DFFML Rolling Alice: Engineering Logs: Volume 0: Architecting Alice, 9 Jul 2022

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: Architecting Alice: Volume 0: Part: 82: POC Launch of tbDEX Stack

Description

https://github.com/intel/dffml/pull/1401#issuecomment-1170489046

Frank's tutorial (https://frankhinek.com/getting-started-with-tbds-ssi-service/): https://www.youtube.com/watch?v=UnRS1DQbHj4&list=PLtzAOVTpO2jaHsS4o-sDzDyHEug-1KRbK&index=89&t=3163

A

All right, so I renamed the last video into the thing about spinning up the vm and now we're going to try to launch the stack all right, so we need to copy over our um the contents of our our git config and our big data see. So, let's take a look at the git config right, so this basically says hey. You know this is my settings here and it's also.

A

The credential helper has been set for github and gist to clone and with it with the auth helper, that's used by the github cli and then the auth is stored in this uh dot, big gh, folder, and so we're gonna grab that as well so configuration.getconfig we're going to create a tar file out of that we're going to deter file, we'll be output, the standard out and then we'll pipe that output into the um we'll type, that output into a tar file or into the extraction and on the other host right.

A

So now, if we ssh in um we'll see.

A

Running the ssh command see that the dot config is there and the um interesting it created them as a different user, so preserve the user.

A

So okay, so uh let's do user, add dash mpdx, johnny, okay, so, let's add a user and let's do cp dot. Ssh authorize, keys, pdx johnny that ssh.

A

Authorized keys so let's copy that in make that directory first make sure.

A

So uh we we call makeder and we pass it their name on whatever the last thing was and then we can go ahead and copy that over there and then we can go ahead and copy config as well.

A

And we can go ahead and copy over the config vh directory. We need to do cp.r.

A

Ph to make dirt.

A

Big directory first, okay, then we can do.

B

A

uh Pdx johnny extraneous johnny and now.

A

Now, if we look at all the files they're all owned by me, so now we should be able to try to ssh into the system with my key and okay we're in great. So let's do real, quick.

A

A

Sudo user, mod g, p d, x, johnny or pseudo pdx johnny, so this says, or actually we're already rude, so we just say: modify the user. Add a group, the sudo group to pdx johnny, the user and now now I'll have sudo, and then we're also going to do um we're going to set the shell to be uh we'll. Do a command substitution we'll do which bash and that way, um when I log in the shell will be bash.

A

So let's just jump. Those commands real quick and we do.

B

B

A

So we have user.

A

Add a non-root user with pseudo rights.

A

With through privileges,.

A

A

All right um and then uh copy the files into that users uh create a new user with studios roots like shooter privileges and their own home.

B

A

A

Copy the files into that.

A

Creators, home directory.

A

Ch on it ensure the user, the files are owned by the user and not root.

A

A

Okay, let's files, it's files.

A

A

uh To verify okay.

A

And then we update the vm.

A

And install the tools that I usually use.

A

The tools that oh actually where's, my development environment,.

A

New box bring up you.

A

A

A

Okay, so we should have run this with this environment variable so that you run it with this environment. Variable then.

A

A

So ssh now leave the root session log back in as the new user.

A

Install defines.

B

A

uh Okay, now we need ssh as me,.

A

A

A

Okay, actually, let's do.

A

All right, so, let's actually move this into the do as root section.

B

A

A

All right so now we've installed github click.

A

Okay, so now we can ssh trip back in as me, and we can.

A

On the dot files.

A

This does not float.

A

A

Okay, let's run these commands.

A

All right so we're setting the git config, so we do get config dash, dash global user.name and then the name and then we do get config.js global user.email.

B

A

Whatever your email is, and then we clone the repo and then we cd into it, run the install which just does a few little plugs. This is just my personal daw files and then this is how I organize them, as I create a new branch, that's tailored to uh that system,.

A

Okay, so look okay, so here something went wrong. So it's asking me for my username.

A

A

A

Okay, so it can't access the config gh directory. So what happened? I thought we copied it over. Okay. So, let's, actually you know what we could do is we could actually just.

A

We can actually just not bother with that.

A

I'll do it over here.

A

Leave the root session configured by copying over creds to new user.

A

On your local machine.

A

Then log to the vm yeah.

B

A

As the new user, okay.

A

This command just do that: okay, try that.

A

A

All right so that branch reference was gone, let's see if it lets us push now.

A

All right, great.

A

A

A

A

A

So this is the thing that I use for skinny maschine. So what we're going to do is we're going to do command.

A

Python so usually I record the local terminal session, but what we'll do here is ssh into the remote machine record, the remote terminal session, all right, so we just paste the ssh command in front of that and we add a dash t which says allocated terminal, please a pty.

A

So then, okay, so then we're presented with all this crap. Okay. So.

A

A

Back ssh close out the ssh session ssh back into the host reporting uh yeah scheme.

A

Locally: okay,.

A

That's t to ssh to allocate a pty or full interactive functionality.

A

When running a command.

A

A

Suffixing by appending by the command on ssh.

A

Okay, great so.

A

Okay, so modified dot files for the host. If tmox uh opens with errors and copy paste errors into.

A

So this is because tmx has different settings on different things, so we copy paste these errors.

B

A

A

We can just say uh cat.

A

A

The uf, so when you put quotes around eof that says, if anything in here has a dollar sign, don't substitute it with a variable otherwise, but we'll substitute with the variable. So now we can just say we take.

B

A

We hit enter here that we don't pertain valid and then that's what that's telling us and then.

A

Okay, so this gives us the.

A

This is the whole command here.

A

Okay, so push up dot files for host all right. Okay, so make modifications.

A

A

Didn't understand them.

A

A

A

Echo invalid.

A

And then this wants you to change.

A

Okay, so let's see detach me okay, so this is trying to remove those lines. So if you find any of those lines.

A

Okay, I don't know what was supposed to happen there. uh It doesn't matter we're not we're. Only gonna start to launch too much shock.

A

All right, let's just call this.

B

A

It looks like it.

B

B

A

Sounds a little screwed up.

A

A

Okay, that looks great okay and we're just stitching and now we're happy campers. Okay, so.

A

Okay, so now, what are we doing? We're spinning up tv depths.

A

On the ssi service, your docker composed up okay, so we have to install docker.

A

So we need to install docker install docker engine ubuntu okay, so we need to run these commands.

A

Okay, so install docker.

A

B

A

So I'm just formatting their commands and the way that these are formatted.

A

B

A

All right, so I forgot to do, and I have to add of course.

A

I see I thought it did this.

A

I thought this was a part of the install, but maybe not.

A

All right there we go.

A

A

All these commands some add the little.

A

I'm going to add the little ampersand ampersand at the end of each one.

A

That's a pseudo password.

A

Okay, we don't have a super password.

A

A

Okay, so we don't have a super password, so, okay, so tmx, okay, so this one I'm gonna do.

A

All right so now I'm at staging back in this root, and what am I saying, I'm saying: sudo vico, let's see zeros okay,.

A

I so edit this file in place and.

A

Do um the pseudoline here we want to be no password all right so that way I don't have to type in a password, so I don't have a password.

A

So now we can use tmxa to get back in to our existing session there all right! So now we can say super.

A

A

Let me update these pseudo docs.

A

Allow the user to use sudo.

A

A

All right, so I'm going to kill t-max here so that we can get a fresh one and then we log back in with the t-mux. Then now we should have a fresh session, so we should be able to do this command here.

A

All right, so I'm just pasting on these right. Some interesting ampersands, where they all.

A

Okay, it's still asking me for my password.

A

A

Okay, so it didn't edit the file what the.

A

Maybe I need to escape that percent.

A

Maybe that's a tab.

A

So if we, if it's a tab, it might be a tab and not spaces and it's just encoding spaces. So let's do tabs there.

A

A

Sudo, there's one single character: there there's a space, so this is a tab and that's a space.

A

Okay, so this is the space this space, let's tab. Okay, now it worked.

A

All right there we go now: we've got the pseudo command all right, so let's go back up here and update the docs. While this thing runs it's here. Okay, so you note that uh there is both a backslash t, tab and a space.

A

A

A

Just do doctor composed, where will that install from I'm worried, hope the right place.

A

A

All right, so what python version are we running? Okay, so python? Three, so if we I think we can just do a python three dash.

A

No module named pip okay, so we need to do okay. So we have a few modifications here.

A

The five dot.

A

B

It's just going to be.

A

A

A

This should have said so here.

A

As we go back, we notice that we did the setup of the tools here python3. We also want to type to read.

A

And then we should really do updates.

A

A

All right, so this is our set of tools.

A

A

Tools wheel, so we always install these. We always update these after we do a python installation.

A

So, first we need to pick that's packaged separately.

A

And it needs to be done.

A

A

Okay, this should probably be down here or move these pseudos.

A

A

Install if it's running, except the dial files will record the session.

A

Install the tools.

A

Install docker compose okay, it looks like the path for python is a problem so.

A

A

A

B

A

Location scripts: okay, there's got to be something here: okay, yeah! So yes,.

A

A

A

A

A

Okay, so now we.

A

So we grab the location of the.

A

A

All right, so we grab the location of where it is right, um so add the pip installed scripts to the path.

A

So echo f equals.

A

A

Okay, so this should be.

A

Okay, let's actually.

B

A

A

A

Okay, so we have to okay, so you can use you. Can you just have to be consistent with your character here so.

A

So now yeah, okay! So now we can say that perfect! Okay! So now we can say.

A

And then equals that home directory and then I go.

A

A

A

A

Okay, so that's what we wanted to look like the addition of the path there. Actually, let's make it an export.

A

A

Find the location of the installed scripts directory.

A

And replace the homepage with a variable.

A

The home variable is the home dealer, liberal, with the home variable yeah cd. um Add the addition to the path.

A

A

Rc file or profile on some systems.

A

On some systems on some distress.

A

Source the file or execute the path edition you take effect to allow us to run docker votes.

A

Okay, and how do we do that? Well, we just say x, echo we just say path equals. We just do the unescaped form of this.

A

It's just source mashup, see.

A

ah Let's see restart the shell.

A

Changes and okay so just restart the shell.

A

So now we should say the echo path. We should see it in our path.

A

We should now see.

A

See the directory.

A

Oz at the end of our path.

A

Okay, so now we do this command here so start the uh start. The ssi service.

A

Okay, so it's mad at us: okay, because we're not we're not on a docker sock, so we need to do a pseudo. That's what we need to do.

A

A

And so after we verify docker's running, add the non-root user to the docker group.

A

Sometimes you have to create that group if it doesn't exist and then, if you haven't so we're going to have to log in and log out again.

A

Okay, so that looks like a new teamwork session: okay, so doc, yes, okay, great.

A

All right so we're getting a build all right. Look at that.

B

A

Okay, so what else can we do in the meantime, so they did keys perfect.

A

The rest of this is curl calls.

A

Okay looks like we got a status okay.

A

All right sweet, so those these worked.

A

All right, this looks like good good stuff here, okay created a new key. It gives us the did doc back. Let's actually just make that a little.

A

All right, the id is key.

A

Just look like they're changing every time: okay,.

A

Create two different keys: okay, so just the public and the private okay or wait. No. This is a different one.

B

A

Okay, so we can retrieve the id document by doing that. Okay,.

A

Great, so we got the id back okay, so we can now create this verified. Credential schema.

A

Okay and we use the.

A

D id, which we just it's there, okay created this email thing all right looks like that worked all right, and this is looks like is this using the same key. This is looking dcr. This is using the same key.

A

Just making sure we can do everything.

A

A

I think we used this key last time.

A

It looks like that worked.

A

So this is adding a postal street address.

A

You can also issue a verified credential using an existing publish, schema.

A

Okay, so this looks like what we want, so we want to create the ids and then we can issue a verified credential on them and that way I think issuer subject. Okay, so we're doing a self-issued call here so.

A

Oh, let's see if the is.

A

Okay, it's because of this um quote right there, all right! So there we go okay, so we were able to issue a verify: a bull credential.

A

And it matches the schema okay, great.

B

A

Okay, so it looks like we can effectively encode arbitrary data via the verifiable credentials, so we're going to go ahead and use that to to create our open architecture, graphs and then we'll use it from it for execution yeah in the distributed environment. Okay, so and we've already done the encoding, so so we're going to just dump in there it's going to be ugly, but remember the uh we're gonna dump a minimally encoded version, uh and I think you know originally. We.

B

A

Use the prdids, but I'm not clear how that fits into the picture right now. So I think we're just gonna issue verifiable credentials, which are data flows which yeah.

A

So then, we could have proper schema for them as well to match their manifest right and the manifest will tell us how to get the data that's off chain, okay, that because we'll execute it based on the sandbox defined by the orchestrator, that's applicable to that context or by the orchestrated given right, which we validate with our sandbox properties, as we do execution based on these things that are going to be uh given to us via the other distributed environment.

A

Okay, so because we need to verify our change of trust on things and what do we actually want to issue? So we might check for multiple variable credentials on something right and one of the verifiable credentials might actually be the thing that we're executing- and one of them might actually be a thing that says yeah. We actually, we might be like the provenance information that that tells us that we do actually want to be executing.

A

That other thing, that's just like brainstorming how we can use what I see here right now without you know, re redoing, more stuff, because I thought wasn't super clear. Okay, so um run the tutorial.

A

Alright, we did it. Yes, thank you, frank, you rock okay. So what's the title of this video attempting tv deck stack launch round two hell.

A

Yeah this is this: is heaven yeah right here, all right? Okay, so though this doesn't have that on it, okay, so this next.

A

Okay, so then, let's say property show so.

A

A

So this is the command that does that substitution, great okay,.

B

A

Did we did, I think, we'll call this a video, because we did we did what we were doing.