cfrpki icon indicating copy to clipboard operation
cfrpki copied to clipboard
verified publisher icon cloudflare

Basic usage confusion octorpki

Open zerocarbthirty opened this issue 5 years ago • 1 comments

Hello, was trying to start octorpki using the basic usage instructions in the readme. (I added the second line to copy the arin.tal into the tals folder)

$ mkdir tals && mkdir cache && touch cache/rrdp.json $ cp arin-rfc7730.tal tals/arin.tal $ chmod 770 -R tals && chmod 770 -R cache && chmod 770 cache/rrdp.json $ docker run -ti --net=host -v $PWD/tals:/tals -v $PWD/cache:/cache -p 8080:8080 cloudflare/octorpki

Results in:

INFO[0000] Validator started
INFO[0000] Serving HTTP on :8080/output.json
INFO[0000] Got open tals/afrinic.tal: permission denied but repository not yet synchronized INFO[0000] Got open tals/apnic.tal: permission denied but repository not yet synchronized INFO[0000] Got open tals/arin.tal: permission denied but repository not yet synchronized INFO[0000] Got open tals/lacnic.tal: permission denied but repository not yet synchronized INFO[0000] Got open tals/ripe.tal: permission denied but repository not yet synchronized INFO[0000] Stable state. Revalidating in 20m0s

Then I searched for other instructions and found this blog post:

https://blog.cloudflare.com/cloudflares-rpki-toolkit/

Which indicates:

$ docker run -ti \ -p 8080:8080 \ -v $PWD/cache:/cache \ -v path_to_arin_tal:/tals/arin.tal \ cloudflare/octorpki

(I changed path_to_arin_tal to /rpki/tals/arin.tal:

[drw@DrewVM rpki]# docker run -ti -p 8080:8080 -v /rpki/cache:/cache -v /rpki/tals/arin.tal:/tals/arin.tal cloudflare/octorpki

INFO[0000] Validator started
INFO[0000] Serving HTTP on :8080/output.json
INFO[0000] Got open cache/rpki.afrinic.net/repository/AfriNIC.cer: permission denied but repository not yet synchronized INFO[0000] Got open cache/rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer: permission denied but repository not yet synchronized INFO[0000] Got open cache/rpki.arin.net/repository/arin-rpki-ta.cer: permission denied but repository not yet synchronized INFO[0000] Got open cache/repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer: permission denied but repository not yet synchronized INFO[0000] Got open cache/rpki.ripe.net/ta/ripe-ncc-ta.cer: permission denied but repository not yet synchronized

I validated docker using hello world and ubuntu.. any ideas how to get this thing to start?

zerocarbthirty avatar Apr 23 '20 16:04 zerocarbthirty

lazy way: chmod 777 $PWD/cache other way, set the good uid (of inside docker) on folder chown 100 /data/docker-data/octorpki/cache/

daGrumpf-bxp avatar May 26 '20 18:05 daGrumpf-bxp