mirror of
https://github.com/ultravioletrs/cocos.git
synced 2026-06-23 04:10:25 +00:00
NOISSUE - Introduce computation runner, log forwarder, ingress, and egress proxy services. (#559)
* feat: Introduce computation runner, log forwarder, ingress, and egress proxy services. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Update Go environment variable parsing and build system to use new architecture and repository. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Update package sources to `sammyoina/cocos-ai` at a specific commit, add log-forwarder pre-start hook, and rename proxy binaries. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * chore: Update build system references to a specific commit and enhance logging for service connections and message processing. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * build: Update package source repositories and versions, migrate client logging to slog, and adjust ingress/egress proxy build and install steps. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug stuck Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug Signed-off-by: Sammy Oina <sammyoina@gmail.com> * debug Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: add HTTP/2 support to egress proxy and update build system to use specific commit hashes Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: enhance egress proxy CONNECT handling, update package sources, and add gRPC test utility Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Update build system for various services to a specific commit from a new repository, change agent gRPC port to 7001, and add a gRPC test client. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Migrate agent-internal gRPC communication to Unix sockets, set ingress proxy to port 7002, and update build hashes. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * refactor: Remove standalone ingress-proxy systemd service and update component versions. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix: Prevent computation re-initialization in agent and update component versions across several packages. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: update package versions and enable h2c support in ingress proxy. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: refactor ingress proxy to support HTTP/2 over Unix sockets and update component versions. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: Update build system package sources to `ultravioletrs/cocos` and reduce agent logging verbosity. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * refactor: improve error handling in proxy commands and remove unused gRPC test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * test: add mock service state return value in handleRunReqChunks test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * feat: add comprehensive tests for service and proxy components Signed-off-by: Sammy Oina <sammyoina@gmail.com> * fix linter Signed-off-by: Sammy Oina <sammyoina@gmail.com> * improve coverage Signed-off-by: Sammy Oina <sammyoina@gmail.com> * test: add gRPC client and ingress adapter tests, and update egress proxy tests. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * improve coverage Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>
This commit is contained in:
Sammy Kerata Oina
committed by
GitHub
GitHub
parent
ee52551ca4
commit
a3265bc346
+85
-18
@@ -11,6 +11,7 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"log/slog"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
@@ -25,6 +26,7 @@ import (
|
||||
cvmsapi "github.com/ultravioletrs/cocos/agent/cvms/api/grpc"
|
||||
"github.com/ultravioletrs/cocos/agent/cvms/server"
|
||||
"github.com/ultravioletrs/cocos/agent/events"
|
||||
logpb "github.com/ultravioletrs/cocos/agent/log"
|
||||
agentlogger "github.com/ultravioletrs/cocos/internal/logger"
|
||||
"github.com/ultravioletrs/cocos/pkg/atls"
|
||||
"github.com/ultravioletrs/cocos/pkg/attestation"
|
||||
@@ -33,6 +35,9 @@ import (
|
||||
pkggrpc "github.com/ultravioletrs/cocos/pkg/clients/grpc"
|
||||
attestation_client "github.com/ultravioletrs/cocos/pkg/clients/grpc/attestation"
|
||||
cvmsgrpc "github.com/ultravioletrs/cocos/pkg/clients/grpc/cvm"
|
||||
logclient "github.com/ultravioletrs/cocos/pkg/clients/grpc/log"
|
||||
runnerclient "github.com/ultravioletrs/cocos/pkg/clients/grpc/runner"
|
||||
"github.com/ultravioletrs/cocos/pkg/ingress"
|
||||
"golang.org/x/sync/errgroup"
|
||||
)
|
||||
|
||||
@@ -54,6 +59,7 @@ type config struct {
|
||||
AgentOSDistro string `env:"AGENT_OS_DISTRO" envDefault:"UVC"`
|
||||
AgentOSType string `env:"AGENT_OS_TYPE" envDefault:"UVC"`
|
||||
AttestationServiceSocket string `env:"ATTESTATION_SERVICE_SOCKET" envDefault:"/run/cocos/attestation.sock"`
|
||||
EnableATLS bool `env:"AGENT_ENABLE_ATLS" envDefault:"true"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
@@ -75,18 +81,63 @@ func main() {
|
||||
return
|
||||
}
|
||||
|
||||
eventsLogsQueue := make(chan *cvms.ClientStreamMessage, 1000)
|
||||
logQueue := make(chan *cvms.ClientStreamMessage, 1000)
|
||||
cvmsQueue := make(chan *cvms.ClientStreamMessage, 1000)
|
||||
|
||||
handler := agentlogger.NewProtoHandler(os.Stdout, &slog.HandlerOptions{Level: level}, eventsLogsQueue)
|
||||
handler := agentlogger.NewProtoHandler(os.Stdout, &slog.HandlerOptions{Level: level}, logQueue)
|
||||
logger := slog.New(handler)
|
||||
|
||||
eventSvc, err := events.New(svcName, eventsLogsQueue)
|
||||
eventSvc, err := events.New(svcName, logQueue)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create events service %s", err.Error()))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
logClient, err := logclient.NewClient("/run/cocos/log.sock")
|
||||
if err != nil {
|
||||
logger.Warn(fmt.Sprintf("failed to create log client: %s. Logging will be local only until service is available.", err))
|
||||
} else {
|
||||
defer logClient.Close()
|
||||
}
|
||||
|
||||
g.Go(func() error {
|
||||
for {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
return nil
|
||||
case msg := <-logQueue:
|
||||
if logClient == nil {
|
||||
continue
|
||||
}
|
||||
switch m := msg.Message.(type) {
|
||||
case *cvms.ClientStreamMessage_AgentLog:
|
||||
err := logClient.SendLog(ctx, &logpb.LogEntry{
|
||||
Message: m.AgentLog.Message,
|
||||
ComputationId: m.AgentLog.ComputationId,
|
||||
Level: m.AgentLog.Level,
|
||||
Timestamp: m.AgentLog.Timestamp,
|
||||
})
|
||||
if err != nil {
|
||||
logger.Error("failed to send log", "error", err)
|
||||
}
|
||||
case *cvms.ClientStreamMessage_AgentEvent:
|
||||
err := logClient.SendEvent(ctx, &logpb.EventEntry{
|
||||
EventType: m.AgentEvent.EventType,
|
||||
Timestamp: m.AgentEvent.Timestamp,
|
||||
ComputationId: m.AgentEvent.ComputationId,
|
||||
Details: m.AgentEvent.Details,
|
||||
Originator: m.AgentEvent.Originator,
|
||||
Status: m.AgentEvent.Status,
|
||||
})
|
||||
if err != nil {
|
||||
logger.Error("failed to send event", "error", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
var provider attestation.Provider
|
||||
ccPlatform := attestation.CCPlatform()
|
||||
|
||||
@@ -128,13 +179,6 @@ func main() {
|
||||
return grpcClient, pc, nil
|
||||
}
|
||||
|
||||
pc, err := cvmsClient.Process(ctx)
|
||||
if err != nil {
|
||||
logger.Error(err.Error())
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
if cfg.Vmpl < 0 || cfg.Vmpl > 3 {
|
||||
logger.Error("vmpl level must be in a range [0, 3]")
|
||||
exitCode = 1
|
||||
@@ -149,7 +193,15 @@ func main() {
|
||||
}
|
||||
defer attClient.Close()
|
||||
|
||||
svc := newService(ctx, logger, eventSvc, attClient, cfg.Vmpl)
|
||||
runnerClient, err := runnerclient.NewClient("/run/cocos/runner.sock")
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create runner client: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
defer runnerClient.Close()
|
||||
|
||||
svc := newService(ctx, logger, eventSvc, attClient, runnerClient, cfg.Vmpl)
|
||||
|
||||
if err := os.MkdirAll(storageDir, 0o755); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create storage directory: %s", err))
|
||||
@@ -158,8 +210,7 @@ func main() {
|
||||
}
|
||||
|
||||
var certProvider atls.CertificateProvider
|
||||
|
||||
if ccPlatform != attestation.NoCC {
|
||||
if cfg.EnableATLS && ccPlatform != attestation.NoCC {
|
||||
var certsSDK sdk.SDK
|
||||
if cfg.CAUrl != "" {
|
||||
certsSDK = sdk.NewSDK(sdk.Config{
|
||||
@@ -174,7 +225,23 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
mc, err := cvmsapi.NewClient(pc, svc, eventsLogsQueue, logger, server.NewServer(logger, svc, cfg.AgentGrpcHost, certProvider), storageDir, reconnectFn, cvmGRPCClient)
|
||||
// Create ingress proxy server
|
||||
backendURL, err := url.Parse("unix:///run/cocos/agent.sock")
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to parse backend URL: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
ingressProxy := ingress.NewProxyServer(logger, backendURL, certProvider)
|
||||
|
||||
pc, err := cvmsClient.Process(ctx)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to connect to cvm server: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
mc, err := cvmsapi.NewClient(pc, svc, cvmsQueue, logger, server.NewServer(logger, svc, cfg.AgentGrpcHost, certProvider), ingressProxy, storageDir, reconnectFn, cvmGRPCClient)
|
||||
if err != nil {
|
||||
logger.Error(err.Error())
|
||||
exitCode = 1
|
||||
@@ -214,7 +281,7 @@ func main() {
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
eventsLogsQueue <- &cvms.ClientStreamMessage{
|
||||
cvmsQueue <- &cvms.ClientStreamMessage{
|
||||
Message: &cvms.ClientStreamMessage_AzureAttestationToken{
|
||||
AzureAttestationToken: &cvms.AzureAttestationToken{
|
||||
File: azureAttestationToken,
|
||||
@@ -224,7 +291,7 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
eventsLogsQueue <- &cvms.ClientStreamMessage{
|
||||
cvmsQueue <- &cvms.ClientStreamMessage{
|
||||
Message: &cvms.ClientStreamMessage_VTPMattestationReport{
|
||||
VTPMattestationReport: &cvms.AttestationResponse{
|
||||
File: attest,
|
||||
@@ -238,8 +305,8 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
func newService(ctx context.Context, logger *slog.Logger, eventSvc events.Service, attClient attestation_client.Client, vmpl int) agent.Service {
|
||||
svc := agent.New(ctx, logger, eventSvc, attClient, vmpl)
|
||||
func newService(ctx context.Context, logger *slog.Logger, eventSvc events.Service, attClient attestation_client.Client, runnerClient runnerclient.Client, vmpl int) agent.Service {
|
||||
svc := agent.New(ctx, logger, eventSvc, attClient, runnerClient, vmpl)
|
||||
|
||||
svc = api.LoggingMiddleware(svc, logger)
|
||||
counter, latency := prometheus.MakeMetrics(svcName, "api")
|
||||
|
||||
@@ -0,0 +1,123 @@
|
||||
// Copyright (c) Ultraviolet
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"net"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
||||
mglog "github.com/absmach/supermq/logger"
|
||||
"github.com/caarlos0/env/v11"
|
||||
pb "github.com/ultravioletrs/cocos/agent/runner"
|
||||
runnerevents "github.com/ultravioletrs/cocos/agent/runner/events"
|
||||
"github.com/ultravioletrs/cocos/agent/runner/service"
|
||||
logclient "github.com/ultravioletrs/cocos/pkg/clients/grpc/log"
|
||||
"golang.org/x/sync/errgroup"
|
||||
"google.golang.org/grpc"
|
||||
)
|
||||
|
||||
const (
|
||||
svcName = "computation-runner"
|
||||
socketPath = "/run/cocos/runner.sock"
|
||||
)
|
||||
|
||||
type config struct {
|
||||
LogLevel string `env:"RUNNER_LOG_LEVEL" envAlternate:"AGENT_LOG_LEVEL" envDefault:"debug"`
|
||||
LogForwarder string `env:"LOG_FORWARDER_SOCKET" envDefault:"/run/cocos/log.sock"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
g, ctx := errgroup.WithContext(ctx)
|
||||
|
||||
var cfg config
|
||||
if err := env.Parse(&cfg); err != nil {
|
||||
fmt.Printf("failed to load %s configuration : %s\n", svcName, err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
var exitCode int
|
||||
defer mglog.ExitWithError(&exitCode)
|
||||
|
||||
var level slog.Level
|
||||
if err := level.UnmarshalText([]byte(cfg.LogLevel)); err != nil {
|
||||
fmt.Println(err)
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
logger := slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{Level: level}))
|
||||
|
||||
// Connect to Log Forwarder
|
||||
logClient, err := logclient.NewClient(cfg.LogForwarder)
|
||||
if err != nil {
|
||||
logger.Warn(fmt.Sprintf("failed to connect to log-forwarder: %s. Events will not be forwarded.", err))
|
||||
} else {
|
||||
defer logClient.Close()
|
||||
}
|
||||
|
||||
eventSvc := runnerevents.NewAdapter(logClient, svcName)
|
||||
|
||||
// Remove existing socket if it exists
|
||||
if _, err := os.Stat(socketPath); err == nil {
|
||||
if err := os.Remove(socketPath); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to remove existing socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
dir := socketPath[:len(socketPath)-len("/runner.sock")]
|
||||
if err := os.MkdirAll(dir, 0o755); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create socket directory: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
lis, err := net.Listen("unix", socketPath)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to listen on socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
if err := os.Chmod(socketPath, 0o777); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to chmod socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
grpcServer := grpc.NewServer()
|
||||
svc := service.New(logger, eventSvc)
|
||||
pb.RegisterComputationRunnerServer(grpcServer, svc)
|
||||
|
||||
g.Go(func() error {
|
||||
ch := make(chan os.Signal, 1)
|
||||
signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM)
|
||||
defer signal.Stop(ch)
|
||||
|
||||
select {
|
||||
case <-ch:
|
||||
logger.Info("Received signal, shutting down...")
|
||||
cancel()
|
||||
grpcServer.GracefulStop()
|
||||
return nil
|
||||
case <-ctx.Done():
|
||||
return ctx.Err()
|
||||
}
|
||||
})
|
||||
|
||||
g.Go(func() error {
|
||||
logger.Info(fmt.Sprintf("%s started on %s", svcName, socketPath))
|
||||
return grpcServer.Serve(lis)
|
||||
})
|
||||
|
||||
if err := g.Wait(); err != nil {
|
||||
logger.Error(fmt.Sprintf("%s terminated: %s", svcName, err))
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,88 @@
|
||||
// Copyright (c) Ultraviolet
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
||||
mglog "github.com/absmach/supermq/logger"
|
||||
"github.com/caarlos0/env/v11"
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/spf13/pflag"
|
||||
"github.com/ultravioletrs/cocos/pkg/egress"
|
||||
"golang.org/x/sync/errgroup"
|
||||
)
|
||||
|
||||
const (
|
||||
svcName = "egress-proxy"
|
||||
)
|
||||
|
||||
type config struct {
|
||||
Level string `env:"COCOS_LOG_LEVEL" envAlternate:"AGENT_LOG_LEVEL" envDefault:"info"`
|
||||
Port string `env:"COCOS_PROXY_PORT" envDefault:"3128"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
var cfg config
|
||||
if err := env.Parse(&cfg); err != nil {
|
||||
fmt.Fprintf(os.Stderr, "failed to load configuration: %s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
cmd := &cobra.Command{
|
||||
Use: svcName,
|
||||
Short: "Egress Proxy Service",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return run(cfg)
|
||||
},
|
||||
}
|
||||
|
||||
pflag.StringVar(&cfg.Level, "log-level", cfg.Level, "Log level")
|
||||
pflag.StringVar(&cfg.Port, "port", cfg.Port, "Proxy port")
|
||||
|
||||
if err := cmd.Execute(); err != nil {
|
||||
fmt.Fprintf(os.Stderr, "Error: %s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
func run(cfg config) error {
|
||||
logger, err := mglog.New(os.Stdout, cfg.Level)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create logger: %w", err)
|
||||
}
|
||||
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
|
||||
g, ctx := errgroup.WithContext(ctx)
|
||||
|
||||
proxy := egress.NewProxy(logger, ":"+cfg.Port)
|
||||
|
||||
g.Go(func() error {
|
||||
return proxy.Start()
|
||||
})
|
||||
|
||||
g.Go(func() error {
|
||||
c := make(chan os.Signal, 1)
|
||||
signal.Notify(c, syscall.SIGINT, syscall.SIGTERM)
|
||||
select {
|
||||
case s := <-c:
|
||||
logger.Info(fmt.Sprintf("received signal %s, stopping", s))
|
||||
cancel()
|
||||
return proxy.Stop(ctx)
|
||||
case <-ctx.Done():
|
||||
return nil
|
||||
}
|
||||
})
|
||||
|
||||
if err := g.Wait(); err != nil {
|
||||
return fmt.Errorf("server exit with error: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -0,0 +1,137 @@
|
||||
// Copyright (c) Ultraviolet
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
||||
"github.com/absmach/certs/sdk"
|
||||
mglog "github.com/absmach/supermq/logger"
|
||||
"github.com/caarlos0/env/v11"
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/spf13/pflag"
|
||||
"github.com/ultravioletrs/cocos/pkg/atls"
|
||||
"github.com/ultravioletrs/cocos/pkg/attestation"
|
||||
"github.com/ultravioletrs/cocos/pkg/attestation/azure"
|
||||
"github.com/ultravioletrs/cocos/pkg/ingress"
|
||||
"golang.org/x/sync/errgroup"
|
||||
)
|
||||
|
||||
const (
|
||||
svcName = "ingress-proxy"
|
||||
)
|
||||
|
||||
type config struct {
|
||||
LogLevel string `env:"COCOS_LOG_LEVEL" envAlternate:"AGENT_LOG_LEVEL" envDefault:"info"`
|
||||
Backend string `env:"COCOS_INGRESS_BACKEND" envDefault:"http://localhost:7001"`
|
||||
|
||||
// ATLS Config
|
||||
CAUrl string `env:"AGENT_CVM_CA_URL" envDefault:""`
|
||||
CVMId string `env:"AGENT_CVM_ID" envDefault:""`
|
||||
CertsToken string `env:"AGENT_CERTS_TOKEN" envDefault:""`
|
||||
AgentMaaURL string `env:"AGENT_MAA_URL" envDefault:"https://sharedeus2.eus2.attest.azure.net"`
|
||||
AgentOSBuild string `env:"AGENT_OS_BUILD" envDefault:"UVC"`
|
||||
AgentOSDistro string `env:"AGENT_OS_DISTRO" envDefault:"UVC"`
|
||||
AgentOSType string `env:"AGENT_OS_TYPE" envDefault:"UVC"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
var cfg config
|
||||
if err := env.Parse(&cfg); err != nil {
|
||||
fmt.Fprintf(os.Stderr, "failed to load configuration: %s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
cmd := &cobra.Command{
|
||||
Use: svcName,
|
||||
Short: "Ingress Proxy Service",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return run(cfg)
|
||||
},
|
||||
}
|
||||
|
||||
pflag.StringVar(&cfg.LogLevel, "log-level", cfg.LogLevel, "Log level")
|
||||
pflag.StringVar(&cfg.Backend, "backend", cfg.Backend, "Backend URL")
|
||||
|
||||
if err := cmd.Execute(); err != nil {
|
||||
fmt.Fprintf(os.Stderr, "Error: %s\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
func run(cfg config) error {
|
||||
logger, err := mglog.New(os.Stdout, cfg.LogLevel)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create logger: %w", err)
|
||||
}
|
||||
|
||||
backendURL, err := url.Parse(cfg.Backend)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to parse backend URL: %w", err)
|
||||
}
|
||||
|
||||
// Initialize Certificate Provider
|
||||
var provider attestation.Provider
|
||||
ccPlatform := attestation.CCPlatform()
|
||||
|
||||
azureConfig := azure.NewEnvConfigFromAgent(
|
||||
cfg.AgentOSBuild,
|
||||
cfg.AgentOSType,
|
||||
cfg.AgentOSDistro,
|
||||
cfg.AgentMaaURL,
|
||||
)
|
||||
azure.InitializeDefaultMAAVars(azureConfig)
|
||||
|
||||
var certProvider atls.CertificateProvider
|
||||
|
||||
if ccPlatform != attestation.NoCC {
|
||||
var certsSDK sdk.SDK
|
||||
if cfg.CAUrl != "" {
|
||||
certsSDK = sdk.NewSDK(sdk.Config{
|
||||
CertsURL: cfg.CAUrl,
|
||||
})
|
||||
}
|
||||
certProvider, err = atls.NewProvider(provider, ccPlatform, cfg.CertsToken, cfg.CVMId, certsSDK)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create certificate provider: %w", err)
|
||||
}
|
||||
} else {
|
||||
logger.Warn("No Confidential Computing platform detected. ATLS will not be available.")
|
||||
}
|
||||
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
|
||||
g, ctx := errgroup.WithContext(ctx)
|
||||
|
||||
// Create proxy server (but don't start it yet - it will be started per-computation)
|
||||
_ = ingress.NewProxyServer(logger, backendURL, certProvider)
|
||||
|
||||
// Note: The proxy server will be started dynamically when a computation is initiated
|
||||
// via the Manager's ComputationRunReq message. For now, we just keep the service alive.
|
||||
logger.Info("ingress-proxy service initialized, waiting for computation requests...")
|
||||
|
||||
g.Go(func() error {
|
||||
c := make(chan os.Signal, 1)
|
||||
signal.Notify(c, syscall.SIGINT, syscall.SIGTERM)
|
||||
select {
|
||||
case s := <-c:
|
||||
logger.Info(fmt.Sprintf("received signal %s, stopping", s))
|
||||
cancel()
|
||||
return nil
|
||||
case <-ctx.Done():
|
||||
return nil
|
||||
}
|
||||
})
|
||||
|
||||
if err := g.Wait(); err != nil {
|
||||
return fmt.Errorf("server exit with error: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -0,0 +1,155 @@
|
||||
// Copyright (c) Ultraviolet
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"net"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
|
||||
mglog "github.com/absmach/supermq/logger"
|
||||
"github.com/caarlos0/env/v11"
|
||||
"github.com/ultravioletrs/cocos/agent/cvms"
|
||||
pb "github.com/ultravioletrs/cocos/agent/log"
|
||||
"github.com/ultravioletrs/cocos/agent/log/service"
|
||||
"github.com/ultravioletrs/cocos/pkg/clients"
|
||||
cvmsgrpc "github.com/ultravioletrs/cocos/pkg/clients/grpc/cvm"
|
||||
"golang.org/x/sync/errgroup"
|
||||
"google.golang.org/grpc"
|
||||
)
|
||||
|
||||
const (
|
||||
svcName = "log-forwarder"
|
||||
socketPath = "/run/cocos/log.sock"
|
||||
envPrefixCVMGRPC = "AGENT_CVM_GRPC_"
|
||||
)
|
||||
|
||||
type config struct {
|
||||
LogLevel string `env:"LOG_FORWARDER_LOG_LEVEL" envAlternate:"AGENT_LOG_LEVEL" envDefault:"debug"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
g, ctx := errgroup.WithContext(ctx)
|
||||
|
||||
var cfg config
|
||||
if err := env.Parse(&cfg); err != nil {
|
||||
fmt.Printf("failed to load %s configuration : %s\n", svcName, err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
var exitCode int
|
||||
defer mglog.ExitWithError(&exitCode)
|
||||
|
||||
var level slog.Level
|
||||
if err := level.UnmarshalText([]byte(cfg.LogLevel)); err != nil {
|
||||
fmt.Println(err)
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
logger := slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{Level: level}))
|
||||
|
||||
// Remove existing socket if it exists
|
||||
if _, err := os.Stat(socketPath); err == nil {
|
||||
if err := os.Remove(socketPath); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to remove existing socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
dir := socketPath[:len(socketPath)-len("/log.sock")]
|
||||
if err := os.MkdirAll(dir, 0o755); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create socket directory: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
lis, err := net.Listen("unix", socketPath)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to listen on socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
if err := os.Chmod(socketPath, 0o777); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to chmod socket: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
// Connect to Manager
|
||||
cvmGrpcConfig := clients.StandardClientConfig{}
|
||||
if err := env.ParseWithOptions(&cvmGrpcConfig, env.Options{Prefix: envPrefixCVMGRPC}); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to load %s gRPC client configuration : %s", svcName, err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
cvmClient, cvmsClient, err := cvmsgrpc.NewCVMClient(cvmGrpcConfig)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to connect to CVM manager: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
defer cvmClient.Close()
|
||||
|
||||
// Create stream to Manager
|
||||
stream, err := cvmsClient.Process(ctx)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to create stream to manager: %s", err))
|
||||
exitCode = 1
|
||||
return
|
||||
}
|
||||
|
||||
logQueue := make(chan *cvms.ClientStreamMessage, 1000)
|
||||
|
||||
grpcServer := grpc.NewServer()
|
||||
svc := service.New(logger, cvmsClient, logQueue)
|
||||
pb.RegisterLogCollectorServer(grpcServer, svc)
|
||||
|
||||
// Log Consumer Goroutine
|
||||
g.Go(func() error {
|
||||
for {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
return nil
|
||||
case msg := <-logQueue:
|
||||
if err := stream.Send(msg); err != nil {
|
||||
logger.Error(fmt.Sprintf("failed to send log to manager: %s", err))
|
||||
// Reconnect logic would go here
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
g.Go(func() error {
|
||||
ch := make(chan os.Signal, 1)
|
||||
signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM)
|
||||
defer signal.Stop(ch)
|
||||
|
||||
select {
|
||||
case <-ch:
|
||||
logger.Info("Received signal, shutting down...")
|
||||
cancel()
|
||||
grpcServer.GracefulStop()
|
||||
return nil
|
||||
case <-ctx.Done():
|
||||
return ctx.Err()
|
||||
}
|
||||
})
|
||||
|
||||
g.Go(func() error {
|
||||
logger.Info(fmt.Sprintf("%s started on %s", svcName, socketPath))
|
||||
return grpcServer.Serve(lis)
|
||||
})
|
||||
|
||||
if err := g.Wait(); err != nil {
|
||||
logger.Error(fmt.Sprintf("%s terminated: %s", svcName, err))
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user