def _sciond_conf(self, topo_id, base): name = sciond_svc_name(topo_id) image = 'sciond_py' if self.args.sciond == 'py' else 'sciond' entry = { 'image': docker_image(self.args, image), 'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()), 'depends_on': [ 'scion_disp_%s' % topo_id.file_fmt() ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'volumes': [ *self._std_vol(topo_id), '%s:/share/conf:ro' % os.path.join(base, 'endhost'), ], } if self.args.sciond == 'py': entry['command'] = [ '--api-addr=%s' % os.path.join(SCIOND_API_SOCKDIR, "%s.sock" % name), '--log_dir=logs', '--spki_cache_dir=cache', sciond_name(topo_id), 'conf' ] self.dc_conf['services'][name] = entry
def _br_conf(self, topo_id, topo, base): for k, _ in topo.get("border_routers", {}).items(): image = docker_image(self.args, 'posix-router') entry = { 'image': image, 'container_name': self.prefix + k, 'networks': {}, 'user': self.user, 'volumes': ['%s:/share/conf:ro' % base], 'environment': { 'SCION_EXPERIMENTAL_BFD_DETECT_MULT': '${SCION_EXPERIMENTAL_BFD_DETECT_MULT}', 'SCION_EXPERIMENTAL_BFD_DESIRED_MIN_TX': '${SCION_EXPERIMENTAL_BFD_DESIRED_MIN_TX}', 'SCION_EXPERIMENTAL_BFD_REQUIRED_MIN_RX': '${SCION_EXPERIMENTAL_BFD_REQUIRED_MIN_RX}', }, 'command': ['--config', '/share/conf/%s.toml' % k] } # add data networks: net_keys = [k, k + '_internal'] for net_key in net_keys: for net in self.elem_networks[net_key]: ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' entry['networks'][self.bridges[net['net']]] = { '%s_address' % ipv: str(net[ipv]) } self.dc_conf['services']['scion_%s' % k] = entry
def _bs_conf(self, topo_id, topo, base): raw_entry = { 'image': docker_image(self.args, 'beacon_py'), 'depends_on': [ sciond_svc_name(topo_id), 'scion_disp_%s' % topo_id.file_fmt(), ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'network_mode': 'service:scion_disp_%s' % topo_id.file_fmt(), 'volumes': self._std_vol(topo_id), 'command': ['--spki_cache_dir=cache'] } for k, v in topo.get("BeaconService", {}).items(): entry = copy.deepcopy(raw_entry) name = self.prefix + k entry['container_name'] = name entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k)) prom_addr = prom_addr_infra(self.args.docker, k, v, BS_PROM_PORT) entry['command'].append('--prom=%s' % prom_addr) entry['command'].append( '--sciond_path=%s' % get_default_sciond_path(ISD_AS(topo["ISD_AS"]))) entry['command'].append(k) entry['command'].append('conf') self.dc_conf['services']['scion_%s' % k] = entry
def _br_conf(self, topo_id, topo, base): raw_entry = { 'image': docker_image(self.args, 'border'), 'depends_on': [ 'scion_disp_br_%s' % topo_id.file_fmt(), ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'networks': {}, 'volumes': [ *DOCKER_USR_VOL, 'vol_%sdisp_br_%s:/run/shm/dispatcher:rw' % (self.prefix, topo_id.file_fmt()), self._logs_vol() ], 'command': [] } for k, v in topo.get("BorderRouters", {}).items(): entry = copy.deepcopy(raw_entry) entry['container_name'] = self.prefix + k entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k)) entry['command'].append('-id=%s' % k) entry['command'].append('-prom=%s' % prom_addr_br(k, v, self.args.port_gen)) # Set BR IPs in_net = self.elem_networks[k + "_internal"][0] entry['networks'][self.bridges[in_net['net']]] = {'ipv4_address': str(in_net['ipv4'])} for net in self.elem_networks[k]: entry['networks'][self.bridges[net['net']]] = {'ipv4_address': str(net['ipv4'])} self.dc_conf['services']['scion_%s' % k] = entry
def _sciond_conf(self, topo_id, base): name = sciond_svc_name(topo_id) net = self.elem_networks["sd" + topo_id.file_fmt()][0] ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' ip = str(net[ipv]) disp_id = 'cs%s-1' % topo_id.file_fmt() entry = { 'image': docker_image(self.args, 'sciond'), 'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()), 'depends_on': [ 'scion_disp_%s' % disp_id ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'volumes': [ *DOCKER_USR_VOL, self._disp_vol(disp_id), self._cache_vol(), self._logs_vol(), self._certs_vol(), '%s:/share/conf:ro' % os.path.join(base, 'endhost'), ], 'networks': { self.bridges[net['net']]: {'%s_address' % ipv: ip} } } self.dc_conf['services'][name] = entry
def _cs_conf(self, topo_id, topo, base): image = 'cert_py' if self.args.cert_server == 'py' else 'cert' raw_entry = { 'image': docker_image(self.args, image), 'depends_on': [ sciond_svc_name(topo_id), 'scion_disp_%s' % topo_id.file_fmt(), ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'network_mode': 'service:scion_disp_%s' % topo_id.file_fmt(), 'volumes': self._std_vol(topo_id), 'command': [] } for k, v in topo.get("CertificateService", {}).items(): entry = copy.deepcopy(raw_entry) entry['container_name'] = self.prefix + k entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k)) if self.args.cert_server == 'py': sciond = get_default_sciond_path(ISD_AS(topo["ISD_AS"])) entry['command'].append('--spki_cache_dir=cache') entry['command'].append('--prom=[0.0.0.0]:%s' % CS_PROM_PORT) entry['command'].append('--sciond_path=%s' % sciond) entry['command'].append(k) entry['command'].append('conf') self.dc_conf['services']['scion_%s' % k] = entry
def _dispatcher_conf(self, topo_id, topo, base): image = 'dispatcher' base_entry = { 'image': docker_image(self.args, image), 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'networks': {}, 'volumes': [ *DOCKER_USR_VOL, self._logs_vol() ] } keys = list(topo.get("BorderRouters", {})) + list(topo.get("ControlService", {})) for disp_id in keys: entry = copy.deepcopy(base_entry) net_key = disp_id if disp_id.startswith('br'): net_key += '_ctrl' net = self.elem_networks[net_key][0] ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' ip = str(net[ipv]) entry['networks'][self.bridges[net['net']]] = {'%s_address' % ipv: ip} entry['container_name'] = '%sdisp_%s' % (self.prefix, disp_id) entry['volumes'].append(self._disp_vol(disp_id)) conf = '%s:/share/conf:rw' % os.path.join(base, 'disp_%s' % disp_id) entry['volumes'].append(conf) self.dc_conf['services']['scion_disp_%s' % disp_id] = entry self.dc_conf['volumes'][self._disp_vol(disp_id).split(':')[0]] = None
def _ps_conf(self, topo_id, topo, base): image = 'path_py' if self.args.path_server == 'py' else 'path' raw_entry = { 'image': docker_image(self.args, image), 'depends_on': [ sciond_svc_name(topo_id), 'scion_disp_%s' % topo_id.file_fmt(), ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'volumes': self._std_vol(topo_id), 'command': [], } for k, v in topo.get("PathService", {}).items(): entry = copy.deepcopy(raw_entry) name = self.prefix + k entry['container_name'] = name entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k)) if self.args.path_server == 'py': entry['command'].append('--spki_cache_dir=cache') entry['command'].append('--prom=%s' % prom_addr_infra(k, v, self.args.port_gen)) entry['command'].append('--sciond_path=%s' % get_default_sciond_path(ISD_AS(topo["ISD_AS"]))) entry['command'].append(k) entry['command'].append('conf') self.dc_conf['services']['scion_%s' % k] = entry
def _test_conf(self, topo_id): docker = 'docker_' if self.args.in_docker else '' cntr_base = '/home/scion/go/src/github.com/scionproto/scion' name = 'tester_%s' % topo_id.file_fmt() entry = { 'image': docker_image(self.args, 'tester'), 'container_name': 'tester_%s%s' % (docker, topo_id.file_fmt()), 'privileged': True, 'entrypoint': './tester.sh', 'environment': {}, 'volumes': [ 'vol_scion_%sdisp_%s:/run/shm/dispatcher:rw' % (docker, topo_id.file_fmt()), 'vol_scion_%ssciond_%s:/run/shm/sciond:rw' % (docker, topo_id.file_fmt()), self.output_base + '/logs:' + cntr_base + '/logs:rw', self.output_base + '/gen:' + cntr_base + '/gen:rw', self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw' ], 'networks': {} } if self.args.sig: # If the tester container needs to communicate to the SIG, it needs the SIG_IP and # REMOTE_NETS which are the remote subnets that need to be routed through the SIG. # net information for the connected SIG sig_net = self.args.networks['sig%s' % topo_id.file_fmt()][0] net = self.args.networks[name][0] bridge = self.args.bridges[net['net']] entry['networks'][bridge] = {'ipv4_address': str(net['ipv4'])} entry['environment']['SIG_IP'] = str(sig_net['ipv4']) entry['environment']['REMOTE_NETS'] = remote_nets(self.args.networks, topo_id) self.dc_conf['services'][name] = entry
def _sciond_conf(self, topo_id, base): name = sciond_svc_name(topo_id) net = self.elem_networks["sd" + topo_id.file_fmt()][0] ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' ip = str(net[ipv]) disp_id = 'cs%s-1' % topo_id.file_fmt() entry = { 'extra_hosts': ['jaeger:%s' % docker_host(self.args.docker)], 'image': docker_image(self.args, 'daemon'), 'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()), 'depends_on': ['scion_disp_%s' % disp_id], 'user': self.user, 'volumes': [ self._disp_vol(disp_id), self._cache_vol(), self._certs_vol(), '%s:/share/conf:ro' % base ], 'networks': { self.bridges[net['net']]: { '%s_address' % ipv: ip } }, 'command': ['--config', '/share/conf/sd.toml'], } self.dc_conf['services'][name] = entry
def _br_conf(self, topo_id, topo, base): for k, _ in topo.get("BorderRouters", {}).items(): disp_id = '%s%s' % (topo_id.file_fmt(), k[-2:]) entry = { 'image': docker_image(self.args, 'border'), 'container_name': self.prefix + k, 'depends_on': [ 'scion_disp_br_%s' % disp_id, ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'networks': {}, 'volumes': [ *DOCKER_USR_VOL, self._disp_br_vol(disp_id), self._logs_vol(), '%s:/share/conf:ro' % os.path.join(base, k) ], 'command': [] } # Set BR IPs in_net = self.elem_networks[k + "_internal"][0] entry['networks'][self.bridges[in_net['net']]] = {'ipv4_address': str(in_net['ipv4'])} for net in self.elem_networks[k]: entry['networks'][self.bridges[net['net']]] = {'ipv4_address': str(net['ipv4'])} self.dc_conf['services']['scion_%s' % k] = entry
def _dispatcher_conf(self, topo_id, topo, base): image = 'dispatcher_go' if self.args.dispatcher == 'go' else 'dispatcher' entry = { 'image': docker_image(self.args, image), 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'networks': {}, 'volumes': [*DOCKER_USR_VOL, self._logs_vol()] } self._br_dispatcher(copy.deepcopy(entry), topo_id, topo, base) self._infra_dispatcher(copy.deepcopy(entry), topo_id, base)
def _dispatcher_conf(self, topo_id, topo, base): # Create dispatcher config entry = { 'image': docker_image(self.args, 'dispatcher'), 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'networks': {}, 'volumes': [ *DOCKER_USR_VOL, '%s:/share/conf:rw' % os.path.join(base, 'dispatcher'), self._logs_vol() ] } self._br_dispatcher(copy.deepcopy(entry), topo_id, topo) self._infra_dispatcher(copy.deepcopy(entry), topo_id)
def _test_conf(self, topo_id): cntr_base = '/share' name = 'tester_%s' % topo_id.file_fmt() entry = { 'image': docker_image(self.args, 'tester'), 'container_name': 'tester_%s' % topo_id.file_fmt(), 'depends_on': ['scion_disp_%s' % name], 'privileged': True, 'entrypoint': 'sh tester.sh', 'environment': {}, # 'user': self.user, 'volumes': [ 'vol_scion_disp_%s:/run/shm/dispatcher:rw' % name, self.output_base + '/logs:' + cntr_base + '/logs:rw', self.output_base + '/gen:' + cntr_base + '/gen:rw', self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw' ], 'network_mode': 'service:scion_disp_%s' % name, } net = self.args.networks[name][0] ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' disp_net = self.args.networks[name][0] entry['environment']['SCION_LOCAL_ADDR'] = str(disp_net[ipv]) sciond_net = self.args.networks['sd%s' % topo_id.file_fmt()][0] if ipv == 'ipv4': entry['environment']['SCION_DAEMON'] = '%s:30255' % sciond_net[ipv] else: entry['environment'][ 'SCION_DAEMON'] = '[%s]:30255' % sciond_net[ipv] if self.args.sig: # If the tester container needs to communicate to the SIG, it needs the SIG_IP and # REMOTE_NETS which are the remote subnets that need to be routed through the SIG. # net information for the connected SIG sig_net = self.args.networks['sig%s' % topo_id.file_fmt()][0] entry['environment']['SIG_IP'] = str(sig_net[ipv]) entry['environment']['REMOTE_NETS'] = remote_nets( self.args.networks, topo_id) self.dc_conf['services'][name] = entry
def _test_conf(self, topo_id): docker = 'docker_' if self.args.in_docker else '' cntr_base = '/home/scion/go/src/github.com/scionproto/scion' entry = { 'image': docker_image(self.args, 'app_builder'), 'volumes': [ 'vol_scion_%sdisp_%s:/run/shm/dispatcher:rw' % (docker, topo_id.file_fmt()), 'vol_scion_%ssciond_%s:/run/shm/sciond:rw' % (docker, topo_id.file_fmt()), self.output_base + '/logs:' + cntr_base + '/logs:rw', self.output_base + '/gen:' + cntr_base + '/gen:rw', self.output_base + '/gen-certs:' + cntr_base + '/gen-certs:rw' ], 'command': ['-c', 'tail -f /dev/null'] } entry['container_name'] = 'tester_%s%s' % (docker, topo_id.file_fmt()) self.dc_conf['services']['tester_%s' % topo_id.file_fmt()] = entry
def _bs_conf(self, topo_id, topo, base): raw_entry = { 'image': docker_image(self.args, 'beacon'), 'depends_on': [ sciond_svc_name(topo_id), 'scion_disp_%s' % topo_id.file_fmt(), ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'network_mode': 'service:scion_disp_%s' % topo_id.file_fmt(), 'volumes': self._std_vol(topo_id), 'command': [] } for k, v in topo.get("BeaconService", {}).items(): entry = copy.deepcopy(raw_entry) entry['container_name'] = self.prefix + k entry['volumes'].append('%s:/share/conf:ro' % os.path.join(base, k)) self.dc_conf['services']['scion_%s' % k] = entry
def _control_service_conf(self, topo_id, topo, base): for k, v in topo.get("ControlService", {}).items(): entry = { 'image': docker_image(self.args, 'cs'), 'container_name': self.prefix + k, 'depends_on': ['scion_disp_%s' % k], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'network_mode': 'service:scion_disp_%s' % k, 'volumes': [ *DOCKER_USR_VOL, self._cache_vol(), self._logs_vol(), self._certs_vol(), '%s:/share/conf:ro' % os.path.join(base, k), self._disp_vol(k), ], 'command': [] } self.dc_conf['services']['scion_%s' % k] = entry
def _control_service_conf(self, topo_id, topo, base): for k in topo.get("control_service", {}).keys(): entry = { 'image': docker_image(self.args, 'control'), 'container_name': self.prefix + k, 'depends_on': ['scion_disp_%s' % k], 'network_mode': 'service:scion_disp_%s' % k, 'user': self.user, 'volumes': [ self._cache_vol(), self._certs_vol(), '%s:/share/conf:ro' % base, self._disp_vol(k), ], 'command': ['--config', '/share/conf/%s.toml' % k] } self.dc_conf['services']['scion_%s' % k] = entry
def _sciond_conf(self, topo_id, base): name = sciond_svc_name(topo_id) net = self.elem_networks["sd" + topo_id.file_fmt()][0] ip = str(net['ipv4']) entry = { 'image': docker_image(self.args, 'sciond'), 'container_name': '%ssd%s' % (self.prefix, topo_id.file_fmt()), 'depends_on': [ 'scion_disp_%s' % topo_id.file_fmt() ], 'environment': { 'SU_EXEC_USERSPEC': self.user_spec, }, 'volumes': [ *self._std_vol(topo_id), '%s:/share/conf:ro' % os.path.join(base, 'endhost'), ], 'networks': { self.bridges[net['net']]: {'ipv4_address': ip} } } self.dc_conf['services'][name] = entry
def _dispatcher_conf(self, topo_id, topo, base): image = 'dispatcher' base_entry = { 'extra_hosts': ['jaeger:%s' % docker_host(self.args.docker)], 'image': docker_image(self.args, image), 'networks': {}, 'user': self.user, 'volumes': [], 'depends_on': { 'utils_chowner': { 'condition': 'service_started' }, }, } keys = (list(topo.get("control_service", {})) + ["tester_%s" % topo_id.file_fmt()]) for disp_id in keys: entry = copy.deepcopy(base_entry) net_key = disp_id net = self.elem_networks[net_key][0] ipv = 'ipv4' if ipv not in net: ipv = 'ipv6' ip = str(net[ipv]) entry['networks'][self.bridges[net['net']]] = { '%s_address' % ipv: ip } entry['container_name'] = '%sdisp_%s' % (self.prefix, disp_id) entry['volumes'].append(self._disp_vol(disp_id)) conf = '%s:/share/conf:rw' % base entry['volumes'].append(conf) entry['command'] = [ '--config', '/share/conf/disp_%s.toml' % disp_id ] self.dc_conf['services']['scion_disp_%s' % disp_id] = entry self.dc_conf['volumes'][self._disp_vol(disp_id).split(':') [0]] = None