字在失去连接后重新连接?
- python - 如何在两个 QListWidgets 之间移动项目?
- google-apps-script - Google SlidesApp:复制 Google 幻灯片形状并维护“溢出时缩小文本”属性
- firefox - Firefox 未通过用户身份验证证书
- python - 在一个异步函数返回 True 后终止事件循环