Docker swarm

[gdbelvin]

This is a first cut at defining the proper docker swarm that implements Key Transparency correctly.
The complexity of the initial configuration has exceeded what Goreman can support.

Missing from this PR:

• Starting the Trillian Admin server
• Provisioning an initial log and map

[gdbelvin]

Now that google/trillian#607 is in, we can unblock this.

@cesarghali Could you review?
@liamsi Could you run through the instructions in the new README and see how they work for you?

[liamsi]

@liamsi Could you run through the instructions in the new README and see how they work for you?

Here are my first thoughts/comments/suggestions (will update comment as soon as I have more feedback):

Update: All issues below were adressed in gdbelvin#1, gdbelvin#2, and google/trillian#660

• for consistency we might specify the minimum docker version necessary (similar to etcd which says v3.1.3); the docker-compose.yml file format is of version 3 which requires docker engine 1.13.0+ (done)
• docker-compose isn't installed by default on some platforms; maybe, it should be mentioned as an explicit requirement? (done)
• docker-compose up -d raises an error due to google/trillian@ba4e1cd: (fixed, see below)

Error message

[...]
WARNING: Image for service trillian-log was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Building trillian-map
ERROR: Cannot locate specified Dockerfile: server/vmap/trillian_map_server/Dockerfile

• Shouldn't go run $GOPATH/github.com/google/trillian/cmd/createtree/main.go rather be go run $GOPATH/src/github.com/google/trillian/cmd/createtree/main.go (at least this seams to be the default layout) (resolved)
• see catch up on trillian modified paths gdbelvin/keytransparency#1 which fixes the last two problems (merged)
• ./scripts/prepare_server.sh "hangs' quite a long time after last user input requested (frontend pub IP); maybe, tell the user what is going on (go build and key-generation)?
• running docker-compose up shows several issues (I'm currently investigating if this is my firewall / docker configuration, or some general problem)
• apparently, on ubuntu one needs to chmod 644 ../trilliantorage/mysql/storage.sql before running docker-compose up db; otherwise permissions might be -rw-r----- 1 and: (we should keep this in mind but no changes needed; maybe later: a trouble shooting doc)

db_1   | /usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/storage.sql
db_1   | /usr/local/bin/docker-entrypoint.sh: line 180: /docker-entrypoint-initdb.d/storage.sql: Permission denied

• in the line below I had to change localhost to the explicit IP assigned by docker to the container (the one that is shown by docker inspect ID under Networks->IPAddress (same problem on a fresh VM, I'll come up with a script that inserts the right IP in there)

go run $GOPATH/src/github.com/google/trillian/cmd/createtree/main.go --admin_server=localhost:8090 --pem_key_path=testdata/log-rpc-server.privkey.pem --pem_key_password="towel" --signature_algorithm=ECDSA --tree_type=LOG

• while running prepare_server.sh one has to provide 0.0.0.0 as an IP address, otherwise the SAN extension doesn't get written (by gen_server_keys.sh) and one get's an error message ( x509: cannot validate certificate for 0.0.0.0 because it doesn't contain any IP SANs)

[gdbelvin]

Updated README.md to include versions and mention docker-compose.

[cesarghali]

Why do we need to launch twice? Shouldn't we do the provisioning and editing the yml file before launching?
Also, this item should be number 8.

[gdbelvin]

Updated to just launch the trillian components in this step:
docker-compose up trillian-map

[cesarghali]

Does this actually work? It might for now but I thought we want to have all API calls authenticated and if we do that this might stop working.

[gdbelvin]

The open source repo only has an unauthenticated GET.
Different providers can choose to do different things in their environments.

[cesarghali]

Where can log-rpc-server.privkey.pem be found? If a user try to run this command will it work? If not we should add a step for creating this private key.

[liamsi]

It worked for me (I had to change from localhost to the IP assigned to the container by the docker engine).

[cesarghali]

Does this mean the user should install mysql and set the password to zaphod and create a test database? If yes, can we add a step for that, maybe in the readme?

[gdbelvin]

The mysql db image uses the following environment variables to setup and configure the database on initial startup.

    environment:
      MYSQL_PASSWORD: zaphod
      MYSQL_USER: test
      MYSQL_DATABASE: test
      MYSQL_RANDOM_ROOT_PASSWORD: "yes"

[cesarghali]

s/these/the above

[gdbelvin]

done

[cesarghali]

Can you please add a comment that LOG_ID and MAP_ID values should be updated, here and below?

[gdbelvin]

done

[liamsi]

docker-compose up trillian-map -d fails with ERROR: No such service: -d has to be docker-compose up -d trillian-map instead.

[liamsi]

Which of the generated keys is this one? Shouldn't this be genfiles/p256-pubkey.pem?

[gdbelvin]

This key actually comes from the Trillian repo :-
It corresponds to the private key the the Trillian Log uses.

[liamsi]

OK, I'll change the default to ../trillian/testdata/log-rpc-server.pubkey.pem.

[liamsi]

Shouldn't this key rather be testdata/map-rpc-server.privkey.pem instead (of log-)?

[liamsi]

The private signing key --key="$SIGN_KEY" is treated as path to a file flag here and yet the passed string is interpreted to contain the PEM bytes here. Looks like this fails (but independent from this docker pull).

[liamsi]

After chatting with @RJPercival (thanks again), I've decided that it's reasonable to add an additional flag for the password of the private-key/PEM-file with an option for a config-file (with the PW contained) like implemented for trillian in google/trillian/pull/620

[cesarghali]

LGTM.

Given the fact I haven't ran a docker image before, I'm thinking of waiting until this PR becomes stable and try to follow the README instructions as someone with no knowledge of this.

[codecov-io]

Codecov Report

Merging #578 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #578   +/-   ##
=======================================
  Coverage   59.87%   59.87%           
=======================================
  Files          34       34           
  Lines        2318     2318           
=======================================
  Hits         1388     1388           
  Misses        643      643           
  Partials      287      287

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4a4a462...53803c2. Read the comment docs.