Keepalive Changes
Changes to the docker-compose.yml file that change a few sysctl values to change the keepalive settings and prevent the Maxient integration from stalling.
Merge request reports
Activity
Thanks for creating a MR. The docker compose file is not used for the deployment of the secure agent. Instead, I'd suggest modifying the dockerfile https://git.doit.wisc.edu/interop/iics/iics_secure_agent/-/blob/master/Dockerfile?ref_type=heads
In a previous commit to this branch I tried modifying the Dockerfile to run the sysctl command, but it did not work (throwing out the error 'Read-only file system'). Doing research into Docker further, it appears that these flags can also be set when the container is run rather than just at build time (either through a command line argument in docker run, or an addition to the docker-compose.yml). The only other way to set it would be running the container in privileged mode and set these flags manually (which is not something we are interested in pursuing for security reasons).
added 1 commit
- 5047fa2b - system controls in container definition (may need to double-check formatting)
I found a property in the terraform that could theoretically handle this: AWS API SystemControls (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-systemcontrol.html). There is little documentation on how these should actually look so some assumptions had to be made on how to actually implement them (although i believe bad terraform changes are caught when attempting to build the terraform)
mentioned in commit c5ab072a
