From e5f396d64deb5b7b41d205e2b86306a7f3009fd0 Mon Sep 17 00:00:00 2001 From: Laurent Luce Date: Sun, 3 Dec 2023 17:47:32 -0800 Subject: [PATCH] Connect reverse proxy to enclave networks at startup. --- .../engine_functions/create_engine.go | 3 +++ .../implementations/traefik/consts.go | 4 ++++ .../network_reverse_proxy.go | 20 +++++++++++++++++++ .../reverse_proxy_functions/shared_helpers.go | 5 +++-- 4 files changed, 30 insertions(+), 2 deletions(-) diff --git a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/engine_functions/create_engine.go b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/engine_functions/create_engine.go index 58c52ce28f..6bd6cb7a06 100644 --- a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/engine_functions/create_engine.go +++ b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/engine_functions/create_engine.go @@ -128,6 +128,9 @@ func CreateEngine( removeReverseProxyFunc() } }() + if err = reverse_proxy_functions.ConnectReverseProxyToEnclaveNetworks(ctx, dockerManager); err != nil { + return nil, stacktrace.Propagate(err, "An error occured connecting the reverse proxy to the enclave networks") + } logrus.Infof("Reverse proxy started.") enclaveManagerUIPortSpec, err := port_spec.NewPortSpec(uint16(enclaveManagerUIPort), consts.EngineTransportProtocol, consts.HttpApplicationProtocol, defaultWait) diff --git a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/implementations/traefik/consts.go b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/implementations/traefik/consts.go index 78f8571cf8..7df8087c81 100644 --- a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/implementations/traefik/consts.go +++ b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/implementations/traefik/consts.go @@ -11,7 +11,11 @@ const ( ////////////////////////--TRAEFIK CONFIGURATION SECTION--///////////////////////////// configFileTemplate = ` +accesslog: {} +log: + level: DEBUG api: + debug: true dashboard: true insecure: true disabledashboardad: true diff --git a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/network_reverse_proxy.go b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/network_reverse_proxy.go index 1a74fcbebc..fb8263f0a3 100644 --- a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/network_reverse_proxy.go +++ b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/network_reverse_proxy.go @@ -5,6 +5,8 @@ import ( "net" "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/docker_manager" + "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/object_attributes_provider/docker_label_key" + "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/object_attributes_provider/label_value_consts" "github.com/kurtosis-tech/stacktrace" "github.com/sirupsen/logrus" ) @@ -52,3 +54,21 @@ func DisconnectReverseProxyFromNetwork(ctx context.Context, dockerManager *docke return nil } + +func ConnectReverseProxyToEnclaveNetworks(ctx context.Context, dockerManager *docker_manager.DockerManager) error { + kurtosisNetworkLabels := map[string]string{ + docker_label_key.AppIDDockerLabelKey.GetString(): label_value_consts.AppIDDockerLabelValue.GetString(), + } + enclaveNetworks, err := dockerManager.GetNetworksByLabels(ctx, kurtosisNetworkLabels) + if err != nil { + return stacktrace.Propagate(err, "An error occurred getting Kurtosis networks") + } + + for _, enclaveNetwork := range enclaveNetworks { + if err = ConnectReverseProxyToNetwork(ctx, dockerManager, enclaveNetwork.GetId()); err != nil { + return stacktrace.Propagate(err, "An error occurred connecting the reverse proxy to the enclave network with id '%v'", enclaveNetwork.GetId()) + } + } + + return nil +} diff --git a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/shared_helpers.go b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/shared_helpers.go index f0b497b252..1399189714 100644 --- a/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/shared_helpers.go +++ b/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/reverse_proxy_functions/shared_helpers.go @@ -2,9 +2,10 @@ package reverse_proxy_functions import ( "context" - "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/object_attributes_provider/docker_label_key" "net" + "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/object_attributes_provider/docker_label_key" + "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/docker_kurtosis_backend/consts" "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/docker_manager" "github.com/kurtosis-tech/kurtosis/container-engine-lib/lib/backend_impls/docker/docker_manager/types" @@ -95,7 +96,7 @@ func getReverseProxyObjectFromContainerInfo( if privateIpAddr == nil { return nil, stacktrace.NewError("Couldn't parse private IP address string '%v' to an IP", privateIpAddrStr) } - + networksIpAddressStr, err := dockerManager.GetContainerIps(ctx, containerId) if err != nil { return nil, stacktrace.Propagate(err, "An error occurred getting the networks private IP address of container '%v'", containerId)