From e057a8480498f6a409d3013654f437c286f3d87c Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Fri, 4 Oct 2024 12:58:16 -0600 Subject: [PATCH 01/21] testing debug config value --- scripts/aws/eks-pod/entrypoint.sh | 13 +++++++++++-- scripts/aws/entrypoint.sh | 14 +++++++++----- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index c506d6cbf..9ec4ea009 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -3,6 +3,7 @@ CID=42 EIF_PATH=/home/uid2operator.eif MEMORY_MB=24576 CPU_COUNT=6 +DEBUG_MODE="false" set -x @@ -87,12 +88,20 @@ function update_config() { { set +x; } 2>/dev/null; { CPU_COUNT=$(echo $IDENTITY_SERVICE_CONFIG | jq -r '.enclave_cpu_count'); set -x; } { set +x; } 2>/dev/null; { MEMORY_MB=$(echo $IDENTITY_SERVICE_CONFIG | jq -r '.enclave_memory_mb'); set -x; } fi + + { set +x; } 2>/dev/null; { DEBUG_MODE=$(echo $IDENTITY_SERVICE_CONFIG | jq -r '.debug_mode'); set -x; } + shopt -u nocasematch } function run_enclave() { - echo "starting enclave... --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID" - nitro-cli run-enclave --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID --enclave-name uid2-operator + if [ "$DEBUG_MODE" = "true" ]; then + echo "starting enclave... --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID --debug-mode --attach-console" + nitro-cli run-enclave --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID --enclave-name uid2-operator --debug-mode --attach-console + else + echo "starting enclave... --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID" + nitro-cli run-enclave --cpu-count $CPU_COUNT --memory $MEMORY_MB --eif-path $EIF_PATH --enclave-cid $CID --enclave-name uid2-operator + fi } echo "starting ..." diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index 32db563fa..f51041b8b 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -5,7 +5,7 @@ LOG_FILE="/home/start.txt" set -x -exec > $LOG_FILE +exec &> >(tee -a "$LOG_FILE") exec 2>&1 set -o pipefail @@ -19,10 +19,6 @@ ifconfig lo 127.0.0.1 echo "Starting vsock proxy..." /app/vsockpx --config /app/proxies.nitro.yaml --daemon --workers $(( $(nproc) * 2 )) --log-level 3 -# -- setup syslog-ng -echo "Starting syslog-ng..." -/usr/sbin/syslog-ng --verbose - # -- load config from identity service echo "Loading config from identity service via proxy..." @@ -42,6 +38,14 @@ do sleep 2 done +DEBUG_MODE=$(jq -r ".debug_mode" < "${OVERRIDES_CONFIG}") + +if [[ ! "$DEBUG_MODE" = "true" ]]; then + # -- setup syslog-ng + echo "Starting syslog-ng..." + /usr/sbin/syslog-ng --verbose +fi + # check the config is valid. Querying for a known missing element (empty) makes jq parse the file, but does not echo the results if jq empty "${OVERRIDES_CONFIG}"; then echo "Identity service returned valid config" From a70141b39191c4d51d3e56181d31d284735a9ff0 Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Fri, 4 Oct 2024 13:01:00 -0600 Subject: [PATCH 02/21] testing debug config value --- scripts/aws/entrypoint.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index f51041b8b..b687ae845 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -6,7 +6,6 @@ LOG_FILE="/home/start.txt" set -x exec &> >(tee -a "$LOG_FILE") -exec 2>&1 set -o pipefail ulimit -n 65536 From ec27533ce3e8d238f1c55280341802de62d0e218 Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Fri, 4 Oct 2024 19:05:20 +0000 Subject: [PATCH 03/21] [CI Pipeline] Released Snapshot version: 5.40.49-alpha-24-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8a1c418f7..1621ffdd1 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.48 + 5.40.49-alpha-24-SNAPSHOT UTF-8 From b24fbf8f84ed69dee3d3c9c4128e3fd8d6ab003b Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Fri, 4 Oct 2024 15:38:56 -0600 Subject: [PATCH 04/21] don't use logback conf in debug mode --- scripts/aws/entrypoint.sh | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index b687ae845..38de68709 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -98,12 +98,23 @@ cd /app # -- start operator echo "Starting Java application..." -java \ - -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ - -Djava.security.egd=file:/dev/./urandom \ - -Djava.library.path=/app/lib \ - -Dvertx-config-path="${FINAL_CONFIG}" \ - -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ - -Dlogback.configurationFile=./conf/logback.xml \ - -Dhttp_proxy=socks5://127.0.0.1:3305 \ - -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar +if [[ ! "$DEBUG_MODE" = "true" ]]; then + java \ + -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ + -Djava.security.egd=file:/dev/./urandom \ + -Djava.library.path=/app/lib \ + -Dvertx-config-path="${FINAL_CONFIG}" \ + -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ + -Dhttp_proxy=socks5://127.0.0.1:3305 \ + -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar +else + java \ + -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ + -Djava.security.egd=file:/dev/./urandom \ + -Djava.library.path=/app/lib \ + -Dvertx-config-path="${FINAL_CONFIG}" \ + -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ + -Dlogback.configurationFile=./conf/logback.xml \ + -Dhttp_proxy=socks5://127.0.0.1:3305 \ + -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar +fi \ No newline at end of file From 59d9dd7847b3736dcb7cecdd6b3f76256011b8fc Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Fri, 4 Oct 2024 15:41:04 -0600 Subject: [PATCH 05/21] add more log information --- scripts/aws/eks-pod/entrypoint.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 9ec4ea009..3bdce6a25 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -14,7 +14,9 @@ function terminate_old_enclave() { nitro-cli terminate-enclave --enclave-id ${ENCLAVE_ID} echo "Terminated enclave with ID ${ENCLAVE_ID}" else + nitro-cli describe-enclaves echo "No running enclaves to terminate." + sleep 30 fi } @@ -120,6 +122,7 @@ wait_for_config update_config run_enclave +nitro-cli describe-enclaves sleep 60s set +x ENCLAVE_ID=$(nitro-cli describe-enclaves | jq -r ".[0].EnclaveID") From b4aa9c48a962b1e33adbe0a2f092bbedd2f2763d Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Fri, 4 Oct 2024 21:42:07 +0000 Subject: [PATCH 06/21] [CI Pipeline] Released Snapshot version: 5.40.50-alpha-25-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1621ffdd1..5fe89e8dc 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.49-alpha-24-SNAPSHOT + 5.40.50-alpha-25-SNAPSHOT UTF-8 From da0e0583e201e5e8937b426c18ca416b26ba501d Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Fri, 4 Oct 2024 16:31:42 -0600 Subject: [PATCH 07/21] fix if statement --- scripts/aws/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index 38de68709..9fd5e31ca 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -98,7 +98,7 @@ cd /app # -- start operator echo "Starting Java application..." -if [[ ! "$DEBUG_MODE" = "true" ]]; then +if [[ "$DEBUG_MODE" = "true" ]]; then java \ -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ -Djava.security.egd=file:/dev/./urandom \ From 7ec499f977df9100a1e07b00cb3421fbed49cb15 Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Fri, 4 Oct 2024 22:35:02 +0000 Subject: [PATCH 08/21] [CI Pipeline] Released Snapshot version: 5.40.51-alpha-27-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 5fe89e8dc..33cc957bf 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.50-alpha-25-SNAPSHOT + 5.40.51-alpha-27-SNAPSHOT UTF-8 From 3a377d5616f6c21bd47b1fe78d1cd0f3fde07cb8 Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Mon, 7 Oct 2024 09:27:09 -0600 Subject: [PATCH 09/21] add debug logback conf --- Makefile.eif | 5 ++++- scripts/aws/conf/logback-debug.xml | 15 +++++++++++++++ scripts/aws/entrypoint.sh | 17 +++++++++-------- 3 files changed, 28 insertions(+), 9 deletions(-) create mode 100644 scripts/aws/conf/logback-debug.xml diff --git a/Makefile.eif b/Makefile.eif index 395685024..9b5b391ac 100644 --- a/Makefile.eif +++ b/Makefile.eif @@ -37,7 +37,7 @@ build/make_config.py: ./scripts/aws/make_config.py .PHONY: build_configs -build_configs: build/conf/default-config.json build/conf/prod-uid2-config.json build/conf/integ-uid2-config.json build/conf/prod-euid-config.json build/conf/integ-euid-config.json build/conf/logback.xml +build_configs: build/conf/default-config.json build/conf/prod-uid2-config.json build/conf/integ-uid2-config.json build/conf/prod-euid-config.json build/conf/integ-euid-config.json build/conf/logback.xml build/conf/logback-debug.xml build/conf/default-config.json: build_artifacts ./scripts/aws/conf/default-config.json cp ./scripts/aws/conf/default-config.json ./build/conf/ @@ -57,6 +57,9 @@ build/conf/integ-euid-config.json: build_artifacts ./scripts/aws/conf/integ-euid build/conf/logback.xml: build_artifacts ./scripts/aws/conf/logback.xml cp ./scripts/aws/conf/logback.xml ./build/conf/ +build/conf/logback-debug.xml: build_artifacts ./scripts/aws/conf/logback-debug.xml + cp ./scripts/aws/conf/logback-debug.xml ./build/conf/ + build/Dockerfile: build_artifacts ./scripts/aws/Dockerfile cp ./scripts/aws/Dockerfile ./build/ diff --git a/scripts/aws/conf/logback-debug.xml b/scripts/aws/conf/logback-debug.xml new file mode 100644 index 000000000..c012f8d25 --- /dev/null +++ b/scripts/aws/conf/logback-debug.xml @@ -0,0 +1,15 @@ + + + + + + + REDACTED - S3 + \S+s3\.amazonaws\.com\/\S*X-Amz-Security-Token=\S+ + + + + + + + \ No newline at end of file diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index 9fd5e31ca..e5063b148 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -105,16 +105,17 @@ if [[ "$DEBUG_MODE" = "true" ]]; then -Djava.library.path=/app/lib \ -Dvertx-config-path="${FINAL_CONFIG}" \ -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ + -Dlogback.configurationFile=./conf/logback-debug.xml \ -Dhttp_proxy=socks5://127.0.0.1:3305 \ -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar else java \ - -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ - -Djava.security.egd=file:/dev/./urandom \ - -Djava.library.path=/app/lib \ - -Dvertx-config-path="${FINAL_CONFIG}" \ - -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ - -Dlogback.configurationFile=./conf/logback.xml \ - -Dhttp_proxy=socks5://127.0.0.1:3305 \ - -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar + -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ + -Djava.security.egd=file:/dev/./urandom \ + -Djava.library.path=/app/lib \ + -Dvertx-config-path="${FINAL_CONFIG}" \ + -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.SLF4JLogDelegateFactory \ + -Dlogback.configurationFile=./conf/logback.xml \ + -Dhttp_proxy=socks5://127.0.0.1:3305 \ + -jar /app/"${JAR_NAME}"-"${JAR_VERSION}".jar fi \ No newline at end of file From ba116b3b3ae87d9f75029de3232c99dc2e67fb5f Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Mon, 7 Oct 2024 15:28:38 +0000 Subject: [PATCH 10/21] [CI Pipeline] Released Snapshot version: 5.40.52-alpha-28-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 33cc957bf..c28f60fc3 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.51-alpha-27-SNAPSHOT + 5.40.52-alpha-28-SNAPSHOT UTF-8 From 4803b7f7ad2f89f88773c6552d351665f40412bb Mon Sep 17 00:00:00 2001 From: "ian.nara" Date: Mon, 7 Oct 2024 12:41:11 -0600 Subject: [PATCH 11/21] operator debug --- scripts/aws/entrypoint.sh | 1 + scripts/aws/proxies.host.yaml | 5 +++++ scripts/aws/proxies.nitro.yaml | 5 +++++ 3 files changed, 11 insertions(+) diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index e5063b148..8c99c26b9 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -101,6 +101,7 @@ echo "Starting Java application..." if [[ "$DEBUG_MODE" = "true" ]]; then java \ -XX:MaxRAMPercentage=95 -XX:-UseCompressedOops -XX:+PrintFlagsFinal \ + -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8000 \ -Djava.security.egd=file:/dev/./urandom \ -Djava.library.path=/app/lib \ -Dvertx-config-path="${FINAL_CONFIG}" \ diff --git a/scripts/aws/proxies.host.yaml b/scripts/aws/proxies.host.yaml index 5a2ae0623..da2e40b57 100644 --- a/scripts/aws/proxies.host.yaml +++ b/scripts/aws/proxies.host.yaml @@ -10,6 +10,11 @@ operator-service: listen: tcp://0.0.0.0:80 connect: vsock://42:8080 +operator-debug: + service: direct + listen: tcp://0.0.0.0:8000 + connect: vsock://42:8000 + operator-prometheus: service: direct listen: tcp://0.0.0.0:9080 diff --git a/scripts/aws/proxies.nitro.yaml b/scripts/aws/proxies.nitro.yaml index 0f459b150..e9b5e0cfc 100644 --- a/scripts/aws/proxies.nitro.yaml +++ b/scripts/aws/proxies.nitro.yaml @@ -5,6 +5,11 @@ uid-operator-in: listen: vsock://-1:8080 connect: tcp://127.0.0.1:8080 +uid-operator-debug-in: + service: direct + listen: vsock://-1:8000 + connect: tcp://127.0.0.1:8000 + prometheus-server: service: direct listen: vsock://-1:9080 From 0de31854847338903a288638423f88135e6ee5b4 Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Mon, 7 Oct 2024 18:46:38 +0000 Subject: [PATCH 12/21] [CI Pipeline] Released Snapshot version: 5.40.53-alpha-29-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c28f60fc3..661748e55 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.52-alpha-28-SNAPSHOT + 5.40.53-alpha-29-SNAPSHOT UTF-8 From 7772761ea2d5726af8b46af5911e761427833055 Mon Sep 17 00:00:00 2001 From: Thomas Manson Date: Tue, 8 Oct 2024 10:22:38 +1100 Subject: [PATCH 13/21] Adding vsock and dante logging --- scripts/aws/eks-pod/entrypoint.sh | 2 +- scripts/aws/eks-pod/sockd_eks.conf | 8 ++++---- scripts/aws/entrypoint.sh | 2 +- scripts/aws/sockd.conf | 7 +++++-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 3bdce6a25..7573d8a9d 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -30,7 +30,7 @@ function setup_vsockproxy() { VSOCK_PROXY=${VSOCK_PROXY:-/home/vsockpx} VSOCK_CONFIG=${VSOCK_CONFIG:-/home/proxies.host.yaml} VSOCK_THREADS=${VSOCK_THREADS:-$(( $(nproc) * 2 )) } - VSOCK_LOG_LEVEL=${VSOCK_LOG_LEVEL:-3} + VSOCK_LOG_LEVEL=0 echo "starting vsock proxy at $VSOCK_PROXY with $VSOCK_THREADS worker threads..." $VSOCK_PROXY -c $VSOCK_CONFIG --workers $VSOCK_THREADS --log-level $VSOCK_LOG_LEVEL --daemon echo "vsock proxy now running in background." diff --git a/scripts/aws/eks-pod/sockd_eks.conf b/scripts/aws/eks-pod/sockd_eks.conf index 0e588fb7c..f6b483958 100644 --- a/scripts/aws/eks-pod/sockd_eks.conf +++ b/scripts/aws/eks-pod/sockd_eks.conf @@ -1,6 +1,6 @@ -#logoutput: stdout +logoutput: stdout errorlog: stdout -#debug: 2 +debug: 2 internal: 127.0.0.1 port = 3306 external: eth0 user.notprivileged: ec2-user @@ -9,12 +9,12 @@ socksmethod: none client pass { from: 127.0.0.1/32 to: 127.0.0.1/32 - log: error # connect disconnect iooperation + log: connect disconnect tcpinfo # connect disconnect iooperation } socks pass { from: 127.0.0.1/32 to: 0.0.0.0/0 command: bind connect protocol: tcp - log: error + log: connect disconnect tcpinfo } \ No newline at end of file diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index 8c99c26b9..1f350776d 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -16,7 +16,7 @@ ifconfig lo 127.0.0.1 # -- start vsock proxy echo "Starting vsock proxy..." -/app/vsockpx --config /app/proxies.nitro.yaml --daemon --workers $(( $(nproc) * 2 )) --log-level 3 +/app/vsockpx --config /app/proxies.nitro.yaml --daemon --workers $(( $(nproc) * 2 )) --log-level 0 # -- load config from identity service echo "Loading config from identity service via proxy..." diff --git a/scripts/aws/sockd.conf b/scripts/aws/sockd.conf index 6e8814445..d5e039c20 100644 --- a/scripts/aws/sockd.conf +++ b/scripts/aws/sockd.conf @@ -1,3 +1,6 @@ +logoutput: stdout +errorlog: stdout +debug: 2 internal: 127.0.0.1 port = 3306 external: ens5 user.notprivileged: ec2-user @@ -6,12 +9,12 @@ socksmethod: none client pass { from: 127.0.0.1/32 to: 127.0.0.1/32 - log: error # connect disconnect iooperation + log: connect disconnect tcpinfo # connect disconnect iooperation } socks pass { from: 127.0.0.1/32 to: 0.0.0.0/0 command: bind connect protocol: tcp - log: error + log: connect disconnect tcpinfo } \ No newline at end of file From 482382312d0859ebf2750375163cd7112ce3362b Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Mon, 7 Oct 2024 23:23:32 +0000 Subject: [PATCH 14/21] [CI Pipeline] Released Snapshot version: 5.40.54-alpha-30-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 661748e55..333ea1162 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.53-alpha-29-SNAPSHOT + 5.40.54-alpha-30-SNAPSHOT UTF-8 From 407e548b1023437f423f9604eb2ede98189f5441 Mon Sep 17 00:00:00 2001 From: Thomas Manson Date: Tue, 8 Oct 2024 13:40:56 +1100 Subject: [PATCH 15/21] Temp change the CID --- scripts/aws/eks-pod/entrypoint.sh | 2 +- scripts/aws/eks-pod/proxies.host.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 7573d8a9d..8d87326f0 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/bash -eufx -CID=42 +CID=43 EIF_PATH=/home/uid2operator.eif MEMORY_MB=24576 CPU_COUNT=6 diff --git a/scripts/aws/eks-pod/proxies.host.yaml b/scripts/aws/eks-pod/proxies.host.yaml index 5a2ae0623..649cc97f0 100644 --- a/scripts/aws/eks-pod/proxies.host.yaml +++ b/scripts/aws/eks-pod/proxies.host.yaml @@ -8,12 +8,12 @@ socks5h-proxy: operator-service: service: direct listen: tcp://0.0.0.0:80 - connect: vsock://42:8080 + connect: vsock://43:8080 operator-prometheus: service: direct listen: tcp://0.0.0.0:9080 - connect: vsock://42:9080 + connect: vsock://43:9080 syslogng: service: direct From 3b65da65708437a449a5fae6af23e2699f02a446 Mon Sep 17 00:00:00 2001 From: Thomas Manson Date: Tue, 8 Oct 2024 14:13:02 +1100 Subject: [PATCH 16/21] Revert CID change --- scripts/aws/eks-pod/entrypoint.sh | 2 +- scripts/aws/eks-pod/proxies.host.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 8d87326f0..7573d8a9d 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/bash -eufx -CID=43 +CID=42 EIF_PATH=/home/uid2operator.eif MEMORY_MB=24576 CPU_COUNT=6 diff --git a/scripts/aws/eks-pod/proxies.host.yaml b/scripts/aws/eks-pod/proxies.host.yaml index 649cc97f0..5a2ae0623 100644 --- a/scripts/aws/eks-pod/proxies.host.yaml +++ b/scripts/aws/eks-pod/proxies.host.yaml @@ -8,12 +8,12 @@ socks5h-proxy: operator-service: service: direct listen: tcp://0.0.0.0:80 - connect: vsock://43:8080 + connect: vsock://42:8080 operator-prometheus: service: direct listen: tcp://0.0.0.0:9080 - connect: vsock://43:9080 + connect: vsock://42:9080 syslogng: service: direct From b7dd2547b9150353e16437cd81ccb2b2b22a5b93 Mon Sep 17 00:00:00 2001 From: Cody Constine Date: Tue, 8 Oct 2024 13:38:28 -0600 Subject: [PATCH 17/21] Adding debug port to eks pod --- scripts/aws/eks-pod/proxies.host.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/aws/eks-pod/proxies.host.yaml b/scripts/aws/eks-pod/proxies.host.yaml index 5a2ae0623..da2e40b57 100644 --- a/scripts/aws/eks-pod/proxies.host.yaml +++ b/scripts/aws/eks-pod/proxies.host.yaml @@ -10,6 +10,11 @@ operator-service: listen: tcp://0.0.0.0:80 connect: vsock://42:8080 +operator-debug: + service: direct + listen: tcp://0.0.0.0:8000 + connect: vsock://42:8000 + operator-prometheus: service: direct listen: tcp://0.0.0.0:9080 From efbc1ac464a4bb012eaa16cd6ae02f040fd6df2a Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Tue, 8 Oct 2024 19:41:09 +0000 Subject: [PATCH 18/21] [CI Pipeline] Released Snapshot version: 5.40.55-alpha-31-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 333ea1162..a3b752d15 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.54-alpha-30-SNAPSHOT + 5.40.55-alpha-31-SNAPSHOT UTF-8 From d45f4cf5c28e963b6a2945144de54254c3990568 Mon Sep 17 00:00:00 2001 From: Thomas Manson Date: Fri, 11 Oct 2024 13:27:36 +1100 Subject: [PATCH 19/21] Turn of the exit on error --- scripts/aws/eks-pod/entrypoint.sh | 4 ++-- scripts/aws/entrypoint.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 7573d8a9d..11f643c9b 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash -eufx +#!/bin/bash -ufx CID=42 EIF_PATH=/home/uid2operator.eif MEMORY_MB=24576 @@ -30,7 +30,7 @@ function setup_vsockproxy() { VSOCK_PROXY=${VSOCK_PROXY:-/home/vsockpx} VSOCK_CONFIG=${VSOCK_CONFIG:-/home/proxies.host.yaml} VSOCK_THREADS=${VSOCK_THREADS:-$(( $(nproc) * 2 )) } - VSOCK_LOG_LEVEL=0 + VSOCK_LOG_LEVEL=1 echo "starting vsock proxy at $VSOCK_PROXY with $VSOCK_THREADS worker threads..." $VSOCK_PROXY -c $VSOCK_CONFIG --workers $VSOCK_THREADS --log-level $VSOCK_LOG_LEVEL --daemon echo "vsock proxy now running in background." diff --git a/scripts/aws/entrypoint.sh b/scripts/aws/entrypoint.sh index 1f350776d..5ae1df745 100755 --- a/scripts/aws/entrypoint.sh +++ b/scripts/aws/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash -eufx +#!/bin/bash -ufx # This is the entrypoint for the Enclave. It is executed in all enclaves - EC2 and EKS @@ -16,7 +16,7 @@ ifconfig lo 127.0.0.1 # -- start vsock proxy echo "Starting vsock proxy..." -/app/vsockpx --config /app/proxies.nitro.yaml --daemon --workers $(( $(nproc) * 2 )) --log-level 0 +/app/vsockpx --config /app/proxies.nitro.yaml --daemon --workers $(( $(nproc) * 2 )) --log-level 1 # -- load config from identity service echo "Loading config from identity service via proxy..." From 912a6a93cf40d74d7d51d9ec51298b862b0692f9 Mon Sep 17 00:00:00 2001 From: Release Workflow Date: Fri, 11 Oct 2024 02:29:37 +0000 Subject: [PATCH 20/21] [CI Pipeline] Released Snapshot version: 5.40.56-alpha-34-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index a3b752d15..04a610078 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.55-alpha-31-SNAPSHOT + 5.40.56-alpha-34-SNAPSHOT UTF-8 From dff8dae70d53ea81fecf7a216f4f93774dec7d70 Mon Sep 17 00:00:00 2001 From: Ian Nara Date: Wed, 16 Oct 2024 15:18:33 -0600 Subject: [PATCH 21/21] remove sleep and reset version --- pom.xml | 2 +- scripts/aws/eks-pod/entrypoint.sh | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 04a610078..8a1c418f7 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.uid2 uid2-operator - 5.40.56-alpha-34-SNAPSHOT + 5.40.48 UTF-8 diff --git a/scripts/aws/eks-pod/entrypoint.sh b/scripts/aws/eks-pod/entrypoint.sh index 11f643c9b..a28ebfe60 100644 --- a/scripts/aws/eks-pod/entrypoint.sh +++ b/scripts/aws/eks-pod/entrypoint.sh @@ -16,7 +16,6 @@ function terminate_old_enclave() { else nitro-cli describe-enclaves echo "No running enclaves to terminate." - sleep 30 fi }