Docker is a free and open source platform for developers and sys-admins to build, ship, and run distributed applications securely isolated in a container. In short: Docker is a shipping container for code.
- It encapsulates an application with all its dependencies, abstracting away differences in OS distributions and underlying infrastructure and provides standardized environments for development, QA, and production teams.
- Compared to Virtual Machines, Docker is is might more efficient with system resources and uses lightweight LinuX Containers (LXC) rather than machine/hardware emulation such as hypervisor, KVM, and XEN.
- Containers are extremely portable and can run on a developer's local host, physical or virtual machines in a data center, or in the cloud. Deployment is less constrained by infrastructure technology and is instead driven by business priorities and policies. Furthermore, the Docker Engine's lightweight runtime enables rapid scale-up and scale-down in response to changes in demand.
- Docker containers are, by default, quite secure; especially if you take
care of running your processes inside the containers as non-privileged
users (i.e., non-root). The container is a sandbox for your application and will not contaminate other resources in the event it gets compromised. You can add an extra layer of safety by enabling Apparmor, SELinux,
GRSEC, or your favorite hardening solution.
As much as I've been reading about Docker recently, I've been curious as to how it can contribute towards the infrastructure of the metaverse. I decided to get my feet wet and Dockerize the Janus Multiserver. First, need to install the latest version of Docker:
wget -qO- https://get.docker.com/ | sh
## Add user to Docker group, must logout and back in to work
sudo usermod -aG docker user
## Verify you have a working installation of Docker
sudo docker info
I decided to use ubuntu as my base image## download a pre-built image docker pull ubuntu ## view docker images docker imagesYou can test that it works by running a shell inside the container using this command:
docker run -i -t ubuntu /bin/bash
Press Ctrl-p + Ctrl-q to escape. This will continue to exist in a stopped state once exited (see "docker ps -a")
Before continuing, I'd like to elaborate more on what the Janus Multiserver is:
Janus VR allows the use of custom multiplayer servers for any room. The Janus VR client will create a new connection to the specified multiplayer server if a connection does not exist, and in addition subscribe to the URL on that server (to listen to and broadcast user events which happen in the room). The custom multiplayer server is specified by adding server and port for the Room.
server - (default "babylon.vrsites.com") Set to the domain name or IP of the custom multiplayer server for the room
port - (default "5566") Set to the port of the custom multiplayer server for the room
Here is an example which uses spyd.junkonet.org:5567 as the multiplayer server for the Room:<Room server="spyd.junkonet.org" port="5567" ...
Note* While creating the Docker image for the multi-server, one of the problems I faced was with the certificate generation. I needed a way to generate a certificate without the interactive prompt. In order to solve this, I forked the repo and modified the line in the generate_key shell script with the -subj flag (arguments will replace subject field of input request with specified data and outputs modified request.)
I wrote a small shell script that will do most of the work in setting up and initializing the multi-server:
cd /tmp # try to remove the repo if it already exists rm -rf janus-server # clone the branch with the modified openssl script git clone -b Janus-Docker https://github.com/alusion/janus-server.git cd janus-server # install all module dependencies that are listed in package.json npm install # generate the SSL certificate for the server sh generate_key # initialize the server nodejs server.js
To build the image, I created a Dockerfile and populated it with the following:
FROM ubuntu:1404 # Install our dependencies and nodejs RUN apt-get update RUN apt-get -y install nodejs npm git git-core # Add the script created earlier ADD start.sh /tmp/ RUN chmod +x /tmp/start.sh # Expose webUI port EXPOSE 8080 # Execute the script to install Janus-Server and initialize daemon CMD ./tmp/start.shThe following commands will build and test our Dockerized application:
# build docker image docker build -t avision/ubuntu-janserver . # run the docker image and map port 5566 and port 8080 on host to the ports in the image. Use port 5567 for SSL. docker run -p 5566:5566 -p 8080:8080 avision/ubuntu-janserver # We should see output that it is working and listening on 5566. # View the logs by running the command on the container ID docker exec tail -f /tmp/janus-server/server.log
Reference the server in the <Room> tag in your firebox html or load Janus with the -server flag <ip>.
That's it! We have a Dockerized Janus multi-server. I think I will realize the enormous implications of this practice in the future but for right now I believe that this is incredible to have and will help to scale the infrastructure of the metaverse considerably while adding more security.
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.