Hi everyone,
Happy to see progress on software probes :). I will try to deploy it on our raspberries on the weekend.
My thoughts on the docker stuff, we should aim to make it run with alpine linux before we release an official container, because a CentOS container seems to be too bloated.
Storage outside of the container should be no problem, I suggest we make a docker-compose file to setup all the storage stuff etc.. If there is an upgrade script between versions we should run the upgrade script at every container start.
Best,
Annika
Hi,Thank you for the report, it's really helpful! We'll have to see if someof this should be turned into github issues -- there are pros and consas always.On 2019-10-24 05:10, Tobias Sachs wrote:2. What are your thoughts about a 'curl https://install.atlas.ripe.com |
bash' ?
I know there are many pros and cons for such a setup but overall it
would make the process simpler.
It's possible. I'm personally against piping stuff you just downloadedinto shell but YMMV :-) In any case, one would have to go throughprompts and such anyway, for example to check GPG key ids and hashes andsuch.3. When you visit https://atlas.ripe.net/apply/swprobe/ without being
logged in it redirects to /denied. Ok, logging in.., hmm, still denied
:o Turns out that /denied does not check the status from the user after
SSO login and SSO simply redirects you back.
Yes, that's annoying. But, this is only applicable during the testingperiod so maybe it's not worth solving...4. Near my Probes and only my is „(Register)“, is this on purpose?
No, that will need to go away. It's also a typical example of thezillion small things we need to adapt for sw probes. Thanks for pointingit out.5. I managed to make a functional Dockerfile.
https://gist.github.com/Knight1/f903d5230890f8fa283601bee1494280
Important infos
- There is no check for the ripe files
- You have to manually copy the files from the source to the mounted
docker folder
Testing
1. docker build -t atlas-sw .
2. docker run -it --rm -v /sys/fs/cgroup:/sys/fs/cgroup:ro
--cap-add=sys_admin --name=atlas atlas-sw
3. docker cp atlas:/var/atlas-probe/ /opt/docker/atlas-probe/
4. docker run -it --rm -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v
/opt/docker/atlas-probe/:/var/atlas-probe/ --cap-add=sys_admin
--name=atlas --memory=128m atlas-sw
Nice!6. Any ideas about an official Docker package? Because the container is
just running fine :o https://atlas.ripe.net/probes/1000013/
Sure I will monitor the logs and there are some bugs I know to
report/fix but in summary it is running and reporting. I only tested
ping :o
I believe there will be demand for a docker version, so I'm happy thatit's emerging! The way I see it there are some issues to resolve:* permanent storage of key material, so outside the container?* how to handle upgrading if there's a new (upstream) available* perhaps more to make this version sustainableIt's be nice to get to a point where we can claim the docker version isas complete as any other release in all respects.7. Has someone managed to migrate a ssh private key to a new host? I
know that the system is lurking for a file to know about the
initialization status but in the file that manages the initialization
the statefile is from $1
Can you explain what problem you want to solve? If you want to "move"your probe from one server to another as a one-off action, you canalways just install the new one, submit its key to us as a replacement[almost implemented :-)] and stop the old instance.Cheers,RobertCheers!
Tobias