如何使用Docker compose让Weaviate在HTTPS上运行？-解网

问：

我无法让 Weaviate 在 Docker 中的 HTTPS 上运行。

我已经通过HTTP在Docker上成功运行Weaviate一段时间了。我正处于应用程序开发的尾声，并希望尽我所能保护整个堆栈。第一步是让Weaviate在HTTPS上运行，然后应用API密钥。我尝试按照（不是特别有用）的说明进行操作，但没有成功。我一次尝试一个步骤并运行服务，但它不会响应 HTTPS 请求。我尝试在这里搜索，发现这个没有答案（“有用”的评论没有那么有用）。

以下是 HTTPS 尝试：

> curl -v -k https://localhost:8080/v1/schema
*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* ALPN: offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:8080 
* Closing connection 0
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:8080

下面是 HTTP 尝试：

> curl -v -k http://localhost:8080/v1/schema 
*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /v1/schema HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.88.1
> Accept: */*
> 
< HTTP/1.1 200 OK
< Content-Type: application/json
< Vary: Origin
< Date: Tue, 12 Sep 2023 19:57:01 GMT
< Content-Length: 15
< 
{"classes":[]}
* Connection #0 to host localhost left intact

对于 HTTPS，我的 docker-compose.yml 如下所示：

---
version: '3.4'
services:
  weaviate:
    command:
    - --host
    - 0.0.0.0
    - --port
    - '8080'
    - --scheme
    - https
    - --tls-certificate
    - /etc/ssl/certs/dev-certificate.pem
    - --tls-key
    - /etc/ssl/certs/dev-private-key.pem
    image: semitechnologies/weaviate:1.21.2
    ports:
    - 8080:8080
    volumes:
    - weaviate_data:/var/lib/weaviate
    - /etc/ssl/certs:/etc/ssl/certs
    restart: on-failure:0
    environment:
      AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'true'
      TRANSFORMERS_INFERENCE_API: 'http://t2v-transformers:8080'
      QUERY_DEFAULTS_LIMIT: 25
      PERSISTENCE_DATA_PATH: '/var/lib/weaviate'
      DEFAULT_VECTORIZER_MODULE: 'text2vec-transformers'
      ENABLE_MODULES: 'text2vec-transformers'
      CLUSTER_HOSTNAME: 'node1'
  t2v-transformers:
    image: semitechnologies/transformers-inference:sentence-transformers-multi-qa-MiniLM-L6-cos-v1
    environment:
      ENABLE_CUDA: '0'
volumes:
  weaviate_data:
...

我真的不想在具有不安全矢量存储的生产环境中部署此应用程序。

安全 docker-compose https weaviate

  ---
version: '3.4'
services:
  weaviate:
    command:
    - --tls-host
    - 0.0.0.0
    - --tls-port
    - '8080'
    - --scheme
    - https
    - --tls-certificate
    - /etc/ssl/certs/dev-certificate.pem
    - --tls-key
    - /etc/ssl/certs/dev-private-key.pem
    image: semitechnologies/weaviate:1.21.2
    ports:
    - 8080:8080
    volumes:
    - weaviate_data:/var/lib/weaviate
    - /etc/ssl/certs:/etc/ssl/certs
    restart: on-failure:0
    environment:
      AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'true'
      TRANSFORMERS_INFERENCE_API: 'http://t2v-transformers:8080'
      QUERY_DEFAULTS_LIMIT: 25
      PERSISTENCE_DATA_PATH: '/var/lib/weaviate'
      DEFAULT_VECTORIZER_MODULE: 'text2vec-transformers'
      ENABLE_MODULES: 'text2vec-transformers'
      CLUSTER_HOSTNAME: 'node1'
  t2v-transformers:
    image: semitechnologies/transformers-inference:sentence-transformers-multi-qa-MiniLM-L6-cos-v1
    environment:
      ENABLE_CUDA: '0'
volumes:
  weaviate_data:
...

如何使用Docker compose让Weaviate在HTTPS上运行？

How do I get Weaviate running on HTTPS using Docker compose?

评论

评论