Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
4e6f88c355
constellation/debugd/README.md
Malte Poll 4a8ebfd921 OS images: use "ref", "stream" and "version" 
Switch azure default region to west us
Update find-image script to work with new API spec
Add version for every os image build
generate measurements: Use new API paths
CLI: config fetch measurements: Use image short versions to fetch measurements
CLI: allows shortnames to specify image in config
Image build pipeline: Change paths to contain "ref" and "stream"
2022-12-09 13:37:43 +01:00

2.8 KiB
Raw Blame History

debug daemon (debugd)

Debugd is a tool we built to allow for shorter iteration cycles during development. The debugd gets embedded into OS images at the place where the bootstrapper normally sits. Therefore, when a debug image is started, the debugd starts executing instead of the bootstrapper. The debugd will then wait for a request from the cdbg tool to upload a bootstrapper binary. Once the upload is finished debugd will start the bootstrapper. Subsequently you can initialize your cluster with constellation init as usual.

Build cdbg

mkdir -p build
cmake ..
make cdbg

debugd & cdbg usage

Before continuing, remeber to set up your cloud credentials for the CLI to work.

With cdbg and yq installed in your path:

  1. Run constellation config generate to create a new default configuration

  2. Locate the latest debugd images by running hack/find-image/find-image.sh --ref main --stream debug

  3. Modify the constellation-conf.yaml to use an image with the debugd already included and add required firewall rules:

    # Set full reference of cloud provider image name
export IMAGE_URI=

    yq -i \
    "(.provider | select(. | has(\"azure\")).azure.image) = \"${IMAGE_URI}\"" \
     constellation-conf.yaml
yq -i \
    "(.provider | select(. | has(\"gcp\")).gcp.image) = \"${IMAGE_URI}\"" \
    constellation-conf.yaml

yq -i \
    "(.debugCluster) = true" \
    constellation-conf.yaml

  4. Run constellation create […]

  5. Run ./cdbg deploy

    By default, cdbg searches for the bootstrapper in the current path (./bootstrapper). You can define a custom path by appending the argument --bootstrapper <path to bootstrapper> to cdbg deploy.

  6. Run constellation init […] as usual

Logcollection to Opensearch

You can enable the logcollection of debugd to send logs to Opensearch.

On Azure, ensure your user assigned identity has the Key Vault Secrets User role assigned on the key vault opensearch-creds.

When deploying with cdbg, enable by setting the logcollect=true and your name logcollect.admin=yourname.

./cdbg deploy --info logcollect=true,logcollect.admin=yourname

# OR

./cdbg deploy --info logcollect=true --info logcollect.admin=yourname

Other available fields can be found in the filed list

For QEMU, the credentials for Opensearch must be parsed via the info flag as well:

./cdbg deploy \
    --info logcollect=true \
    --info logcollect.admin=yourname \
    --info qemu.opensearch-pw='xxxxxxx'

Remember to use single quotes for the password.

You will also need to increase the memory size of QEMU to 4GB.