Merged with additional changes from spcl#25

mattnappo · Apr 4, 2023 · 0be1133 · 0be1133
1 parent f0f8809
commit 0be1133
Show file tree

Hide file tree

Showing 6 changed files with 177 additions and 0 deletions.
diff --git a/containers/build_base.sh b/containers/build_base.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+docker build -t rfaas-base:latest - < rfaas-base.Dockerfile
diff --git a/containers/init_docker.sh b/containers/init_docker.sh
@@ -0,0 +1,80 @@
+#!/bin/bash
+
+# This script builds the rfaas-base docker container, pushes it to the
+# registry, sets up a docker volume, and generates example configuration 
+# json which should then be updated in config/executor_manager.json.
+# The script also configures a docker network for suitable use with
+# docker_rdma_sriov
+
+# NOTE: Run this script from repo root, and make sure the sriov docker plugin
+# is installed
+
+set -e
+
+if [ $# -lt 2 ]; then
+    echo "usage: ./init_docker.sh <REGISTRY IP> <REGISTRY PORT> <NETWORK MODE> [<NETWORK DEVICE> <SUBNET>]"
+    exit
+fi
+
+REG_IP=$1    # IP or name of the docker registry
+REG_PORT=$2  # Port of the docker registry
+NET_MODE=$3  # Docker networking mode -- sriov or host
+DEVICE=$4    # The RDMA adapter to use for networking
+SUBNET=$5    # Subnet for the docker network
+
+IMG_NAME=rfaas-base
+REG_IMG=$REG_IP:$REG_PORT/$IMG_NAME
+
+# Build the docker container, login and push to the registry
+docker build -t $IMG_NAME - < containers/rfaas-base.Dockerfile
+echo "built rfaas-base image"
+docker login $REG_IP:$REG_PORT
+echo "logged into docker daemon"
+
+if docker push $REG_IMG; then
+    echo "ERROR: make sure a docker registry is actually running on $REG_IP:$REG_PORT.
+    Start one with scripts/run_registry.sh"
+    exit
+else
+    echo "pushed rfaas-base image to $REG_IMG"
+fi
+
+# Set up docker network
+net_name=testnet
+if ["$NET_MODE" = "sriov"]; then
+    docker network create -d sriov --subnet=$SUBNET -o netdevice=$DEVICE $net_name
+elif ["$NET_MODE" = "host"]; then
+    net_name="host"
+else
+    echo "ERROR: invalid networking mode $NET_MODE. Valid options are sriov and host."
+    exit
+fi
+echo "set up docker network"
+
+# Configure volume
+volume=$(pwd)/volumes/rfaas-test/opt # Do not put a trailing slash
+mkdir -p $volume/bin
+cp bin/executor $volume/bin
+cp examples/libfunctions.so $volume
+
+# Print json to be updated
+config=$(jq -n --arg use_docker "true" \
+    --arg image "$REG_IMG" \
+    --arg network "$net_name" \
+    --arg ip "<ip of container (any available ip within $SUBNET)>" \
+    --arg volume $volume \
+    --arg registry_ip "$REG_IP" \
+    --arg registry_port "$REG_PORT" \
+    '{
+        "image": $image,
+        "network": $network,
+        "ip": $ip,
+        "volume": $volume,
+        "registry_ip": $registry_ip,
+        "registry_port": $registry_port
+    }'
+)
+
+echo "Update config/executor_manager.json with"
+echo "$config"
+
diff --git a/containers/rfaas-base.Dockerfile b/containers/rfaas-base.Dockerfile
@@ -0,0 +1,14 @@
+# Container version should be same ubuntu version as where `executor`
+# was built (due to glibc versioning)
+
+FROM ubuntu:22.04
+
+#ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update -y && apt-get upgrade -y \
+    && apt-get install -y \
+    libibverbs-dev librdmacm-dev
+
+RUN mkdir -p /opt/bin
+WORKDIR "/opt/bin"
+
diff --git a/scripts/push_image.sh b/scripts/push_image.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Push an image to the local docker registry
+
+if [ $# -lt 3 ]; then
+    echo "usage: ./push_image.sh <IMAGE NAME> <REGISTRY NAME or IP> <REGISTRY PORT>";
+    exit
+fi
+
+IMAGE=$1
+IP=$2
+PORT=$3
+docker push $IP:$PORT/$IMAGE
diff --git a/scripts/registry.yaml b/scripts/registry.yaml
@@ -0,0 +1,20 @@
+version: "3"
+
+services:
+  registry:
+    image: registry:2
+    container_name: rfaas-registry
+    ports:
+      - "5000:5000"
+    environment:
+      REGISTRY_AUTH: htpasswd
+      REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
+      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
+      REGISTRY_STORAGE_DELETE_ENABLED: "true"
+      #REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt
+      #REGISTRY_HTTP_TLS_KEY: /certs/domain.unencrypted.key
+      #REGISTRY_HTTP_SECRET: supersecrettext
+    volumes:
+      - /home/ubuntu/rfaas/containers/registry:/var/lib/registry
+      - /home/ubuntu/rfaas/containers/config:/auth
+      #- /home/ubuntu/rfaas/containers/config/certs:/certs
diff --git a/scripts/run_registry.sh b/scripts/run_registry.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Run this script on the server where you want the docker registry to be hosted
+# Recommended to host the registry on the same server as the executor manager
+
+# NOTE: Run this script from the repo root
+
+PORT=5000
+NAME="rfaas-registry"
+
+set -e
+
+# Make password file if it doesn't already exist
+cfg=containers/config
+mkdir -p $cfg
+if [ -s $cfg/htpasswd ]; then
+    echo "htpasswd exists"
+else
+    sudo htpasswd -Bc $cfg/htpasswd $USER
+    echo "created htpasswd file"
+fi
+
+# Generate certs to use TLS (if they dont already exist)
+## if [ -s $cfg/certs/domain.key ]; then
+##     echo "using certs in $cfg/certs"
+## else
+##     mkdir -p $cfg/certs
+##     openssl genpkey -algorithm RSA -out $cfg/certs/domain.key -aes256
+## 
+##     openssl req -new               \
+##         -key $cfg/certs/domain.key \
+##         -out $cfg/certs/domain.csr \
+##         -addext 'subjectAltName = IP:172.31.82.200'
+## 
+##     openssl x509 -req -days 365        \
+##         -in $cfg/certs/domain.csr      \
+##         -signkey $cfg/certs/domain.key \
+##         -out $cfg/certs/domain.crt
+##     
+##     openssl rsa -in $cfg/certs/domain.key -out $cfg/certs/domain.unencrypted.key
+##     echo "generated certs in $cfg/certs"
+## fi
+
+# Start registry
+sudo docker-compose -f scripts/registry.yaml up -d
+echo "started docker registry $NAME on port $PORT"
+