-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: add integration tests for docker compose deployment (#1034)
* chore: add integration tests for docker compose deployment
- Loading branch information
1 parent
97a9e1e
commit dc97986
Showing
14 changed files
with
1,174 additions
and
320 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -104,6 +104,7 @@ celerybeat.pid | |
# Environments | ||
.env | ||
!docker_compose/.env | ||
!integration_tests/.env | ||
.venv | ||
env/ | ||
venv/ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
# Deployment configuration | ||
SC4SNMP_IMAGE=snmp-local | ||
SC4SNMP_TAG="latest" | ||
SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH= | ||
TRAPS_CONFIG_FILE_ABSOLUTE_PATH= | ||
INVENTORY_FILE_ABSOLUTE_PATH= | ||
COREFILE_ABS_PATH= | ||
COREDNS_ADDRESS=172.28.0.255 | ||
SC4SNMP_VERSION="1.11.0-beta.9" | ||
|
||
|
||
# Dependencies images | ||
COREDNS_IMAGE=coredns/coredns | ||
COREDNS_TAG=1.11.1 | ||
MIBSERVER_IMAGE=ghcr.io/pysnmp/mibs/container | ||
MIBSERVER_TAG=latest | ||
REDIS_IMAGE=docker.io/bitnami/redis | ||
REDIS_TAG=7.2.1-debian-11-r0 | ||
MONGO_IMAGE=docker.io/bitnami/mongodb | ||
MONGO_TAG=6.0.9-debian-11-r5 | ||
|
||
# Splunk instance configuration | ||
SPLUNK_HEC_HOST= | ||
SPLUNK_HEC_PROTOCOL=https | ||
SPLUNK_HEC_PORT=8088 | ||
SPLUNK_HEC_TOKEN= | ||
SPLUNK_HEC_INSECURESSL=true | ||
SPLUNK_SOURCETYPE_TRAPS=sc4snmp:traps | ||
SPLUNK_SOURCETYPE_POLLING_EVENTS=sc4snmp:event | ||
SPLUNK_SOURCETYPE_POLLING_METRICS=sc4snmp:metric | ||
SPLUNK_HEC_INDEX_EVENTS=netops | ||
SPLUNK_HEC_INDEX_METRICS=netmetrics | ||
SPLUNK_HEC_PATH=/services/collector | ||
SPLUNK_AGGREGATE_TRAPS_EVENTS=false | ||
IGNORE_EMPTY_VARBINDS=false | ||
|
||
# Workers configration | ||
WALK_RETRY_MAX_INTERVAL=180 | ||
WALK_MAX_RETRIES=5 | ||
METRICS_INDEXING_ENABLED=false | ||
POLL_BASE_PROFILES=true | ||
IGNORE_NOT_INCREASING_OIDS= | ||
WORKER_LOG_LEVEL=INFO | ||
UDP_CONNECTION_TIMEOUT=3 | ||
MAX_OID_TO_PROCESS=70 | ||
|
||
# Worker Poller | ||
WORKER_POLLER_CONCURRENCY=4 | ||
PREFETCH_POLLER_COUNT=1 | ||
WORKER_POLLER_REPLICAS=2 | ||
WORKER_POLLER_CPU_LIMIT=1 | ||
WORKER_POLLER_MEMORY_LIMIT=500M | ||
WORKER_POLLER_CPU_RESERVATIONS=0.5 | ||
WORKER_POLLER_MEMORY_RESERVATIONS=250M | ||
|
||
# Worker Sender | ||
WORKER_SENDER_CONCURRENCY=4 | ||
PREFETCH_SENDER_COUNT=30 | ||
WORKER_SENDER_REPLICAS=1 | ||
WORKER_SENDER_CPU_LIMIT=1 | ||
WORKER_SENDER_MEMORY_LIMIT=500M | ||
WORKER_SENDER_CPU_RESERVATIONS=0.5 | ||
WORKER_SENDER_MEMORY_RESERVATIONS=250M | ||
|
||
# Worker Trap | ||
WORKER_TRAP_CONCURRENCY=4 | ||
PREFETCH_TRAP_COUNT=30 | ||
RESOLVE_TRAP_ADDRESS=false | ||
MAX_DNS_CACHE_SIZE_TRAPS=500 | ||
TTL_DNS_CACHE_TRAPS=1800 | ||
WORKER_TRAP_REPLICAS=2 | ||
WORKER_TRAP_CPU_LIMIT=1 | ||
WORKER_TRAP_MEMORY_LIMIT=500M | ||
WORKER_TRAP_CPU_RESERVATIONS=0.5 | ||
WORKER_TRAP_MEMORY_RESERVATIONS=250M | ||
|
||
# Inventory configuration | ||
INVENTORY_LOG_LEVEL=INFO | ||
CHAIN_OF_TASKS_EXPIRY_TIME=500 | ||
|
||
# Traps configuration | ||
SNMP_V3_SECURITY_ENGINE_ID=80003a8c04 | ||
TRAPS_PORT=162 | ||
TRAP_LOG_LEVEL=INFO | ||
|
||
# Scheduler configuration | ||
SCHEDULER_LOG_LEVEL=INFO | ||
|
||
#Secrets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,215 @@ | ||
#!/bin/bash | ||
|
||
# Color | ||
RED='\033[0;31m' | ||
GREEN='\033[0;32m' | ||
YELLOW='\033[0;33m' | ||
NC='\033[0m' # No Color | ||
|
||
function red { | ||
printf "${RED}$@${NC}\n" | ||
} | ||
|
||
function green { | ||
printf "${GREEN}$@${NC}\n" | ||
} | ||
|
||
function yellow { | ||
printf "${YELLOW}$@${NC}\n" | ||
} | ||
|
||
wait_for_splunk() { | ||
while [ "$(sudo docker ps | grep "splunk:latest" | grep healthy)" == "" ] ; do | ||
echo $(yellow "Waiting for Splunk initialization") | ||
sleep 1 | ||
done | ||
} | ||
|
||
function define_python() { | ||
echo $(yellow "define python") | ||
if command -v python &> /dev/null; then | ||
PYTHON=python | ||
elif command -v python3 &> /dev/null; then | ||
PYTHON=python3 | ||
else | ||
echo $(red "Cannot find python command") | ||
exit 1 | ||
fi | ||
} | ||
|
||
deploy_poetry() { | ||
sudo apt -y install python3-venv | ||
curl -sSL https://install.python-poetry.org | $PYTHON - | ||
export PATH="/home/ubuntu/.local/bin:$PATH" | ||
poetry install | ||
poetry add --group dev splunk-sdk | ||
poetry add --group dev splunklib | ||
poetry add --group dev pysnmp | ||
} | ||
|
||
wait_for_containers_to_be_up() { | ||
while true; do | ||
CONTAINERS_SC4SNMP=$(sudo docker ps | grep "sc4snmp\|worker-poller\|worker-sender\|worker-trap" | grep -v "Name" | wc -l) | ||
if [ "$CONTAINERS_SC4SNMP" -gt 0 ]; then | ||
CONTAINERS_UP=$(sudo docker ps | grep "sc4snmp\|worker-poller\|worker-sender\|worker-trap" | grep "Up" | wc -l) | ||
CONTAINERS_EXITED=$(sudo docker ps | grep "sc4snmp\|worker-poller\|worker-sender\|worker-trap" | grep "Exited" | wc -l) | ||
CONTAINERS_TOTAL=$CONTAINERS_SC4SNMP | ||
|
||
if [ "$CONTAINERS_UP" -eq "$CONTAINERS_TOTAL" ] || \ | ||
{ [ "$CONTAINERS_EXITED" -eq 1 ] && [ "$((CONTAINERS_UP + CONTAINERS_EXITED))" -eq "$CONTAINERS_TOTAL" ]; }; then | ||
echo $(green "All 'sc4snmp' containers are ready.") | ||
break | ||
fi | ||
|
||
echo $(yellow "Waiting for all 'sc4snmp' containers to be ready...") | ||
else | ||
echo $(yellow "No 'sc4snmp' containers found. Waiting for them to appear...") | ||
fi | ||
|
||
sleep 1 | ||
done | ||
} | ||
|
||
|
||
|
||
sudo apt-get update -y | ||
sudo apt-get install snmpd -y | ||
sudo sed -i -E 's/agentaddress[[:space:]]+127.0.0.1,\[::1\]/#agentaddress 127.0.0.1,\[::1\]\nagentaddress udp:1161,udp6:[::1]:1161/g' /etc/snmp/snmpd.conf | ||
echo "" | sudo tee -a /etc/snmp/snmpd.conf | ||
echo "createUser r-wuser SHA admin1234 AES admin1234" | sudo tee -a /etc/snmp/snmpd.conf | ||
echo "rwuser r-wuser priv" | sudo tee -a /etc/snmp/snmpd.conf | ||
sudo systemctl restart snmpd | ||
|
||
echo "Show working directory:" | ||
pwd | ||
|
||
echo $(green "Building Docker image") | ||
|
||
sudo docker build -t snmp-local . | ||
|
||
sudo docker pull splunk/splunk:latest | ||
echo $(green "Running Splunk in Docker") | ||
sudo docker run -d -p 8000:8000 -p 8088:8088 -p 8089:8089 -e SPLUNK_START_ARGS='--accept-license' -e SPLUNK_PASSWORD='changeme2' splunk/splunk:latest | ||
|
||
wait_for_splunk | ||
|
||
cd integration_tests | ||
chmod u+x ./prepare_splunk.sh | ||
echo $(green "Preparing Splunk instance") | ||
./prepare_splunk.sh | ||
|
||
echo $(green "Setting up docker compose configuration") | ||
cp ../docker_compose/* . | ||
# Define the filenames for the variables | ||
SCHEDULER_CONFIG_FILE="scheduler-config.yaml" | ||
TRAPS_CONFIG_FILE="traps-config.yaml" | ||
INVENTORY_FILE="inventory-tests.csv" | ||
COREFILE="Corefile" | ||
|
||
# Get the absolute paths of the files | ||
SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH=$(realpath "$SCHEDULER_CONFIG_FILE") | ||
TRAPS_CONFIG_FILE_ABSOLUTE_PATH=$(realpath "$TRAPS_CONFIG_FILE") | ||
INVENTORY_FILE_ABSOLUTE_PATH=$(realpath "$INVENTORY_FILE") | ||
COREFILE_ABS_PATH=$(realpath "$COREFILE") | ||
SPLUNK_HEC_HOST=$(hostname -I | cut -d " " -f1) | ||
SPLUNK_HEC_TOKEN=$(cat hec_token) | ||
|
||
# Temporary file to store the updated .env content | ||
TEMP_ENV_FILE=".env.tmp" | ||
|
||
# Update or add the variables in the .env file | ||
awk -v scheduler_path="$SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH" \ | ||
-v traps_path="$TRAPS_CONFIG_FILE_ABSOLUTE_PATH" \ | ||
-v inventory_path="$INVENTORY_FILE_ABSOLUTE_PATH" \ | ||
-v corefile_path="$COREFILE_ABS_PATH" \ | ||
-v splunk_hec_host="$SPLUNK_HEC_HOST" \ | ||
-v splunk_hec_token="$SPLUNK_HEC_TOKEN" \ | ||
' | ||
BEGIN { | ||
updated["SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH"] = 0; | ||
updated["TRAPS_CONFIG_FILE_ABSOLUTE_PATH"] = 0; | ||
updated["INVENTORY_FILE_ABSOLUTE_PATH"] = 0; | ||
updated["COREFILE_ABS_PATH"] = 0; | ||
updated["SPLUNK_HEC_HOST"] = 0; | ||
updated["SPLUNK_HEC_TOKEN"] = 0; | ||
} | ||
{ | ||
if ($1 == "SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH=") { | ||
print "SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH=" scheduler_path; | ||
updated["SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH"] = 1; | ||
} else if ($1 == "TRAPS_CONFIG_FILE_ABSOLUTE_PATH=") { | ||
print "TRAPS_CONFIG_FILE_ABSOLUTE_PATH=" traps_path; | ||
updated["TRAPS_CONFIG_FILE_ABSOLUTE_PATH"] = 1; | ||
} else if ($1 == "INVENTORY_FILE_ABSOLUTE_PATH=") { | ||
print "INVENTORY_FILE_ABSOLUTE_PATH=" inventory_path; | ||
updated["INVENTORY_FILE_ABSOLUTE_PATH"] = 1; | ||
} else if ($1 == "COREFILE_ABS_PATH=") { | ||
print "COREFILE_ABS_PATH=" corefile_path; | ||
updated["COREFILE_ABS_PATH"] = 1; | ||
} else if ($1 == "SPLUNK_HEC_HOST=") { | ||
print "SPLUNK_HEC_HOST=" splunk_hec_host; | ||
updated["SPLUNK_HEC_HOST"] = 1; | ||
} else if ($1 == "SPLUNK_HEC_TOKEN=") { | ||
print "SPLUNK_HEC_TOKEN=" splunk_hec_token; | ||
updated["SPLUNK_HEC_TOKEN"] = 1; | ||
} else { | ||
print $0; | ||
} | ||
} | ||
END { | ||
if (updated["SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH"] == 0) { | ||
print "SCHEDULER_CONFIG_FILE_ABSOLUTE_PATH=" scheduler_path; | ||
} | ||
if (updated["TRAPS_CONFIG_FILE_ABSOLUTE_PATH"] == 0) { | ||
print "TRAPS_CONFIG_FILE_ABSOLUTE_PATH=" traps_path; | ||
} | ||
if (updated["INVENTORY_FILE_ABSOLUTE_PATH"] == 0) { | ||
print "INVENTORY_FILE_ABSOLUTE_PATH=" inventory_path; | ||
} | ||
if (updated["COREFILE_ABS_PATH"] == 0) { | ||
print "COREFILE_ABS_PATH=" corefile_path; | ||
} | ||
if (updated["SPLUNK_HEC_HOST"] == 0) { | ||
print "SPLUNK_HEC_HOST=" splunk_hec_host; | ||
} | ||
if (updated["SPLUNK_HEC_TOKEN"] == 0) { | ||
print "SPLUNK_HEC_TOKEN=" splunk_hec_token; | ||
} | ||
} | ||
' .env > "$TEMP_ENV_FILE" | ||
|
||
# Replace the old .env file with the updated one | ||
mv "$TEMP_ENV_FILE" .env | ||
|
||
# Create snmpv3 secret | ||
python3 $(realpath "manage_secrets.py") --path_to_compose $(pwd) \ | ||
--secret_name sv3poller \ | ||
--userName r-wuser \ | ||
--privProtocol AES \ | ||
--privKey admin1234 \ | ||
--authProtocol SHA \ | ||
--authKey admin1234 \ | ||
--contextEngineId 8000000903000A397056B8AC \ | ||
--traps false | ||
|
||
sed -i "s/###LOAD_BALANCER_ID###/$(hostname -I | cut -d " " -f1)/" inventory-tests.csv | ||
echo $(green "Running SNMP simulators in Docker") | ||
sudo docker run -d -p 161:161/udp tandrup/snmpsim | ||
sudo docker run -d -p 1162:161/udp tandrup/snmpsim | ||
sudo docker run -d -p 1163:161/udp tandrup/snmpsim | ||
sudo docker run -d -p 1164:161/udp tandrup/snmpsim | ||
sudo docker run -d -p 1165:161/udp tandrup/snmpsim | ||
sudo docker run -d -p 1166:161/udp -v $(pwd)/snmpsim/data:/usr/local/snmpsim/data -e EXTRA_FLAGS="--variation-modules-dir=/usr/local/snmpsim/variation --data-dir=/usr/local/snmpsim/data" tandrup/snmpsim | ||
|
||
|
||
echo $(green "Running up Docker Compose environment") | ||
sudo docker compose $(find docker* | sed -e 's/^/-f /') up -d | ||
wait_for_containers_to_be_up | ||
|
||
sudo docker ps | ||
sudo docker exec sc4snmp-inventory printenv | ||
|
||
if [[ $1 == 'integration' ]]; then | ||
define_python | ||
deploy_poetry | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.