1 create a docker compose file to test and build the application

docker/Dockerfile

@@ -0,0 +1,51 @@
+FROM rockylinux:8
+
+# Install dependencies
+RUN dnf -y update && \
+    dnf -y install epel-release && \
+    dnf -y install \
+        gcc \
+        gcc-c++ \
+        make \
+        pkgconfig \
+        pcre-devel \
+        tcl-devel \
+        expat-devel \
+        openssl-devel \
+        libcurl-devel \
+        perl-ExtUtils-MakeMaker \
+        autoconf \
+        automake \
+        libtool \
+        git \
+        wget \
+        bzip2 \
+        lbzip2 \
+        && dnf clean all
+
+# Download and install Traffic Server
+WORKDIR /usr/local/src
+RUN wget https://archive.apache.org/dist/trafficserver/trafficserver-9.2.0.tar.bz2 && \
+    tar xf trafficserver-9.2.0.tar.bz2 && \
+    cd trafficserver-9.2.0 && \
+    ./configure --prefix=/opt/ts && \
+    make -j$(nproc) && \
+    make install && \
+    cd .. && \
+    rm -rf trafficserver-9.2.0*
+
+# Create necessary directories
+RUN mkdir -p /opt/ts/etc/trafficserver && \
+    mkdir -p /opt/ts/var/log/trafficserver && \
+    mkdir -p /opt/ts/var/cache/trafficserver
+
+# Copy configuration files
+COPY config/records.yaml /opt/ts/etc/trafficserver/
+COPY config/remap.config /opt/ts/etc/trafficserver/
+COPY config/ip_allow.yaml /opt/ts/etc/trafficserver/
+
+# Expose port
+EXPOSE 8080
+
+# Start Traffic Server
+CMD ["/opt/ts/bin/traffic_server"]

docker/README-docker.md

@@ -0,0 +1,125 @@
+# Apache Traffic Server Docker Test Environment
+
+This directory contains a Docker-based test environment for Apache Traffic Server (ATS). It provides a quick way to build, run, and test ATS functionality using containers.
+
+## Directory Structure
+
+```
+docker/
+├── Dockerfile              # Builds ATS from source on Rocky Linux 8
+├── docker-compose.yml      # Defines services: trafficserver and test_client
+├── config/                 # Main configuration files
+│   ├── records.yaml       # Core ATS configuration
+│   ├── remap.config       # URL remapping rules
+│   └── ip_allow.yaml      # Access control configuration
+└── proxy/                 # Runtime configuration and data
+    ├── etc/trafficserver  # Live configuration files
+    ├── var/cache         # Cache storage
+    └── var/log           # Log files
+```
+
+## Configuration Files
+
+### records.yaml
+Key settings:
+- Forward proxy mode enabled
+- Port 8080 for HTTP traffic
+- Caching enabled with aggressive settings
+- Debug logging enabled
+
+### remap.config
+Contains URL remapping rules:
+- Maps `foo.com` to `example.com` for testing
+- Demonstrates basic remapping functionality
+
+### ip_allow.yaml
+Access control configuration:
+- Allows connections from all IPs (for testing)
+- Controls which IPs can access different ports
+
+## Quick Start
+
+1. Build and start the containers:
+   ```bash
+   cd docker
+   docker-compose up -d
+   ```
+
+2. Test basic functionality:
+   ```bash
+   # Test the proxy with remapping
+   docker-compose exec test_client curl -v -H "Host: foo.com" http://trafficserver:8080/
+
+   # Test caching (notice the Age header)
+   docker-compose exec test_client curl -I -H "Host: foo.com" http://trafficserver:8080/
+   ```
+
+## What to Look For
+
+### 1. Successful Proxy Operation
+- Response status should be 200 OK
+- Server header should show `ATS/9.2.0`
+- Content should be from example.com
+
+### 2. Caching Behavior
+Check these headers in responses:
+- `Age`: Shows time in cache (0 for fresh responses)
+- `Date`: When the response was originally received
+- `Cache-Control`: Caching directives
+- `Last-Modified`: Original content timestamp
+
+Example of a cached response:
+```http
+HTTP/1.1 200 OK
+Server: ATS/9.2.0
+Date: Thu, 20 Mar 2025 06:04:28 GMT
+Age: 60                    # Content has been in cache for 60 seconds
+Cache-Control: max-age=3236
+```
+
+### 3. URL Remapping
+Verify that requests to foo.com are mapped to example.com:
+```bash
+# Should show example.com's content
+docker-compose exec test_client curl -v -H "Host: foo.com" http://trafficserver:8080/
+```
+
+### 4. Cache Bypass
+Test cache bypass using query parameters:
+```bash
+# Force a fresh response
+docker-compose exec test_client curl -v -H "Host: foo.com" "http://trafficserver:8080/?nocache=$(date +%s)"
+```
+
+## Logs and Debugging
+
+1. View ATS logs:
+   ```bash
+   # Error logs
+   docker-compose exec trafficserver tail -f /opt/ts/var/log/trafficserver/error.log
+
+   # Traffic logs
+   docker-compose exec trafficserver tail -f /opt/ts/var/log/trafficserver/traffic.out
+   ```
+
+2. Check container status:
+   ```bash
+   docker-compose ps
+   ```
+
+3. View container logs:
+   ```bash
+   docker-compose logs -f trafficserver
+   ```
+
+## Cleanup
+
+To stop and remove containers:
+```bash
+docker-compose down
+```
+
+To also remove built images:
+```bash
+docker-compose down --rmi all
+```

docker/config/ip_allow.yaml

@@ -0,0 +1,5 @@
+ip_allow:
+  - apply: in
+    ip_addrs: 0.0.0.0-255.255.255.255
+    action: allow
+    methods: ALL

docker/config/records.yaml

@@ -0,0 +1,24 @@
+records:
+  config:
+    http:
+      server_ports: 8080
+    reverse_proxy:
+      enabled: 0
+    url_remap:
+      remap_required: 0
+    cache:
+      enabled: 1
+      max_doc_size: 104857600
+      ram_cache:
+        size: 1073741824
+        algorithm: 1
+      http:
+        when_to_revalidate: 0
+        required_headers: 0
+        ignore_client_no_cache: 1
+        ignore_server_no_cache: 0
+        max_stale_age: 604800
+    diags:
+      debug:
+        enabled: 1
+        tags: http.*|dns.*

docker/config/remap.config

@@ -0,0 +1,2 @@
+map http://foo.com/ http://example.com/
+map https://foo.com/ https://example.com/

docker/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3'
+
+services:
+  trafficserver:
+    build: .
+    ports:
+      - "8080:8080"
+    volumes:
+      - ./proxy/etc/trafficserver:/opt/ts/etc/trafficserver
+      - ./proxy/var/cache:/opt/ts/var/cache/trafficserver
+      - ./proxy/var/log:/opt/ts/var/log/trafficserver
+    networks:
+      - ts_network
+
+  test_client:
+    image: curlimages/curl:latest
+    networks:
+      - ts_network
+    command: ["sleep", "infinity"]
+    depends_on:
+      - trafficserver
+
+networks:
+  ts_network:
+    driver: bridge

docker/proxy/etc/trafficserver/body_factory/default/.body_factory_info

@@ -0,0 +1,16 @@
+# .body_factory_info
+#
+# The .body_factory_info file contains descriptive information
+# about the error pages in this directory.
+#
+# Currently, .body_factory_info contains information which
+# indicates the character set and natural language of the error
+# pages in this directory.  For example, to describe Korean
+# web pages encoded in the iso-2022-kr character set, you might
+# add these lines to .body_factory_info file:
+#
+#	Content-Language: kr
+#	Content-Charset: iso-2022-kr
+#
+# If this file is empty, or only contains comments, the default is
+# assumed: English text in the standard utf-8 character set.

docker/proxy/etc/trafficserver/body_factory/default/README

@@ -0,0 +1,17 @@
+This directory contains customizable error page templates for the
+Apache Traffic Server.
+
+You can edit the files in this directory to customized HTML error
+response pages.  The HTML bodies can include ATS logging format
+fields, which will be replaced by the current values before the pages
+are served to the user.
+
+You can also include sets of directories, each in a different language,
+for serving multi-lingual error pages.
+
+Each directory of error pages include a .body_factory_info file, which
+contains optional information about the language and character set of
+the error page contents.
+
+See the Traffic Server Administrator's Guide and Release Notes for more
+information.

docker/proxy/etc/trafficserver/body_factory/default/access#denied

@@ -0,0 +1,14 @@
+<HTML>
+<HEAD>
+<TITLE>Access Denied</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Access Denied</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: You are not allowed to access the document you requested.
+</B></FONT>
+<HR>
+</BODY>

docker/proxy/etc/trafficserver/body_factory/default/access#proxy_auth_required

@@ -0,0 +1,14 @@
+<HTML>
+<HEAD>
+<TITLE>Proxy Authentication Required</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Proxy Authentication Required</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: Please login with username and password.
+</B></FONT>
+<HR>
+</BODY>

docker/proxy/etc/trafficserver/body_factory/default/access#redirect_url

@@ -0,0 +1,15 @@
+<HTML>
+ <HEAD>
+  <TITLE>Authentication Failed</TITLE>
+  <meta http-equiv="refresh" content="0;URL=%<{@redirect_url}cqh>">
+ </HEAD>
+
+ <BODY BGCOLOR=#88DAFF FGCOLOR="black">
+  <H1>Authentication Failed.</H1>
+  <HR>
+  <FONT FACE="Helvetica,Arial">
+  <B>Please wait while you are redirected to another page.</B>
+  If your browser fails to redirect, click on this <a href="%<{@redirect_url}cqh>">link</a>.
+  </FONT>
+ </BODY>
+</HTML>

docker/proxy/etc/trafficserver/body_factory/default/access#ssl_forbidden

@@ -0,0 +1,15 @@
+<HTML>
+<HEAD>
+<TITLE>SSL Port Forbidden</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>SSL Port Forbidden</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: You have made a request for a secure SSL connection to a
+forbidden port number.
+</B></FONT>
+<HR>
+</BODY>

docker/proxy/etc/trafficserver/body_factory/default/cache#not_in_cache

@@ -0,0 +1,16 @@
+<HTML>
+<HEAD>
+<TITLE>Not In Cache</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Not In Cache</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: Your request mandated that the document come from cache, but
+the document is not present in cache.  As requested, the transaction
+is being terminated.
+</B></FONT>
+<HR>
+</BODY>

docker/proxy/etc/trafficserver/body_factory/default/cache#read_error

@@ -0,0 +1,14 @@
+<HTML>
+<HEAD>
+<TITLE>Temporary Error</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Temporary Error</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: Temporary error.  Please try again later.
+</B></FONT>
+<HR>
+</BODY>

docker/proxy/etc/trafficserver/body_factory/default/connect#all_down

@@ -0,0 +1,17 @@
+<HTML>
+<HEAD>
+<TITLE>No Valid Host</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>No Valid Host</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: Unable to find a valid target host.
+
+The server was found but all of the addresses are marked down and so there is
+no valid target address to which to connect. Please try again after a few minutes.
+</B></FONT>
+<HR>
+</BODY>