Skip to content
Snippets Groups Projects
Commit 2ab0e05b authored by Tomáš Čejka's avatar Tomáš Čejka
Browse files

NETCONF container with Juniper Router configuration model

This container can be used for testing Firewall on Demand
parent adb2f100
No related branches found
No related tags found
No related merge requests found
FROM ubuntu:18.04
MAINTAINER mislav.novakovic@sartura.hr
RUN \
apt-get update && apt-get install -y \
# general tools
git \
cmake \
build-essential \
vim \
supervisor \
# libyang
libpcre3-dev \
pkg-config \
# sysrepo
libavl-dev \
libev-dev \
libprotobuf-c-dev \
protobuf-c-compiler \
# netopeer2 \
libssh-dev \
libssl-dev \
# bindings
swig \
python-dev
# add netconf user
RUN \
adduser --system netconf && \
echo "netconf:netconf" | chpasswd
# generate ssh keys for netconf user
RUN \
mkdir -p /home/netconf/.ssh && \
ssh-keygen -A && \
ssh-keygen -t dsa -P '' -f /home/netconf/.ssh/id_dsa && \
cat /home/netconf/.ssh/id_dsa.pub > /home/netconf/.ssh/authorized_keys
# use /opt/dev as working directory
RUN mkdir /opt/dev
WORKDIR /opt/dev
# libyang
RUN \
git clone https://github.com/CESNET/libyang.git && \
cd libyang && mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE:String="Debug" -DENABLE_BUILD_TESTS=OFF .. && \
make -j2 && \
make install && \
ldconfig
# sysrepo
RUN \
git clone https://github.com/sysrepo/sysrepo.git && \
cd sysrepo && mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE:String="Debug" -DREQUEST_TIMEOUT=60 -DENABLE_TESTS=OFF -DREPOSITORY_LOC:PATH=/etc/sysrepo .. && \
make -j2 && \
make install && \
ldconfig
# libnetconf2
RUN \
git clone https://github.com/CESNET/libnetconf2.git && \
cd libnetconf2 && mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE:String="Debug" -DENABLE_BUILD_TESTS=OFF .. && \
make -j2 && \
make install && \
ldconfig
# netopeer2
RUN \
cd /opt/dev && \
git clone https://github.com/CESNET/Netopeer2.git && \
cd Netopeer2/server && mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE:String="Debug" .. && \
make -j2 && \
make install && \
cd ../../cli && mkdir build && cd build && \
cmake -DCMAKE_BUILD_TYPE:String="Debug" .. && \
make -j2 && \
make install
ENV EDITOR vim
EXPOSE 830
COPY configuration.yang /opt/dev/configuration.yang
COPY junos-extension.yang /opt/dev/junos-extension.yang
RUN /usr/local/bin/sysrepoctl -i -g /opt/dev/configuration.yang
RUN /usr/local/bin/sysrepoctl -i -g /opt/dev/junos-extension.yang
COPY supervisord.conf /etc/supervisord.conf
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
This diff is collapsed.
/*
* Copyright (c) 2017 Juniper Networks, Inc.
* All rights reserved.
*/
module junos-extension {
namespace "http://xml.juniper.net/junos/15.1F6/junos";
prefix junos;
import ietf-yang-metadata {
prefix md;
}
organization
"Juniper Networks, Inc.";
description
"This module contains definitions for Junos YANG extensions.";
extension must {
argument "stmt-algebra";
description "
expression of configuration-statement paths having special
keywords like any, all, unique";
}
extension must-message {
argument "message-string";
description "
When specifying the junos:must constraint, a must-message should
also be specified so that when the contraint is not met,the
warning message informs users what the constraints are.
If the must-message is missing, the input file will compile,
but the warning message will say (null) which won't be
helpful for users to fix the problem";
}
extension posix-pattern {
argument "value";
description "
expression of pattern in posix format";
}
extension pattern-message {
argument "value";
description "
Error message in case of mismatch";
}
md:annotation commit-seconds {
type uint64;
}
md:annotation commit-localtime {
type string;
}
md:annotation commit-user {
type string;
}
}
docker build -t juniper .
docker run -it --name juniper -p 830:830 --rm juniper:latest
netopeer2-cli
> connect -l netconf -p 830 localhost
Password: netconf
[supervisord]
nodaemon=true
logfile=/var/log/supervisord.log
loglevel=debug
[program:sysrepod]
command=/usr/local/bin/sysrepod -d
autorestart=true
redirect_stderr=true
priority=1
[program:application_example]
command=/opt/dev/sysrepo/build/examples/application_example configuration
autorestart=true
redirect_stderr=true
priority=2
[program:netopeer2-server]
command=/usr/local/bin/netopeer2-server -d -c MSG
autorestart=true
redirect_stderr=true
priority=3
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment