def _sciond_conf(self, topo_id, base):
name = sciond_svc_name(topo_id)
image = 'sciond_py' if self.args.sciond == 'py' else 'sciond'
entry = {
'image': docker_image(self.args, image),
'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()),
'depends_on': [
'scion_disp_%s' % topo_id.file_fmt()
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'volumes': [
*self._std_vol(topo_id),
'%s:/share/conf:ro' % os.path.join(base, 'endhost'),
],
}
if self.args.sciond == 'py':
entry['command'] = [
'--api-addr=%s' % os.path.join(SCIOND_API_SOCKDIR, "%s.sock" % name),
'--log_dir=logs',
'--spki_cache_dir=cache',
sciond_name(topo_id),
'conf'
]
self.dc_conf['services'][name] = entry
def _br_conf(self, topo_id, topo, base):
for k, _ in topo.get("border_routers", {}).items():
image = docker_image(self.args, 'posix-router')
entry = {
'image': image,
'container_name': self.prefix + k,
'networks': {},
'user': self.user,
'volumes': ['%s:/share/conf:ro' % base],
'environment': {
'SCION_EXPERIMENTAL_BFD_DETECT_MULT':
'${SCION_EXPERIMENTAL_BFD_DETECT_MULT}',
'SCION_EXPERIMENTAL_BFD_DESIRED_MIN_TX':
'${SCION_EXPERIMENTAL_BFD_DESIRED_MIN_TX}',
'SCION_EXPERIMENTAL_BFD_REQUIRED_MIN_RX':
'${SCION_EXPERIMENTAL_BFD_REQUIRED_MIN_RX}',
},
'command': ['--config', '/share/conf/%s.toml' % k]
}
# add data networks:
net_keys = [k, k + '_internal']
for net_key in net_keys:
for net in self.elem_networks[net_key]:
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
entry['networks'][self.bridges[net['net']]] = {
'%s_address' % ipv: str(net[ipv])
}
self.dc_conf['services']['scion_%s' % k] = entry
def _bs_conf(self, topo_id, topo, base):
raw_entry = {
'image':
docker_image(self.args, 'beacon_py'),
'depends_on': [
sciond_svc_name(topo_id),
'scion_disp_%s' % topo_id.file_fmt(),
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'network_mode':
'service:scion_disp_%s' % topo_id.file_fmt(),
'volumes':
self._std_vol(topo_id),
'command': ['--spki_cache_dir=cache']
}
for k, v in topo.get("BeaconService", {}).items():
entry = copy.deepcopy(raw_entry)
name = self.prefix + k
entry['container_name'] = name
entry['volumes'].append('%s:/share/conf:ro' %
os.path.join(base, k))
prom_addr = prom_addr_infra(self.args.docker, k, v, BS_PROM_PORT)
entry['command'].append('--prom=%s' % prom_addr)
entry['command'].append(
'--sciond_path=%s' %
get_default_sciond_path(ISD_AS(topo["ISD_AS"])))
entry['command'].append(k)
entry['command'].append('conf')
self.dc_conf['services']['scion_%s' % k] = entry
def _br_conf(self, topo_id, topo, base):
raw_entry = {
'image': docker_image(self.args, 'border'),
'depends_on': [
'scion_disp_br_%s' % topo_id.file_fmt(),
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'networks': {},
'volumes': [
*DOCKER_USR_VOL,
'vol_%sdisp_br_%s:/run/shm/dispatcher:rw' % (self.prefix, topo_id.file_fmt()),
self._logs_vol()
],
'command': []
}
for k, v in topo.get("BorderRouters", {}).items():
entry = copy.deepcopy(raw_entry)
entry['container_name'] = self.prefix + k
entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k))
entry['command'].append('-id=%s' % k)
entry['command'].append('-prom=%s' % prom_addr_br(k, v, self.args.port_gen))
# Set BR IPs
in_net = self.elem_networks[k + "_internal"][0]
entry['networks'][self.bridges[in_net['net']]] = {'ipv4_address': str(in_net['ipv4'])}
for net in self.elem_networks[k]:
entry['networks'][self.bridges[net['net']]] = {'ipv4_address': str(net['ipv4'])}
self.dc_conf['services']['scion_%s' % k] = entry
def _sciond_conf(self, topo_id, base):
name = sciond_svc_name(topo_id)
net = self.elem_networks["sd" + topo_id.file_fmt()][0]
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
ip = str(net[ipv])
disp_id = 'cs%s-1' % topo_id.file_fmt()
entry = {
'image': docker_image(self.args, 'sciond'),
'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()),
'depends_on': [
'scion_disp_%s' % disp_id
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'volumes': [
*DOCKER_USR_VOL,
self._disp_vol(disp_id),
self._cache_vol(),
self._logs_vol(),
self._certs_vol(),
'%s:/share/conf:ro' % os.path.join(base, 'endhost'),
],
'networks': {
self.bridges[net['net']]: {'%s_address' % ipv: ip}
}
}
self.dc_conf['services'][name] = entry
def _cs_conf(self, topo_id, topo, base):
image = 'cert_py' if self.args.cert_server == 'py' else 'cert'
raw_entry = {
'image':
docker_image(self.args, image),
'depends_on': [
sciond_svc_name(topo_id),
'scion_disp_%s' % topo_id.file_fmt(),
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'network_mode':
'service:scion_disp_%s' % topo_id.file_fmt(),
'volumes':
self._std_vol(topo_id),
'command': []
}
for k, v in topo.get("CertificateService", {}).items():
entry = copy.deepcopy(raw_entry)
entry['container_name'] = self.prefix + k
entry['volumes'].append('%s:/share/conf:ro' %
os.path.join(base, k))
if self.args.cert_server == 'py':
sciond = get_default_sciond_path(ISD_AS(topo["ISD_AS"]))
entry['command'].append('--spki_cache_dir=cache')
entry['command'].append('--prom=[0.0.0.0]:%s' % CS_PROM_PORT)
entry['command'].append('--sciond_path=%s' % sciond)
entry['command'].append(k)
entry['command'].append('conf')
self.dc_conf['services']['scion_%s' % k] = entry
def _dispatcher_conf(self, topo_id, topo, base):
image = 'dispatcher'
base_entry = {
'image': docker_image(self.args, image),
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'networks': {},
'volumes': [
*DOCKER_USR_VOL,
self._logs_vol()
]
}
keys = list(topo.get("BorderRouters", {})) + list(topo.get("ControlService", {}))
for disp_id in keys:
entry = copy.deepcopy(base_entry)
net_key = disp_id
if disp_id.startswith('br'):
net_key += '_ctrl'
net = self.elem_networks[net_key][0]
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
ip = str(net[ipv])
entry['networks'][self.bridges[net['net']]] = {'%s_address' % ipv: ip}
entry['container_name'] = '%sdisp_%s' % (self.prefix, disp_id)
entry['volumes'].append(self._disp_vol(disp_id))
conf = '%s:/share/conf:rw' % os.path.join(base, 'disp_%s' % disp_id)
entry['volumes'].append(conf)
self.dc_conf['services']['scion_disp_%s' % disp_id] = entry
self.dc_conf['volumes'][self._disp_vol(disp_id).split(':')[0]] = None
def _ps_conf(self, topo_id, topo, base):
image = 'path_py' if self.args.path_server == 'py' else 'path'
raw_entry = {
'image': docker_image(self.args, image),
'depends_on': [
sciond_svc_name(topo_id),
'scion_disp_%s' % topo_id.file_fmt(),
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'volumes': self._std_vol(topo_id),
'command': [],
}
for k, v in topo.get("PathService", {}).items():
entry = copy.deepcopy(raw_entry)
name = self.prefix + k
entry['container_name'] = name
entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k))
if self.args.path_server == 'py':
entry['command'].append('--spki_cache_dir=cache')
entry['command'].append('--prom=%s' % prom_addr_infra(k, v, self.args.port_gen))
entry['command'].append('--sciond_path=%s' %
get_default_sciond_path(ISD_AS(topo["ISD_AS"])))
entry['command'].append(k)
entry['command'].append('conf')
self.dc_conf['services']['scion_%s' % k] = entry
def _test_conf(self, topo_id):
docker = 'docker_' if self.args.in_docker else ''
cntr_base = '/home/scion/go/src/github.com/scionproto/scion'
name = 'tester_%s' % topo_id.file_fmt()
entry = {
'image': docker_image(self.args, 'tester'),
'container_name': 'tester_%s%s' % (docker, topo_id.file_fmt()),
'privileged': True,
'entrypoint': './tester.sh',
'environment': {},
'volumes': [
'vol_scion_%sdisp_%s:/run/shm/dispatcher:rw' % (docker, topo_id.file_fmt()),
'vol_scion_%ssciond_%s:/run/shm/sciond:rw' % (docker, topo_id.file_fmt()),
self.output_base + '/logs:' + cntr_base + '/logs:rw',
self.output_base + '/gen:' + cntr_base + '/gen:rw',
self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw'
],
'networks': {}
}
if self.args.sig:
# If the tester container needs to communicate to the SIG, it needs the SIG_IP and
# REMOTE_NETS which are the remote subnets that need to be routed through the SIG.
# net information for the connected SIG
sig_net = self.args.networks['sig%s' % topo_id.file_fmt()][0]
net = self.args.networks[name][0]
bridge = self.args.bridges[net['net']]
entry['networks'][bridge] = {'ipv4_address': str(net['ipv4'])}
entry['environment']['SIG_IP'] = str(sig_net['ipv4'])
entry['environment']['REMOTE_NETS'] = remote_nets(self.args.networks, topo_id)
self.dc_conf['services'][name] = entry
def _sciond_conf(self, topo_id, base):
name = sciond_svc_name(topo_id)
net = self.elem_networks["sd" + topo_id.file_fmt()][0]
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
ip = str(net[ipv])
disp_id = 'cs%s-1' % topo_id.file_fmt()
entry = {
'extra_hosts': ['jaeger:%s' % docker_host(self.args.docker)],
'image':
docker_image(self.args, 'daemon'),
'container_name':
'%ssd%s' % (self.prefix, topo_id.file_fmt()),
'depends_on': ['scion_disp_%s' % disp_id],
'user':
self.user,
'volumes': [
self._disp_vol(disp_id),
self._cache_vol(),
self._certs_vol(),
'%s:/share/conf:ro' % base
],
'networks': {
self.bridges[net['net']]: {
'%s_address' % ipv: ip
}
},
'command': ['--config', '/share/conf/sd.toml'],
}
self.dc_conf['services'][name] = entry
def _br_conf(self, topo_id, topo, base):
for k, _ in topo.get("BorderRouters", {}).items():
disp_id = '%s%s' % (topo_id.file_fmt(), k[-2:])
entry = {
'image': docker_image(self.args, 'border'),
'container_name': self.prefix + k,
'depends_on': [
'scion_disp_br_%s' % disp_id,
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'networks': {},
'volumes': [
*DOCKER_USR_VOL,
self._disp_br_vol(disp_id),
self._logs_vol(),
'%s:/share/conf:ro' % os.path.join(base, k)
],
'command': []
}
# Set BR IPs
in_net = self.elem_networks[k + "_internal"][0]
entry['networks'][self.bridges[in_net['net']]] = {'ipv4_address': str(in_net['ipv4'])}
for net in self.elem_networks[k]:
entry['networks'][self.bridges[net['net']]] = {'ipv4_address': str(net['ipv4'])}
self.dc_conf['services']['scion_%s' % k] = entry
def _dispatcher_conf(self, topo_id, topo, base):
image = 'dispatcher_go' if self.args.dispatcher == 'go' else 'dispatcher'
entry = {
'image': docker_image(self.args, image),
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'networks': {},
'volumes': [*DOCKER_USR_VOL, self._logs_vol()]
}
self._br_dispatcher(copy.deepcopy(entry), topo_id, topo, base)
self._infra_dispatcher(copy.deepcopy(entry), topo_id, base)
def _dispatcher_conf(self, topo_id, topo, base):
# Create dispatcher config
entry = {
'image': docker_image(self.args, 'dispatcher'),
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'networks': {},
'volumes': [
*DOCKER_USR_VOL,
'%s:/share/conf:rw' % os.path.join(base, 'dispatcher'),
self._logs_vol()
]
}
self._br_dispatcher(copy.deepcopy(entry), topo_id, topo)
self._infra_dispatcher(copy.deepcopy(entry), topo_id)
def _test_conf(self, topo_id):
cntr_base = '/share'
name = 'tester_%s' % topo_id.file_fmt()
entry = {
'image':
docker_image(self.args, 'tester'),
'container_name':
'tester_%s' % topo_id.file_fmt(),
'depends_on': ['scion_disp_%s' % name],
'privileged':
True,
'entrypoint':
'sh tester.sh',
'environment': {},
# 'user': self.user,
'volumes': [
'vol_scion_disp_%s:/run/shm/dispatcher:rw' % name,
self.output_base + '/logs:' + cntr_base + '/logs:rw',
self.output_base + '/gen:' + cntr_base + '/gen:rw',
self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw'
],
'network_mode':
'service:scion_disp_%s' % name,
}
net = self.args.networks[name][0]
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
disp_net = self.args.networks[name][0]
entry['environment']['SCION_LOCAL_ADDR'] = str(disp_net[ipv])
sciond_net = self.args.networks['sd%s' % topo_id.file_fmt()][0]
if ipv == 'ipv4':
entry['environment']['SCION_DAEMON'] = '%s:30255' % sciond_net[ipv]
else:
entry['environment'][
'SCION_DAEMON'] = '[%s]:30255' % sciond_net[ipv]
if self.args.sig:
# If the tester container needs to communicate to the SIG, it needs the SIG_IP and
# REMOTE_NETS which are the remote subnets that need to be routed through the SIG.
# net information for the connected SIG
sig_net = self.args.networks['sig%s' % topo_id.file_fmt()][0]
entry['environment']['SIG_IP'] = str(sig_net[ipv])
entry['environment']['REMOTE_NETS'] = remote_nets(
self.args.networks, topo_id)
self.dc_conf['services'][name] = entry
def _test_conf(self, topo_id):
docker = 'docker_' if self.args.in_docker else ''
cntr_base = '/home/scion/go/src/github.com/scionproto/scion'
entry = {
'image':
docker_image(self.args, 'app_builder'),
'volumes': [
'vol_scion_%sdisp_%s:/run/shm/dispatcher:rw' %
(docker, topo_id.file_fmt()),
'vol_scion_%ssciond_%s:/run/shm/sciond:rw' %
(docker, topo_id.file_fmt()),
self.output_base + '/logs:' + cntr_base + '/logs:rw',
self.output_base + '/gen:' + cntr_base + '/gen:rw',
self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw'
],
'command': ['-c', 'tail -f /dev/null']
}
entry['container_name'] = 'tester_%s%s' % (docker, topo_id.file_fmt())
self.dc_conf['services']['tester_%s' % topo_id.file_fmt()] = entry
def _bs_conf(self, topo_id, topo, base):
raw_entry = {
'image': docker_image(self.args, 'beacon'),
'depends_on': [
sciond_svc_name(topo_id),
'scion_disp_%s' % topo_id.file_fmt(),
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'network_mode': 'service:scion_disp_%s' % topo_id.file_fmt(),
'volumes': self._std_vol(topo_id),
'command': []
}
for k, v in topo.get("BeaconService", {}).items():
entry = copy.deepcopy(raw_entry)
entry['container_name'] = self.prefix + k
entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k))
self.dc_conf['services']['scion_%s' % k] = entry
def _control_service_conf(self, topo_id, topo, base):
for k, v in topo.get("ControlService", {}).items():
entry = {
'image': docker_image(self.args, 'cs'),
'container_name': self.prefix + k,
'depends_on': ['scion_disp_%s' % k],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'network_mode': 'service:scion_disp_%s' % k,
'volumes': [
*DOCKER_USR_VOL,
self._cache_vol(),
self._logs_vol(),
self._certs_vol(),
'%s:/share/conf:ro' % os.path.join(base, k),
self._disp_vol(k),
],
'command': []
}
self.dc_conf['services']['scion_%s' % k] = entry
def _control_service_conf(self, topo_id, topo, base):
for k in topo.get("control_service", {}).keys():
entry = {
'image':
docker_image(self.args, 'control'),
'container_name':
self.prefix + k,
'depends_on': ['scion_disp_%s' % k],
'network_mode':
'service:scion_disp_%s' % k,
'user':
self.user,
'volumes': [
self._cache_vol(),
self._certs_vol(),
'%s:/share/conf:ro' % base,
self._disp_vol(k),
],
'command': ['--config', '/share/conf/%s.toml' % k]
}
self.dc_conf['services']['scion_%s' % k] = entry
def _sciond_conf(self, topo_id, base):
name = sciond_svc_name(topo_id)
net = self.elem_networks["sd" + topo_id.file_fmt()][0]
ip = str(net['ipv4'])
entry = {
'image': docker_image(self.args, 'sciond'),
'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()),
'depends_on': [
'scion_disp_%s' % topo_id.file_fmt()
],
'environment': {
'SU_EXEC_USERSPEC': self.user_spec,
},
'volumes': [
*self._std_vol(topo_id),
'%s:/share/conf:ro' % os.path.join(base, 'endhost'),
],
'networks': {
self.bridges[net['net']]: {'ipv4_address': ip}
}
}
self.dc_conf['services'][name] = entry
def _dispatcher_conf(self, topo_id, topo, base):
image = 'dispatcher'
base_entry = {
'extra_hosts': ['jaeger:%s' % docker_host(self.args.docker)],
'image': docker_image(self.args, image),
'networks': {},
'user': self.user,
'volumes': [],
'depends_on': {
'utils_chowner': {
'condition': 'service_started'
},
},
}
keys = (list(topo.get("control_service", {})) +
["tester_%s" % topo_id.file_fmt()])
for disp_id in keys:
entry = copy.deepcopy(base_entry)
net_key = disp_id
net = self.elem_networks[net_key][0]
ipv = 'ipv4'
if ipv not in net:
ipv = 'ipv6'
ip = str(net[ipv])
entry['networks'][self.bridges[net['net']]] = {
'%s_address' % ipv: ip
}
entry['container_name'] = '%sdisp_%s' % (self.prefix, disp_id)
entry['volumes'].append(self._disp_vol(disp_id))
conf = '%s:/share/conf:rw' % base
entry['volumes'].append(conf)
entry['command'] = [
'--config', '/share/conf/disp_%s.toml' % disp_id
]
self.dc_conf['services']['scion_disp_%s' % disp_id] = entry
self.dc_conf['volumes'][self._disp_vol(disp_id).split(':')
[0]] = None
