OpenDXL Hubs and Bridges Docker

  • Hi,


    Back again with the next stage of our trial. We're trying to bridge a docker OpenDXL broker into an existing hub. I thought I would get it working with 3 docker containers first. I went onto the primary broker in the hub and created a cert under broker, deleted the files in the keystore on broker 1fd87aac-0784-4362-a8ec-38ca791e301a and put the new cert bundle in. Everything is up but messages sent don't appear in any of the other brokers. The docker run strings are shown below:


    docker run -d --restart=unless-stopped -it -p 1443:443 -p 1883:8883 -p 2443:8443 -v /dxlbroker-volume-1:/dxlbroker-volume:z --name opendxl-broker1 opendxl:broker-001

    docker run -d --restart=unless-stopped -it -p 3443:443 -p 2883:8883 -p 4443:8443 -v /dxlbroker-volume-2:/dxlbroker-volume:z --name opendxl-broker2 opendxl:broker-001

    docker run -d --restart=unless-stopped -it -p 5443:443 -p 3883:8883 -p 6443:8443 -v /dxlbroker-volume-3:/dxlbroker-volume:z --name opendxl-broker3 opendxl:broker-001


    Docker bridge



    Here are is the file I have in all three containers for policy/brokerstate.policy


    Anything I've missed?


    The two hub brokers are showing root hub. The bridged broker isn't showing a parent.

  • Just tried a new set up for two containers as a bridge as per the document. I created a broker cert and put it in the second broker's keystore. I added the following file to both and still can't get a bridge working without a hub.


    Docker run strings.


    Code
    1. docker run -d --restart=unless-stopped -it -p 1443:443 -p 1883:8883 -p 2443:8443 -v /dxlbroker-volume-1:/dxlbroker-volume:z --name opendxl-broker1 opendxl:broker-001
    2. docker run -d --restart=unless-stopped -it -p 3443:443 -p 2883:8883 -p 4443:8443 -v /dxlbroker-volume-2:/dxlbroker-volume:z --name opendxl-broker2 opendxl:broker-001
  • Hi-


    Sorry for the delayed response.


    Do the broker identifiers in the dxlbroker.conf file match the identifiers in the brokerstate.policy file?


    Also, if you could include the logs that are appearing for each broker, that would be great.


    Thanks a lot,

    Chris

  • Hi,


    I believe they do I'll double check. I think the squid proxy on the box may be causing an issue. However, it seems I'm going to be ditching the opendxl brokers as I just the other post connecting epo brokers to your brokers. It is done through node-red. The idea was I connect a fabric together using opendxl and epo brokers and then attach the various security products into the fabric including node-red. However, it seems node-red is the glue so I don't need the opendxl broker at all. I just point node-red at everything.