Go to file
2025-05-22 20:04:51 +00:00
.cargo upgrade stack size from default 1MB on windows (k3d stack overflow otherwise) 2025-05-11 22:39:23 -04:00
adr update adr 2025-04-28 15:09:11 -04:00
data/watchguard feat: ncd0 example complete. Missing files for authentication, ignition etc are accessible upon deman. This is yet another great step towards full UPI automated provisionning 2025-05-06 11:44:40 -04:00
docs/diagrams docs: add quick demo and core architecture overview 2025-04-09 16:09:54 -04:00
examples feat: added monitoring stack example to lamp demo 2025-05-20 15:59:01 -04:00
harmony feat: send alerts to multiple alert channels 2025-05-22 14:16:41 -04:00
harmony_cli feat: implement k3d cluster management 2025-04-24 17:36:01 -04:00
harmony_macros feat: add ingress score (#32) 2025-05-15 16:11:40 +00:00
harmony_tui feat: TUI does not require Topology to implement Debug anymore 2025-04-23 11:17:03 -04:00
harmony_types feat: add serde derive to Score types 2025-04-05 14:36:08 -04:00
k3d fix(k8s_anywhere): Ensure k3d cluster is started before use 2025-04-25 12:45:02 -04:00
opnsense-config Merge branch 'master' into feat/settingUpNDC 2025-05-06 11:58:12 -04:00
opnsense-config-xml fix: Fix opnsense test, Host.tll now optional and run cargo fmt 2025-05-06 12:00:56 -04:00
private_repos/example chore: Fix more warnings 2025-04-24 13:14:35 -04:00
.gitattributes Try out bifrost and see if we want to use it as bare metal provisionner 2024-08-28 16:16:36 -04:00
.gitignore feat: add .gitignore and update file paths 2025-02-12 16:27:56 -05:00
Cargo.lock fix:merge confict 2025-05-20 16:05:38 -04:00
Cargo.toml feat: push docker image to registry and deploy with full tag 2025-04-30 22:33:31 -04:00
check.sh Our own Helm Command/Resource/Executor (WIP) (#13) 2025-05-20 14:01:10 +00:00
LICENSE chore: Reorganize file tree for easier onboarding. Rust project now at the root for simple git clone && cargo run 2025-02-12 15:32:59 -05:00
README.md Merge branch 'master' into feat/settingUpNDC 2025-05-06 11:58:12 -04:00

Harmony : Open Infrastructure Orchestration

Quick demo

cargo run -p example-tui

This will launch Harmony's minimalist terminal ui which embeds a few demo scores.

Usage instructions will be displayed at the bottom of the TUI.

cargo run --bin example-cli -- --help

This is the harmony CLI, a minimal implementation

The current help text:

Usage: example-cli [OPTIONS]

Options:
  -y, --yes              Run score(s) or not
  -f, --filter <FILTER>  Filter query
  -i, --interactive      Run interactive TUI or not
  -a, --all              Run all or nth, defaults to all
  -n, --number <NUMBER>  Run nth matching, zero indexed [default: 0]
  -l, --list             list scores, will also be affected by run filter
  -h, --help             Print help
  -V, --version          Print version```

## Core architecture

![Harmony Core Architecture](docs/diagrams/Harmony_Core_Architecture.drawio.svg)

Supporting a new field in OPNSense config.xml

Two steps:

  • Supporting the field in opnsense-config-xml
  • Enabling Harmony to control the field

We'll use the filename field in the dhcpcd section of the file as an example.

Supporting the field

As type checking if enforced, every field from config.xml must be known by the code. Each subsection of config.xml has its .rs file. For the dhcpcd section, we'll modify opnsense-config-xml/src/data/dhcpd.rs.

When a new field appears in the xml file, an error like this will be thrown and Harmony will panic :

     Running `/home/stremblay/nt/dir/harmony/target/debug/example-nanodc`
Found unauthorized element filename
thread 'main' panicked at opnsense-config-xml/src/data/opnsense.rs:54:14:
OPNSense received invalid string, should be full XML: ()

Define the missing field (filename) in the DhcpInterface struct of opnsense-config-xml/src/data/dhcpd.rs:

pub struct DhcpInterface {
    ...
    pub filename: Option<String>,

Harmony should now be fixed, build and run.

Controlling the field

Define the xml field setter in opnsense-config/src/modules/dhcpd.rs.

impl<'a> DhcpConfig<'a> {
    ...
    pub fn set_filename(&mut self, filename: &str) {
        self.enable_netboot();
        self.get_lan_dhcpd().filename = Some(filename.to_string());
    }
    ...

Define the value setter in the DhcpServer trait in domain/topology/network.rs

#[async_trait]
pub trait DhcpServer: Send + Sync {
    ...
    async fn set_filename(&self, filename: &str) -> Result<(), ExecutorError>;
    ...

Implement the value setter in each DhcpServer implementation. infra/opnsense/dhcp.rs:

#[async_trait]
impl DhcpServer for OPNSenseFirewall {
    ...
    async fn set_filename(&self, filename: &str) -> Result<(), ExecutorError> {
        {
            let mut writable_opnsense = self.opnsense_config.write().await;
            writable_opnsense.dhcp().set_filename(filename);
            debug!("OPNsense dhcp server set filename {filename}");
        }

        Ok(())
    }
    ...

domain/topology/ha_cluster.rs

#[async_trait]
impl DhcpServer for DummyInfra {
    ...
    async fn set_filename(&self, _filename: &str) -> Result<(), ExecutorError> {
        unimplemented!("{}", UNIMPLEMENTED_DUMMY_INFRA)
    }
    ...

Add the new field to the DhcpScore in modules/dhcp.rs

pub struct DhcpScore {
    ...
    pub filename: Option<String>,

Define it in its implementation in modules/okd/dhcp.rs

impl OKDDhcpScore {
        ...
        Self {
            dhcp_score: DhcpScore {
                ...
                filename: Some("undionly.kpxe".to_string()),

Define it in its implementation in modules/okd/bootstrap_dhcp.rs

impl OKDDhcpScore {
        ...
        Self {
            dhcp_score: DhcpScore::new(
                ...
                Some("undionly.kpxe".to_string()),

Update the interpret (function called by the execute fn of the interpret) so it now updates the filename field value in modules/dhcp.rs

impl DhcpInterpret {
        ...
        let filename_outcome = match &self.score.filename {
            Some(filename) => {
                let dhcp_server = Arc::new(topology.dhcp_server.clone());
                dhcp_server.set_filename(&filename).await?;
                Outcome::new(
                    InterpretStatus::SUCCESS,
                    format!("Dhcp Interpret Set filename to {filename}"),
                )
            }
            None => Outcome::noop(),
        };

        if next_server_outcome.status == InterpretStatus::NOOP
            && boot_filename_outcome.status == InterpretStatus::NOOP
            && filename_outcome.status == InterpretStatus::NOOP

            ...

            Ok(Outcome::new(
            InterpretStatus::SUCCESS,
            format!(
                "Dhcp Interpret Set next boot to [{:?}], boot_filename to [{:?}], filename to [{:?}]",
                self.score.boot_filename, self.score.boot_filename, self.score.filename
            )
            ...