Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • tfs/controller
1 result
Show changes
Commits on Source (126)
26 additional commits have been omitted to prevent performance issues.
Hide whitespace changes
Inline Side-by-side
Showing
with 642 additions and 134 deletions
.gitlab-ci.yml
View file @ ff533e4d
......@@ -28,9 +28,10 @@ include:
- local: '/src/context/.gitlab-ci.yml'
- local: '/src/device/.gitlab-ci.yml'
- local: '/src/service/.gitlab-ci.yml'
#- local: '/src/dbscanserving/.gitlab-ci.yml'
#- local: '/src/opticalattackmitigator/.gitlab-ci.yml'
#- local: '/src/opticalcentralizedattackdetector/.gitlab-ci.yml'
- local: '/src/dbscanserving/.gitlab-ci.yml'
- local: '/src/opticalattackmitigator/.gitlab-ci.yml'
- local: '/src/opticalattackdetector/.gitlab-ci.yml'
- local: '/src/opticalattackmanager/.gitlab-ci.yml'
- local: '/src/automation/.gitlab-ci.yml'
- local: '/src/policy/.gitlab-ci.yml'
#- local: '/src/webui/.gitlab-ci.yml'
......
common_requirements.in
View file @ ff533e4d
......@@ -16,6 +16,7 @@ coverage==6.3
grpcio==1.47.*
grpcio-health-checking==1.47.*
grpcio-tools==1.47.*
grpclib[protobuf]
prettytable==3.5.0
prometheus-client==0.13.0
protobuf==3.20.*
......
deploy/tfs.sh
View file @ ff533e4d
......@@ -175,6 +175,14 @@ echo "# Environment variables for TeraFlowSDN deployment" > $ENV_VARS_SCRIPT
PYTHONPATH=$(pwd)/src
echo "export PYTHONPATH=${PYTHONPATH}" >> $ENV_VARS_SCRIPT
echo "Create Redis secret..."
# first try to delete an old one if exists
kubectl delete secret redis-secrets --namespace=$TFS_K8S_NAMESPACE --ignore-not-found
REDIS_PASSWORD=`uuidgen`
kubectl create secret generic redis-secrets --namespace=$TFS_K8S_NAMESPACE \
--from-literal=REDIS_PASSWORD=$REDIS_PASSWORD
echo "export REDIS_PASSWORD=${REDIS_PASSWORD}" >> $ENV_VARS_SCRIPT
for COMPONENT in $TFS_COMPONENTS; do
echo "Processing '$COMPONENT' component..."
......@@ -424,6 +432,31 @@ if [[ "$TFS_COMPONENTS" == *"webui"* ]]; then
}' ${GRAFANA_URL_UPDATED}/api/datasources
echo
curl -X POST -H "Content-Type: application/json" -H "Accept: application/json" -d '{
"access" : "proxy",
"type" : "postgres",
"name" : "cockroachdb",
"url" : "'cockroachdb-public.${CRDB_NAMESPACE}.svc.cluster.local:${CRDB_SQL_PORT}'",
"database" : "'${CRDB_DATABASE}'",
"user" : "'${CRDB_USERNAME}'",
"basicAuth": false,
"isDefault": false,
"jsonData" : {
"sslmode" : "require",
"postgresVersion" : 1100,
"maxOpenConns" : 0,
"maxIdleConns" : 2,
"connMaxLifetime" : 14400,
"tlsAuth" : false,
"tlsAuthWithCACert" : false,
"timescaledb" : false,
"tlsConfigurationMethod": "file-path",
"tlsSkipVerify" : true
},
"secureJsonData": {"password": "'${CRDB_PASSWORD}'"}
}' ${GRAFANA_URL_UPDATED}/api/datasources
echo
# adding the datasource of the metrics collection framework
curl -X POST -H "Content-Type: application/json" -H "Accept: application/json" -d '{
"access" : "proxy",
......
expose_ingress_grpc.sh
View file @ ff533e4d
......@@ -21,7 +21,7 @@
export TFS_K8S_NAMESPACE=${TFS_K8S_NAMESPACE:-"tfs"}
# If not already set, set the list of components you want to build images for, and deploy.
export TFS_COMPONENTS=${TFS_COMPONENTS:-"context device automation policy service compute monitoring dbscanserving opticalattackmitigator opticalcentralizedattackdetector webui"}
export TFS_COMPONENTS=${TFS_COMPONENTS:-"context device automation policy service compute monitoring dbscanserving opticalattackmitigator opticalcentralizedattackdetector l3_attackmitigator l3_centralizedattackdetector webui"}
########################################################################################################################
# Automated steps start here
......
manifests/cachingservice.yaml 0 → 100644
View file @ ff533e4d
# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cachingservice
spec:
selector:
matchLabels:
app: cachingservice
template:
metadata:
labels:
app: cachingservice
spec:
containers:
- name: redis
image: redis:7.0-alpine
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
ports:
- containerPort: 6379
name: client
command: ["redis-server"]
args:
- --requirepass
- $(REDIS_PASSWORD)
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 500m
memory: 512Mi
---
apiVersion: v1
kind: Service
metadata:
name: cachingservice
spec:
type: ClusterIP
selector:
app: cachingservice
ports:
- name: redis
port: 6379
targetPort: 6379
manifests/dbscanservingservice.yaml
View file @ ff533e4d
......@@ -31,33 +31,61 @@ spec:
image: labs.etsi.org:5050/tfs/controller/dbscanserving:latest
imagePullPolicy: Always
ports:
- containerPort: 10006
- containerPort: 10008
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "DEBUG"
value: "INFO"
readinessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10006"]
command: ["/bin/grpc_health_probe", "-addr=:10008"]
livenessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10006"]
command: ["/bin/grpc_health_probe", "-addr=:10008"]
resources:
requests:
cpu: 250m
memory: 512Mi
memory: 128Mi
limits:
cpu: 700m
cpu: 1000m
memory: 1024Mi
---
apiVersion: v1
kind: Service
metadata:
name: dbscanservingservice
labels:
app: dbscanservingservice
spec:
type: ClusterIP
selector:
app: dbscanservingservice
ports:
- name: grpc
port: 10006
targetPort: 10006
port: 10008
targetPort: 10008
- name: metrics
port: 9192
targetPort: 9192
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: dbscanservingservice-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: dbscanservingservice
minReplicas: 1
maxReplicas: 20
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
#behavior:
# scaleDown:
# stabilizationWindowSeconds: 30
manifests/l3_attackmitigatorservice.yaml
View file @ ff533e4d
......@@ -32,6 +32,7 @@ spec:
imagePullPolicy: Always
ports:
- containerPort: 10002
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "DEBUG"
......@@ -53,11 +54,69 @@ apiVersion: v1
kind: Service
metadata:
name: l3-attackmitigatorservice
labels:
app: l3-attackmitigatorservice
spec:
type: ClusterIP
selector:
app: l3-attackmitigatorservice
ports:
- name: metrics
protocol: TCP
port: 9192
targetPort: 9192
- name: grpc
port: 10002
targetPort: 10002
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: l3-attackmitigatorservice-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: l3-attackmitigatorservice
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 120
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: tfs-l3-attackmitigatorservice-metric
labels:
app: l3-attackmitigatorservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: l3-attackmitigatorservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
manifests/l3_centralizedattackdetectorservice.yaml
View file @ ff533e4d
......@@ -32,6 +32,7 @@ spec:
imagePullPolicy: Always
ports:
- containerPort: 10001
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "DEBUG"
......@@ -53,11 +54,68 @@ apiVersion: v1
kind: Service
metadata:
name: l3-centralizedattackdetectorservice
labels:
app: l3-centralizedattackdetectorservice
spec:
type: ClusterIP
selector:
app: l3-centralizedattackdetectorservice
ports:
- name: metrics
protocol: TCP
port: 9192
targetPort: 9192
- name: grpc
port: 10001
targetPort: 10001
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: l3-centralizedattackdetectorservice-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: l3-centralizedattackdetectorservice
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
behavior:
scaleDown:
stabilizationWindowSeconds: 120
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: tfs-l3-centralizedattackdetectorservice-metric
labels:
app: l3-centralizedattackdetectorservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: l3-centralizedattackdetectorservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
manifests/opticalattackdetectorservice.yaml 0 → 100644
View file @ ff533e4d
# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: opticalattackdetectorservice
spec:
selector:
matchLabels:
app: opticalattackdetectorservice
template:
metadata:
labels:
app: opticalattackdetectorservice
spec:
terminationGracePeriodSeconds: 5
containers:
- name: server
image: labs.etsi.org:5050/tfs/controller/opticalattackdetector:latest
imagePullPolicy: Always
ports:
- containerPort: 10006
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "INFO"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
readinessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10006"]
livenessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10006"]
resources:
requests:
cpu: 250m
memory: 128Mi
limits:
cpu: 1000m
memory: 1024Mi
---
apiVersion: v1
kind: Service
metadata:
name: opticalattackdetectorservice
labels:
app: opticalattackdetectorservice
spec:
type: ClusterIP
selector:
app: opticalattackdetectorservice
ports:
- name: grpc
port: 10006
targetPort: 10006
- name: metrics
port: 9192
targetPort: 9192
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: opticalattackdetectorservice-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: opticalattackdetectorservice
minReplicas: 1
maxReplicas: 20
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
#behavior:
# scaleDown:
# stabilizationWindowSeconds: 30
manifests/opticalcentralizedattackdetectorservice.yaml manifests/opticalattackmanagerservice.yaml
View file @ ff533e4d
......@@ -15,49 +15,61 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: opticalcentralizedattackdetectorservice
name: opticalattackmanagerservice
spec:
selector:
matchLabels:
app: opticalcentralizedattackdetectorservice
app: opticalattackmanagerservice
replicas: 1
template:
metadata:
labels:
app: opticalcentralizedattackdetectorservice
app: opticalattackmanagerservice
spec:
terminationGracePeriodSeconds: 5
containers:
- name: server
image: labs.etsi.org:5050/tfs/controller/opticalcentralizedattackdetector:latest
image: labs.etsi.org:5050/tfs/controller/opticalattackmanager:latest
imagePullPolicy: Always
ports:
- containerPort: 10005
envFrom:
- secretRef:
name: monitoring-secrets
readinessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10005"]
livenessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10005"]
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "INFO"
- name: MONITORING_INTERVAL
value: "30"
- name: OPTICALATTACKMANAGERSERVICE_LOOP_MIN_WORKERS
value: "2" # remember to align this with the resource limits
- name: OPTICALATTACKMANAGERSERVICE_LOOP_MAX_WORKERS
value: "10" # remember to align this with the resource limits
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secrets
key: REDIS_PASSWORD
resources:
requests:
cpu: 250m
memory: 512Mi
memory: 128Mi
limits:
cpu: 700m
memory: 1024Mi
cpu: 10000m
memory: 10240Mi
---
apiVersion: v1
kind: Service
metadata:
name: opticalcentralizedattackdetectorservice
name: opticalattackmanagerservice
labels:
app: opticalattackmanagerservice
spec:
type: ClusterIP
selector:
app: opticalcentralizedattackdetectorservice
app: opticalattackmanagerservice
ports:
- name: grpc
port: 10005
targetPort: 10005
- name: metrics
port: 9192
targetPort: 9192
manifests/opticalattackmitigatorservice.yaml
View file @ ff533e4d
......@@ -32,9 +32,10 @@ spec:
imagePullPolicy: Always
ports:
- containerPort: 10007
- containerPort: 9192
env:
- name: LOG_LEVEL
value: "DEBUG"
value: "INFO"
readinessProbe:
exec:
command: ["/bin/grpc_health_probe", "-addr=:10007"]
......@@ -44,15 +45,17 @@ spec:
resources:
requests:
cpu: 250m
memory: 512Mi
memory: 128Mi
limits:
cpu: 700m
cpu: 1000m
memory: 1024Mi
---
apiVersion: v1
kind: Service
metadata:
name: opticalattackmitigatorservice
labels:
app: opticalattackmitigatorservice
spec:
type: ClusterIP
selector:
......@@ -61,3 +64,28 @@ spec:
- name: grpc
port: 10007
targetPort: 10007
- name: metrics
port: 9192
targetPort: 9192
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: opticalattackmitigatorservice-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: opticalattackmitigatorservice
minReplicas: 1
maxReplicas: 20
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
#behavior:
# scaleDown:
# stabilizationWindowSeconds: 30
manifests/servicemonitors.yaml
View file @ ff533e4d
......@@ -359,3 +359,119 @@ spec:
any: false
matchNames:
- tfs # namespace where the app is running
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
namespace: monitoring # namespace where prometheus is running
name: tfs-dbscanservingservice-metric
labels:
app: dbscanservingservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: dbscanservingservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
namespace: monitoring # namespace where prometheus is running
name: tfs-opticalattackmitigatorservice-metric
labels:
app: opticalattackmitigatorservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: opticalattackmitigatorservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
namespace: monitoring # namespace where prometheus is running
name: tfs-opticalattackdetectorservice-metric
labels:
app: opticalattackdetectorservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: opticalattackdetectorservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
namespace: monitoring # namespace where prometheus is running
name: tfs-opticalattackmanagerservice-metric
labels:
app: opticalattackmanagerservice
#release: prometheus
#release: prom # name of the release
# ( VERY IMPORTANT: You need to know the correct release name by viewing
# the servicemonitor of Prometheus itself: Without the correct name,
# Prometheus cannot identify the metrics of the Flask app as the target.)
spec:
selector:
matchLabels:
# Target app service
#namespace: tfs
app: opticalattackmanagerservice # same as above
#release: prometheus # same as above
endpoints:
- port: metrics # named port in target app
scheme: http
path: /metrics # path to scrape
interval: 5s # scrape interval
namespaceSelector:
any: false
matchNames:
- tfs # namespace where the app is running
\ No newline at end of file
my_deploy.sh
View file @ ff533e4d
......@@ -20,7 +20,19 @@
export TFS_REGISTRY_IMAGES="http://localhost:32000/tfs/"
# Set the list of components, separated by spaces, you want to build images for, and deploy.
export TFS_COMPONENTS="context device automation monitoring pathcomp service slice compute webui load_generator"
export TFS_COMPONENTS="context device pathcomp service slice compute webui load_generator"
# Uncoment to activate Monitoring
#export TFS_COMPONENTS="${TFS_COMPONENTS} monitoring"
# Uncoment to activate Automation and Policy Manager
#export TFS_COMPONENTS="${TFS_COMPONENTS} automation policy"
# Uncoment to activate Optical CyberSecurity
#export TFS_COMPONENTS="${TFS_COMPONENTS} dbscanserving opticalattackmitigator opticalattackdetector opticalattackmanager"
# Uncoment to activate L3 CyberSecurity
#export TFS_COMPONENTS="${TFS_COMPONENTS} l3_attackmitigator l3_centralizedattackdetector"
# Set the tag you want to use for your images.
export TFS_IMAGE_TAG="dev"
......@@ -31,6 +43,9 @@ export TFS_K8S_NAMESPACE="tfs"
# Set additional manifest files to be applied after the deployment
export TFS_EXTRA_MANIFESTS="manifests/nginx_ingress_http.yaml manifests/servicemonitors.yaml"
# Uncoment when deploying Optical CyberSecurity
#export TFS_EXTRA_MANIFESTS="${TFS_EXTRA_MANIFESTS} manifests/cachingservice.yaml"
# Set the new Grafana admin password
export TFS_GRAFANA_PASSWORD="admin123+"
......
proto/generate_code_python.sh
View file @ ff533e4d
......@@ -38,5 +38,8 @@ EOF
# Generate Python code
python3 -m grpc_tools.protoc -I=./ --python_out=src/python/ --grpc_python_out=src/python/ *.proto
# new line added to generate protobuf for the `grpclib` library
python3 -m grpc_tools.protoc -I=./ --python_out=src/python/asyncio --grpclib_python_out=src/python/asyncio *.proto
# Arrange generated code imports to enable imports from arbitrary subpackages
find src/python -type f -iname *.py -exec sed -i -E 's/(import\ .*)_pb2/from . \1_pb2/g' {} \;
proto/l3_attackmitigator.proto
View file @ ff533e4d
......@@ -17,23 +17,33 @@ syntax = "proto3";
import "context.proto";
service L3Attackmitigator{
// Sends a greeting
rpc SendOutput (L3AttackmitigatorOutput) returns (context.Empty) {}
// Sends another greeting
// Perform Mitigation
rpc PerformMitigation (L3AttackmitigatorOutput) returns (context.Empty) {}
// Get Mitigation
rpc GetMitigation (context.Empty) returns (context.Empty) {}
// Get Configured ACL Rules
rpc GetConfiguredACLRules (context.Empty) returns (ACLRules) {}
}
message L3AttackmitigatorOutput {
float confidence = 1;
string timestamp = 2;
string ip_o = 3;
string tag_name = 4;
int32 tag = 5;
string flow_id = 6;
string protocol = 7;
string port_d = 8;
string ml_id = 9;
float time_start = 10;
float time_end = 11;
string ip_o = 3;
string ip_d = 4;
string tag_name = 5;
int32 tag = 6;
string flow_id = 7;
string protocol = 8;
string port_o = 9;
string port_d = 10;
string ml_id = 11;
context.ServiceId service_id = 12;
context.EndPointId endpoint_id = 13;
float time_start = 14;
float time_end = 15;
}
message ACLRules {
repeated context.ConfigRule acl_rules = 1;
}
proto/l3_centralizedattackdetector.proto
View file @ ff533e4d
......@@ -14,65 +14,55 @@
syntax = "proto3";
import "context.proto";
service L3Centralizedattackdetector {
// Sends a greeting
rpc SendInput (L3CentralizedattackdetectorMetrics) returns (Empty) {}
// Sends another greeting
rpc GetOutput (Empty) returns (L3CentralizedattackdetectorModelOutput) {}
// Analyze single input to the ML model in the CAD component
rpc AnalyzeConnectionStatistics (L3CentralizedattackdetectorMetrics) returns (Empty) {}
// Analyze a batch of inputs to the ML model in the CAD component
rpc AnalyzeBatchConnectionStatistics (L3CentralizedattackdetectorBatchInput) returns (Empty) {}
// Get the list of features used by the ML model in the CAD component
rpc GetFeaturesIds (Empty) returns (AutoFeatures) {}
}
message Feature {
float feature = 1;
}
message L3CentralizedattackdetectorMetrics {
/*
Model input sent to the Inferencer by the client
There are currently 9 values and
*/
// Input sent by the DAD compoenent to the ML model integrated in the CAD component.
// Machine learning
float n_packets_server_seconds = 1;
float n_packets_client_seconds = 2;
float n_bits_server_seconds = 3;
float n_bits_client_seconds = 4;
float n_bits_server_n_packets_server = 5;
float n_bits_client_n_packets_client = 6;
float n_packets_server_n_packets_client = 7;
float n_bits_server_n_bits_client = 8;
// Machine learning model features
repeated Feature features = 1;
ConnectionMetadata connection_metadata = 2;
// Conection identifier
string ip_o = 9;
string port_o = 10;
string ip_d = 11;
string port_d = 12;
string flow_id = 13;
string protocol = 14;
float time_start = 15;
float time_end = 16;
}
message Empty {
string message = 1;
message ConnectionMetadata {
string ip_o = 1;
string port_o = 2;
string ip_d = 3;
string port_d = 4;
string flow_id = 5;
context.ServiceId service_id = 6;
context.EndPointId endpoint_id = 7;
string protocol = 8;
float time_start = 9;
float time_end = 10;
}
message L3CentralizedattackdetectorModelOutput {
float confidence = 1;
string timestamp = 2;
string ip_o = 3;
string tag_name = 4;
int32 tag = 5;
string flow_id = 6;
string protocol = 7;
string port_d = 8;
string ml_id = 9;
float time_start = 10;
float time_end = 11;
// Collection of values representing ML features
message AutoFeatures {
repeated float auto_features = 1;
}
// Collections or streams?
/*
message InputCollection {
repeated model_input = 1;
// Collection (batch) of model inputs that will be sent to the model
message L3CentralizedattackdetectorBatchInput {
repeated L3CentralizedattackdetectorMetrics metrics = 1;
}
message OutputCollection {
repeated model_output = 1;
message Empty {
string message = 1;
}
*/
proto/centralized_attack_detector.proto proto/optical_attack_detector.proto
View file @ ff533e4d
......@@ -14,19 +14,19 @@
// protocol buffers documentation: https://developers.google.com/protocol-buffers/docs/proto3
syntax = "proto3";
package centralized_attack_detector;
package optical_attack_detector;
import "context.proto";
import "monitoring.proto";
service CentralizedAttackDetectorService {
rpc NotifyServiceUpdate (context.Service ) returns (context.Empty) {}
service OpticalAttackDetectorService {
// rpc that triggers the attack detection loop
rpc DetectAttack (context.Empty ) returns (context.Empty) {}
// rpc that executes the detection loop for a particular service
rpc DetectAttack (DetectionRequest) returns (context.Empty) {}
// rpc called by the distributed component to report KPIs
rpc ReportSummarizedKpi (monitoring.KpiList) returns (context.Empty) {}
}
rpc ReportKpi (monitoring.KpiList) returns (context.Empty) {}
message DetectionRequest {
context.ServiceId service_id = 1;
monitoring.KpiId kpi_id = 2;
}
proto/optical_centralized_attack_detector.proto deleted 100644 → 0
View file @ 5150d830
// Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// protocol buffers documentation: https://developers.google.com/protocol-buffers/docs/proto3
syntax = "proto3";
package centralized_attack_detector;
import "context.proto";
import "monitoring.proto";
service OpticalCentralizedAttackDetectorService {
rpc NotifyServiceUpdate (context.Service ) returns (context.Empty) {}
// rpc that triggers the attack detection loop
rpc DetectAttack (context.Empty ) returns (context.Empty) {}
// rpc called by the distributed component to report KPIs
rpc ReportSummarizedKpi (monitoring.KpiList) returns (context.Empty) {}
rpc ReportKpi (monitoring.KpiList) returns (context.Empty) {}
}
src/opticalattackmitigator/proto/__init__.py proto/src/python/asyncio/__init__.py
View file @ ff533e4d
......@@ -11,4 +11,3 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
scripts/show_logs_l3-attack-mitigator.sh 0 → 100755
View file @ ff533e4d
#!/bin/bash
# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
########################################################################################################################
# Define your deployment settings here
########################################################################################################################
# If not already set, set the name of the Kubernetes namespace to deploy to.
export TFS_K8S_NAMESPACE=${TFS_K8S_NAMESPACE:-"tfs"}
########################################################################################################################
# Automated steps start here
########################################################################################################################
kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/l3-attackmitigatorservice -c server