-
Notifications
You must be signed in to change notification settings - Fork 3
/
example_tinkerbell.py
72 lines (70 loc) · 2.47 KB
/
example_tinkerbell.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
from fluentm.entities import (
Actor,
Process,
DataFlow,
HTTP,
MTLS,
TLS,
DHCP,
)
from fluentm.renderer import report
scenes = {
# Example using variables, which is fine for small things but gets hard with longer flows
"Tink API traffic": [
DataFlow(
Actor("tink-cli"),
Process("Tink API").inBoundary("Tink Control Plane Network"),
MTLS(HTTP("API request")),
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("boots").inBoundary("Tink Control Plane Network"),
DHCP("IP Request"),
),
DataFlow(
Process("boots").inBoundary("Tink Control Plane Network"),
Process("Tink API").inBoundary("Tink Control Plane Network"),
MTLS(HTTP("API request")),
"Boots queries for IP",
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("boots").inBoundary("Tink Control Plane Network"),
DHCP("PXE Location Request"),
),
DataFlow(
Process("boots").inBoundary("Tink Control Plane Network"),
Process("Tink API").inBoundary("Tink Control Plane Network"),
MTLS(HTTP("API request")),
"Boots queries for PXE OS location",
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("Nginx").inBoundary("Tink Control Plane Network"),
HTTP("Boot OS Request"),
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("Tink API").inBoundary("Tink Control Plane Network"),
TLS(HTTP("Workflow")),
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("Container Registry").inBoundary("Tink Control Plane Network"),
TLS(HTTP("Container Images")),
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("Hegel").inBoundary("Tink Control Plane Network"),
TLS(HTTP("Machine metadata")),
"Metadata request",
),
DataFlow(
Process("Machine").inBoundary("On Premise Network"),
Process("Nginx").inBoundary("Tink Control Plane Network"),
HTTP("Workload OS"),
),
]
}
if __name__ == "__main__":
report(scenes, outputDir="tinkerbell", dfdLabels=True)