Merge pull request #287 from amdfxlucas/seed-contrib10

/etc/scion config volume option

Author: kevin-w-du

.gitignore

@@ -1,3 +1,4 @@
+**/.shared/*
 **/output/*
 **/.scion_build_output/*
 **/eth-states*/*

examples/scion/S02_scion_bgp_mixed/README.md

@@ -25,7 +25,8 @@ spec = SetupSpecification.LOCAL_BUILD(
             checkout = "v0.12.0" # could be tag, branch or commit-hash
         ))
 opt_spec = OptionRegistry().scion_setup_spec(spec)
-routing = ScionRouting(loglevel=loglvl, setup_spec=opt_spec)
+etc_cfg = OptionRegistry().scion_etc_config_vol(ScionConfigMode.SHARED_FOLDER)
+routing = ScionRouting(loglevel=loglvl, setup_spec=opt_spec, etc_config_vol=etc_cfg)
 
 ospf = Ospf()
 scion_isd = ScionIsd()
@@ -37,6 +38,8 @@ ebgp = Ebgp()
 In addition to the SCION layers we instantiate the `Ibgp` and `Ebgp` layers for BGP as well as `Ospf` for AS-internal routing.
 Note that the ScionRouting layer accepts global default values for options as constructor parameters.
  We use it here to decrease the loglevel from 'debug' to 'error' for all SCION distributables in the whole emulation if not overriden elsewhere. Also we change the mode for `LOGLEVEL` from `BUILD_TIME`(default) to `RUN_TIME` in the same statement.
+ Moreover, the SCION related configuration of nodes shall not be baked into their docker images for this example,
+  but bind-mounted from a shared folder on the host instead, to facilitate re-configuration of the SCION stack between simulation runs(without image recompile).
  Lastly we specify (as a global default for all nodes) that we want to use a local build of the `v0.12.0` SCION stack, rather than the 'official' `.deb` packages (`SetupSpecification.PACKAGES`). The SetupSpec is just an ordinary option and be overriden for ASes or individual nodes just like any other.
 
 ## Step 2: Create isolation domains and internet exchanges

examples/scion/S02_scion_bgp_mixed/scion_bgp_mixed.py

@@ -5,7 +5,8 @@
 from seedemu.layers import (
     ScionBase, ScionRouting, ScionIsd, Scion, Ospf, Ibgp, Ebgp, PeerRelationship,
     SetupSpecification, CheckoutSpecification)
-from seedemu.layers.Scion import LinkType as ScLinkType
+from seedemu.layers.Scion import LinkType as ScLinkType, ScionConfigMode
+
 # Initialize
 emu = Emulator()
 base = ScionBase()
@@ -19,7 +20,8 @@
             checkout = "v0.12.0" # could be tag, branch or commit-hash
         ))
 opt_spec = OptionRegistry().scion_setup_spec(spec)
-routing = ScionRouting(loglevel=loglvl, setup_spec=opt_spec)
+etc_cfg = OptionRegistry().scion_etc_config_vol(ScionConfigMode.SHARED_FOLDER)
+routing = ScionRouting(loglevel=loglvl, setup_spec=opt_spec, etc_config_vol=etc_cfg)
 
 ospf = Ospf()
 scion_isd = ScionIsd()

seedemu/core/OptionRegistry.py

@@ -47,7 +47,7 @@ def create_option(cls, name: str, *args, **kwargs) -> 'Option':
         """Creates an option instance if it's registered."""
         option_cls = cls._options.get(name)
         if not option_cls:
-            raise ValueError(f"Option '{name}' is not registered.")
+            raise ValueError(f'Option "{name}" is not registered.')
         # Instantiate with given arguments
         return option_cls(*args[1:], **kwargs)
 

seedemu/layers/Scion.py

@@ -10,7 +10,8 @@
 from sys import version
 from seedemu.core import (Emulator, Interface, Layer, Network, Registry,
                           Router, ScionAutonomousSystem, ScionRouter,
-                          ScopedRegistry, Graphable, Node)
+                          ScopedRegistry, Graphable, Node,
+                            Option, AutoRegister, OptionMode)
 from seedemu.core.ScionAutonomousSystem import IA
 from seedemu.layers import ScionBase, ScionIsd
 import shutil
@@ -63,6 +64,56 @@ def to_json(self, core_as: bool, is_parent: bool) -> str:
                 assert not core_as, 'Logic error:  Core ASes must only provide transit to customers, not receive it!'
                 return "PARENT"
 
+class ScionConfigMode(Enum):
+    """how shall the /etc/scion config dir contents be handled:"""
+
+    # statically include config in docker image (ship together)
+    # this is fine, if no reconfiguration is required or the images
+    # must be self contained i.e. for docker swarm deployment
+    BAKED_IN = 0
+    # mount shared folder from host into /etc/scion path of node
+    # this saves considerable image build time and eases reconfiguration
+    SHARED_FOLDER = 1
+    # create named volumes for each container
+    NAMED_VOLUME = 2
+    # TODO all hosts of an AS could in theory share the same volume/bind-mount..
+    # PER_AS_SHARING # this would only be possible for keys/crypto but not config files
+
+# NOTE this option is used by ScionRouting and ScionIsd layers
+# and can be specified in ScionRouting constructor
+class SCION_ETC_CONFIG_VOL(Option, AutoRegister):
+        """ this option controls the policy
+        where to put all the SCION related files on the host.
+        """
+        value_type = ScionConfigMode
+        @classmethod
+        def supportedModes(cls) -> OptionMode:
+            return OptionMode.BUILD_TIME
+        @classmethod
+        def default(cls):
+            return ScionConfigMode.BAKED_IN
+
+
+def handleScionConfFile( node, filename: str, filecontent: str, subdir: str = None):
+    """ wrapper around 'Node::setFile' for /etc/scion config files
+    @param subdir sub path relative to /etc/scion
+    """
+    if (opt := node.getOption('scion_etc_config_vol')) != None:
+                suffix = f'/{subdir}' if subdir != None else ''
+                match opt.value:
+                    case ScionConfigMode.SHARED_FOLDER:
+                        current_dir = os.getcwd()
+                        path = os.path.join(current_dir,
+                                             f'.shared/{node.getAsn()}/{node.getName()}/etcscion{suffix}')
+                        os.makedirs(path, exist_ok=True)
+                        with open(os.path.join(path, filename), "w") as file:
+                            file.write(filecontent)
+                    case _:
+                    #case ScionConfigMode.BAKED_IN:
+                        node.setFile(f"/etc/scion{suffix}/{filename}", filecontent)
+                    #case ScionConfigMode.NAMED_VOLUME: will be populated on fst mount
+    else:
+        assert False, 'implementation error - lacking global default for option'
 
 
 @dataclass
@@ -155,10 +206,11 @@ def __init__(self):
         pass
 
     def installSCION(self, node: Node):
-        """!
+        """!@brief install required SCION distributables
+            (network stack) on the given node
         Installs the right SCION stack distributables on the given node based on its role.
-
-        The install is performed as instructed by the nodes SetupSpec option
+        But doesn't configure them ( /etc/scion config dir is untouched by it)
+        The install is performed as instructed by the nodes SetupSpec option.
         """
         spec = node.getOption('setup_spec')
         assert spec != None, 'implementation error - all nodes are supposed to have a SetupSpecification set by ScionRoutingLayer'

seedemu/layers/ScionIsd.py

@@ -8,6 +8,7 @@
 from seedemu.core import Emulator, Layer, Node, ScionAutonomousSystem
 from seedemu.core.ScionAutonomousSystem import IA
 from seedemu.layers import ScionBase
+from seedemu.layers.Scion import handleScionConfFile
 
 
 class ScionIsd(Layer): # could be made a Customizable as well ..
@@ -202,10 +203,10 @@ def __gen_topofile(self, base_layer: ScionBase, tempdir: str) -> str:
         return path
 
     def __provision_crypto(self, as_: ScionAutonomousSystem, isd: int, is_core: bool, node: Node, tempdir: str):
-        basedir = "/etc/scion"
+
         asn = as_.getScionAsn()
 
-        def copyFile(src, dst):
+        def copyFile(src: str, filename: str, subdir: str = None):
             # Tempdir will be gone when imports are resolved, therefore we must use setFile
             with open(src, 'rt', encoding='utf8') as file:
                 content = file.read()
@@ -215,30 +216,33 @@ def copyFile(src, dst):
                 # that is later added again.
                 if content.endswith('\n'):
                     content = content[:-1]
-            node.setFile(dst, content)
+            handleScionConfFile(node, filename, content, subdir)
 
-        def myImport(name):
-            copyFile(pjoin(tempdir, f"AS{asn.getFileStr()}", "crypto", name), pjoin(basedir, "crypto", name))
+        def myImport(name, subdir: str):
+            path = pjoin("crypto", subdir)
+            copyFile(pjoin(tempdir, f"AS{asn.getFileStr()}", path, name),
+                     name, path)
 
         if is_core:
             for kind in ["sensitive", "regular"]:
-                myImport(pjoin("voting", f"ISD{isd}-AS{asn.getFileStr()}.{kind}.crt"))
-                myImport(pjoin("voting", f"{kind}-voting.key"))
-                myImport(pjoin("voting", f"{kind}.tmpl"))
+                myImport(f"ISD{isd}-AS{asn.getFileStr()}.{kind}.crt", "voting")
+                myImport(f"{kind}-voting.key", "voting")
+                myImport(f"{kind}.tmpl", "voting")
             for kind in ["root", "ca"]:
-                myImport(pjoin("ca", f"ISD{isd}-AS{asn.getFileStr()}.{kind}.crt"))
-                myImport(pjoin("ca", f"cp-{kind}.key"))
-                myImport(pjoin("ca", f"cp-{kind}.tmpl"))
-        myImport(pjoin("as", f"ISD{isd}-AS{asn.getFileStr()}.pem"))
-        myImport(pjoin("as", "cp-as.key"))
-        myImport(pjoin("as", "cp-as.tmpl"))
+                myImport(f"ISD{isd}-AS{asn.getFileStr()}.{kind}.crt", "ca")
+                myImport(f"cp-{kind}.key", "ca")
+                myImport(f"cp-{kind}.tmpl", "ca")
+        myImport(f"ISD{isd}-AS{asn.getFileStr()}.pem", "as")
+        myImport("cp-as.key", "as")
+        myImport("cp-as.tmpl", "as")
 
         #XXX(benthor): trcs need to be known for other isds as well
         for isd in self.__isd_core.keys():
             trcname = f"ISD{isd}-B1-S1.trc"
-            copyFile(pjoin(tempdir, f"ISD{isd}", "trcs", trcname), pjoin(basedir, "certs", trcname))
+            copyFile(pjoin(tempdir, f"ISD{isd}", "trcs", trcname),
+                       trcname, 'certs')
 
         # Master keys are generated only once per AS
         key0, key1 = as_.getSecretKeys()
-        node.setFile(pjoin(basedir, "keys", "master0.key"), key0)
-        node.setFile(pjoin(basedir, "keys", "master1.key"), key1)
+        handleScionConfFile(node, 'master0.key', key0, 'keys')
+        handleScionConfFile(node, 'master1.key', key1, 'keys')

seedemu/layers/ScionRouting.py

@@ -13,7 +13,7 @@
 from seedemu.core.enums import NetworkType
 from seedemu.core.ScionAutonomousSystem import IA
 from seedemu.layers import Routing, ScionBase, ScionIsd
-from seedemu.layers.Scion import Scion, ScionBuilder, SetupSpecification, CheckoutSpecification
+from seedemu.layers.Scion import Scion, ScionBuilder, SetupSpecification, CheckoutSpecification, ScionConfigMode, handleScionConfFile
 from seedemu.core.ScionAutonomousSystem import IA
 
 
@@ -220,9 +220,9 @@ class ScionRouting(Routing):
     # >> Maybe include 'NodeType that the option applies to' into the Option itself
     def getAvailableOptions(self):
         from seedemu.core.OptionRegistry import OptionRegistry
-        opt_keys = [ o.name for o in ScionStackOpts().components()]
-        opt = [OptionRegistry().getOption(o, prefix='scion') for o in opt_keys]
-        return opt
+        opt_keys = [ o.name for o in ScionStackOpts().components()] + ['etc_config_vol']
+        return [OptionRegistry().getOption(o, prefix='scion') for o in opt_keys]
+
 
     def __init__(self, loopback_range: str = '10.0.0.0/16',
                  static_routing: bool = True,
@@ -233,7 +233,8 @@ def __init__(self, loopback_range: str = '10.0.0.0/16',
                  experimental_scmp: BaseOption = None,
                  appropriate_digest: BaseOption = None,
                  serve_metrics: BaseOption = None,
-                 setup_spec: BaseOption = None ):
+                 setup_spec: BaseOption = None,
+                 etc_config_vol: BaseOption = None ):
         """!
         @param static_routing install and configure BIRD routing daemon only on routers
                 which are connected to more than one local-net (actual intra-domain routers).
@@ -259,7 +260,7 @@ def __init__(self, loopback_range: str = '10.0.0.0/16',
         option_names = [name for name in args
                         if (vals[name] is not None) and
                         name not in ['self', 'static_routing', 'loopback_range'] ]
-        assert not any([ vals[name].name != name for name in option_names]), 'option-parameter mismatch!'
+        assert not any([ vals[name].name != name and not vals[name].name.endswith(name) for name in option_names]), 'option-parameter mismatch!'
         ScionRouting._static_routing = static_routing
 
         # let user override the global default options
@@ -355,7 +356,7 @@ def configure(self, emulator: Emulator):
         @brief Install SCION on router, control service and host nodes.
         """
         if ScionRouting._static_routing:
-            Layer.configure(self,emulator)
+            Layer.configure(self, emulator)
             # install BIRD routing daemon only where necessary
             bird_routers = self.configure_base(emulator)
             for br in bird_routers:
@@ -414,6 +415,18 @@ def configure(self, emulator: Emulator):
                 self.__install_scion(hnode)
                 self.__append_scion_command(hnode)
 
+            if (cfg_vol := obj.getOption('scion_etc_config_vol')) != None:
+                node: Node = obj
+                match cfg_vol.value:
+                    # case ScionConfigMode.BAKED_IN:
+                    case ScionConfigMode.SHARED_FOLDER:
+                        current_dir = os.getcwd()
+                        node.addSharedFolder('/etc/scion',
+                                              os.path.join(current_dir, f'.shared/{node.getAsn()}/{node.getName()}/etcscion'))
+                    case ScionConfigMode.NAMED_VOLUME:
+                        node.addPersistentStorage('/etc/scion',
+                                                   f'etcscion_{node.getAsn()}-{node.getName()}')
+
     def __install_scion(self, node: Node):
         """Install SCION stack on the node."""
 
@@ -459,8 +472,9 @@ def render(self, emulator: Emulator):
 
                 # Install AS topology file
                 as_topology = as_.getTopology(isds[0][0])
-                node.setFile("/etc/scion/topology.json", json.dumps(as_topology, indent=2))
+                topo = json.dumps(as_topology, indent=2)
 
+                handleScionConfFile(node, 'topology.json', topo)
                 self._provision_base_config(node)
 
             if type == 'brdnode':
@@ -490,7 +504,7 @@ def _provision_base_config(node: Node):
         if node.getOption('serve_metrics').value=='true':
             sciond_conf += _Templates["metrics"].format(node.getLocalIPAddress(), 30455)
         # No [features] for daemon
-        node.setFile("/etc/scion/sciond.toml", sciond_conf)
+        handleScionConfFile(node, 'sciond.toml', sciond_conf)
 
     @staticmethod
     def __provision_dispatcher_config(node: Node, isd: int, as_: ScionAutonomousSystem):
@@ -515,7 +529,7 @@ def __provision_dispatcher_config(node: Node, isd: int, as_: ScionAutonomousSyst
         dispatcher_conf = _Templates["dispatcher"].format(isd_as=isd_as, ip=ip)
         if node.getOption('serve_metrics').value == 'true':
             dispatcher_conf += _Templates["metrics"].format(node.getLocalIPAddress(), 30441)
-        node.setFile("/etc/scion/dispatcher.toml", dispatcher_conf )
+        handleScionConfFile(node, 'dispatcher.toml', dispatcher_conf)
 
     @staticmethod
     def _provision_router_config(router: ScionRouter):
@@ -537,7 +551,7 @@ def _provision_router_config(router: ScionRouter):
         if router.getOption('serve_metrics').value == 'true' and (local_ip:=router.getLocalIPAddress()) != None:
             config_content += _Templates["metrics"].format(local_ip, 30442)
 
-        router.setFile(os.path.join("/etc/scion/", name + ".toml"), config_content)
+        handleScionConfFile(router, name + ".toml", config_content)
 
     @staticmethod
     def _get_networks_from_router(router1 : str, router2 : str, as_ : ScionAutonomousSystem) -> list[Network]:
@@ -740,8 +754,8 @@ def _provision_staticInfo_config(node: Node, as_: ScionAutonomousSystem):
         if as_.getNote():
             staticInfo["Note"] = as_.getNote()
 
-        # Set file
-        node.setFile("/etc/scion/staticInfoConfig.json", json.dumps(staticInfo, indent=2))
+        handleScionConfFile(node, 'staticInfoConfig.json',
+                                    json.dumps(staticInfo, indent=2))
 
     @staticmethod
     def _provision_cs_config(node: Node, as_: ScionAutonomousSystem):
@@ -759,9 +773,10 @@ def _provision_cs_config(node: Node, as_: ScionAutonomousSystem):
         for type in ["propagation", "core_registration", "up_registration", "down_registration"]:
             policy = as_.getBeaconingPolicy(type)
             if policy is not None:
-                file_name = f"/etc/scion/{type}_policy.yaml"
-                node.setFile(file_name, yaml.dump(policy, indent=2))
-                beaconing.append(f'{type} = "{file_name}"')
+                file_name = f"{type}_policy.yaml"
+                handleScionConfFile(node, file_name,
+                                            yaml.dump(policy, indent=2) )
+                beaconing.append(f'{type} = "/etc/scion/{file_name}"')
 
         # Concatenate configuration sections
         name = node.getName()
@@ -778,4 +793,4 @@ def _provision_cs_config(node: Node, as_: ScionAutonomousSystem):
         if node.getOption('serve_metrics').value == 'true':
             cs_config += _Templates["metrics"].format(node.getLocalIPAddress(), 30452)
         cs_config += "\n".join(beaconing)
-        node.setFile(os.path.join("/etc/scion/", name + ".toml"), cs_config)
+        handleScionConfFile(node, name + '.toml', cs_config)