r9 - 08 Feb 2010 - 10:07:48 - BeckyHYou are here: Wiki >

AppLogic 2.7/2.8 Documentation The latest production release is AppLogic 3.0.30

NET Gateway Implementation Design

Base Class

The LUX5 appliance image is used as the base class for NET appliance.

Class Volumes

NET has following volume setup: - boot volume, 100MB size, mounted as "/", writeable, instantiable. - usr volume, 130MB size, mounted as "/usr", read-only, common

The volumes contains a basic Linux installation inherited from base LUX5 appliance and the next additional software:

Netfilter and IPTables for routing and NAT
Bind software for domain name resolving

Below is a list of the software packages installed.

Packages for `NET`

Installed packages:

audit-libs-1.7.13-2.el5.i386.rpm (LGPL)
audit-libs-python-1.7.13-2.el5.i386.rpm (LGPL)
basesystem-8.0-5.1.1.el5.centos.noarch.rpm (public domain)
bash-3.1-16.1.i386.rpm (GPL)
beecrypt-4.1.2-10.1.1.i386.rpm (LGPL)
bind-9.3.6-4.P1.el5_4.1.i386.rpm (BSD-like)
bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm (BSD-like)
bzip2-1.0.3-3.i386.rpm (BSD)
bzip2-libs-1.0.3-3.i386.rpm (BSD)
centos-release-5-0.0.el5.centos.2.i386.rpm (GPL)
centos-release-notes-5.0.0-2.i386.rpm (GPL)
chkconfig-1.3.30.1-1.i386.rpm (GPL)
coreutils-5.97-12.1.el5.i386.rpm (GPL)
cpio-2.6-20.i386.rpm (GPL)
cracklib-2.8.9-3.1.i386.rpm (Artistic)
cracklib-dicts-2.8.9-3.1.i386.rpm (Artistic)
crontabs-1.10-8.noarch.rpm (Public Domain)
cyrus-sasl-lib-2.1.22-4.i386.rpm (Freely Distributable)
db4-4.3.29-9.fc6.i386.rpm (GPL)
dbus-1.1.2-12.el5_4.1.i386.rpm (GPLv2+ or AFL)
dbus-libs-1.1.2-12.el5_4.1.i386.rpm (GPLv2+ or AFL)
device-mapper-1.02.13-1.el5.i386.rpm (GPL)
dhclient-3.0.5-7.el5.i386.rpm (distributable)
diffutils-2.8.1-15.2.2.i386.rpm (GPL)
e2fsprogs-1.39-8.el5.i386.rpm (GPL)
e2fsprogs-libs-1.39-8.el5.i386.rpm (GPL)
ed-0.2-38.2.2.i386.rpm (GPL)
elfutils-libelf-0.125-3.el5.i386.rpm (GPL)
ethtool-5-1.el5.i386.rpm (GPL)
expat-1.95.8-8.2.1.i386.rpm (BSD)
file-4.17-8.2.i386.rpm (distributable)
filesystem-2.4.0-1.el5.centos.i386.rpm (Public Domain)
findutils-4.2.27-4.1.i386.rpm (GPL)
gawk-3.1.5-14.el5.i386.rpm (GPL)
gdbm-1.8.0-26.2.1.i386.rpm (GPL)
glib2-2.12.3-2.fc6.i386.rpm (LGPL)
glibc-2.5-12.2.i386.rpm (LGPL)
glibc-common-2.5-12.2.i386.rpm (LGPL)
gpg-pubkey-e8562897-459f07a4.(none).rpm (pubkey)
grep-2.5.1-54.2.el5.i386.rpm (GPL)
gzip-1.3.5-9.el5.centos.i386.rpm (GPL)
info-4.8-14.el5.i386.rpm (GPL)
initscripts-8.45.14.EL-1.el5.centos.1.i386.rpm (GPL)
iproute-2.6.18-4.el5.i386.rpm (GNU GPL)
iptables-1.3.5-1.2.1.i386.rpm (GPL)
iputils-20020927-43.el5.i386.rpm (BSD)
krb5-libs-1.5-23.i386.rpm (MIT, freely distributable.)
less-394-5.el5.i386.rpm (GPL)
libacl-2.2.39-1.1.i386.rpm (LGPL)
libattr-2.4.32-1.1.i386.rpm (LGPL)
libcap-1.10-26.i386.rpm (BSD-like and LGPL)
libevent-1.1a-3.2.1.i386.rpm (BSD)
libgcc-4.1.1-52.el5.2.i386.rpm (GPL)
libgssapi-0.10-2.i386.rpm (GPL)
libhugetlbfs-1.0.1-1.el5.i386.rpm (LGPL)
libhugetlbfs-lib-1.0.1-1.el5.i386.rpm (LGPL)
libselinux-1.33.4-5.5.el5.i386.rpm (Public domain (uncopyrighted))
libselinux-python-1.33.4-5.5.el5.i386.rpm (Public domain (uncopyrighted))
libselinux-utils-1.33.4-5.5.el5.i386.rpm (Public domain (uncopyrighted))
libsemanage-1.9.1-4.4.el5.i386.rpm (GPL)
libsepol-1.15.2-2.el5.i386.rpm (LGPLv2+)
libstdc++-4.1.1-52.el5.i386.rpm (GPL)
libsysfs-2.0.0-6.i386.rpm (LGPL)
libtermcap-2.0.8-46.1.i386.rpm (LGPL)
libuser-0.54.7-2.el5.1.i386.rpm (LGPL)
libvolume_id-095-14.5.el5.i386.rpm (GPL)
logrotate-3.7.4-8.i386.rpm (GPL)
m2crypto-0.16-6.el5.1.i386.rpm (BSDish)
MAKEDEV-3.23-1.2.i386.rpm (GPL)
mcstrans-0.1.10-1.el5.i386.rpm (GPL)
mingetty-1.07-5.2.2.i386.rpm (GPL)
mktemp-1.5-23.2.2.i386.rpm (BSD)
module-init-tools-3.3-0.pre3.1.16.el5.i386.rpm (GPL)
ncurses-5.5-24.20060715.i386.rpm (distributable)
net-tools-1.60-73.i386.rpm (GPL)
newt-0.52.2-9.i386.rpm (LGPL)
nfs-utils-1.0.9-24.el5.i386.rpm (GPL)
nfs-utils-lib-1.0.8-7.2.z2.i386.rpm (GPL)
openldap-2.3.27-5.i386.rpm (OpenLDAP)
openssh-4.3p2-16.el5.i386.rpm (BSD)
openssh-clients-4.3p2-16.el5.i386.rpm (BSD)
openssh-server-4.3p2-16.el5.i386.rpm (BSD)
openssl-0.9.8b-8.3.el5.i686.rpm (BSDish)
pam-0.99.6.2-3.14.el5.i386.rpm (GPL or BSD)
passwd-0.73-1.i386.rpm (BSD)
patch-2.5.4-29.2.2.i386.rpm (GPL)
pcre-6.6-1.1.i386.rpm (BSD)
perl-5.8.8-10.i386.rpm (Artistic or GPL)
policycoreutils-1.33.12-14.6.el5.i386.rpm (GPL)
popt-1.10.2-37.el5.i386.rpm (GPL)
portmap-4.0-65.2.2.1.i386.rpm (BSD)
procps-3.2.7-8.1.el5.i386.rpm (GPL)
psmisc-22.2-5.i386.rpm (BSD/GPL)
python-2.4.3-19.el5.i386.rpm (PSF - see LICENSE)
python-elementtree-1.2.6-5.i386.rpm (PSF)
python-sqlite-1.1.7-1.2.1.i386.rpm (GPL)
python-urlgrabber-3.1.0-2.noarch.rpm (LGPL)
readline-5.1-1.1.i386.rpm (GPL)
rpm-4.4.2-37.el5.i386.rpm (GPL)
rpm-libs-4.4.2-37.el5.i386.rpm (GPL)
rpm-python-4.4.2-37.el5.i386.rpm (GPL)
sed-4.1.5-5.fc6.i386.rpm (GPL)
setup-2.5.58-1.el5.noarch.rpm (public domain)
shadow-utils-4.0.17-12.el5.i386.rpm (BSD)
slang-2.0.6-4.el5.i386.rpm (GPL)
sqlite-3.3.6-2.i386.rpm (Public Domain)
sysfsutils-2.0.0-6.i386.rpm (GPL)
sysklogd-1.4.1-39.2.i386.rpm (GPL)
SysVinit-2.86-14.i386.rpm (GPL)
tar-1.15.1-23.el5.i386.rpm (GPL)
tcpdump-3.9.4-11.el5.i386.rpm (BSD)
tcp_wrappers-7.6-40.2.1.i386.rpm (Distributable)
termcap-5.5-1.20060701.1.noarch.rpm (Public Domain)
tmpwatch-2.9.7-1.1.el5.1.i386.rpm (GPL)
tzdata-2006m-2.fc6.noarch.rpm (GPL)
udev-095-14.5.el5.i386.rpm (GPL)
usermode-1.88-3.el5.i386.rpm (GPL)
util-linux-2.13-0.44.el5.i386.rpm (distributable)
vim-minimal-7.0.109-3.i386.rpm (freeware)
vixie-cron-4.1-66.1.el5.i386.rpm (distributable)
wget-1.10.2-7.el5.i386.rpm (GPL)
which-2.16-7.i386.rpm (GPL)
xen-ukrnl-3.2.2-17.i386.rpm (GPL)
xen-umods-3.2.2-17.i386.rpm (GPL)
yum-3.0.5-1.el5.centos.2.noarch.rpm (GPL)
zlib-1.2.3-3.i386.rpm (BSD)

Contents of the release directory:

Exported appliance image:

NET-2.4.5-1.tar

Automated build script: use this to automatically build NET appliance

NET-build.2.4.5-1.tar.bz2

Appliance sources:

NET-src-2.4.5-1.tar.bz2

Source rpms:

iptables-1.3.5-1.2.1.src.rpm
audit-1.7.13-2.el5.src.rpm
bind-9.3.6-4.P1.el5_4.1.src.rpm
dbus-1.1.2-12.el5_4.1.src.rpm
libselinux-1.33.4-5.5.el5.src.rpm
libsemanage-1.9.1-4.4.el5.src.rpm
libsepol-1.15.2-2.el5.src.rpm
policycoreutils-1.33.12-14.6.el5.src.rpm

Tests:

net-test-2.4.5-1.tar.bz2 - test scripts

Appliance Implementation Details

Theory of operation

NET is an output gateway that provides outgoing access to a network outside of an application. NET uses iptables to perform packets NAT and firewall functions. Appliance also include bind caching DNS server that enables host name resolving without any external DNS servers.

Configuration

The configuration for NET is performed at startup time by the appliance.sh init script. It takes properties defined in appliance boundary and uses them to setup iptables rules by invoking iptables.sh script.

Appliance scripts

The NET appliance contains the following files in the /appliance folder on its boot volume. These files are used to implement the appliance:

File	Type	Description
`appliance.sh`	Bash script	Appliance main controlling script - invoked when the appliance is booted.
`appliance_netsetup.sh`	Bash script	Invoked early from `appliance.sh` to setup external network.
`gethost.pl`	Perl script	Auxiliary script to resolve host name to ip address
`getifip.pl`	Perl script	Auxiliary script to find the IP address of interface
`iptables-bkrules.sh`	Bash script	Sets the backup iptables rules set. Executed by `iptables.sh` when the main rules set fails.
`iptables-fwrules.sh`	Bash script	Sets the main iptables rules set.
`iptables.sh`	Bash script	Configures iptables rules. Invoked from `appliance.sh`.

-- Main.AndriyMayevskyy - 20 Jan 2010

AppLogic27

Documentation
- Home

References
- Dashboard
- Configurator
- Editor
- Monitor
- Volume Browser
- Shell
- Catalog
- Applications
- Glossary

Guides
- App Provisioning?
- App Deployment
- Appliance Creation

Helpdesk| Bugzilla| Wiki