dev-service

Author: amdfxlucas

examples/scion/S06-dev-service/README.md

@@ -0,0 +1,25 @@
+### Proposal: Remote Development Service
+
+The DevelopmentService prepares a node for [Remote Development with VSCode](https://code.visualstudio.com/docs/remote/remote-overview).
+It installs the VSCode Remote Server on the Node during the docker image build, which allows to ssh into the running container later i.e. to debug software.
+As of now the primary anticipated use of the seed-emulator has been the deployment of fully developed applications into an emulated szenario i.e. to observe its behaviour.
+With the DevService this paradigm can be adapted to meed the need of developing i.e. P2P software to maturity in a distributed environment.
+
+The DevService allows for each individual node that it is installed on, to specify one or more Git repositories that shall be checked out (along with the desired filesystem path and branch) as well as the VSCode Extensions required for the projects software stack (i.e. golang.Go for the SCION implementation which is written in Go)
+The DevService takes care to install the entirety of build and analysis tools that are needed for a given programming language at docker image build time (for Go this being i.e. the compiler, language server gopls, debugger delve) so that no annoying time delay arises once the emulator is running and you want to attach to a container. 
+Any specified Git repositories are checked out on its own separate docker volume, for the changes to persist between runs of the simulator in case one forgets to push.
+
+### Concerns:
+- software development requires a 'real internet' connection of the container be it to git push/pull or fetch project dependencies for a build (i.e. go get, cargo build etc. ) Currently this is achieved by adding the nodes default gateway ( router node ) in the simulation to a docker-bridge network which it shares only with one other node, the docker-host that acts as a default gateway for the router. The subnetmask for these 'micro' networks is deliberately kept as big as possible, 
+    to allow as least nodes as possible on it (ideally /30 for only: the router-node, docker-host , broadcast and network address )
+    This is to inhibit 'short-circuiting' the simulated network topology (i.e. any crosstalk past the intended network topo among nodes)
+    I tried an alternative approach of configuring these 'service-networks' as IPv6 [^1] to avoid confusion with the simulated IPv4 network and it worked just fine, but was nonetheless rendered impractical as github.com doesnt seem to support IPv6.
+
+[^1]: requires some tinkering with the /etc/docker/daemon.json , setting the 'inet6' option in the /etc/resolv.conf so that any domain names resolve to AAAA records and setting a default ip -6 route 
+
+### TODO:
+- set up a script to install DROP rules in the POSTROUTING Chain of the docker hosts iptables to prevent crosstalk via the service network(s) 
+- maybe its a better idea to have several subclasses of the server for different software stacks i.e. rust / Go /python etc. and leave only the basics i.e git in the service
+- I have to look into the VSCode CLI again !! Time delays when first attaching to a container ought to be kept small, and thus as much as possible should be done at image build time
+- I need to rework the way the PATH and other environment variables are reliably set in the containers ( it is annoying to always have to type i.e. 'export PATH=$PATH:/usr/local/go/bin')
+

examples/scion/S06-dev-service/dev-service.py

@@ -0,0 +1,92 @@
+#!/usr/bin/env python3
+
+from seedemu.compiler import Docker,Graphviz
+from seedemu.core import Emulator, Binding, Filter
+from seedemu.layers import ScionBase, ScionRouting, ScionIsd, Scion
+from seedemu.layers.Scion import LinkType as ScLinkType
+from seedemu.services import ContainerDevelopmentService
+
+# Initialize
+emu = Emulator()
+base = ScionBase()
+routing = ScionRouting()
+scion_isd = ScionIsd()
+scion = Scion()
+devsvc = ContainerDevelopmentService()
+
+# SCION ISDs
+base.createIsolationDomain(1)
+
+# Internet Exchange
+base.createInternetExchange(100)
+
+# AS-150
+as150 = base.createAutonomousSystem(150)
+scion_isd.addIsdAs(1, 150, is_core=True)
+as150.createNetwork('net0')
+as150.createControlService('cs1').joinNetwork('net0')
+as150_router = as150.createRouter('br0')
+as150_router.joinNetwork('net0').joinNetwork('ix100')
+as150_router.crossConnect(153, 'br0', '10.50.0.2/29')
+
+# Create a host running the bandwidth test server
+as150.createHost('node150_0').joinNetwork('net0', address='10.150.0.30')
+
+devsvc.install('dev_peer150_0').addVSCodeExtension('golang.Go').checkoutRepo('https://github.com/scionproto/scion','/home/root/repos/scion','master')
+
+emu.addBinding(Binding('dev_peer150_0', filter=Filter(nodeName='node150_0', asn=150)))
+
+
+# AS-151
+as151 = base.createAutonomousSystem(151)
+scion_isd.addIsdAs(1, 151, is_core=True)
+as151.createNetwork('net0')
+as151.createControlService('cs1').joinNetwork('net0')
+as151.createRouter('br0').joinNetwork('net0').joinNetwork('ix100')
+
+as151.createHost('node151_0').joinNetwork('net0', address='10.151.0.30')
+devsvc.install('dev_peer151_0').addVSCodeExtension('golang.Go').checkoutRepo('https://github.com/scionproto/scion','/home/root/repos/scion','master')
+
+emu.addBinding(Binding('dev_peer151_0', filter=Filter(nodeName='node151_0', asn=151,allowBound=True)))
+
+# AS-152
+as152 = base.createAutonomousSystem(152)
+scion_isd.addIsdAs(1, 152, is_core=True)
+as152.createNetwork('net0')
+as152.createControlService('cs1').joinNetwork('net0')
+as152.createRouter('br0').joinNetwork('net0').joinNetwork('ix100')
+
+as152.createHost('node152_0').joinNetwork('net0', address='10.152.0.30')
+emu.addBinding(Binding('peer152_0', filter=Filter(nodeName='node152_0', asn=152)))
+
+# AS-153
+as153 = base.createAutonomousSystem(153)
+scion_isd.addIsdAs(1, 153, is_core=False)
+scion_isd.setCertIssuer((1, 153), issuer=150)
+as153.createNetwork('net0')
+as153.createControlService('cs1').joinNetwork('net0')
+as153_router = as153.createRouter('br0')
+as153_router.joinNetwork('net0')
+as153_router.crossConnect(150, 'br0', '10.50.0.3/29')
+
+as153.createHost('node153_0').joinNetwork('net0', address='10.153.0.30')
+emu.addBinding(Binding('peer153_0', filter=Filter(nodeName='node153_0', asn=153)))
+
+# Inter-AS routing
+scion.addIxLink(100, (1, 150), (1, 151), ScLinkType.Core)
+scion.addIxLink(100, (1, 151), (1, 152), ScLinkType.Core)
+scion.addIxLink(100, (1, 152), (1, 150), ScLinkType.Core)
+scion.addXcLink((1, 150), (1, 153), ScLinkType.Transit)
+
+# Rendering
+emu.addLayer(base)
+emu.addLayer(routing)
+emu.addLayer(scion_isd)
+emu.addLayer(scion)
+emu.addLayer(devsvc)
+
+emu.render()
+
+# Compilation
+emu.compile(Docker(), './output')
+emu.compile(Graphviz(), './output/graphs')

seedemu/compiler/Docker.py

@@ -96,6 +96,14 @@
 }; done
 '''
 
+DockerCompilerFileTemplates['dockerbridge'] ="""\
+    {name}:
+        ipam:
+          config:
+            - subnet:  172.29.0.{bid}/29
+"""
+
+
 DockerCompilerFileTemplates['compose'] = """\
 version: "3.4"
 services:
@@ -136,6 +144,8 @@
 {networks}{ports}{volumes}
         labels:
 {labelList}
+        environment:
+        {environment}
 """
 
 DockerCompilerFileTemplates['compose_label_meta'] = """\
@@ -853,6 +863,7 @@ def _compileNode(self, node: Node) -> str:
                 netId = real_netname,
                 address = address
             )
+        node_nets += '\n'.join(node.getCustomNets())
 
         _ports = node.getPorts()
         ports = ''
@@ -891,7 +902,20 @@ def _compileNode(self, node: Node) -> str:
                 volumeList = lst
             )
 
+        name = self.__naming_scheme.format(
+            asn = node.getAsn(),
+            role = self._nodeRoleToString(node.getRole()),
+            name = node.getName(),
+            displayName = node.getDisplayName() if node.getDisplayName() != None else node.getName(),
+            primaryIp = node.getInterfaces()[0].getAddress()
+        )
+
+        name = sub(r'[^a-zA-Z0-9_.-]', '_', name)
+
         dockerfile = DockerCompilerFileTemplates['dockerfile']
+
+        dockerfile += 'ENV CONTAINER_NAME {}\n'.format(name)
+
         mkdir(real_nodename)
         chdir(real_nodename)
 
@@ -912,6 +936,7 @@ def _compileNode(self, node: Node) -> str:
         dockerfile = 'FROM {}\n'.format(md5(image.getName().encode('utf-8')).hexdigest()) + dockerfile
         self._used_images.add(image.getName())
 
+        for cmd in node.getDockerCommands(): dockerfile += '{}\n'.format(cmd)
         for cmd in node.getBuildCommands(): dockerfile += 'RUN {}\n'.format(cmd)
 
         start_commands = ''
@@ -945,20 +970,10 @@ def _compileNode(self, node: Node) -> str:
             dockerfile += self._importFile(cpath, hpath)
 
         dockerfile += 'CMD ["/start.sh"]\n'
-        print(dockerfile, file=open('Dockerfile', 'w'))
 
+        print(dockerfile, file=open('Dockerfile', 'w'))
         chdir('..')
 
-        name = self.__naming_scheme.format(
-            asn = node.getAsn(),
-            role = self._nodeRoleToString(node.getRole()),
-            name = node.getName(),
-            displayName = node.getDisplayName() if node.getDisplayName() != None else node.getName(),
-            primaryIp = node.getInterfaces()[0].getAddress()
-        )
-
-        name = sub(r'[^a-zA-Z0-9_.-]', '_', name)
-
         return DockerCompilerFileTemplates['compose_service'].format(
             nodeId = real_nodename,
             nodeName = name,
@@ -967,7 +982,8 @@ def _compileNode(self, node: Node) -> str:
             # privileged = 'true' if node.isPrivileged() else 'false',
             ports = ports,
             labelList = self._getNodeMeta(node),
-            volumes = volumes
+            volumes = volumes,
+            environment= "    - CONTAINER_NAME={}\n            ".format(name) + '\n            '.join(node.getCustomEnv())
         )
 
     def _compileNet(self, net: Network) -> str:
@@ -1088,6 +1104,11 @@ def _doCompile(self, emulator: Emulator):
                 dirName = image.getDirName()
             )
 
+        bridges = registry.getByType('global','dockerbridge')
+        for b in bridges:
+            id = b.getAttribute('id')
+            self.__networks += DockerCompilerFileTemplates['dockerbridge'].format(name = b.getAttribute('name'), bid = str(4+ 4*int(id) ) )
+
         self._log('creating docker-compose.yml...'.format(scope, name))
         print(DockerCompilerFileTemplates['compose'].format(
             services = self.__services,

seedemu/core/Network.py

@@ -8,6 +8,24 @@
 from .Visualization import Vertex
 from typing import Dict, Tuple, List
 
+
+class DockerBridge(Registrable):
+    """
+    @brief currently only used as a means to connect simulation-node router containers 
+    (and through it any nodes on its 'local network') to the docker hosts internet connection
+
+    the subnetmask for this 'micro' network is deliberately kept as big as possible, 
+    to allow as least nodes as possible on it (ideally /30 for only: the router-node, docker-host , broadcast and network address )
+    This is to inhibit 'short-circuiting' the simulated network topology (i.e. crosstalk past the intended network topo among nodes)
+    """
+    def __init__(self,n: str,id: int ):
+        
+        super().__init__()
+        super().doRegister('undefined', 'undefined', n)
+        super().setAttribute('name', n)
+        super().setAttribute('id',id)
+            
+
 class Network(Printable, Registrable, Vertex):
     """!
     @brief The network class.

seedemu/core/Node.py

@@ -216,18 +216,22 @@ class Node(Printable, Registrable, Configurable, Vertex):
     __imported_files: Dict[str, str]
     __softwares: Set[str]
     __build_commands: List[str]
+    __docker_cmds: List[str]
     __start_commands: List[Tuple[str, bool]]
     __ports: List[Tuple[int, int, str]]
     __privileged: bool
 
     __configured: bool
     __pending_nets: List[Tuple[str, str]]
     __xcs: Dict[Tuple[str, int], Tuple[IPv4Interface, str]]
-
+    __custom_nets: List[str]
+    __custom_env: List[str]
     __shared_folders: Dict[str, str]
     __persistent_storages: List[str]
 
     __name_servers: List[str]
+    # wether this node requires to have 'real' internet access via its gateway
+    __reach_outside: bool
 
     def __init__(self, name: str, role: NodeRole, asn: int, scope: str = None):
         """!
@@ -251,6 +255,7 @@ def __init__(self, name: str, role: NodeRole, asn: int, scope: str = None):
         self.__scope = scope if scope != None else str(asn)
         self.__softwares = set()
         self.__build_commands = []
+        self.__docker_cmds = []
         self.__start_commands = []
         self.__ports = []
         self.__privileged = False
@@ -262,11 +267,21 @@ def __init__(self, name: str, role: NodeRole, asn: int, scope: str = None):
 
         self.__shared_folders = {}
         self.__persistent_storages = []
+        self.__custom_nets = []
+        self.__custom_env = []
 
         # for soft in DEFAULT_SOFTWARE:
         #     self.__softwares.add(soft)
 
         self.__name_servers = []
+        self.__reach_outside =False
+
+    def requestReachOutside(self):
+        self.__reach_outside = True
+        return self
+    
+    def reachesOutside(self):
+        return self.__reach_outside
 
     def configure(self, emulator: Emulator):
         """!
@@ -344,6 +359,35 @@ def setNameServers(self, servers: List[str]) -> Node:
         self.__name_servers = servers
 
         return self
+    
+    def setCustomNet(self, net: str):
+        """
+        @param net  a network that the node shall join (in docker-compose syntax )
+                    i.e. : 
+                            net_153_net0:
+                                ipv4_address: 10.153.0.254
+                it will be inserted under the nodes 'networks:' section in the .yml file
+        """
+        self.__custom_nets.append(net)
+        return self
+    
+    def getCustomNets(self):
+        return self.__custom_nets
+    
+    def setCustomEnv(self, env: str ):
+        """
+        @param env  an environment variable that docker-compose shall pass to the Dockerfile
+
+            it gets inserted into the 'environment:'  section of the node
+            i.e.:
+                environment:
+                    - DEBUG=${DEBUG}
+        """
+        self.__custom_env.append(env)
+        return self
+
+    def getCustomEnv(self):
+        return self.__custom_env
 
     def getNameServers(self) -> List[str]:
         """!
@@ -478,6 +522,12 @@ def joinNetwork(self, netname: str, address: str = "auto") -> Node:
         self.__pending_nets.append((netname, address))
 
         return self
+    
+    def getNetNames(self):
+        """
+        @brief list of names of networks this node has joined
+        """
+        return [tuple[0] for tuple in  self.__pending_nets]
 
     def updateNetwork(self, netname:str, address: str= "auto") -> Node:
         """!
@@ -712,6 +762,18 @@ def addBuildCommand(self, cmd: str) -> Node:
         self.__build_commands.append(cmd)
 
         return self
+    
+    def addDockerCommand(self, cmd: str) -> Node:
+        """! 
+        @brief Add new docker command to build step (possibly of kind other than RUN).
+                Unlike the ones added with addBuildCommands these commands wont be prefixed with RUN,
+                but are assumed to be valid Docker Commands by themselfes
+        """
+        self.__docker_cmds.append(cmd)
+        return self
+    
+    def getDockerCommands(self)-> List[str]:
+        return self.__docker_cmds
 
     def getBuildCommands(self) -> List[str]:
         """!
@@ -927,6 +989,26 @@ class Router(Node):
     """
 
     __loopback_address: str
+    __external_bridge_id: int = -1 # -1 means not externally connected
+
+    bridge_cnt: int = 0
+
+    def isConnectedExternal(self):
+        """
+        @brief externally connected routers can reach the internet outside the simulation via the docker host
+
+        a 'Local Network' with at least one host that requires to 'reach_outside' 
+        needs to have an externally-connected router to do so
+        """
+        return self.__external_bridge_id
+    
+    def setConnectedExternal(self):
+       
+        if self.__external_bridge_id != -1: return self
+
+        self.__external_bridge_id = Router.bridge_cnt 
+        Router.bridge_cnt += 1
+        return self
 
     def setLoopbackAddress(self, address: str):
         """!