Satellite on AWS ECS

Prerequisites

• Access to AWS ECS.
• Levo.ai Org ID. Follow instructions below to copy the org ID.
• Login to Levo.ai.
• Click on your user profile.
• Click on User Settings
• Click on Organizations on the left navigation panel
• Click on Copy under Organization ID
• An AWS Role with the policies - _ to assign to the task.

1. Creating a Task Definition

AWS Console

• Open the AWS ECS console and click on Task Definitions.

• Under the Create Task Defintion on the top right, click on Create New Task Definition with JSON.

NOTE: Make sure you are in the right AWS region that you want to have your service in

• Use the following task definition.

{
    "family": "levoai-satellite",
    "containerDefinitions": [
{
    "name": "levoai-satellite",
    "image": "levoai/satellite",
    "cpu": 0,
    "portMappings": [
{
    "name": "levoai-satellite-9999-tcp",
    "containerPort": 9999,
    "hostPort": 9999,
    "protocol": "tcp",
    "appProtocol": "http"
}
    ],
    "essential": true,
    "command": [
    "-w",
    "1",
    "-b",
    "0.0.0.0:9999",
    "--worker-class",
    "gevent",
    "--worker-connections",
    "30",
    "levoai_e7s.satellite.satellite:create_server()"
    ],
    "environment": [
{
    "name": "LEVOAI_DEBUG_SERVER_HOST",
    "value": "host.docker.internal"
},
{
    "name": "LEVOAI_ORG_ID",
    "value": "899590a5-0cca-47f3-915d-31e8a0d2386a"
},
{
    "name": "LEVOAI_MODE",
    "value": "docker-compose"
},
{
    "name": "LEVOAI_CONF_OVERRIDES",
    "value": "value": "{\"onprem-api\": {\"url\": \"${LEVOAI_BASE_URL}\", \"refresh-token\": \"${LEVOAI_AUTH_KEY}\", \"org-id\": \"${LEVOAI_ORG_ID:-}\", \"org-prefix\": \"${LEVOAI_ORG_PREFIX:-}\"},\"traces_queue\": {\"type\": \"sqs\"}}"
},
{
    "name": "LEVOAI_DEBUG_ENABLED",
    "value": "false"
},
{
    "name": "LEVOAI_AUTH_KEY",
    "value": "INSERT YOUR LEVO.AI AUTH KEY HERE"
},
{
    "name": "LEVOAI_BASE_URL",
    "value": "https://api.levo.ai"
},
{
    "name": "LEVOAI_LOG_LEVEL",
    "value": "INFO"
},
{
    "name": "LEVOAI_DEBUG_PORT",
    "value": "12345"
}
    ],
    "mountPoints": [],
    "volumesFrom": [],
    "logConfiguration": {
    "logDriver": "awslogs",
    "options": {
    "awslogs-create-group": "true",
    "awslogs-group": "/ecs/satellite",
    "awslogs-region": "< INSERT YOUR AWS REGION HERE >",
    "awslogs-stream-prefix": "ecs"
}
}
},
{
    "name": "levoai-tagger",
    "image": "levoai/satellite",
    "cpu": 0,
    "portMappings": [],
    "essential": true,
    "entryPoint": [
    "python",
    "-OO"
    ],
    "command": [
    "/opt/levoai/e7s/src/python/levoai_e7s/tag_server.py"
    ],
    "environment": [
{
    "name": "LEVOAI_DEBUG_SERVER_HOST",
    "value": "host.docker.internal"
},
{
    "name": "LEVOAI_ORG_ID",
    "value": "INSERT YOUR AWS REGION HERE",
},
{
    "name": "LEVOAI_MODE",
    "value": "docker-compose"
},
{
    "name": "LEVOAI_CONF_OVERRIDES",
    "value": "{\"onprem-api\":{\"url\": \"${LEVOAI_BASE_URL}\",\"refresh-token\":\"${LEVOAI_AUTH_KEY}\",\"org-id\": \"${LEVOAI_ORG_ID}\",\"org-prefix\": \"${LEVOAI_ORG_PREFIX}\"},\"url_clusterer_id_len\": 1,\"min_urls_required_per_pattern\": 10,\"dynamic_url_threshold_factor\": 0.5,\"cookie_auth_keys\": \"${LEVOAI_COOKIE_AUTH_KEYS:-}\",\"disable_ml_detector\": true,\"service_naming\":{\"strategies\": \"KUBERNETES_METADATA,HOST_HEADER,DEFAULT\"},\"user_resolvers\": [],\"sample_collection\":{\"enabled\": true,\"max_samples_per_end_point\": 2,\"users\": []},\"tagger_batch_interval_minute\": 5,\"api_rule_evaluation\":{\"enabled\": true},\"ion\":{\"url\": \"http://levoai-ion:8000\"},\"enable_ssl_cert_checks\": true,\"sensitive_data_config\": [],\"traces_queue\":{\"type\": \"sqs\"}}"
},
{
    "name": "PI_DETECTOR_DATA_DIR",
    "value": "/opt/levoai/datasets/"
},
{
    "name": "LEVOAI_DEBUG_ENABLED",
    "value": "false"
},
{
    "name": "LEVOAI_AUTH_KEY",
    "value": "INSERT YOUR LEVO.AI AUTH KEY HERE"
},
{
    "name": "LEVOAI_BASE_URL",
    "value": "https://api.levo.ai"
},
{
    "name": "LEVOAI_LOG_LEVEL",
    "value": "INFO"
},
{
    "name": "LEVOAI_DEBUG_PORT",
    "value": "1234"
}
    ],
    "mountPoints": [],
    "volumesFrom": [],
    "logConfiguration": {
    "logDriver": "awslogs",
    "options": {
    "awslogs-create-group": "true",
    "awslogs-group": "/ecs/satellite",
    "awslogs-region": "INSERT YOUR AWS REGION HERE",
    "awslogs-stream-prefix": "ecs"
}
}
},
{
    "name": "levoai-collector",
    "image": "levoai/collector",
    "cpu": 0,
    "portMappings": [
{
    "name": "levoai-collector-4317-tcp",
    "containerPort": 4317,
    "hostPort": 4317,
    "protocol": "tcp",
    "appProtocol": "http"
}
    ],
    "essential": true,
    "environment": [],
    "mountPoints": [],
    "volumesFrom": [],
    "logConfiguration": {
    "logDriver": "awslogs",
    "options": {
    "awslogs-create-group": "true",
    "awslogs-group": "/ecs/satellite",
    "awslogs-region": "INSERT YOUR AWS REGION HERE",
    "awslogs-stream-prefix": "ecs"
}
}
},
{
    "name": "levoai-ion",
    "image": "levoai/ion",
    "cpu": 0,
    "portMappings": [
{
    "name": "levoai-ion-8000-tcp",
    "containerPort": 8000,
    "hostPort": 8000,
    "protocol": "tcp",
    "appProtocol": "http"
}
    ],
    "essential": false,
    "environment": [],
    "mountPoints": [],
    "volumesFrom": [],
    "logConfiguration": {
    "logDriver": "awslogs",
    "options": {
    "awslogs-create-group": "true",
    "awslogs-group": "/ecs/satellite",
    "awslogs-region": "INSERT YOUR AWS REGION HERE",
    "awslogs-stream-prefix": "ecs"
}
}
}
    ],
    "taskRoleArn": "INSERT THE ARN OF THE ROLE YOU WANT TO ASSIGN TO THIS TASK HERE",
    "executionRoleArn": "INSERT THE ARN OF THE ROLE YOU WANT TO ASSIGN TO THIS TASK HERE",
    "networkMode": "awsvpc",
    "requiresCompatibilities": [
    "FARGATE"
    ],
    "cpu": "4096",
    "memory": "8192",
    "runtimePlatform": {
    "cpuArchitecture": "X86_64",
    "operatingSystemFamily": "LINUX"
}
}

info

Depending on the region you are installing in, you may need to set a different Levo base URL for the satellite.

For example, if the satellite will be used with app.india-1.levo.ai, set the LEVOAI_BASE_URL environment variable as

{
    "name": "LEVOAI_BASE_URL",
    "value": "https://api.india-1.levo.ai"
},

Terraform

Download the

Loading...

file.

Run the following command in the same directory -

terraform apply

Enter the Refresh Token and Org ID as prompted to create a task definition in your AWS account.

2. Run the Satellite

Now that we have created a task definition, we will start our satellite up as a service in an ECS cluster.

• Open the levo-satellite task definition, and click on the latest revision.
• Head over to deploy and select Create Service.
• Choose the cluster you want to deploy the satellite.
• Under Compute Options select Launch Type.
• Leave the other configurations on default settings, and start the service.

3. Note down Host:Port information

The collector can be accessed over the internet and its IP can be checked from within the cluster.

Head over to the cluster you earlier used to run the satellite on.

Click on Tasks and select the particular satellite task.

Under the Container details for levoai-collector go to Network bindings. It should look something like this

Network bindings
Host port       Container port      Protocol        External link
4317            4317                tcp             52.32.232.165:4317

The Collector can now be reached by the Sensors over the internet using this external-link:4317 (Kindly add inbound rules to the security group being used by this task if you're unable to reach the satellite). Please note this, as it will be required to configure the Sensor.

Please proceed to install traffic capture sensors.