Fixes for Kismet on Docker / Kubernetes

* Copy in code: Change build process so code is copied in from the currently checked out directory, letting users build arbitrary branches or uncommitted code * Staged build: This reduces the number of depencencies installed in the final image, as well as eliminates any extraneous files that were generated during the build. * Change default configuration: Accept remote API connections from anywhere * Basic Kubernetes manifest for deploying with loadbalancer
kismetwireless · Aug 24, 2019 · 656a84c · 656a84c
1 parent 1bcd534
commit 656a84c
Show file tree

Hide file tree

Showing 5 changed files with 166 additions and 40 deletions.
diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile
@@ -1,12 +1,8 @@
-FROM ubuntu:bionic
-
-COPY build-kismet.sh /opt/build-kismet.sh
-COPY kismet_site.conf /usr/local/etc/kismet_site.conf
+FROM ubuntu:bionic as build
 
+# Install build deps
 RUN apt-get update && apt-get install -y \
-	sudo \
 	build-essential \
-	git \
 	libmicrohttpd-dev \
 	pkg-config \
 	zlib1g-dev \
@@ -22,22 +18,62 @@ RUN apt-get update && apt-get install -y \
 	protobuf-compiler \
 	protobuf-c-compiler \
 	libsensors4-dev \
+	python \
 	python3 \
-	python3-setuptools \
-	python3-protobuf \
-    python3-usb \
-    python3-numpy \
-    python3-dev \
 	python3-pip \
-    python3-serial \
+	python-setuptools \
+	python-protobuf \
+	python-sqlite \
+	python-requests \
+        python-usb \
+        python-numpy \
+        python-dev \
+	librtlsdr0 \
+	libusb-1.0-0-dev \
+        python-pip
+
+COPY / /opt/kismet/
+WORKDIR /opt/kismet/
+RUN ./configure
+RUN make -j$(nproc)
+RUN make install
+RUN make forceconfigs
+
+FROM ubuntu:bionic
+
+# Install runtime deps
+RUN apt-get update && apt-get install -y \
+	libmicrohttpd-dev \
+	zlib1g-dev \
+	libnl-3-dev \
+	libnl-genl-3-dev \
+	libcap-dev \
+	libpcap-dev \
+	libnm-dev \
+	libdw-dev \
+	libsqlite3-dev \
+	libprotobuf-dev \
+	libprotobuf-c-dev \
+	protobuf-compiler \
+	protobuf-c-compiler \
+	libsensors4-dev \
+	python \
+	python3 \
+	python-protobuf \
+	python-sqlite \
+	python-requests \
+        python-usb \
+        python-numpy \
+        python-dev \
 	librtlsdr0 \
-	libusb-1.0-0-dev 
+	libusb-1.0-0-dev
 
-RUN /bin/bash /opt/build-kismet.sh
+COPY --from=build /usr/local /usr/local
+COPY /packaging/docker/kismet_site.conf /usr/local/etc/kismet_site.conf
 
 EXPOSE 2501
 EXPOSE 3501
 
-CMD ["/usr/local/bin/kismet", "--no-ncurses"]
-
+VOLUME /root/.kismet/
 
+CMD ["/usr/local/bin/kismet", "--no-ncurses"]
diff --git a/packaging/docker/README b/packaging/docker/README
@@ -6,22 +6,15 @@
 
 - BUILDING A DOCKER IMAGE -
 
-    To compile a docker image of Kismet:
-        $ docker build -t kismet-git .
+    To compile a docker image of Kismet (run from project root):
+        $ docker build -t kismet-git -f packaging/docker/Dockerfile .
 
     This will pull an Ubuntu 16.04, the required dependencies, the 
     latest Kismet git, and build an image named 'kismet-git'.
 
-    By default, the script 'build-kismet.sh' is copied into the docker
-    and run for compiling Kismet; this script checks out the git repo,
-    runs configure, and make.
-
     The script uses the 'nproc' program to set a parallel compile flag;
     if your system does not have enough RAM to compile Kismet on
-    all your cores, comment out or hardcode a smaller value in 'build-kismet.sh'
-    on the line:
-
-    NPROCS="-j $(nproc)"
+    all your cores, hard code the value on line 38 of the Dockerfile.
 
 - CONFIGURING KISMET -
 

diff --git a/packaging/docker/build-kismet.sh b/packaging/docker/build-kismet.sh
diff --git a/packaging/docker/kismet-k8s.yaml b/packaging/docker/kismet-k8s.yaml
@@ -0,0 +1,110 @@
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: traefik
+  labels:
+    app: kismet
+  name: kismet-ingress
+spec:
+  rules:
+  - host: kismet.localhost
+    http:
+      paths:
+      - backend:
+          serviceName: kismet-service
+          servicePort: http
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: kismet-service
+  namespace: default
+spec:
+  selector:
+    app: kismet
+  ports:
+  - protocol: TCP
+    port: 2501
+    name: http
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: kismet-data-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: local-path
+  resources:
+    requests:
+      storage: 20Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: kismet-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: local-path
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: kismet-api
+  namespace: default
+spec:
+  type: NodePort
+  selector:
+    app: kismet
+  ports:
+  - protocol: TCP
+    port: 3501
+    nodePort: 30501
+    name: api
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: kismet
+  namespace: default
+spec:
+  replicas: 1
+  template:
+    metadata:
+        labels:
+          app: kismet
+    spec:
+      volumes:
+        - name: kismet-config
+          persistentVolumeClaim:
+            claimName: kismet-config-pvc
+        - name: kismet-data
+          persistentVolumeClaim:
+            claimName: kismet-data-pvc
+      containers:
+      - image: quay.io/sketchybinary/kismet:master
+        imagePullPolicy: Always
+        name: kismet
+        volumeMounts:
+        - mountPath: /data/
+          name: kismet-data
+        - mountPath: /root/.kismet
+          name: kismet-config
+        ports:
+        - containerPort: 3501
+          name: api
+        - containerPort: 2501
+          name: http
+        livenessProbe:
+          httpGet:
+            path: /
+            port: http
+          initialDelaySeconds: 5
+          periodSeconds: 3
+---
diff --git a/packaging/docker/kismet_site.conf b/packaging/docker/kismet_site.conf
@@ -1 +1,2 @@
 # Overrides go here
+remote_capture_listen=0.0.0.0