Thursday, July 23, 2015

Dockerfile for freeswitch on CentOS6


■ environment:

# cat /etc/redhat-release
CentOS Linux release 7.1.1503 (Core)

# docker version
Client version: 1.7.1
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 786b29d
OS/Arch (client): linux/amd64
Server version: 1.7.1
Server API version: 1.19
Go version (server): go1.4.2
Git commit (server): 786b29d
OS/Arch (server): linux/amd64

 ■ create docker file:

# mkdir centos6.freeswitch/
# vi centos6.freeswitch/Dockerfile

----From here
FROM centos:6
RUN yum -y update
RUN yum -y install
RUN rpm -Uvh
RUN yum -y install --nogpgcheck freeswitch-config-vanilla
RUN yum -y install sox freeswitch-sounds*
----To here

■ build an image:

# docker build -t freeswitch/centos6 centos6.freeswitch/
# docker images

# docker images
REPOSITORY           TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
freeswitch/centos6   latest              cac2c68ad321        13 hours ago        1.449 GB
centos               6                   a005304e4e74        4 weeks ago         203.1 MB
hello-world          latest              91c95931e552        3 months ago        910 B
rtp-start-port" value="16384"
rtp-end-port" value="32768"

■ run the created image:

# docker run -it -p 5060:5060/udp -p 5080:5080/udp -p 16384-16484:16384-16484/udp cac2c68ad321

In the above case, the size of port range for RTP is just assigned 101.
To assign RTP port range from 16384 to 32768, it would be ok if you started the container without -p option for RTP and added a iptables' rule like;

# docker run -it -p 5060:5060/udp -p 5080:5080/udp cac2c68ad321

detach the container with Cntl-p, then Cntl-q. "" is an IP address for the container;

# iptables -A DOCKER -p udp -d --dport 16384:32768 -j ACCEPT

■ run freeswitch:

In the container
# /etc/rc.d/init.d/freeswitch start

You can try samples on the following page.

■ etc

* "--expose" option doesn't make rules in iptables:

# docker run -it --expose=5060/udp --expose=5080/udp --expose=16384-32768/udp CONTAINER-ID

* "-p" option takes time to create rules in iptables. it doesn't finish if the range is relatively big:

#docker run -it -p 5060:5060/udp -p 5080:5080/udp -p 16384-32768:16384-32768/udp CONTAINER-ID

* I got an error like following. It seemed to cause that iptables doesn't have a chain named "DOCKER." It looks fine that stopping firewalld and docker and starting firewalld first then docker.

 [root@localhost ~]# docker run -it -p 5060:5060/udp -p 5080:5080/udp -p 16384-32768:16384-32768/udp cac2c68ad321 /bin/bash
Error response from daemon: Cannot start container a0d6b9064fb0508f4681b27eb799595853ac05270a923e21cbd4bb1639824115: iptables failed: iptables --wait -t nat -A DOCKER -p udp -d 0/0 --dport 32768 -j DNAT --to-destination ! -i docker0: iptables: No chain/target/match by that name.
 (exit status 1)

No comments: