diff --git a/eclipse-ankaios/.devcontainer/Dockerfile b/eclipse-ankaios/.devcontainer/Dockerfile index 46f2309..ec72351 100644 --- a/eclipse-ankaios/.devcontainer/Dockerfile +++ b/eclipse-ankaios/.devcontainer/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/eclipse-ankaios/app-ankaios-dev:0.3.1 +FROM ghcr.io/eclipse-ankaios/app-ankaios-dev:0.5.0 ARG TARGETARCH RUN apt-get update && apt-get -y install \ @@ -13,8 +13,23 @@ RUN apt-get update && apt-get -y install \ && curl -sL https://github.com/mikefarah/yq/releases/download/v4.42.1/yq_linux_${TARGETARCH} -o /usr/bin/yq \ && chmod +x /usr/bin/yq +# Allow Ankaios log files to be written by root and ankaios user +RUN groupadd anklogs \ + && usermod -aG anklogs ankaios \ + && usermod -aG anklogs root \ + && mkdir -p /var/log/ankaios \ + && chown -R root:anklogs /var/log/ankaios \ + && sudo chmod -R 770 /var/log/ankaios + +# work in insecure mode for experimenting with Ankaios in the dev container +RUN echo 'export ANKAGENT_INSECURE=true' | tee -a /root/.bashrc /home/ankaios/.bashrc \ + && echo 'export ANKSERVER_INSECURE=true' | tee -a /root/.bashrc /home/ankaios/.bashrc \ + && echo 'export ANK_INSECURE=true' | tee -a /root/.bashrc /home/ankaios/.bashrc + # Trust all repositories in this container RUN git config --global --add safe.directory '*' \ - && echo "if [ -f /etc/bash_completion ] && ! shopt -oq posix; then\n . /etc/bash_completion \nfi" >> /root/.bashrc \ - && echo 'export PATH=$PATH:/workspaces/software-orchestration/scripts' >> /root/.bashrc + && echo "if [ -f /etc/bash_completion ] && ! shopt -oq posix; then . /etc/bash_completion; fi" | tee -a /root/.bashrc /home/ankaios/.bashrc \ + && echo 'export PATH=$PATH:/workspaces/software-orchestration/scripts' | tee -a /root/.bashrc /home/ankaios/.bashrc \ + # enable shell completion for ank cli + && echo "if command -v ank &> /dev/null; then source <(COMPLETE=bash ank); fi" | tee -a /root/.bashrc /home/ankaios/.bashrc diff --git a/eclipse-ankaios/.devcontainer/devcontainer.json b/eclipse-ankaios/.devcontainer/devcontainer.json index fefa059..4d51aab 100644 --- a/eclipse-ankaios/.devcontainer/devcontainer.json +++ b/eclipse-ankaios/.devcontainer/devcontainer.json @@ -3,10 +3,7 @@ { "name": "Ankaios Software Orchestration Blueprint dev container", "build": { - "dockerfile": "Dockerfile", - //"args": { - // "TARGETARCH": "" // comment out and set your targetarch if no buildx is available - //} + "dockerfile": "Dockerfile" }, "mounts": [ "source=${localWorkspaceFolder}/../scenarios/smart_trailer/scripts/start_trailer_applications_ankaios.sh,target=/usr/local/bin/start_trailer_applications.sh,type=bind" @@ -32,5 +29,6 @@ } }, "workspaceMount": "source=${localWorkspaceFolder},target=/workspaces/software-orchestration/,type=bind", - "workspaceFolder": "/workspaces/software-orchestration/" + "workspaceFolder": "/workspaces/software-orchestration/", + "remoteUser": "ankaios" } \ No newline at end of file diff --git a/eclipse-ankaios/README.md b/eclipse-ankaios/README.md index 0e58307..46494db 100644 --- a/eclipse-ankaios/README.md +++ b/eclipse-ankaios/README.md @@ -10,8 +10,8 @@ The container is designed to have an immediately running environment. Once trigg ## Links -- [Ankaios docs](https://eclipse-ankaios.github.io/ankaios/0.3/) -- [Ankaios quickstart](https://eclipse-ankaios.github.io/ankaios/0.3/usage/quickstart/) +- [Ankaios docs](https://eclipse-ankaios.github.io/ankaios/0.5/) +- [Ankaios quickstart](https://eclipse-ankaios.github.io/ankaios/0.5/usage/quickstart/) - [Podman](https://docs.podman.io/en/v4.6.1/) - [What are devcontainers?](https://containers.dev/) @@ -71,7 +71,7 @@ __Note:__ If you have not installed and enabled [docker buildx](https://github.c Start the devcontainer with the required mount points by replacing the file paths in the run command below with the full absolute file paths on your local machine: ```shell -docker run -it --privileged -p 25551:25551 --name ankaios_orchestration --workdir /workspaces/software-orchestration -v //software-orchestration/eclipse-ankaios:/workspaces/software-orchestration -v //software-orchestration/scenarios/smart_trailer/scripts/start_trailer_applications_ankaios.sh:/usr/local/bin/start_trailer_applications.sh ankaios-orchestration:0.1 +docker run -it --privileged -p 25551:25551 --user ankaios --name ankaios_orchestration --workdir /workspaces/software-orchestration -v //software-orchestration/eclipse-ankaios:/workspaces/software-orchestration -v //software-orchestration/scenarios/smart_trailer/scripts/start_trailer_applications_ankaios.sh:/usr/local/bin/start_trailer_applications.sh ankaios-orchestration:0.1 ``` ## Run the smart trailer scenario @@ -83,6 +83,8 @@ Start the smart trailer scenario by executing the following steps: run_blueprint.sh ``` +Note: The Ankaios cluster will start in an insecure mode defined by the env variables in the `.bashrc` file inside the container. As an exercise, try modifying run_blueprint.sh to start Ankaios with mTLS enabled. See the Ankaios documentation [Setting up Ankaios with mTLS](https://eclipse-ankaios.github.io/ankaios/0.5/usage/mtls-setup/) for more information. + 2. Next, open a new terminal window and use the Ankaios CLI to verify that all initial workloads are up and running: ```shell @@ -173,13 +175,13 @@ Rebuild the container image. ### Ankaios Control Interface dependencies -The devcontainer includes also dependencies for developing applications using the [Ankaios Control Interface](https://eclipse-ankaios.github.io/ankaios/0.3/reference/control-interface/): +The devcontainer includes also dependencies for developing applications using the [Ankaios Control Interface](https://eclipse-ankaios.github.io/ankaios/0.5/reference/control-interface/): - protobuf compiler - grpcurl - Ankaios protobuf file (under `/usr/local/lib/ankaios/ankaios.proto`) -Those dependencies are needed for use-cases in which your app needs to use the [Ankaios Control Interface](https://eclipse-ankaios.github.io/ankaios/0.3/reference/control-interface/) to be able to communicate with the Ankaios cluster via the API. An example use-case would be to write a workload that shall request Ankaios to dynamically start another workload. You can find example workload applications written in various programming languages inside the Eclipse Ankaios repository [here](https://github.com/eclipse-ankaios/ankaios/tree/v0.3.1/examples). +Those dependencies are needed for use-cases in which your app needs to use the [Ankaios Control Interface](https://eclipse-ankaios.github.io/ankaios/0.5/reference/control-interface/) to be able to communicate with the Ankaios cluster via the API. An example use-case would be to write a workload that shall request Ankaios to dynamically start another workload. You can find example workload applications written in various programming languages inside the Eclipse Ankaios repository [here](https://github.com/eclipse-ankaios/ankaios/tree/v0.5.0/examples). ## Debugging @@ -190,11 +192,11 @@ There are log files for debugging purposes of Ankaios server and agent. The Ankaios server logs can be viewed by executing the following command: ```shell -tail -f /var/log/ankaios-server.log +tail -f /var/log/ankaios/ankaios-server.log ``` The Ankaios agent logs can be viewed by executing the following command: ```shell -tail -f /var/log/ankaios-agent_A.log +tail -f /var/log/ankaios/ankaios-agent_A.log ``` diff --git a/eclipse-ankaios/config/startupState.yaml b/eclipse-ankaios/config/startupManifest.yaml similarity index 71% rename from eclipse-ankaios/config/startupState.yaml rename to eclipse-ankaios/config/startupManifest.yaml index 18c20d8..7073838 100644 --- a/eclipse-ankaios/config/startupState.yaml +++ b/eclipse-ankaios/config/startupManifest.yaml @@ -3,24 +3,28 @@ workloads: service_discovery: runtime: podman agent: agent_A + configs: + net: default_network tags: - key: project value: chariott runtimeConfig: | image: ghcr.io/eclipse-sdv-blueprints/software-orchestration/eclipse-chariott/service-discovery:0.2.1 - commandOptions: ["--network", "host", "--name", "service_discovery"] + commandOptions: ["--network", "{{ net }}", "--name", "service_discovery"] mqtt_broker: runtime: podman agent: agent_A dependencies: service_discovery: ADD_COND_RUNNING + configs: + net: default_network tags: - key: project value: agemo runtimeConfig: | image: ghcr.io/eclipse-sdv-blueprints/software-orchestration/eclipse-mosquitto/mqtt-broker-agemo-config:0.1.2 - commandOptions: ["--network", "host", "--name", "mqtt-broker"] + commandOptions: ["--network", "{{ net }}", "--name", "mqtt-broker"] dynamic_topic_management: runtime: podman agent: agent_A @@ -29,12 +33,14 @@ workloads: ADD_COND_RUNNING mqtt_broker: ADD_COND_RUNNING + configs: + net: default_network tags: - key: project value: agemo runtimeConfig: | image: ghcr.io/eclipse-sdv-blueprints/software-orchestration/eclipse-agemo/pub-sub-service:0.1.2 - commandOptions: ["--network", "host", "--name", "pub-sub-service"] + commandOptions: ["--network", "{{ net }}", "--name", "pub-sub-service"] digital_twin_vehicle: runtime: podman agent: agent_A @@ -42,13 +48,15 @@ workloads: service_discovery: ADD_COND_RUNNING dynamic_topic_management: - ADD_COND_RUNNING + ADD_COND_RUNNING + configs: + net: default_network tags: - key: project value: ibeji runtimeConfig: | image: ghcr.io/eclipse-sdv-blueprints/software-orchestration/eclipse-ibeji/invehicle-digital-twin:0.1.1 - commandOptions: ["--network", "host", "--name", "invehicle-digital-twin"] + commandOptions: ["--network", "{{ net }}", "--name", "invehicle-digital-twin"] digital_twin_cloud_sync: runtime: podman agent: agent_A @@ -57,9 +65,13 @@ workloads: ADD_COND_RUNNING digital_twin_vehicle: ADD_COND_RUNNING + configs: + net: default_network tags: - key: project value: freyja runtimeConfig: | image: ghcr.io/eclipse-sdv-blueprints/software-orchestration/eclipse-freyja/local-with-ibeji:0.1.0 - commandOptions: ["--network", "host", "--name", "local-cloud-sync"] + commandOptions: ["--network", "{{ net }}", "--name", "local-cloud-sync"] +configs: + default_network: "host" diff --git a/eclipse-ankaios/scripts/run_blueprint.sh b/eclipse-ankaios/scripts/run_blueprint.sh index 149290b..0d89f6f 100755 --- a/eclipse-ankaios/scripts/run_blueprint.sh +++ b/eclipse-ankaios/scripts/run_blueprint.sh @@ -7,22 +7,24 @@ ANKAIOS_SERVER_URL="http://${ANKAIOS_SERVER_SOCKET}" trap 'cleanup_routine' EXIT SIGTERM SIGQUIT SIGKILL cleanup_routine() { + printf "\nStopping the blueprint\n" $SCRIPT_DIR/shutdown_blueprint.sh } run_ankaios() { - ANKAIOS_LOG_DIR="/var/log" + ANKAIOS_LOG_DIR="/var/log/ankaios" mkdir -p ${ANKAIOS_LOG_DIR} # Start the Ankaios server echo "Starting Ankaios server" - ank-server --startup-config ${SCRIPT_DIR}/../config/startupState.yaml --address ${ANKAIOS_SERVER_SOCKET} > ${ANKAIOS_LOG_DIR}/ankaios-server.log 2>&1 & + ank-server --insecure --startup-config ${SCRIPT_DIR}/../config/startupManifest.yaml --address ${ANKAIOS_SERVER_SOCKET} > ${ANKAIOS_LOG_DIR}/ankaios-server.log 2>&1 & sleep 2 # Start an Ankaios agent echo "Starting Ankaios agent agent_A" - ank-agent --name agent_A --server-url ${ANKAIOS_SERVER_URL} > ${ANKAIOS_LOG_DIR}/ankaios-agent_A.log 2>&1 & + ank-agent --insecure --name agent_A --server-url ${ANKAIOS_SERVER_URL} > ${ANKAIOS_LOG_DIR}/ankaios-agent_A.log 2>&1 & + echo "Ankaios started in insecure mode (according to env variables in .bashrc). For mTLS setup see https://eclipse-ankaios.github.io/ankaios/0.5/usage/mtls-setup/" echo "For graceful shutdown press Ctrl+C. Never exit just the terminal. Otherwise execute 'shutdown_blueprint.sh' manually." # Wait for any process to exit