Adds a Docker file for AF and AS and a docker-compose.yml

[dsilhavy]

Adds a Docker file for AF and AS and a docker-compose.yml to connect the two containers. This addresses 5G-MAG/rt-5gms-application-function#168 and 5G-MAG/rt-5gms-application-server#94.

The idea is to have one Docker file per repository and launch both containers via Docker compose. That way they can communicate internally with each other, allowing configuration of the AF via M1 and configuration of the AS by the AF via M3. The required ports are exposed to the host machine.

[dsilhavy]

Note: This is still a draft and untested. The work on this will continue once I have better internet again to check the build :)

[dsilhavy]

Description

This PR adds two Dockerfiles, one for the Application Function(AF) and one for the Application Server(AS). Both Dockerfiles are referenced in a docker-compose.yml. The idea is to start both AF and AS in a Docker container and let them communicate with each other.

In addition, the endpoints for M1 and M5 (both AF) and M4 (AS) are exposed to the host machine by using a port mapping in docker-compose.yml.

The required configuration files for AF and AS are also included and copied from the host machine into the container for usage.

Problem Description

Right now I am facing a problem which leads to the AF not being able to talk to the AS via the M3 interface. According to the Docker documentation a single network is setup by default. This should enable the AF to talk to the AS via the M3 interface using a URL like http://application-server:7777. I adjusted the configuration of the AF msaf.yaml accordingly.

When defining a provisioning session and a content hosting configuration, I run into an issue that the AF is not able to talk to the AS:

application-function-1  | 11/20 07:45:27.288: [app] INFO: Configuration: '/etc/open5gs/alternate-msaf.yaml' (../subprojects/open5gs/lib/app/ogs-init.c:126)
application-function-1  | 11/20 07:45:27.291: [sbi] INFO: mhd_server() [127.0.0.22]:7777 (../subprojects/open5gs/lib/sbi/mhd-server.c:274)
application-function-1  | 11/20 07:45:27.291: [sbi] INFO: mhd_server() [0.0.0.0]:5555 (../subprojects/open5gs/lib/sbi/mhd-server.c:274)
application-function-1  | 11/20 07:45:27.291: [sbi] INFO: mhd_server() [0.0.0.0]:7778 (../subprojects/open5gs/lib/sbi/mhd-server.c:274)
application-function-1  | 11/20 07:45:27.291: [sbi] INFO: mhd_server() [127.0.0.25]:7777 (../subprojects/open5gs/lib/sbi/mhd-server.c:274)
application-function-1  | 11/20 07:45:27.291: [sbi] INFO: nghttp2_server() [http://127.0.0.99]:7779 (../subprojects/open5gs/lib/sbi/nghttp2-server.c:391)
application-function-1  | 11/20 07:45:27.291: [app] INFO: 5GMSAF initialize...done (../src/5gmsaf/app.c:24)
application-function-1  | 11/20 07:45:27.310: [msaf] INFO: [6899ed28-a713-41ef-b04b-f14271fd43db] MSAF M1 Running (../src/5gmsaf/msaf-m1-sm.c:144)
application-function-1  | 11/20 07:45:27.310: [msaf] INFO: [6899ed28-a713-41ef-b04b-f14271fd43db] MSAF M5 Running (../src/5gmsaf/msaf-m5-sm.c:113)
application-function-1  | 11/20 07:45:27.310: [msaf] INFO: [6899ed28-a713-41ef-b04b-f14271fd43db] MSAF Management Interface Running (../src/5gmsaf/msaf-mgmt-sm.c:60)
application-function-1  | 11/20 07:45:27.310: [msaf] INFO: [6899ed28-a713-41ef-b04b-f14271fd43db] MSAF Running (../src/5gmsaf/msaf-sm.c:73)
application-server-1    | INFO:OpenRestyWebProxy:Found nginx executable supporting LUA at /usr/local/openresty/nginx/sbin/nginx
application-server-1    | INFO:OpenRestyWebProxy:Found mime.types file at /usr/local/openresty/nginx/conf/mime.types
application-server-1    | [2024-11-20 07:45:27 +0000] [1] [INFO] Running on http://127.0.0.1:7777 (CTRL + C to quit)
application-server-1    | INFO:hypercorn.error:Running on http://127.0.0.1:7777 (CTRL + C to quit)
application-function-1  | 11/20 07:45:47.777: [sbi] WARNING: [7] Failed to connect to application-server port 7777 after 1 ms: Couldn't connect to server (../subprojects/open5gs/lib/sbi/client.c:626)

We can overcome this by exposing the port 7777 to the host machine and then defining the IP address of the host machine in the msaf.yaml as canonicalHostname for the property applicationServers. However, this is not a good way to move forward, as users would need to edit the config manually.

In my tests I used the following payload to create a provisioning session and a content hosting configuration:

Provisioning Session

{
    "aspId": "aspId",
    "appId": "appId",
    "provisioningSessionType": "DOWNLINK"
}

Content Hosting Configuration

{
    "name": "BBC R&D Demo Streams",
    "ingestConfiguration": {
        "pull": true,
        "protocol": "urn:3gpp:5gms:content-protocol:http-pull-ingest",
        "baseURL": "https://rdmedia.bbc.co.uk/"
    },
    "distributionConfigurations": [
        {
            "domainNameAlias": "192.168.178.56:8080",
            "entryPoint": {
                "relativePath": "bbb/2/client_manifest-common_init.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        },
        {
            "domainNameAlias": "192.168.178.56:8080",
            "entryPoint": {
                "relativePath": "elephants_dream/1/client_manifest-all.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        }
    ]
}

Questions to clarify

• How can we enable the AF to talk to the AS via M3 in a Docker Compose environment (see problem description above). How does the AF build the URL for M3 requests?
• Where do we want to store the Docker files
  • Option 1: Keep all the Docker files, including the Docker Compose configuration in the rt-5gms-examples project
  • Option 2: Move the Docker files to the respective projects and only keep the Docker Compose and the configuration files in rt-5gms-examples. Publish the Docker containers to Github packages and reference them in the Docker compose file. This should be aligned with what we are doing for 5MBS. See https://github.com/5G-MAG/rt-mbs-examples/blob/main/compose-files/internal/docker-compose.yaml
• certificateManager: @default-certmgr@ and dataCollectionDir: @data-collection-dir@ caused an error during execution I had to uncomment these lines
• Suggestion: Add the Management UI in a separate Dockerfile as well and connect them to this setup.

[dsilhavy]

@davidjwbbc @devbbc @rjb1000 @jordijoangimenez : Fyi, see my comment above. Would be great to check this on Friday.

[dsilhavy]

Getting a 404 when requesting the MPD from the Service Access Information. The config now is as follows:

AF Config

 msaf:
    open5gsIntegration: false
    sbi:
        - addr: 127.0.0.22
          port: 7777
    m1:
        - addr: 0.0.0.0
          port: 5555
    m5:
        - addr: 0.0.0.0
          port: 7778
    maf:
        - addr: 127.0.0.25
          port: 7777
    applicationServers:
        - canonicalHostname: localhost
          urlPathPrefixFormat: /m4d/provisioning-session-{provisioningSessionId}/
          m3Port: 7777
          m3Host: application-server

AS Config

m3_listen = 0.0.0.0
m3_port = 7777
http_port = 80

Docker Compose

services:
    application-server:
        build:
            context: ./
            dockerfile: Dockerfile-Application-Server
        ports:
            - "8080:80"
        volumes:
            - ./application-server.conf:/etc/5gmag/as/conf/application-server.conf

    application-function:
        build:
            context: ./
            dockerfile: Dockerfile-Application-Function
        ports:
            - "5555:5555"
            - "7778:7778"
            - "4444:4444"
        volumes:
            - ./msaf.yaml:/etc/open5gs/alternate-msaf.yaml

Content Hosting Configuration Payload

{
    "name": "BBC R&D Demo Streams",
    "ingestConfiguration": {
        "pull": true,
        "protocol": "urn:3gpp:5gms:content-protocol:http-pull-ingest",
        "baseURL": "https://rdmedia.bbc.co.uk/"
    },
    "distributionConfigurations": [
        {
            "domainNameAlias": "10.147.67.219:8080",
            "entryPoint": {
                "relativePath": "bbb/2/client_manifest-common_init.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        },
        {
            "entryPoint": {
                "relativePath": "elephants_dream/1/client_manifest-all.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        }
    ]
}

Service Access Information

{
    "provisioningSessionId": "fac35dde-ad93-41ef-bc8c-955d3fdd115f",
    "provisioningSessionType": "DOWNLINK",
    "streamingAccess": {
        "entryPoints": [
            {
                "locator": "http://10.147.67.219:8080/m4d/provisioning-session-fac35dde-ad93-41ef-bc8c-955d3fdd115f/bbb/2/client_manifest-common_init.mpd",
                "contentType": "application/dash+xml",
                "profiles": [
                    "urn:mpeg:dash:profile:isoff-live:2011"
                ]
            },
            {
                "locator": "http://localhost:8080/m4d/provisioning-session-fac35dde-ad93-41ef-bc8c-955d3fdd115f/elephants_dream/1/client_manifest-all.mpd",
                "contentType": "application/dash+xml",
                "profiles": [
                    "urn:mpeg:dash:profile:isoff-live:2011"
                ]
            }
        ]
    }
}

AS logs - Creating Content Hosting Configuration

application-server-1    | INFO:rt-5gms-as:Getting list of certificates...
application-server-1    | [2024-11-28 14:20:57 +0000] [1] [INFO] 172.18.0.3:42964 - - [28/Nov/2024:14:20:57 +0000] "GET /3gpp-m3/v1/certificates 2" 200 2 "-" "-"
application-server-1    | INFO:rt-5gms-as:Getting list of content hosting configurations...
application-server-1    | [2024-11-28 14:20:57 +0000] [1] [INFO] 172.18.0.3:42964 - - [28/Nov/2024:14:20:57 +0000] "GET /3gpp-m3/v1/content-hosting-configurations 2" 200 2 "-" "-"
application-server-1    | INFO:rt-5gms-as:Adding content hosting configuration fac35dde-ad93-41ef-bc8c-955d3fdd115f...
application-server-1    | DEBUG:rt-5gms-as:provisioning_session_id = fac35dde-ad93-41ef-bc8c-955d3fdd115f, chc = ContentHostingConfiguration(name='BBC R&D Demo Streams', ingest_configuration=IngestConfiguration(pull=True, protocol='urn:3gpp:5gms:content-protocol:http-pull-ingest', base_url=AnyUrl('https://rdmedia.bbc.co.uk/')), distribution_configurations=[DistributionConfiguration(entry_point=M1MediaEntryPoint(relative_path='bbb/2/client_manifest-common_init.mpd', content_type='application/dash+xml', profiles=['urn:mpeg:dash:profile:isoff-live:2011']), content_preparation_template_id=None, edge_resources_configuration_id=None, canonical_domain_name='localhost:8080', domain_name_alias='10.147.67.219:8080', base_url=AnyUrl('http://10.147.67.219:8080/m4d/provisioning-session-fac35dde-ad93-41ef-bc8c-955d3fdd115f/'), path_rewrite_rules=None, caching_configurations=None, geo_fencing=None, url_signature=None, certificate_id=None, supplementary_distribution_networks=None), DistributionConfiguration(entry_point=M1MediaEntryPoint(relative_path='elephants_dream/1/client_manifest-all.mpd', content_type='application/dash+xml', profiles=['urn:mpeg:dash:profile:isoff-live:2011']), content_preparation_template_id=None, edge_resources_configuration_id=None, canonical_domain_name='localhost:8080', domain_name_alias=None, base_url=AnyUrl('http://localhost:8080/m4d/provisioning-session-fac35dde-ad93-41ef-bc8c-955d3fdd115f/'), path_rewrite_rules=None, caching_configurations=None, geo_fencing=None, url_signature=None, certificate_id=None, supplementary_distribution_networks=None)])
application-server-1    | DEBUG:rt-5gms-as:CHC passed verification, checking for update: force=True, new hash=2287420166995245486, old hash=None
application-server-1    | INFO:rt-5gms-as:Reloading proxy daemon...
application-server-1    | INFO:OpenRestyWebProxy:Found mime.types file at /usr/local/openresty/nginx/conf/mime.types
application-server-1    | [2024-11-28 14:20:57 +0000] [1] [INFO] 172.18.0.3:42964 - - [28/Nov/2024:14:20:57 +0000] "POST /3gpp-m3/v1/content-hosting-configurations/fac35dde-ad93-41ef-bc8c-955d3fdd115f 2" 201 0 "-" "-"

tail -f /var/log/rt-5gms/application-server-access.log

172.18.0.1 - - [28/Nov/2024:14:39:05 +0000] 404 "GET /m4d/provisioning-session-fac35dde-ad93-41ef-bc8c-955d3fdd115f/elephants_dream/1/client_manifest-all.mpd HTTP/1.1" 561 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-"

[davidjwbbc]

Content Hosting Configuration Payload

{
    "name": "BBC R&D Demo Streams",
    "ingestConfiguration": {
        "pull": true,
        "protocol": "urn:3gpp:5gms:content-protocol:http-pull-ingest",
        "baseURL": "https://rdmedia.bbc.co.uk/"
    },
    "distributionConfigurations": [
        {
            "domainNameAlias": "10.147.67.219:8080",
            "entryPoint": {
                "relativePath": "bbb/2/client_manifest-common_init.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        },
        {
            "entryPoint": {
                "relativePath": "elephants_dream/1/client_manifest-all.mpd",
                "contentType": "application/dash+xml",
                "profiles": ["urn:mpeg:dash:profile:isoff-live:2011"]
			}
        }
    ]
}

A couple of things wrong here.

A ContentHostingConfiguration is for different entry points for one piece of media or for general distribution schemes for entry points passed via M8. So you shouldn't be using one ContentHostingConfiguration to provide links for two completely different bits of media. These should be split into two separate provisioning sessions, each with a ContentHostingConfiguration for one of the bits of media, i.e. Elephants Dream in one provisioning session and Big Buck Bunny in another.

The domainNameAlias is for a resolvable domain name only and should not contain a port number. It would break the creation of certificates (domainNameAlias is used as a DNS:... entry in the subjectAltNames extension of the X.509 certififcate). No provision is currently made in 3GPP TS 26.512 V17.x.x for the AS to provide M4 on anything other than the standard HTTP and HTTPS ports (80 and 443).

I don't think that's why you're getting the 404, but it certainly won't help.

[davidjwbbc]

I think your AS configuration is missing the [5gms_as] section identifier at the top.

It might be worth looking in the error log file (if present) at /var/log/rt-5gms/application-server-error.log to see if it had problems finding the origin.

You may also want to check that:

[5gms_as.nginx]
resolvers = 127.0.0.53

...is a sensible value for a Docker container (where is the DNS resolver within docker?).

For info the full default AS configuration looks like:

[DEFAULT]
log_dir = /var/log/rt-5gms
run_dir = /run/rt-5gms

[5gms_as]
log_level = info
cache_dir = /var/cache/rt-5gms/as/cache
docroot = /var/cache/rt-5gms/as/docroots
certificates_cache = /var/cache/rt-5gms/as/certificates
listen_address = ::
http_port = 80
https_port = 443
m3_listen = localhost
m3_port = 7777

access_log = %(log_dir)s/application-server-access.log
error_log = %(log_dir)s/application-server-error.log
pid_path = %(run_dir)s/application-server.pid

[5gms_as.nginx]
config_file = /tmp/rt_5gms_as.conf
root_temp = /var/cache/rt-5gms/as
client_body_temp = %(root_temp)s/client-body-tmp
proxy_temp = %(root_temp)s/proxy-tmp
fastcgi_temp = %(root_temp)s/fastcgi-tmp
uwsgi_temp = %(root_temp)s/uwsgi-tmp
scgi_temp = %(root_temp)s/scgi-tmp
pid_path = %(root_temp)s/rt-5gms-as-nginx.pid
resolvers = 127.0.0.53

[dsilhavy]

Thanks @davidjwbbc these were the right pointers. I now get an MPD response from the AS with the changes in 28620de

I needed to change resolvers to resolvers = 127.0.0.11.

I will clean this up and then do the PR. We can discuss the changes tomorrow in the call.

[dsilhavy]

For discussion tomorrow as well: The Elephants Dream origin MPD has an absolute <BaseURL>:

<BaseURL serviceLocation="A" dvb:priority="1" dvb:weight="1">https://vod-dash-ww-rd-live.akamaized.net/elephants_dream/1/</BaseURL>

That causes the player to fetch segments directly from the origin without going through the AS.