github-personal/xmidt
1
0
Fork 0
mirror of https://github.com/outbackdingo/xmidt.git synced 2026-01-27 10:20:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

add themis to docker-compose cluster (#24)

Browse Source
This commit is contained in:
Joel Unzain
2019-12-20 13:24:50 -08:00
committed by GitHub
parent b961250899
commit 0b9c154061
7 changed files with 152 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
deploy/docker-compose/deploy.sh
View File

@@ -21,6 +21,7 @@ TR1D1UM_VERSION=${TR1D1UM_VERSION:-0.1.5} \
SCYTALE_VERSION=${SCYTALE_VERSION:-0.1.5} \
PETASOS_VERSION=${PETASOS_VERSION:-0.1.4} \
TALARIA_VERSION=${TALARIA_VERSION:-0.1.3} \
THEMIS_VERSION=${THEMIS_VERSION:-0.4.0} \
SIMULATOR_VERSION=${SIMULATOR_VERSION:-local} \
docker-compose -f $ROOT_DIR/deploy/docker-compose/docker-compose.yml up -d $@

8
deploy/docker-compose/docFiles/talaria-0.yaml
View File

@@ -54,6 +54,14 @@
eventMap:
default: http://caduceus:6000/api/v3/notify
jwtValidators:
-
keys:
Factory:
uri: "http://themis:6500/keys/{keyId}"
purpose: 0
updateInterval: 604800000000000
service:
defaultScheme: http
consul:

8
deploy/docker-compose/docFiles/talaria-1.yaml
View File

@@ -54,6 +54,14 @@
eventMap:
default: http://caduceus:6000/api/v3/notify
jwtValidators:
-
keys:
Factory:
uri: "http://themis:6500/keys/{keyId}"
purpose: 0
updateInterval: 604800000000000
service:
defaultScheme: http
consul:

8
deploy/docker-compose/docFiles/talaria-2.yaml
View File

@@ -54,6 +54,14 @@
eventMap:
default: http://caduceus:6000/api/v3/notify
jwtValidators:
-
keys:
Factory:
uri: "http://themis:6500/keys/{keyId}"
purpose: 0
updateInterval: 604800000000000
service:
defaultScheme: http
consul:

46
deploy/docker-compose/docFiles/themis.yaml Normal file
View File

@@ -0,0 +1,46 @@
---
servers:
key:
address: :6500
issuer:
address: :6501
metrics:
address: :6502
health:
address: :6503
health:
disableLogging: false
custom:
server: "themis"
prometheus:
defaultNamespace: xmidt
defaultSubsystem: themis
token:
alg: RS256
nonce: true
notBeforeDelta: -15s
duration: 2h
claims:
iss:
value: "themis"
trust:
value: 1000
partner-id:
value: "comcast"
capabilities:
value:
- xmidt:issuer:test:.*:all
key:
kid: local
type: rsa
bits: 2048
log:
file: "stdout"
level: "DEBUG"

117
deploy/docker-compose/docker-compose.yml
View File

@@ -28,6 +28,43 @@ services:
networks:
- xmidt
# Mark Talaria Services
talaria-0: &talaria
image: xmidt/talaria:${TALARIA_VERSION}
ports:
- 6200:6200
- 6201:6201
- 6202:6202
- 6203:6203
- 6204:6204
depends_on:
- consul0
- themis
volumes:
- ./docFiles/talaria-0.yaml:/etc/talaria/talaria.yaml
networks:
- xmidt
talaria-1:
<<: *talaria
ports:
- 6210:6210
- 6211:6211
- 6212:6212
- 6213:6213
- 6214:6214
volumes:
- ./docFiles/talaria-1.yaml:/etc/talaria/talaria.yaml
talaria-2:
<<: *talaria
ports:
- 6220:6220
- 6221:6221
- 6222:6222
- 6223:6223
- 6224:6224
volumes:
- ./docFiles/talaria-2.yaml:/etc/talaria/talaria.yaml
scytale:
image: xmidt/scytale:${SCYTALE_VERSION}
ports:
@@ -43,6 +80,34 @@ services:
networks:
- xmidt
# Mark petasos Services
petasos: &petasos
image: xmidt/petasos:${PETASOS_VERSION}
ports:
- 6400:6400
- 6401:6401
- 6402:6402
- 6403:6403
- 6404:6404
depends_on:
- consul0
volumes:
- ./docFiles/petasos.yaml:/etc/petasos/petasos.yaml
networks:
- xmidt
themis:
image: xmidt/themis:${THEMIS_VERSION}
ports:
- 6500:6500
- 6501:6501
- 6502:6502
- 6503:6503
volumes:
- ./docFiles/themis.yaml:/themis.yaml
networks:
- xmidt
goaws:
image: goaws:local
container_name: goaws
@@ -66,57 +131,6 @@ services:
- ./docFiles/prometheus.yml:/prometheus-data/prometheus.yml
command: --log.level=debug --config.file=/prometheus-data/prometheus.yml
# Mark petasos Services
petasos: &petasos
image: xmidt/petasos:${PETASOS_VERSION}
ports:
- 6400:6400
- 6401:6401
- 6402:6402
- 6403:6403
- 6404:6404
depends_on:
- consul0
volumes:
- ./docFiles/petasos.yaml:/etc/petasos/petasos.yaml
networks:
- xmidt
# Mark Talaria Services
talaria-0: &talaria
image: xmidt/talaria:${TALARIA_VERSION}
ports:
- 6200:6200
- 6201:6201
- 6202:6202
- 6203:6203
- 6204:6204
depends_on:
- consul0
volumes:
- ./docFiles/talaria-0.yaml:/etc/talaria/talaria.yaml
networks:
- xmidt
talaria-1:
<<: *talaria
ports:
- 6210:6210
- 6211:6211
- 6212:6212
- 6213:6213
- 6214:6214
volumes:
- ./docFiles/talaria-1.yaml:/etc/talaria/talaria.yaml
talaria-2:
<<: *talaria
ports:
- 6220:6220
- 6221:6221
- 6222:6222
- 6223:6223
- 6224:6224
volumes:
- ./docFiles/talaria-2.yaml:/etc/talaria/talaria.yaml
# Mark rdkb-simulator Services
simulator: &simulator
@@ -126,6 +140,7 @@ services:
- talaria-1
- talaria-2
- petasos
- themis
networks:
- xmidt

18
simulator/simulate
View File

@@ -27,23 +27,35 @@ if [[ -z "${SERIAL_NUMBER}" ]]; then
SERIAL_NUMBER="mock-rdkb-simulator"
fi
if [[ -z "${PARTNER_ID}" ]]; then
PARTNER_ID="comcast"
fi
if [[ -z "${CMAC}" ]]; then
CMAC="112233445566"
fi
#In this docker-compose cluster, themis has mtls disabled so
#feel free to ignore the --client-cert-path flag value
#it is required by parodus to fetch a token
parodus --hw-model=aker-testing \
--ssl-cert-path=/etc/ssl/certs/ca-certificates.crt \
--client-cert-path=/etc/ssl/certs/ca-certificates.crt \
--hw-serial-number=$SERIAL_NUMBER \
--hw-manufacturer=$HW_MANUFACTURER \
--hw-mac=$CMAC \
--hw-last-reboot-reason=$REBOOT_REASON \
--fw-name=$FIRMWARE \
--boot-time=$BOOT_TIME \
--partner-id=$PARTNER_ID \
--parodus-local-url=tcp://127.0.0.1:$parodus_port \
--webpa-ping-timeout=60 \
--token-server-url=http://themis:6501/issue \
--webpa-backoff-max=2 \
--webpa-interface-used=eth0 \
--webpa-url=$URL \
--force-ipv4 &
--force-ipv4 &
P1=$!
aker -p tcp://127.0.0.1:$parodus_port \
@@ -51,12 +63,12 @@ aker -p tcp://127.0.0.1:$parodus_port \
-w echo \
-d /tmp/aker-data.msgpack \
-f /tmp/aker-data.msgpack.md5 \
-m 128 &
-m 128 > /dev/null &
P2=$!
mock_tr181 -p $parodus_port \
-c $mocktr181_port \
-d /etc/mock_tr181.json &
-d /etc/mock_tr181.json > /dev/null &
P3=$!
wait $P1 $P2 $P3