Use Marblerun marble-injector

* AB#671 remove preset env and tolerations values to let the admission controller take care of injecting them * Update aks_install * Remove marblerun/marbletype label from vote-bot * Update README to use auto-injection * Update ertgolib+marblerun * Replace ertgolib with ego * Fix aks_install Co-authored-by: daniel-weisse <[email protected]>
edgelesssys · Mar 15, 2021 · bc67fa2 · bc67fa2
1 parent ed1b23d
commit bc67fa2
Show file tree

Hide file tree

Showing 11 changed files with 399 additions and 77 deletions.
diff --git a/README.md b/README.md
@@ -93,18 +93,38 @@ Deploy the application to Minikube using the Marblerun.
     marblerun manifest set /tmp/manifest.json $MARBLERUN
     ```
 
+1. Create and annotate emojivoto namespace for auto-injection
+
+    * Create namespace
+
+    ```bash
+    kubectl create namespace emojivoto
+    ```
+
+    * Annotate namespace on a cluster with nodes that support SGX1+FLC
+
+        ```bash
+        marblerun namespace add emojivoto
+        ```
+
+    * Otherwise
+
+        ```bash
+        marblerun namespace add emojivoto --no-sgx-injection
+        ```
+
 1. Deploy emojivoto using [helm](https://helm.sh/docs/intro/install/)
 
     * If you're deploying on a cluster with nodes that support SGX1+FLC (e.g. AKS or minikube + Azure Standard_DC*s)
 
     ```bash
-    helm install -f ./kubernetes/sgx_values.yaml emojivoto ./kubernetes --create-namespace -n emojivoto
+    helm install -f ./kubernetes/sgx_values.yaml emojivoto ./kubernetes -n emojivoto
     ```
 
     * Otherwise
 
     ```bash
-    helm install -f ./kubernetes/nosgx_values.yaml emojivoto ./kubernetes --create-namespace -n emojivoto
+    helm install -f ./kubernetes/nosgx_values.yaml emojivoto ./kubernetes -n emojivoto
     ```
 
     You can check with `kubectl get pods -n emojivoto` that all pods is running.

diff --git a/emojivoto-emoji-svc/cmd/server.go b/emojivoto-emoji-svc/cmd/server.go
@@ -13,7 +13,7 @@ import (
 	"contrib.go.opencensus.io/exporter/ocagent"
 	"github.com/edgelesssys/emojivoto/emojivoto-emoji-svc/api"
 	"github.com/edgelesssys/emojivoto/emojivoto-emoji-svc/emoji"
-	"github.com/edgelesssys/ertgolib/marble"
+	"github.com/edgelesssys/ego/marble"
 	grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"go.opencensus.io/plugin/ocgrpc"
@@ -36,7 +36,7 @@ func main() {
 	// get TLS config
 	serverCfg, err := marble.GetTLSConfig(true)
 	if err != nil {
-		log.Fatalf("Failed to retrieve server TLS config from ertgolib")
+		log.Fatalf("Failed to retrieve server TLS config from ego")
 	}
 	// create creds
 	serverCreds := credentials.NewTLS(serverCfg)

diff --git a/emojivoto-voting-svc/cmd/server.go b/emojivoto-voting-svc/cmd/server.go
@@ -13,7 +13,7 @@ import (
 	"contrib.go.opencensus.io/exporter/ocagent"
 	"github.com/edgelesssys/emojivoto/emojivoto-voting-svc/api"
 	"github.com/edgelesssys/emojivoto/emojivoto-voting-svc/voting"
-	"github.com/edgelesssys/ertgolib/marble"
+	"github.com/edgelesssys/ego/marble"
 	grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"go.opencensus.io/plugin/ocgrpc"
@@ -35,7 +35,7 @@ func main() {
 	// get TLS config
 	serverCfg, err := marble.GetTLSConfig(true)
 	if err != nil {
-		log.Fatalf("Failed to retrieve server TLS config from ertgolib")
+		log.Fatalf("Failed to retrieve server TLS config from ego")
 	}
 	// create creds
 	serverCreds := credentials.NewTLS(serverCfg)

diff --git a/emojivoto-web/cmd/server.go b/emojivoto-web/cmd/server.go
@@ -9,7 +9,7 @@ import (
 	"contrib.go.opencensus.io/exporter/ocagent"
 	pb "github.com/edgelesssys/emojivoto/emojivoto-web/gen/proto"
 	"github.com/edgelesssys/emojivoto/emojivoto-web/web"
-	"github.com/edgelesssys/ertgolib/marble"
+	"github.com/edgelesssys/ego/marble"
 	"go.opencensus.io/plugin/ocgrpc"
 	"go.opencensus.io/trace"
 	"google.golang.org/grpc"
@@ -34,7 +34,7 @@ func main() {
 	// get TLS config
 	tlsCfg, err := marble.GetTLSConfig(true)
 	if err != nil {
-		log.Fatalf("Failed to retrieve server TLS config from ertgolib")
+		log.Fatalf("Failed to retrieve server TLS config from ego")
 	}
 
 	// create creds
@@ -53,7 +53,7 @@ func main() {
 	// get gRPC config
 	clientCfg, err := marble.GetTLSConfig(false)
 	if err != nil {
-		log.Fatalf("Failed to retrieve gRPC TLS config from ertgolib")
+		log.Fatalf("Failed to retrieve gRPC TLS config from ego")
 	}
 	// create creds
 	clientCreds := credentials.NewTLS(clientCfg)

diff --git a/go.mod b/go.mod
@@ -5,17 +5,15 @@ go 1.13
 require (
 	contrib.go.opencensus.io/exporter/ocagent v0.7.0
 	github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect
-	github.com/edgelesssys/ertgolib v0.1.4
-	github.com/edgelesssys/marblerun v0.2.0
+	github.com/edgelesssys/ego v0.1.2
 	github.com/golang/protobuf v1.4.3
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
 	github.com/grpc-ecosystem/grpc-gateway v1.15.2 // indirect
 	github.com/prometheus/client_golang v1.8.0
 	go.opencensus.io v0.22.5
-	golang.org/x/net v0.0.0-20201021035429-f5854403a974
+	golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
 	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 // indirect
-	golang.org/x/sys v0.0.0-20201020230747-6e5568b54d1a // indirect
 	google.golang.org/api v0.33.0 // indirect
-	google.golang.org/genproto v0.0.0-20201021134325-0d71844de594 // indirect
-	google.golang.org/grpc v1.33.1
+	google.golang.org/grpc v1.36.0
+	google.golang.org/protobuf v1.25.0
 )