diff options
author | Eddie Arrage <eddie.arrage@huawei.com> | 2018-04-03 23:57:58 +0000 |
---|---|---|
committer | Eddie Arrage <eddie.arrage@huawei.com> | 2018-04-05 23:38:30 +0000 |
commit | 32052f291e4dc5f31aef68a9ae3ac4eeca0ef614 (patch) | |
tree | 2b53bb3199b04b66f373572323f3ee4b5b50a126 /samples | |
parent | 67b7fb49e6ea6ac9c2547af263355e5f1aeade42 (diff) |
Aligned snort-ids default config for SDC scenario
- Modified snort-ids alert process to use k8s DNS name
'proxy-access-control' to align with SDC scenario naming
- Added default port 50054 to the manifest yaml template and
rendering script for communication with proxy-access-control
Change-Id: Ib04ee75e5d8ea9921b16b3b4469bed87b1cd2018
Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
(cherry picked from commit 30d36864d491d41fcb4700b5363b68086e239e5a)
Diffstat (limited to 'samples')
-rw-r--r-- | samples/services/snort_ids/docker/grpc/snort_alerts.py | 2 | ||||
-rw-r--r-- | samples/services/snort_ids/yaml/manifest.template | 3 | ||||
-rw-r--r-- | samples/services/snort_ids/yaml/render_yaml.py | 11 |
3 files changed, 12 insertions, 4 deletions
diff --git a/samples/services/snort_ids/docker/grpc/snort_alerts.py b/samples/services/snort_ids/docker/grpc/snort_alerts.py index eda2bd6..4cb87e2 100644 --- a/samples/services/snort_ids/docker/grpc/snort_alerts.py +++ b/samples/services/snort_ids/docker/grpc/snort_alerts.py @@ -14,7 +14,7 @@ from idstools import unified2 HOST_IP = 'redis' -PROXY_GRPC = 'http-proxy:50054' +PROXY_GRPC = 'proxy-access-control:50054' logging.basicConfig(filename='alert.log', level=logging.DEBUG) diff --git a/samples/services/snort_ids/yaml/manifest.template b/samples/services/snort_ids/yaml/manifest.template index 178765b..25dbefa 100644 --- a/samples/services/snort_ids/yaml/manifest.template +++ b/samples/services/snort_ids/yaml/manifest.template @@ -18,6 +18,7 @@ spec: - containerPort: {{ grpc_port }} - containerPort: {{ redis_port }} - containerPort: {{ http_port }} + - containerPort: {{ pac_port }} --- apiVersion: v1 kind: Service @@ -33,6 +34,8 @@ spec: name: redis - port: {{ http_port }} name: http + - port: {{ pac_port }} + name: proxy-access-control selector: app: {{ deploy_name }} --- diff --git a/samples/services/snort_ids/yaml/render_yaml.py b/samples/services/snort_ids/yaml/render_yaml.py index e23f540..42a2615 100644 --- a/samples/services/snort_ids/yaml/render_yaml.py +++ b/samples/services/snort_ids/yaml/render_yaml.py @@ -23,6 +23,7 @@ def render_yaml(args): image_tag=args['image_tag'], deploy_name=args['deploy_name'], grpc_port=args['grpc_port'], + pac_port=args['pac_port'], redis_port=args['redis_port'], http_port=args['http_port'] ) @@ -42,7 +43,7 @@ if __name__ == '__main__': help='The image name to use') parser.add_argument( '--image_path', default='localhost:5000', - help='The path to the images to use') + help='The path to the image to use') parser.add_argument( '--image_tag', default='latest', help='The image tag to use') @@ -54,9 +55,13 @@ if __name__ == '__main__': help='The redis port to connect to for alerts') parser.add_argument( '--http_port', default='80', - help='Analyze http traffic on this port') + help='Analyze http data-plane traffic on this port') parser.add_argument( '--grpc_port', default='50052', - help='The image tag to use') + help='The GRPC server port for snort management') + parser.add_argument( + '--pac_port', default='50054', + help='The GRPC server port of the service to send alerts on') + args = parser.parse_args() print(render_yaml(vars(args))) |