From 9531f7a14b5cc711496820e58658f81c3fc6d173 Mon Sep 17 00:00:00 2001 From: RamiBerm Date: Wed, 28 Apr 2021 17:32:06 +0300 Subject: [PATCH 1/4] Update Dockerfile, multi-runner.sh, and 31 more files... --- api/Dockerfile | 41 ++++++++++++++-------- api/scripts/multi-runner.sh | 5 +++ {tap => api/tap}/README.md | 0 {tap => api/tap}/go.mod | 0 {tap => api/tap}/go.sum | 0 {tap => api/tap}/src/cleaner.go | 0 {tap => api/tap}/src/grpc_assembler.go | 0 {tap => api/tap}/src/har_writer.go | 0 {tap => api/tap}/src/http_matcher.go | 0 {tap => api/tap}/src/http_reader.go | 0 {tap => api/tap}/src/net_utils.go | 0 {tap => api/tap}/src/passive_tapper.go | 0 {tap => api/tap}/src/stats_tracker.go | 0 {tap => api/tap}/src/tap_output.go | 0 {tap => api/tap}/src/tcp_stream.go | 0 {tap => api/tap}/src/tcp_stream_factory.go | 0 cli/cmd/root.go | 2 ++ cli/config/config.go | 2 ++ cli/mizu/mizuRunner.go | 12 ++----- 19 files changed, 38 insertions(+), 24 deletions(-) create mode 100755 api/scripts/multi-runner.sh rename {tap => api/tap}/README.md (100%) rename {tap => api/tap}/go.mod (100%) rename {tap => api/tap}/go.sum (100%) rename {tap => api/tap}/src/cleaner.go (100%) rename {tap => api/tap}/src/grpc_assembler.go (100%) rename {tap => api/tap}/src/har_writer.go (100%) rename {tap => api/tap}/src/http_matcher.go (100%) rename {tap => api/tap}/src/http_reader.go (100%) rename {tap => api/tap}/src/net_utils.go (100%) rename {tap => api/tap}/src/passive_tapper.go (100%) rename {tap => api/tap}/src/stats_tracker.go (100%) rename {tap => api/tap}/src/tap_output.go (100%) rename {tap => api/tap}/src/tcp_stream.go (100%) rename {tap => api/tap}/src/tcp_stream_factory.go (100%) diff --git a/api/Dockerfile b/api/Dockerfile index 443e010b6..e3aa09a73 100644 --- a/api/Dockerfile +++ b/api/Dockerfile @@ -1,26 +1,37 @@ FROM golang:1.16-alpine AS builder +# Set necessary environment variables needed for our image. +ENV CGO_ENABLED=1 GOOS=linux GOARCH=amd64 -# Move to working directory (/build). -WORKDIR /build +RUN apk add libpcap-dev gcc g++ make + +# Move to tapper working directory (/tap-build). +WORKDIR /tap-build + +COPY tap/go.mod tap/go.sum ./ +RUN go mod download +# Copy and build tapper code +COPY tap/src ./ +RUN go build -ldflags="-s -w" -o passivetapper . + +# Move to api working directory (/api-build). +WORKDIR ../api-build -# Copy and download dependency using go mod. COPY go.mod go.sum ./ RUN go mod download - -# Copy the code into the container. +# Copy and build api code COPY . . - -# Set necessary environmet variables needed for our image and build the API server. -ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64 RUN go build -ldflags="-s -w" -o apiserver . -FROM scratch +FROM alpine:3.13.5 + +RUN apk add bash libpcap-dev + +WORKDIR /app # Copy binary and config files from /build to root folder of scratch container. -COPY --from=builder ["/build/apiserver", "/"] +COPY --from=builder ["/api-build/apiserver", "."] +COPY --from=builder ["/tap-build/passivetapper", "."] +COPY scripts/multi-runner.sh ./ -# Export necessary port. -EXPOSE 5000 - -# Command to run when starting the container. -ENTRYPOINT ["/apiserver"] +# this script runs both apiserver and passivetapper and exits either if one of them exits, preventing a scenario where the container runs without one process +CMD "./multi-runner.sh" diff --git a/api/scripts/multi-runner.sh b/api/scripts/multi-runner.sh new file mode 100755 index 000000000..61caa7e7b --- /dev/null +++ b/api/scripts/multi-runner.sh @@ -0,0 +1,5 @@ +#!/bin/bash +./apiserver & +./passivetapper -i eth0 & +wait -n +pkill -P $$ diff --git a/tap/README.md b/api/tap/README.md similarity index 100% rename from tap/README.md rename to api/tap/README.md diff --git a/tap/go.mod b/api/tap/go.mod similarity index 100% rename from tap/go.mod rename to api/tap/go.mod diff --git a/tap/go.sum b/api/tap/go.sum similarity index 100% rename from tap/go.sum rename to api/tap/go.sum diff --git a/tap/src/cleaner.go b/api/tap/src/cleaner.go similarity index 100% rename from tap/src/cleaner.go rename to api/tap/src/cleaner.go diff --git a/tap/src/grpc_assembler.go b/api/tap/src/grpc_assembler.go similarity index 100% rename from tap/src/grpc_assembler.go rename to api/tap/src/grpc_assembler.go diff --git a/tap/src/har_writer.go b/api/tap/src/har_writer.go similarity index 100% rename from tap/src/har_writer.go rename to api/tap/src/har_writer.go diff --git a/tap/src/http_matcher.go b/api/tap/src/http_matcher.go similarity index 100% rename from tap/src/http_matcher.go rename to api/tap/src/http_matcher.go diff --git a/tap/src/http_reader.go b/api/tap/src/http_reader.go similarity index 100% rename from tap/src/http_reader.go rename to api/tap/src/http_reader.go diff --git a/tap/src/net_utils.go b/api/tap/src/net_utils.go similarity index 100% rename from tap/src/net_utils.go rename to api/tap/src/net_utils.go diff --git a/tap/src/passive_tapper.go b/api/tap/src/passive_tapper.go similarity index 100% rename from tap/src/passive_tapper.go rename to api/tap/src/passive_tapper.go diff --git a/tap/src/stats_tracker.go b/api/tap/src/stats_tracker.go similarity index 100% rename from tap/src/stats_tracker.go rename to api/tap/src/stats_tracker.go diff --git a/tap/src/tap_output.go b/api/tap/src/tap_output.go similarity index 100% rename from tap/src/tap_output.go rename to api/tap/src/tap_output.go diff --git a/tap/src/tcp_stream.go b/api/tap/src/tcp_stream.go similarity index 100% rename from tap/src/tcp_stream.go rename to api/tap/src/tcp_stream.go diff --git a/tap/src/tcp_stream_factory.go b/api/tap/src/tcp_stream_factory.go similarity index 100% rename from tap/src/tcp_stream_factory.go rename to api/tap/src/tcp_stream_factory.go diff --git a/cli/cmd/root.go b/cli/cmd/root.go index 055b9991b..ae192e4d6 100644 --- a/cli/cmd/root.go +++ b/cli/cmd/root.go @@ -36,6 +36,8 @@ func init() { rootCmd.Flags().StringVarP(&config.Configuration.Namespace, "namespace", "n", "", "Namespace selector") rootCmd.Flags().BoolVarP(&config.Configuration.AllNamespaces, "all-namespaces", "A", false, "Select all namespaces") rootCmd.Flags().StringVarP(&config.Configuration.KubeConfigPath, "kubeconfig", "k", "", "Path to kubeconfig file") + rootCmd.Flags().StringVarP(&config.Configuration.MizuImage, "mizu-image", "", "gcr.io/up9-docker-hub/mizu/develop/v1", "Custom image for mizu collector") + rootCmd.Flags().Uint16VarP(&config.Configuration.MizuPodPort, "mizu-port", "", 8899, "Port which mizu cli will attempt to forward from the mizu collector pod") } // Execute adds all child commands to the root command and sets flags appropriately. diff --git a/cli/config/config.go b/cli/config/config.go index fab01b5ef..3be92624a 100644 --- a/cli/config/config.go +++ b/cli/config/config.go @@ -8,6 +8,8 @@ type Options struct { Namespace string AllNamespaces bool KubeConfigPath string + MizuImage string + MizuPodPort uint16 } var Configuration = &Options{} diff --git a/cli/mizu/mizuRunner.go b/cli/mizu/mizuRunner.go index a50ce3cd1..f75028a8c 100644 --- a/cli/mizu/mizuRunner.go +++ b/cli/mizu/mizuRunner.go @@ -12,10 +12,6 @@ import ( "time" ) -var ( - isPortForwarded = false -) - func Run(podRegex *regexp.Regexp) { kubernetesProvider := kubernetes.NewProvider(config.Configuration.KubeConfigPath, config.Configuration.Namespace) ctx, cancel := context.WithCancel(context.Background()) @@ -58,9 +54,7 @@ func watchPodsForTapping(ctx context.Context, kubernetesProvider *kubernetes.Pro } func createPodAndPortForward(ctx context.Context, kubernetesProvider *kubernetes.Provider, cancel context.CancelFunc, podName string) { - podImage := "kennethreitz/httpbin:latest" - - pod, err := kubernetesProvider.CreatePod(ctx, podName, podImage) + pod, err := kubernetesProvider.CreatePod(ctx, podName, config.Configuration.MizuImage) if err != nil { fmt.Printf("error creating pod %s", err) cancel() @@ -82,7 +76,7 @@ func createPodAndPortForward(ctx context.Context, kubernetesProvider *kubernetes if modifiedPod.Status.Phase == "Running" && !isPodReady { isPodReady = true var err error - portForward, err = kubernetes.NewPortForward(kubernetesProvider, kubernetesProvider.Namespace, podName, config.Configuration.DashboardPort, 80, cancel) + portForward, err = kubernetes.NewPortForward(kubernetesProvider, kubernetesProvider.Namespace, podName, config.Configuration.DashboardPort, config.Configuration.MizuPodPort, cancel) if !config.Configuration.NoDashboard { fmt.Printf("Dashboard is now available at http://localhost:%d\n", config.Configuration.DashboardPort) } @@ -92,7 +86,7 @@ func createPodAndPortForward(ctx context.Context, kubernetesProvider *kubernetes } } - case <- time.After(10 * time.Second): + case <- time.After(25 * time.Second): if !isPodReady { fmt.Printf("error: %s pod was not ready in time", podName) cancel() From 652df03351642fa2136dd3959a4cc57537c9ce92 Mon Sep 17 00:00:00 2001 From: RamiBerm Date: Wed, 28 Apr 2021 17:33:01 +0300 Subject: [PATCH 2/4] Update multi-runner.sh --- api/scripts/multi-runner.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/api/scripts/multi-runner.sh b/api/scripts/multi-runner.sh index 61caa7e7b..fc2523514 100755 --- a/api/scripts/multi-runner.sh +++ b/api/scripts/multi-runner.sh @@ -1,4 +1,6 @@ #!/bin/bash + +# this script runs both executables and exits everything if one fails ./apiserver & ./passivetapper -i eth0 & wait -n From 2c7726725019941026ec77578253263426ddc43b Mon Sep 17 00:00:00 2001 From: RamiBerm Date: Wed, 28 Apr 2021 18:03:18 +0300 Subject: [PATCH 3/4] Update .dockerignore, Dockerfile, and 30 more files... --- api/.dockerignore => .dockerignore | 0 api/Dockerfile => Dockerfile | 6 +++--- {api/tap => tap}/README.md | 0 {api/tap => tap}/go.mod | 0 {api/tap => tap}/go.sum | 0 {api/tap => tap}/src/cleaner.go | 2 +- {api/tap => tap}/src/grpc_assembler.go | 12 ++++++------ {api/tap => tap}/src/har_writer.go | 0 {api/tap => tap}/src/http_matcher.go | 0 {api/tap => tap}/src/http_reader.go | 0 {api/tap => tap}/src/net_utils.go | 0 {api/tap => tap}/src/passive_tapper.go | 2 +- {api/tap => tap}/src/stats_tracker.go | 4 ++-- {api/tap => tap}/src/tap_output.go | 0 {api/tap => tap}/src/tcp_stream.go | 0 {api/tap => tap}/src/tcp_stream_factory.go | 0 16 files changed, 13 insertions(+), 13 deletions(-) rename api/.dockerignore => .dockerignore (100%) rename api/Dockerfile => Dockerfile (92%) rename {api/tap => tap}/README.md (100%) rename {api/tap => tap}/go.mod (100%) rename {api/tap => tap}/go.sum (100%) rename {api/tap => tap}/src/cleaner.go (97%) rename {api/tap => tap}/src/grpc_assembler.go (96%) rename {api/tap => tap}/src/har_writer.go (100%) rename {api/tap => tap}/src/http_matcher.go (100%) rename {api/tap => tap}/src/http_reader.go (100%) rename {api/tap => tap}/src/net_utils.go (100%) rename {api/tap => tap}/src/passive_tapper.go (99%) rename {api/tap => tap}/src/stats_tracker.go (89%) rename {api/tap => tap}/src/tap_output.go (100%) rename {api/tap => tap}/src/tcp_stream.go (100%) rename {api/tap => tap}/src/tcp_stream_factory.go (100%) diff --git a/api/.dockerignore b/.dockerignore similarity index 100% rename from api/.dockerignore rename to .dockerignore diff --git a/api/Dockerfile b/Dockerfile similarity index 92% rename from api/Dockerfile rename to Dockerfile index 9b6d992ac..aaac85d2f 100644 --- a/api/Dockerfile +++ b/Dockerfile @@ -16,10 +16,10 @@ RUN go build -ldflags="-s -w" -o passivetapper . # Move to api working directory (/api-build). WORKDIR ../api-build -COPY go.mod go.sum ./ +COPY api/go.mod api/go.sum ./ RUN go mod download # Copy and build api code -COPY . . +COPY api . RUN go build -ldflags="-s -w" -o apiserver . FROM alpine:3.13.5 @@ -32,7 +32,7 @@ WORKDIR /app COPY --from=builder ["/api-build/apiserver", "."] COPY --from=builder ["/tap-build/passivetapper", "."] -COPY scripts/multi-runner.sh ./ +COPY api/scripts/multi-runner.sh ./ # this script runs both apiserver and passivetapper and exits either if one of them exits, preventing a scenario where the container runs without one process CMD "./multi-runner.sh" diff --git a/api/tap/README.md b/tap/README.md similarity index 100% rename from api/tap/README.md rename to tap/README.md diff --git a/api/tap/go.mod b/tap/go.mod similarity index 100% rename from api/tap/go.mod rename to tap/go.mod diff --git a/api/tap/go.sum b/tap/go.sum similarity index 100% rename from api/tap/go.sum rename to tap/go.sum diff --git a/api/tap/src/cleaner.go b/tap/src/cleaner.go similarity index 97% rename from api/tap/src/cleaner.go rename to tap/src/cleaner.go index 5ee45a961..9e3b4793b 100644 --- a/api/tap/src/cleaner.go +++ b/tap/src/cleaner.go @@ -20,7 +20,7 @@ type Cleaner struct { cleanPeriod time.Duration connectionTimeout time.Duration stats CleanerStats - statsMutex sync.Mutex + statsMutex sync.Mutex } func (cl *Cleaner) clean() { diff --git a/api/tap/src/grpc_assembler.go b/tap/src/grpc_assembler.go similarity index 96% rename from api/tap/src/grpc_assembler.go rename to tap/src/grpc_assembler.go index 04d246b82..f853ce3d2 100644 --- a/api/tap/src/grpc_assembler.go +++ b/tap/src/grpc_assembler.go @@ -43,7 +43,7 @@ func (fbs *fragmentsByStream) appendFrame(streamID uint32, frame http2.Frame) { if existingFragment, ok := (*fbs)[streamID]; ok { existingDataLen := len(existingFragment.data) // Never save more than maxHTTP2DataLen bytes - numBytesToAppend := int(math.Min(float64(maxHTTP2DataLen - existingDataLen), float64(newDataLen))) + numBytesToAppend := int(math.Min(float64(maxHTTP2DataLen- existingDataLen), float64(newDataLen))) existingFragment.data = append(existingFragment.data, frame.Data()[:numBytesToAppend]...) } else { @@ -77,7 +77,7 @@ func createGrpcAssembler(b *bufio.Reader) GrpcAssembler { type GrpcAssembler struct { fragmentsByStream fragmentsByStream - framer *http2.Framer + framer *http2.Framer } func (ga *GrpcAssembler) readMessage() (uint32, interface{}, string, error) { @@ -112,15 +112,15 @@ func (ga *GrpcAssembler) readMessage() (uint32, interface{}, string, error) { var messageHTTP1 interface{} if _, ok := headersHTTP1[":method"]; ok { messageHTTP1 = http.Request{ - Header: headersHTTP1, - Proto: protoHTTP2, + Header: headersHTTP1, + Proto: protoHTTP2, ProtoMajor: protoMajorHTTP2, ProtoMinor: protoMinorHTTP2, } } else if _, ok := headersHTTP1[":status"]; ok { messageHTTP1 = http.Response{ - Header: headersHTTP1, - Proto: protoHTTP2, + Header: headersHTTP1, + Proto: protoHTTP2, ProtoMajor: protoMajorHTTP2, ProtoMinor: protoMinorHTTP2, } diff --git a/api/tap/src/har_writer.go b/tap/src/har_writer.go similarity index 100% rename from api/tap/src/har_writer.go rename to tap/src/har_writer.go diff --git a/api/tap/src/http_matcher.go b/tap/src/http_matcher.go similarity index 100% rename from api/tap/src/http_matcher.go rename to tap/src/http_matcher.go diff --git a/api/tap/src/http_reader.go b/tap/src/http_reader.go similarity index 100% rename from api/tap/src/http_reader.go rename to tap/src/http_reader.go diff --git a/api/tap/src/net_utils.go b/tap/src/net_utils.go similarity index 100% rename from api/tap/src/net_utils.go rename to tap/src/net_utils.go diff --git a/api/tap/src/passive_tapper.go b/tap/src/passive_tapper.go similarity index 99% rename from api/tap/src/passive_tapper.go rename to tap/src/passive_tapper.go index e29903e92..c982970c8 100644 --- a/api/tap/src/passive_tapper.go +++ b/tap/src/passive_tapper.go @@ -91,7 +91,7 @@ var dumpToHar = flag.Bool("hardump", false, "Dump traffic to har files") var harOutputDir = flag.String("hardir", "output", "Directory in which to store output har files") var harEntriesPerFile = flag.Int("harentriesperfile", 200, "Number of max number of har entries to store in each file") -var reqResMatcher = createResponseRequestMatcher() // global +var reqResMatcher = createResponseRequestMatcher() // global var statsTracker = StatsTracker{} // global diff --git a/api/tap/src/stats_tracker.go b/tap/src/stats_tracker.go similarity index 89% rename from api/tap/src/stats_tracker.go rename to tap/src/stats_tracker.go index b362b4bb4..72a6f1bc5 100644 --- a/api/tap/src/stats_tracker.go +++ b/tap/src/stats_tracker.go @@ -9,8 +9,8 @@ type AppStats struct { } type StatsTracker struct { - stats AppStats - statsMutex sync.Mutex + stats AppStats + statsMutex sync.Mutex } func (st *StatsTracker) incMatchedMessages() { diff --git a/api/tap/src/tap_output.go b/tap/src/tap_output.go similarity index 100% rename from api/tap/src/tap_output.go rename to tap/src/tap_output.go diff --git a/api/tap/src/tcp_stream.go b/tap/src/tcp_stream.go similarity index 100% rename from api/tap/src/tcp_stream.go rename to tap/src/tcp_stream.go diff --git a/api/tap/src/tcp_stream_factory.go b/tap/src/tcp_stream_factory.go similarity index 100% rename from api/tap/src/tcp_stream_factory.go rename to tap/src/tcp_stream_factory.go From bb3481e93c1f33ade8550fe3dc539a317b13caf3 Mon Sep 17 00:00:00 2001 From: RamiBerm Date: Wed, 28 Apr 2021 18:04:50 +0300 Subject: [PATCH 4/4] Update cleaner.go, grpc_assembler.go, and 2 more files... --- tap/src/cleaner.go | 2 +- tap/src/grpc_assembler.go | 12 ++++++------ tap/src/passive_tapper.go | 2 +- tap/src/stats_tracker.go | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tap/src/cleaner.go b/tap/src/cleaner.go index 9e3b4793b..5ee45a961 100644 --- a/tap/src/cleaner.go +++ b/tap/src/cleaner.go @@ -20,7 +20,7 @@ type Cleaner struct { cleanPeriod time.Duration connectionTimeout time.Duration stats CleanerStats - statsMutex sync.Mutex + statsMutex sync.Mutex } func (cl *Cleaner) clean() { diff --git a/tap/src/grpc_assembler.go b/tap/src/grpc_assembler.go index f853ce3d2..04d246b82 100644 --- a/tap/src/grpc_assembler.go +++ b/tap/src/grpc_assembler.go @@ -43,7 +43,7 @@ func (fbs *fragmentsByStream) appendFrame(streamID uint32, frame http2.Frame) { if existingFragment, ok := (*fbs)[streamID]; ok { existingDataLen := len(existingFragment.data) // Never save more than maxHTTP2DataLen bytes - numBytesToAppend := int(math.Min(float64(maxHTTP2DataLen- existingDataLen), float64(newDataLen))) + numBytesToAppend := int(math.Min(float64(maxHTTP2DataLen - existingDataLen), float64(newDataLen))) existingFragment.data = append(existingFragment.data, frame.Data()[:numBytesToAppend]...) } else { @@ -77,7 +77,7 @@ func createGrpcAssembler(b *bufio.Reader) GrpcAssembler { type GrpcAssembler struct { fragmentsByStream fragmentsByStream - framer *http2.Framer + framer *http2.Framer } func (ga *GrpcAssembler) readMessage() (uint32, interface{}, string, error) { @@ -112,15 +112,15 @@ func (ga *GrpcAssembler) readMessage() (uint32, interface{}, string, error) { var messageHTTP1 interface{} if _, ok := headersHTTP1[":method"]; ok { messageHTTP1 = http.Request{ - Header: headersHTTP1, - Proto: protoHTTP2, + Header: headersHTTP1, + Proto: protoHTTP2, ProtoMajor: protoMajorHTTP2, ProtoMinor: protoMinorHTTP2, } } else if _, ok := headersHTTP1[":status"]; ok { messageHTTP1 = http.Response{ - Header: headersHTTP1, - Proto: protoHTTP2, + Header: headersHTTP1, + Proto: protoHTTP2, ProtoMajor: protoMajorHTTP2, ProtoMinor: protoMinorHTTP2, } diff --git a/tap/src/passive_tapper.go b/tap/src/passive_tapper.go index c982970c8..e29903e92 100644 --- a/tap/src/passive_tapper.go +++ b/tap/src/passive_tapper.go @@ -91,7 +91,7 @@ var dumpToHar = flag.Bool("hardump", false, "Dump traffic to har files") var harOutputDir = flag.String("hardir", "output", "Directory in which to store output har files") var harEntriesPerFile = flag.Int("harentriesperfile", 200, "Number of max number of har entries to store in each file") -var reqResMatcher = createResponseRequestMatcher() // global +var reqResMatcher = createResponseRequestMatcher() // global var statsTracker = StatsTracker{} // global diff --git a/tap/src/stats_tracker.go b/tap/src/stats_tracker.go index 72a6f1bc5..b362b4bb4 100644 --- a/tap/src/stats_tracker.go +++ b/tap/src/stats_tracker.go @@ -9,8 +9,8 @@ type AppStats struct { } type StatsTracker struct { - stats AppStats - statsMutex sync.Mutex + stats AppStats + statsMutex sync.Mutex } func (st *StatsTracker) incMatchedMessages() {