summaryrefslogtreecommitdiffstats
path: root/samples/services/snort_ids/yaml
diff options
context:
space:
mode:
authorEddie Arrage <eddie.arrage@huawei.com>2018-03-20 23:51:35 +0000
committerEddie Arrage <eddie.arrage@huawei.com>2018-03-31 00:11:00 +0000
commit56f50acd66d6f041b0347babb131150db3ca2023 (patch)
tree4a631df908d55fa7cd2fbf59c5854d06d811bf64 /samples/services/snort_ids/yaml
parentc43c773fc33167f46461b4fd1ae58e40d390d59e (diff)
Develop snort IDS and content inspect service
- Initial commit to show potential structure of a sample service - This wil be part of a larger sample application currently dubbed Service Delivery Controller - Docker container needs to be built and employs open-source Linux packages - Service is deployable in Istio service mesh using provided yaml - Control snort daemon and add custom rules with GRPC messaging - Process snort alerts actively and send to redis and upstream service mesh components - Integrates a web server for better HTTP signature detection - Improved build script for CI with variables - Render k8s yaml snort manifest dynamically with command line options - Improve snort_client sample script for runtime modifications including passing args on CLI, error checking - Update nginx proxy interface - Added logging to snort server and alert process Change-Id: Ic56f9fcd9ed21f64b84b85ac8ee280d69af7b7c9 Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
Diffstat (limited to 'samples/services/snort_ids/yaml')
-rw-r--r--samples/services/snort_ids/yaml/manifest.template38
-rw-r--r--samples/services/snort_ids/yaml/render_yaml.py62
2 files changed, 100 insertions, 0 deletions
diff --git a/samples/services/snort_ids/yaml/manifest.template b/samples/services/snort_ids/yaml/manifest.template
new file mode 100644
index 0000000..178765b
--- /dev/null
+++ b/samples/services/snort_ids/yaml/manifest.template
@@ -0,0 +1,38 @@
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ deploy_name }}
+ labels:
+ app: {{ deploy_name }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ deploy_name }}
+ spec:
+ containers:
+ - name: {{ deploy_name }}
+ image: {{ image_path }}/{{ image_name }}:{{ image_tag }}
+ ports:
+ - containerPort: {{ grpc_port }}
+ - containerPort: {{ redis_port }}
+ - containerPort: {{ http_port }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ deploy_name }}
+ labels:
+ app: {{ deploy_name }}
+spec:
+ ports:
+ - port: {{ grpc_port }}
+ name: grpc
+ - port: {{ redis_port }}
+ name: redis
+ - port: {{ http_port }}
+ name: http
+ selector:
+ app: {{ deploy_name }}
+---
diff --git a/samples/services/snort_ids/yaml/render_yaml.py b/samples/services/snort_ids/yaml/render_yaml.py
new file mode 100644
index 0000000..e23f540
--- /dev/null
+++ b/samples/services/snort_ids/yaml/render_yaml.py
@@ -0,0 +1,62 @@
+# Copyright (c) Authors of Clover
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+
+import argparse
+
+from jinja2 import Template
+
+
+def render_yaml(args):
+ template_file = 'manifest.template'
+ out_file = 'snort.yaml'
+
+ try:
+ with open(template_file) as f:
+ tmpl = Template(f.read())
+ output = tmpl.render(
+ image_path=args['image_path'],
+ image_name=args['image_name'],
+ image_tag=args['image_tag'],
+ deploy_name=args['deploy_name'],
+ grpc_port=args['grpc_port'],
+ redis_port=args['redis_port'],
+ http_port=args['http_port']
+ )
+ with open(out_file, "wb") as fh:
+ fh.write(output)
+ return "Generated manifest for {}".format(args['deploy_name'])
+ except Exception as e:
+ print(e)
+ return "Unable to generate manifest for {}".format(
+ args['deploy_name'])
+
+
+if __name__ == '__main__':
+ parser = argparse.ArgumentParser()
+ parser.add_argument(
+ '--image_name', default='clover-ns-snort-ids',
+ help='The image name to use')
+ parser.add_argument(
+ '--image_path', default='localhost:5000',
+ help='The path to the images to use')
+ parser.add_argument(
+ '--image_tag', default='latest',
+ help='The image tag to use')
+ parser.add_argument(
+ '--deploy_name', default='snort-ids',
+ help='The k8s deploy name to use')
+ parser.add_argument(
+ '--redis_port', default='6379',
+ help='The redis port to connect to for alerts')
+ parser.add_argument(
+ '--http_port', default='80',
+ help='Analyze http traffic on this port')
+ parser.add_argument(
+ '--grpc_port', default='50052',
+ help='The image tag to use')
+ args = parser.parse_args()
+ print(render_yaml(vars(args)))