SocketX Server On-Premise Deployment

Introduction

SocketX Server is an end-to-end encryption system that protects all WebSocket traffic with next-generation application data security. It acts as a proxy server in front of your backend WebSocket infrastructure, communicating with a SocketX Client to encode and decode all WebSocket frames. The server is highly customizable and supports integration with other services through custom adapters.

Below is an example architecture where a client application communicates with a SocketX Server, which then proxies decoded WebSocket traffic to backend services:

---

Prerequisites

Technical Requirements

• A web or mobile application project that communicates with a backend service over WebSocket.
• Docker installed and running on your system.
• AWS CLI installed.

Skills and Knowledge

• Familiarity with Docker and/or Kubernetes.
• Basic knowledge of configuring containerized services.

Credentials

• An AWS Access Key ID and AWS Secret Access Key provided by Eclypses to access the private container repository.

---

Deployment Options

SocketX Server is provided as a Docker image and can be deployed on-premise using:

• Docker Run
• Docker Compose
• Kubernetes
• Other container runtimes (e.g., Podman, Docker Swarm, K3s)

---

1. Configure AWS CLI Access

You must configure a new AWS CLI profile using the credentials provided by Eclypses.

aws configure --profile eclypses-customer-on-prem

When prompted:

• AWS Access Key ID: Enter the ID provided by Eclypses.
• AWS Secret Access Key: Enter the secret key provided.
• Default region name: us-east-1
• Default output format: json

---

2. Pull the Docker Image

Authenticate Docker with the Eclypses ECR repository:

bash

aws ecr get-login-password \
--region us-east-1 \
--profile eclypses-customer-on-prem \
| docker login --username AWS \
--password-stdin 321186633847.dkr.ecr.us-east-1.amazonaws.com

PowerShell

aws ecr get-login-password `
--region us-east-1 `
--profile eclypses-customer-on-prem `
| docker login --username AWS `
--password-stdin 321186633847.dkr.ecr.us-east-1.amazonaws.com

Then pull the image:

docker pull 321186633847.dkr.ecr.us-east-1.amazonaws.com/customer/on-prem/socketx-server-go:1.0.0

---

Server Configuration

SocketX Server is configured using environment variables.

Required Variables

• DOMAIN_MAP - JSON string mapping domains. Wildcards are supported.

Optional Variables

• LISTEN_HOST - Default: 0.0.0.0.
• LISTEN_PORT - Default: 8080.
• LOG_LEVEL - One of debug, info, warn, error, panic, off. Default: info.
• WS_READ_BUFFER_SIZE - Websocket read buffer size in bytes. Default: 1024.
• WS_WRITE_BUFFER_SIZE - Websocket write buffer size in bytes. Default: 1024.

Minimal Example

DOMAIN_MAP={"*":"ws://service.com"}

Full Example

DOMAIN_MAP={"*":"ws://example.com"}
LISTEN_HOST=0.0.0.0
LISTEN_PORT=8080
LOG_LEVEL=info
WS_READ_BUFFER_SIZE=2048
WS_WRITE_BUFFER_SIZE=2048

---

Deployment Steps

Option A: Docker Run

bash

docker run --rm -it \
  --name socketx \
  -p 8080:8080 \
  -e DOMAIN_MAP={"*":"ws://example.com"} \
  321186633847.dkr.ecr.us-east-1.amazonaws.com/customer/on-prem/socketx-server-go:1.0.0

PowerShell

docker run --rm -it `
  --name socketx `
  -p 8080:8080 `
  -e DOMAIN_MAP={"*":"ws://example.com"} `
  321186633847.dkr.ecr.us-east-1.amazonaws.com/customer/on-prem/socketx-server-go:1.0.0

---

Option B: Docker Compose

version: "3.8"

services:
  socketx:
    image: 321186633847.dkr.ecr.us-east-1.amazonaws.com/customer/on-prem/socketx-server-go:1.0.0
    ports:
      - "8080:8080"
    environment:
      - DOMAIN_MAP={"*":"ws://example.com"}

---

Option C: Kubernetes

apiVersion: apps/v1
kind: Deployment
metadata:
  name: socketx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: socketx
  template:
    metadata:
      labels:
        app: socketx
    spec:
      containers:
        - name: socketx
          image: 321186633847.dkr.ecr.us-east-1.amazonaws.com/customer/on-prem/socketx-server-go:1.0.0
          ports:
            - containerPort: 8080
          env:
            - name: DOMAIN_MAP
              value: '{"*":"ws://example.com"}'
---
apiVersion: v1
kind: Service
metadata:
  name: socketx-service
spec:
  type: LoadBalancer
  selector:
    app: socketx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8080

kubectl apply -f socketx-deployment.yaml
kubectl get all
kubectl delete -f socketx-deployment.yaml

---

Testing & Health Checks

• Monitor container logs for startup messages:

  • SocketX server starting

• Test echo route:

curl http://<SOCKETX_HOST_OR_IP>:<PORT>/api/socketx-echo?msg=test

Expected response:

{
  "echo": "test",
  "time": "<timestamp>"
}

---

Troubleshooting

1. Invalid Configuration
   • Check logs for missing/invalid environment variables.
2. SocketX unreachable
   • Verify firewall, networking, or Kubernetes service configuration.

---

Security

• No sensitive data stored in the container.
• No root privileges required.

---

Costs

Private infrastructure costs (VMs, storage, networking) are customer-managed.

---

Maintenance

Routine Updates

• Updated container images are distributed through Eclypses.

Fault Recovery

• Relaunch the SocketX container; clients will automatically re-pair.

---

Support

For assistance, contact Eclypses Support:
📧 customer_support@eclypses.com
🕒 Monday-Friday, 8:00 AM-5:00 PM MST (excluding holidays)