The Security Dashboard (Dashboard from now on) is SHIELD’s topmost component being in charge of enabling users and third party applications to use SHIELD’s internal features. Dashboard is therefore the entry point of SHIELD solution, seamlessly encapsulating the access and use of all its information and features in this component. Being the only point of access for the SHIELD users facilitate the integration and builds a more secure application, since the access control is more robust and protected. Besides integrating with all SHIELD’s components, Dashboard is also responsible for the implementation of a set of support features. It will provide user and tenant management features, billing and monetisation capabilities as well as a remediation subcomponent responsible for persisting and dispatching (upon validation by authorised users) all SHIELD’s remediation suggestions.
- Python 3
- Eve REST API framework which provides (amongst other goodies) Flask for RESTful support, Cerberus for JSON validation and MongoDB for the actual vNSF & NS data store.
- RabbitMQ for the messaging server
- Node for the HTTP server
- AngularJS for the web application framework
To prevent undesired side-effects from dependencies update by third-party frameworks, all the libraries in use by this project are declared in the requirements-dashboard.txt and requirements-dashboard-q.txt files.
The rationale behind the freeze for every dependency in use is to ensure that no update on libraries used by third-party frameworks will ever render this application undeployable. Usually a framework developer doesn't lock the version of the libraries it depends on hoping that its application can automagically use the updated version of any library. Unfortunately real-life coding doesn't always works like that and previous version support isn't always assured.
The environment requirements are defined in the requirements-dashboard.txt file for the Dashboard API and in the requirements-dashboard-q.txt file for the Dashboard Queue.
Install the following packages and versions following the manuals:
- Docker (17.06.0+)
- docker-compose (3.0+)
Alternatively, install them through the steps below:
sudo apt-get install --no-install-recommends apt-transport-https curl software-properties-common python-pip
curl -fsSL 'https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e' | sudo apt-key add -
sudo add-apt-repository "deb https://packages.docker.com/1.13/apt/repo/ubuntu-$(lsb_release -cs) main"
sudo apt-get update
sudo apt-get -y install docker-engine
sudo pip install docker-composeFinally, add current user to the docker group (allows issuing Docker commands w/o sudo):
sudo usermod -aG docker $(whoami)
Automation details can be found in the DevOps section.
TL;DR
- Run it with:
cd docker
./run.sh --environment .env.production --verboseOnce everything is up and running the last lines on the screen should be something like:
dashboard-gui_1 | Starting up http-server, serving /usr/share/dev/dashboard-gui/dev
dashboard-gui_1 | Available on:
dashboard-gui_1 | http://127.0.0.1:8080
dashboard-gui_1 | http://172.18.0.7:8080
dashboard-gui_1 | Hit CTRL-C to stop the server
rev-proxy_1 | [WARNING] 303/174416 (1) : Server BE_dashboard-gui/dashboard-gui is UP.At this point the containers for the message queue server, the recommendations queue logic, the backend API, the recommendations history, the GUI and the reverse proxy are up and running. An example of the docker environment put in place is presented next.
$ docker ps
CONTAINER ID IMAGE NAMES
32be37213530 docker_msgq docker_msgq_1
66df8bf7ec58 docker_dashboard-backend-q docker_dashboard-backend-q_1
1bc570507e47 docker_dashboard-backend-api docker_dashboard-backend-api_1
9068b2a54fe1 docker_dashboard-persistence docker_dashboard-persistence_1
ddd055aa72d2 docker_dashboard-gui docker_dashboard-gui_1
104d79441a72 docker_rev-proxy docker_rev-proxy_1Troubleshooting is possible after accessing the container through its name (last column from above):
docker exec -it $docker_container_name bash
To stop the docker environment and teardown everything simply (in the docker folder):
./run.sh --shutdownPlease note that this removes all containers so the next time one wants to setup everything it must also perform the first-time setup procedure.
The first time the Dashboard environment is set up one must create the data store to hold the Recommendations History data. This is done by:
docker exec -it docker_dashboard-persistence_1 bash -c "/usr/share/dev/dashboard/docker/setup-datastore.sh --environment .env.production"The default settings deploy the Dashboard GUI in the 80. To ensure the environment is up and running simply open a web browser and head to http://dashboard_ip page. The SHIELD Dashboard web application should be presented.
Please read the Quality Assurance section to grasp how the Dashboard features are validated.
For deployment setup, environments definition and build automation details please refer to DevOps.
Please refer to the Dashboard documentation for additional insight on how the Dashboard operates and what lies behind the scenes.