Docker setup for running experiments with controlled network latencies and bandwidths

docker/Dockerfile

@@ -0,0 +1,7 @@
+FROM ubuntu:22.04
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt update && apt install -y wget git build-essential net-tools iproute2 iperf iputils-ping numactl ant openjdk-11-jre-headless openjdk-11-jdk-headless tcpdump
+WORKDIR /root
+COPY . oram
+WORKDIR /root/oram
+RUN ant

docker/build-docker

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+cd ..
+docker build $* -t oram -f docker/Dockerfile .

docker/parse_output

@@ -0,0 +1,34 @@
+#!/usr/bin/perl
+
+use strict;
+
+my $size = 0;
+my $who = '';
+my $mode = '';
+my %res = ();
+
+while(<>) {
+    $size = $1 if /===== Running oram (\d+) 128/;
+    $res{$size} = {} unless defined $res{$size};
+    $who = $1 if /===== ([CDE]) output/;
+    $mode = $1 if /(Online Time|ETE)/;
+    $res{$size}->{$who.$mode} = $1/1000 if /WC\(ms\): (\d+)/;
+}
+
+sub max3 {
+    my $m = $_[0];
+    $m = $_[1] if $_[1] > $m;
+    $m = $_[2] if $_[2] > $m;
+    $m;
+}
+
+print "#size online_secs total_secs\n";
+foreach $size (sort {$a <=> $b} keys %res) {
+    my $online = &max3($res{$size}->{'COnline Time'},
+        $res{$size}->{'DOnline Time'},
+        $res{$size}->{'EOnline Time'});
+    my $total = &max3($res{$size}->{'CETE'},
+        $res{$size}->{'DETE'},
+        $res{$size}->{'EETE'});
+    print "$size $online $total\n";
+}

docker/run-experiment

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+# Get the IP addresses
+Daddr=$(docker inspect --format='{{ .NetworkSettings.IPAddress }}' oram_D)
+Eaddr=$(docker inspect --format='{{ .NetworkSettings.IPAddress }}' oram_E)
+
+# The ORAM size
+size=26
+iters=128
+if [ "$1" != "" ]; then
+    size="$1"
+fi
+if [ "$2" != "" ]; then
+    iters="$2"
+fi
+
+echo ===== Running oram $size $iters
+date "+===== Start %s %F %T"
+
+# Run, saving the output
+savefileC=$$.C.out
+savefileD=$$.D.out
+savefileE=$$.E.out
+docker exec -w /root/oram oram_C bash -c "perl -lp -i -e 's/addrBits: (\d+)/addrBits: '$size'/; s/iters: (\d+)/iters: '$iters'/' config/config.yaml"
+docker exec -w /root/oram oram_D bash -c "perl -lp -i -e 's/addrBits: (\d+)/addrBits: '$size'/; s/iters: (\d+)/iters: '$iters'/' config/config.yaml"
+docker exec -w /root/oram oram_E bash -c "perl -lp -i -e 's/addrBits: (\d+)/addrBits: '$size'/; s/iters: (\d+)/iters: '$iters'/' config/config.yaml"
+docker exec -w /root/oram oram_E bash -c "$ORAM_NUMA_E stdbuf -o 0 java -cp bin:lib/* ui/CLI -protocol pirrtv -debbie_ip $Daddr -eddie_ip $Eaddr eddie > $savefileE" &
+sleep 2
+docker exec -w /root/oram oram_D bash -c "$ORAM_NUMA_D stdbuf -o 0 java -cp bin:lib/* ui/CLI -protocol pirrtv -debbie_ip $Daddr -eddie_ip $Eaddr debbie > $savefileD" &
+sleep 2
+docker exec -w /root/oram oram_C bash -c "$ORAM_NUMA_C stdbuf -o 0 java -cp bin:lib/* ui/CLI -protocol pirrtv -debbie_ip $Daddr -eddie_ip $Eaddr charlie > $savefileC" &
+wait
+echo ===== C output
+docker exec -w /root/oram oram_C cat $savefileC
+docker exec -w /root/oram oram_C rm -f $savefileC
+echo ===== D output
+docker exec -w /root/oram oram_D cat $savefileD
+docker exec -w /root/oram oram_D rm -f $savefileD
+echo ===== E output
+docker exec -w /root/oram oram_E cat $savefileE
+docker exec -w /root/oram oram_E rm -f $savefileE
+date "+===== End %s %F %T"

docker/set-networking

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+latency=30ms
+bw=100mbit
+
+if [ "$1" != "" ]; then
+    latency="$1"
+fi
+if [ "$2" != "" ]; then
+    bw="$2"
+fi
+./unset-networking
+docker exec --privileged oram_C tc qdisc add dev eth0 root netem delay $latency rate $bw
+docker exec --privileged oram_D tc qdisc add dev eth0 root netem delay $latency rate $bw
+docker exec --privileged oram_E tc qdisc add dev eth0 root netem delay $latency rate $bw

docker/start-docker

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+# The SYS_NICE capability allows you to use numactl to pin processes to
+# NUMA nodes and/or individual cores
+
+docker run -d --cap-add SYS_NICE --rm --name oram_C -h oram_C -t oram
+docker run -d --cap-add SYS_NICE --rm --name oram_D -h oram_D -t oram
+docker run -d --cap-add SYS_NICE --rm --name oram_E -h oram_E -t oram
+echo "All dockers launched"

docker/stop-docker

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+docker stop oram_C &
+docker stop oram_D &
+docker stop oram_E &
+wait

docker/unset-networking

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+for ctnr in oram_C oram_D oram_E; do
+    docker exec --privileged $ctnr bash -c "if tc qdisc list dev eth0 | grep -q netem; then tc qdisc del dev eth0 root; fi"
+done