Code Review / clover.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 67b7fb4)
Aligned snort-ids default config for SDC scenario 33/55033/1
authorEddie Arrage <eddie.arrage@huawei.com>
Tue, 3 Apr 2018 23:57:58 +0000 (23:57 +0000)
committerEddie Arrage <eddie.arrage@huawei.com>
Thu, 5 Apr 2018 23:38:30 +0000 (23:38 +0000)
- Modified snort-ids alert process to use k8s DNS name
'proxy-access-control' to align with SDC scenario naming
- Added default port 50054 to the manifest yaml template and
rendering script for communication with proxy-access-control

Change-Id: Ib04ee75e5d8ea9921b16b3b4469bed87b1cd2018
Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
(cherry picked from commit 30d36864d491d41fcb4700b5363b68086e239e5a)

samples/services/snort_ids/docker/grpc/snort_alerts.py patch | blob | history
samples/services/snort_ids/yaml/manifest.template patch | blob | history
samples/services/snort_ids/yaml/render_yaml.py patch | blob | history

diff --git a/samples/services/snort_ids/docker/grpc/snort_alerts.py b/samples/services/snort_ids/docker/grpc/snort_alerts.py
index eda2bd6..4cb87e2 100644 (file)
--- a/samples/services/snort_ids/docker/grpc/snort_alerts.py
+++ b/samples/services/snort_ids/docker/grpc/snort_alerts.py
@@ -14,7 +14,7 @@ from idstools import unified2
 
 
 HOST_IP = 'redis'
-PROXY_GRPC = 'http-proxy:50054'
+PROXY_GRPC = 'proxy-access-control:50054'
 
 logging.basicConfig(filename='alert.log', level=logging.DEBUG)
 
diff --git a/samples/services/snort_ids/yaml/manifest.template b/samples/services/snort_ids/yaml/manifest.template
index 178765b..25dbefa 100644 (file)
--- a/samples/services/snort_ids/yaml/manifest.template
+++ b/samples/services/snort_ids/yaml/manifest.template
@@ -18,6 +18,7 @@ spec:
            - containerPort: {{ grpc_port }}
            - containerPort: {{ redis_port }}
            - containerPort: {{ http_port }}
+           - containerPort: {{ pac_port }}
 ---
 apiVersion: v1
 kind: Service
@@ -33,6 +34,8 @@ spec:
     name: redis
   - port: {{ http_port }}
     name: http
+  - port: {{ pac_port }}
+    name: proxy-access-control
   selector:
     app: {{ deploy_name }}
 ---
diff --git a/samples/services/snort_ids/yaml/render_yaml.py b/samples/services/snort_ids/yaml/render_yaml.py
index e23f540..42a2615 100644 (file)
--- a/samples/services/snort_ids/yaml/render_yaml.py
+++ b/samples/services/snort_ids/yaml/render_yaml.py
@@ -23,6 +23,7 @@ def render_yaml(args):
             image_tag=args['image_tag'],
             deploy_name=args['deploy_name'],
             grpc_port=args['grpc_port'],
+            pac_port=args['pac_port'],
             redis_port=args['redis_port'],
             http_port=args['http_port']
         )
@@ -42,7 +43,7 @@ if __name__ == '__main__':
             help='The image name to use')
     parser.add_argument(
             '--image_path', default='localhost:5000',
-            help='The path to the images to use')
+            help='The path to the image to use')
     parser.add_argument(
             '--image_tag', default='latest',
             help='The image tag to use')
@@ -54,9 +55,13 @@ if __name__ == '__main__':
             help='The redis port to connect to for alerts')
     parser.add_argument(
             '--http_port', default='80',
-            help='Analyze http traffic on this port')
+            help='Analyze http data-plane traffic on this port')
     parser.add_argument(
             '--grpc_port', default='50052',
-            help='The image tag to use')
+            help='The GRPC server port for snort management')
+    parser.add_argument(
+            '--pac_port', default='50054',
+            help='The GRPC server port of the service to send alerts on')
+
     args = parser.parse_args()
     print(render_yaml(vars(args)))