Giter Club home page Giter Club logo

testbed's Introduction

Testbed

Container orchestration for the Global Named Data Networking Testbed.

Lint Docker Status Page Map

Overview

All services are run with Docker Compose and pull automatically built images from upstream repositories. A cron job in the master container polls this Git repository and deploys changes automatically.

The various components are:

  • framework: Template rendering (Jinja2) and service management (Docker Compose) framework
  • host_vars: Host-specific configuration
  • templates: Jinja2 templates for service configuration
  • scripts: Shell scripts and cron jobs
  • anchors: Testbed trust anchor certificates

The global services configuration is defined in docker-compose.yml and config.yml.

Usage

  1. A recent version of Docker must be installed on the target node.
  2. Clone this repository (conventionally to /home/ndnops/testbed).
  3. Define secrets in a .env file in the root directory of this repo..
  4. Add a MANAGED_HOST variable to the .env, e.g. MANAGED_HOST=UCLA.
  5. Define host-specific Docker Compose profiles as COMPOSE_PROFILES in .env.
  6. Run docker-compose up -d to start the node.

The master node starts first and renders the templates. After this, the master runs a cron job to poll the Git repository.

A cron job is required on the host for some tasks. Make sure the cron user is present in the docker group.

*/6 * * * * /bin/bash /home/ndnops/testbed/scripts/cron-host.sh

Certificate Management

The master container will automatically attempt to get certificates initiall if they don't exist. Certificates will not be automatically renewed. To renew certificates, run the following command:

# Renew certificates
docker compose exec master bash /testbed/dist/ndncert/renew.sh --force
docker compose exec master bash /testbed/dist/nlsr/renew.sh --force
docker compose exec master bash /testbed/dist/ndn-python-repo/renew.sh --force

# Restart containers
docker compose restart nlsr ndncert serve-certs ndn-python-repo

To get the list of currently installed certificates, run

docker compose exec -e HOME=/testbed/dist/ndncert master ndnsec list -c
docker compose exec -e HOME=/testbed/dist/nlsr master ndnsec list -c
docker compose exec -e HOME=/testbed/dist/ndn-python-repo master ndnsec list -c

# For root CA only
docker compose exec -e HOME=/testbed/root-ca-home master ndnsec list -c

Development

For debugging and development, you can define DEBUG=1 in your .env file. This will prevent the dist folder from auto-rendering and disable git polling. You can then use docker compose as usual to manage the containers.

Some helpful bash aliases are provided in bash_aliases.sh for executing ndn tools inside the running containers.

source bash_aliases.sh
echo -e "\nsource $(pwd)/bash_aliases.sh\n" >> ~/.bashrc  # make it permanent

# Now you can use nfdc or ndn-tools for debugging
nfdc status report
ndnpeek /ndn/edu/ucla/ping/test | ndn-dissect

The master service runs internal cron jobs for polling. You can trigger these manually during debugging (only when not in DEBUG mode).

# cron-master pulls the git repo and restarts containers if required
docker compose exec -e "SKIP_SLEEP=1" master bash /testbed/scripts/cron-master.sh

# cron-status regenerates status json
docker compose exec -e "SKIP_SLEEP=1" master bash /testbed/scripts/cron-status.sh

Unattended Upgrades

Set up unattended upgrades on the host to automatically install security updates.

sudo apt-get update && sudo apt-get install -y unattended-upgrades

The following configuration is recommended:

# /etc/apt/apt.conf.d/50unattended-upgrades

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        "${distro_id}ESMApps:${distro_codename}-apps-security";
        "${distro_id}ESM:${distro_codename}-infra-security";
        "${distro_id}:${distro_codename}-updates";
        "${distro_id}:${distro_codename}-proposed";
        "${distro_id}:${distro_codename}-backports";
        "Docker:${distro_codename}";
};

Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
Unattended-Upgrade::Remove-New-Unused-Dependencies "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";

Enable automatic updates in the following file:

# /etc/apt/apt.conf.d/20auto-upgrades

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::AutocleanInterval "7";

After this, enable the service and run the initial upgrade:

sudo systemctl enable unattended-upgrades
sudo systemctl start unattended-upgrades
sudo unattended-upgrades --debug

testbed's People

Contributors

nidhi-panchal avatar pulsejet avatar

Stargazers

 avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.