diff options
-rw-r--r-- | clover/monitoring/validate.py | 3 | ||||
-rw-r--r-- | clover/tools/clover_validate_rr.py | 10 | ||||
-rw-r--r-- | clover/tools/validate_rr.py | 8 | ||||
-rw-r--r-- | clover/tracing/tracing_sample.py | 3 | ||||
-rw-r--r-- | clover/tracing/validate.py | 2 | ||||
-rw-r--r-- | docker/Dockerfile | 35 | ||||
-rwxr-xr-x | docker/build.sh | 18 | ||||
-rwxr-xr-x | docker/setup.sh | 38 | ||||
-rw-r--r-- | docs/development/design/index.rst | 15 | ||||
-rw-r--r-- | docs/development/design/logging.rst (renamed from docs/logging.rst) | 0 | ||||
-rw-r--r-- | docs/development/design/monitoring.rst (renamed from docs/monitoring.rst) | 0 | ||||
-rw-r--r-- | docs/development/design/tracing.rst (renamed from docs/tracing.rst) | 0 | ||||
-rw-r--r-- | requirements.txt | 3 | ||||
-rw-r--r-- | samples/services/snort_ids/docker/grpc/snort_alerts.py | 2 | ||||
-rw-r--r-- | samples/services/snort_ids/yaml/manifest.template | 3 | ||||
-rw-r--r-- | samples/services/snort_ids/yaml/render_yaml.py | 11 |
16 files changed, 133 insertions, 18 deletions
diff --git a/clover/monitoring/validate.py b/clover/monitoring/validate.py index fafe5df..347fe84 100644 --- a/clover/monitoring/validate.py +++ b/clover/monitoring/validate.py @@ -5,9 +5,10 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 -from monitoring import Monitoring from kubernetes import client, config +from clover.monitoring.monitoring import Monitoring + PROMETHEUS_URL = "http://127.0.0.1:9090" PROMETHEUS_DEPLOYMENT = "prometheus" PROMETHEUS_LABELS = "app=prometheus" diff --git a/clover/tools/clover_validate_rr.py b/clover/tools/clover_validate_rr.py index ff1f8b4..896df6e 100644 --- a/clover/tools/clover_validate_rr.py +++ b/clover/tools/clover_validate_rr.py @@ -10,12 +10,10 @@ import getopt import sys -sys.path.insert(0, '..') - -from orchestration import kube_client -import servicemesh.route_rules as rr -from tracing.tracing import Tracing -from validate_rr import ValidateWRR +from clover.orchestration import kube_client +import clover.servicemesh.route_rules as rr +from clover.tracing.tracing import Tracing +from clover.tools.validate_rr import ValidateWRR def main(argv): service_name = None diff --git a/clover/tools/validate_rr.py b/clover/tools/validate_rr.py index 0e7b9ed..aa1b211 100644 --- a/clover/tools/validate_rr.py +++ b/clover/tools/validate_rr.py @@ -8,11 +8,9 @@ # http://www.apache.org/licenses/LICENSE-2.0 import sys -sys.path.insert(0, '..') - -from orchestration import kube_client -import servicemesh.route_rules as rr -from tracing.tracing import Tracing +from clover.orchestration import kube_client +import clover.servicemesh.route_rules as rr +from clover.tracing.tracing import Tracing class ValidateWRR(object): diff --git a/clover/tracing/tracing_sample.py b/clover/tracing/tracing_sample.py index f0234bf..1026008 100644 --- a/clover/tracing/tracing_sample.py +++ b/clover/tracing/tracing_sample.py @@ -7,7 +7,8 @@ import uuid import time -from tracing import Tracing + +from clover.tracing.tracing import Tracing t = Tracing('localhost', '30888') diff --git a/clover/tracing/validate.py b/clover/tracing/validate.py index eed6f9a..9cbfdd0 100644 --- a/clover/tracing/validate.py +++ b/clover/tracing/validate.py @@ -5,9 +5,9 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 -from tracing import Tracing from kubernetes import client, config +from clover.tracing.tracing import Tracing JAEGER_IP = "localhost" # JAEGER_IP = "1.1.1.1" diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 0000000..c2dcd84 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,35 @@ +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 + +FROM ubuntu:16.04 +LABEL image=opnfv/clover +ARG BRANCH=master + +# GIT repo directory +ENV REPOS_DIR="/home/opnfv/repos" + +# Clover repo +ENV CLOVER_REPO_DIR="${REPOS_DIR}/clover" + +# Install basic dependency +RUN apt-get update \ + && apt-get install -y git python-setuptools python-pip curl apt-transport-https \ + && apt-get -y autoremove && apt-get clean \ + && pip install --upgrade pip + +# Fetch source code +RUN mkdir -p ${REPOS_DIR} +COPY ./ ${CLOVER_REPO_DIR} + +# Install tools like istioctl & kubectl +RUN ${CLOVER_REPO_DIR}/docker/setup.sh + +# Install clover package +RUN cd ${CLOVER_REPO_DIR} && pip install ./ + +# Set work directory +WORKDIR ${CLOVER_REPO_DIR} diff --git a/docker/build.sh b/docker/build.sh new file mode 100755 index 0000000..6b59647 --- /dev/null +++ b/docker/build.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +CLOVER_BASE_DIR=$(cd ${BASH_SOURCE[0]%/*}/..;pwd) +IMAGE_PATH=${IMAGE_PATH:-"localhost:5000"} +IMAGE_NAME=${IMAGE_NAME:-"clover"} + +cd $CLOVER_BASE_DIR +docker build -f docker/Dockerfile -t $IMAGE_NAME . +docker tag $IMAGE_NAME $IMAGE_PATH/$IMAGE_NAME +docker push $IMAGE_PATH/$IMAGE_NAME diff --git a/docker/setup.sh b/docker/setup.sh new file mode 100755 index 0000000..459f44b --- /dev/null +++ b/docker/setup.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +set -ex + +# Get latest istio version, refer: https://git.io/getLatestIstio +if [ "x${ISTIO_VERSION}" = "x" ] ; then + ISTIO_VERSION=$(curl -L -s https://api.github.com/repos/istio/istio/releases/latest | \ + grep tag_name | sed "s/ *\"tag_name\": *\"\(.*\)\",*/\1/") +fi + +ISTIO_DIR_NAME="istio-$ISTIO_VERSION" + +cd /usr/local/ +curl -L https://git.io/getLatestIstio | sh - +mv $ISTIO_DIR_NAME istio-source + +# Install kubectl +curl -s http://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - +cat << EOF > /etc/apt/sources.list.d/kubernetes.list +deb http://apt.kubernetes.io/ kubernetes-xenial main +EOF + +apt-get update \ + && apt-get install -y --allow-downgrades kubectl=1.9.1-00 \ + && apt-get -y autoremove \ + && apt-get clean + +# Persistently append istioctl bin path to PATH env +echo 'export PATH="$PATH:/usr/local/istio-source/bin"' >> ~/.bashrc +echo "source <(kubectl completion bash)" >> ~/.bashrc diff --git a/docs/development/design/index.rst b/docs/development/design/index.rst new file mode 100644 index 0000000..1bb89f1 --- /dev/null +++ b/docs/development/design/index.rst @@ -0,0 +1,15 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) OPNFV, Authors of Clover + +================================= +OPNFV Clover Design Specification +================================= + +.. toctree:: + :maxdepth: 1 + + logging + monitoring + tracing diff --git a/docs/logging.rst b/docs/development/design/logging.rst index 196ba40..196ba40 100644 --- a/docs/logging.rst +++ b/docs/development/design/logging.rst diff --git a/docs/monitoring.rst b/docs/development/design/monitoring.rst index 44b01e3..44b01e3 100644 --- a/docs/monitoring.rst +++ b/docs/development/design/monitoring.rst diff --git a/docs/tracing.rst b/docs/development/design/tracing.rst index 79d686c..79d686c 100644 --- a/docs/tracing.rst +++ b/docs/development/design/tracing.rst diff --git a/requirements.txt b/requirements.txt index ac3fdd2..c84c18f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,8 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. +kubernetes # Apache-2.0 pbr!=2.1.0,>=2.0.0 # Apache-2.0 +sh # MIT xtesting # Apache-2.0 +redis # MIT diff --git a/samples/services/snort_ids/docker/grpc/snort_alerts.py b/samples/services/snort_ids/docker/grpc/snort_alerts.py index eda2bd6..4cb87e2 100644 --- a/samples/services/snort_ids/docker/grpc/snort_alerts.py +++ b/samples/services/snort_ids/docker/grpc/snort_alerts.py @@ -14,7 +14,7 @@ from idstools import unified2 HOST_IP = 'redis' -PROXY_GRPC = 'http-proxy:50054' +PROXY_GRPC = 'proxy-access-control:50054' logging.basicConfig(filename='alert.log', level=logging.DEBUG) diff --git a/samples/services/snort_ids/yaml/manifest.template b/samples/services/snort_ids/yaml/manifest.template index 178765b..25dbefa 100644 --- a/samples/services/snort_ids/yaml/manifest.template +++ b/samples/services/snort_ids/yaml/manifest.template @@ -18,6 +18,7 @@ spec: - containerPort: {{ grpc_port }} - containerPort: {{ redis_port }} - containerPort: {{ http_port }} + - containerPort: {{ pac_port }} --- apiVersion: v1 kind: Service @@ -33,6 +34,8 @@ spec: name: redis - port: {{ http_port }} name: http + - port: {{ pac_port }} + name: proxy-access-control selector: app: {{ deploy_name }} --- diff --git a/samples/services/snort_ids/yaml/render_yaml.py b/samples/services/snort_ids/yaml/render_yaml.py index e23f540..42a2615 100644 --- a/samples/services/snort_ids/yaml/render_yaml.py +++ b/samples/services/snort_ids/yaml/render_yaml.py @@ -23,6 +23,7 @@ def render_yaml(args): image_tag=args['image_tag'], deploy_name=args['deploy_name'], grpc_port=args['grpc_port'], + pac_port=args['pac_port'], redis_port=args['redis_port'], http_port=args['http_port'] ) @@ -42,7 +43,7 @@ if __name__ == '__main__': help='The image name to use') parser.add_argument( '--image_path', default='localhost:5000', - help='The path to the images to use') + help='The path to the image to use') parser.add_argument( '--image_tag', default='latest', help='The image tag to use') @@ -54,9 +55,13 @@ if __name__ == '__main__': help='The redis port to connect to for alerts') parser.add_argument( '--http_port', default='80', - help='Analyze http traffic on this port') + help='Analyze http data-plane traffic on this port') parser.add_argument( '--grpc_port', default='50052', - help='The image tag to use') + help='The GRPC server port for snort management') + parser.add_argument( + '--pac_port', default='50054', + help='The GRPC server port of the service to send alerts on') + args = parser.parse_args() print(render_yaml(vars(args))) |