// instantiate new autopilot-mode orchestrator.
//
// autopilot-mode is useful when you do not need PB/REST RPC
func NewAutopilotOrchestrator(cfg config.Config) (*Orchestrator, error) {
policy, err := CreatePolicy(cfg.GetString("explorePolicy"))
if err != nil {
return nil, err
}
policy.LoadConfig(cfg)
orchestrator := NewOrchestrator(cfg, policy, false)
return orchestrator, nil
}
func checkPrerequisite(cfg config.Config) error {
dummyPID := 0
capInst, err := cap.NewPid(dummyPID)
if err != nil {
return err
}
if cfg.GetBool("containerParam.enableEthernetInspector") {
if !capInst.Get(cap.EFFECTIVE, cap.CAP_NET_ADMIN) {
return fmt.Errorf("CAP_NET_ADMIN is needed.")
}
if !capInst.Get(cap.EFFECTIVE, cap.CAP_SYS_ADMIN) {
return fmt.Errorf("CAP_SYS_ADMIN is needed.")
}
}
if cfg.GetBool("containerParam.enableProcInspector") {
if !capInst.Get(cap.EFFECTIVE, cap.CAP_SYS_NICE) {
return fmt.Errorf("CAP_SYS_NICE is needed.")
}
}
return nil
}
// parameters:
// - interval(duration): interval (default: 0 msecs)
//
// should support dynamic reloading
func (d *Dumb) LoadConfig(cfg config.Config) error {
log.Debugf("CONFIG: %s", cfg.AllSettings())
paramInterval := "explorepolicyparam.interval"
if cfg.IsSet(paramInterval) {
d.Interval = cfg.GetDuration(paramInterval)
log.Infof("Set interval=%s", d.Interval)
} else {
log.Infof("Using default interval=%s", d.Interval)
}
return nil
}
func StartEarthquakeRoutines(c *docker.Container, cfg config.Config) error {
log.Debugf("Starting Orchestrator")
go func() {
oerr := StartOrchestrator(cfg)
if oerr != nil {
panic(log.Critical(oerr))
}
}()
if cfg.GetBool("containerParam.enableEthernetInspector") {
nfqNum := cfg.GetInt("containerParam.ethernetNFQNumber")
if nfqNum <= 0 {
return fmt.Errorf("strange containerParam.ethernetNFQNumber: %d", nfqNum)
}
log.Debugf("Configuring NFQUEUE %d for container %s", nfqNum, c.ID)
err := SetupNFQUEUE(c, nfqNum, false, false)
if err != nil {
return err
}
log.Debugf("Starting Ethernet Inspector")
go func() {
ierr := StartEthernetInspector(c, nfqNum)
if ierr != nil {
panic(log.Critical(ierr))
}
}()
}
if cfg.GetBool("containerParam.enableProcInspector") {
watchInterval := cfg.GetDuration("containerParam.procWatchInterval")
if watchInterval <= 0 {
return fmt.Errorf("strange containerParam.procWatchInterval: %s", watchInterval)
}
log.Debugf("Starting Process Inspector")
go func() {
ierr := StartProcInspector(c, watchInterval)
if ierr != nil {
panic(log.Critical(ierr))
}
}()
}
return nil
}
// parameters:
// - minInterval(duration): min interval in millisecs (default: 0 msecs)
//
// - maxInterval(duration): max interval (default == minInterval)
//
// - prioritizedEntities([]string): prioritized entity string (default: empty)
//
// - shellActionInterval(duration): interval in millisecs for injecting ShellAction (default: 0)
// NOTE: this can be 0 only if shellFaultCommand=""(empty string))
//
// - shellActionCommand(string): command string for injecting ShellAction (default: empty string "")
// NOTE: the command execution blocks.
//
// - faultActionProbability(float64): probability (0.0-1.0) of PacketFaultAction/FilesystemFaultAction.
//
// should support dynamic reloading
func (r *Random) LoadConfig(cfg config.Config) error {
epp := "explorepolicyparam."
paramMinInterval := epp + "minInterval"
if cfg.IsSet(paramMinInterval) {
r.MinInterval = cfg.GetDuration(paramMinInterval)
log.Infof("Set minInterval=%s", r.MinInterval)
} else {
log.Infof("Using default minInterval=%s", r.MinInterval)
}
paramMaxInterval := epp + "maxInterval"
if cfg.IsSet(paramMaxInterval) {
r.MaxInterval = cfg.GetDuration(paramMaxInterval)
log.Infof("Set maxInterval=%s", r.MaxInterval)
} else {
// set non-zero default value
r.MaxInterval = r.MinInterval
log.Infof("Using default maxInterval=%s", r.MaxInterval)
}
paramPrioritizedEntities := epp + "prioritizedEntities"
if cfg.IsSet(paramPrioritizedEntities) {
slice := cfg.GetStringSlice(paramPrioritizedEntities)
if slice != nil {
for i := 0; i < len(slice); i++ {
r.PrioritizedEntities[slice[i]] = true
}
log.Debugf("Set prioritizedEntities=%s", r.PrioritizedEntities)
}
}
paramShellActionInterval := epp + "shellActionInterval"
if cfg.IsSet(paramShellActionInterval) {
r.ShellActionInterval = cfg.GetDuration(paramShellActionInterval)
log.Infof("Set shellActionInterval=%s", r.ShellActionInterval)
}
paramShellActionCommand := epp + "shellActionCommand"
if cfg.IsSet(paramShellActionCommand) {
r.ShellActionCommand = cfg.GetString(paramShellActionCommand)
log.Infof("Set shellActionCommand=%s", r.ShellActionCommand)
}
if r.ShellActionInterval < 0 {
return fmt.Errorf("shellActionInterval(=%s) must be non-negative value", r.ShellActionInterval)
}
if r.ShellActionInterval == 0 && r.ShellActionCommand != "" {
log.Warn("shellActionCommand will be ignored, because shellActionInterval is zero.")
}
if r.ShellActionInterval > 0 && !r.shelActionRoutineRunning {
// FIXME: not thread safe!
r.shelActionRoutineRunning = true
go r.shellFaultInjectionRoutine()
}
paramFaultActionProbability := epp + "faultActionProbability"
if cfg.IsSet(paramFaultActionProbability) {
r.FaultActionProbability = cfg.GetFloat64(paramFaultActionProbability)
log.Infof("Set faultActionProbability=%f", r.FaultActionProbability)
}
if r.FaultActionProbability < 0.0 || r.FaultActionProbability > 1.0 {
return fmt.Errorf("bad faultActionProbability %f", r.FaultActionProbability)
}
return nil
}