updated notes

Database.md

@@ -0,0 +1,37 @@
+# Database structure
+
+[__TOC__]
+
+# `si_<id>`
+
+Here is the most data stored.
+
+# `request_routing'
+
+Just basic uninteresting data.
+
+## `request_routing.service_instance`
+
+| xid                                    | org_name                 |
+|----------------------------------------|--------------------------|
+| `10000000-0000-0000-0000-000000000000` | `lic-000000000000000000` |
+
+- `xid` is used as `SERVICE_INSTANCE_XID`
+
+## `request_routing.license_allotment_service_instance`
+
+| xid                                    | service_instance_xid                   | license_allotment_xid                  |
+|----------------------------------------|----------------------------------------|----------------------------------------|
+| `90000000-0000-0000-0000-000000000001` | `10000000-0000-0000-0000-000000000000` | `80000000-0000-0000-0000-000000000001` |
+
+- `xid` is only a primary-key and never used as foreign-key or reference
+- `license_allotment_xid` must be used to fetch `xid`'s from `request_routing.license_allotment_reference`
+
+## `request_routing.license_allotment_reference`
+
+| xid                                    | license_allotment_xid                  |
+|----------------------------------------|----------------------------------------|
+| `20000000-0000-0000-0000-000000000001` | `80000000-0000-0000-0000-000000000001` | 
+
+- `xid` is used as `scope_ref_list` on token request
+

README.md

@@ -1,86 +1,40 @@
-# NLS
+# NLS - NVIDIA License System
 
-[[_TOC_]]
+- https://docs.nvidia.com/license-system/latest/index.html
 
-# Docker
+[__TOC__]
 
-## Load Images
+# Installation
 
-First copy `nls-X.Y.Z-bios.zip` to `/opt/nls-X.Y.Z-bios.zip` with SFTP/SSH.
+## Docker
 
-```shell
-# set version
-export VERSION=3.4.1
-# extract archive
-unzip nls-$VERSION-bios.zip
-# goto directory
-cd nls-$VERSION-bios
-```
+1. Install Docker on your system where NLS should run
+2. Download latest release (*date of writing `v3.4.1`*)
+3. Copy archive (`nls-X.Y.Z-bios.zip`) to your Docker-Server
+4. Set version \
+   `export VERSION=3.4.1`
+5. Extract archive \
+   `unzip nls-$VERSION-bios.zip`
+   `cd nls-$VERSION-bios`
+6. Import Images into Docker \
+   `docker load --input dls_appliance_$VERSION.tar.gz` \
+   `docker load --input dls_pgsql_$VERSION.tar.gz` \
+   `docker load --input dls_upgrade_$VERSION.tar.gz` (optional)
+7. Goto `docker` directory
+   `cd docker`
+8. Create Envirnoment-File
+   `touch .env`
+9. Add the following line to this file
+   `echo "DLS_PUBLIC_IP=<your-ipv4>" > .env`
+10. Start Docker-Stack
+    `docker compose up -d`
+11. Show running containers \
+    `docker container ls`
 
-Import Images into Docker:
+# Reverse Engineering Notes
 
-```shell
-# appliance
-docker load --input dls_appliance_$VERSION.tar.gz
-# postgres
-docker load --input dls_pgsql_$VERSION.tar.gz
-# upgrade-image (optional)
-docker load --input dls_upgrade_$VERSION.tar.gz
-```
+Notes about accessing file structure and database can be found [here](Reverse%20Engineering%20Notes.md).
 
-## Start service
+# Debug Information
 
-```shell
-cd docker
-docker compose up -d
-````
-
-## Dump Filestructure
-
-Prepare output:
-
-```shell
-mkdir /tmp/out
-```
-
-Show running containers:
-
-```shell
-docker container ls
-```
-
-Copy directory structure (using container-id from `dls:appliance_$VERSION`)
-
-```shell
-docker cp -a <container-id>:/venv/lib /tmp/out
-# Successfully copied ...MB to /tmp/out/
-```
-
-Now you have the required directory structure in `/tmp/out/lib/python?.??/site-packages`.
-
-## Re-Tag Images and upload to this registry
-
-Show Images:
-
-```shell
-docker image ls
-````
-
-Tag Images:
-
-```shell
-docker image tag <image-id-dls_appliance> registry.git.collinwebdesigns.de/nvidia/nls/appliance:$VERSION
-docker image tag <image-id-dls_pgsql> registry.git.collinwebdesigns.de/nvidia/nls/pgsql:$VERSION
-docker image tag <image-id-dls_upgrade> registry.git.collinwebdesigns.de/nvidia/nls/upgrade:$VERSION
-```
-
-Upload Images:
-
-```shell
-# Login to private registry
-docker login registry.git.collinwebdesigns.de
-# Push images
-docker image push registry.git.collinwebdesigns.de/nvidia/nls/appliance:$VERSION
-docker image push registry.git.collinwebdesigns.de/nvidia/nls/pgsql:$VERSION
-docker image push registry.git.collinwebdesigns.de/nvidia/nls/upgrade:$VERSION
-```
+Debug information about licensing process, token-exchange and certificates can be found [here](DEBUG.md).

Reverse Engineering Notes.md

@@ -0,0 +1,111 @@
+# Reverse Engineering Notes
+
+For this research, NLS Docker-Setup is used.
+
+- More about Docker Images https://git.collinwebdesigns.de/nvidia/nls
+
+[__TOC__]
+
+# Appliance
+
+## Get / Copy file structure
+
+1. Log in to your Docker-Server
+2. Create a target directory (e.g. `mkdir /opt/nls-files`)
+3. Get the Container-ID of the NLS-Appliance (`docker ps`)
+4. Copy files from container \
+   `docker cp -r <container-id->`
+
+## About configuration data
+
+- Most variables and configs are stored in `/var/lib/docker/volumes/configurations/_data`.
+- Config-Variables are in `etc/dls/config/service_env.conf`.
+
+## NLS Logs
+
+Logs are found in `/var/lib/docker/volumes/logs/_data`.
+
+Most interesting logs are:
+
+- `fileInstallation.log`
+- `serviceInstance.log`
+
+## File manipulation
+
+- Files can be copied with `docker cp <container-id>:/venv/... /opt/localfile/...`.
+- Files can be directly edited via Docker-Volume mounts
+    - see `df -h` (one is nls, the other postgres container)
+      ```
+      overlay   16G   11G  5.6G  66% /var/lib/docker/overlay2/<hash>/merged
+      overlay    16G   11G  5.6G  66% /var/lib/docker/overlay2/<hash>/merged
+      ```
+    - then you can edit files with e.g. `nano venv/lib/python3.12/site-packages/...`
+
+**After you edit any file directly, service needs to be restarted** `docker restart <container-id>`.
+
+# Database
+
+## DB Access
+
+Valid users are `dls_writer` and `postgres`.
+
+1. Log in to your Docker-Server
+2. Get the Container-ID of the NLS-Postgres (`docker ps`)
+3. Use psql \
+   `docker exec -it <container-id> psql -h localhost -U postgres`
+4. (optional) Create a superuser for external access \
+   `CREATE USER admin WITH LOGIN SUPERUSER PASSWORD 'admin';`
+5. Add exposed port to `docker-compose.yaml`
+   5.1 Add `ports: [ '5432:5432' ]` into `...`-section
+
+## Table Structure
+
+Some information about Database / Table structure can be found [here](Database.md).
+
+# Logging / Stack Trace
+
+- https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html#troubleshooting-dls-instance
+
+# Nginx
+
+- NGINX uses `/opt/certs/cert.pem` and `/opt/certs/key.pem`
+
+# Other tools / files
+
+Other tools / files which may can helpful, but not known for what they are used.
+
+**Appliance**
+
+- `/etc/dls/config/site_key_uri.bin`
+- `/etc/dls/config/dls_db_password.bin`
+
+**Database**
+
+- `/etc/dls/config/decryptor/decryptor`
+
+# Usefully commands on Client
+
+## Check licensing status
+
+- `nvidia-smi -q | grep "License"`
+
+**Output**
+
+```
+vGPU Software Licensed Product
+        License Status                    : Licensed (Expiry: 2023-1-14 12:59:52 GMT)
+```
+
+## Track licensing progress
+
+- NVIDIA Grid Log: `journalctl -u nvidia-gridd -f`
+
+```
+systemd: Started NVIDIA Grid Daemon.
+nvidia-gridd: Configuration parameter ( ServerAddress  ) not set
+nvidia-gridd: vGPU Software package (0)
+nvidia-gridd: Ignore service provider and node-locked licensing
+nvidia-gridd: NLS initialized
+nvidia-gridd: Acquiring license. (Info: license.nvidia.space; NVIDIA RTX Virtual Workstation)
+nvidia-gridd: License acquired successfully. (Info: license.nvidia.space, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-29 22:3:0 GMT)
+```