Skip to content
Snippets Groups Projects
Commit 54fa7e28 authored by David Schmitz's avatar David Schmitz
Browse files

vnet_router: add Dockerfile.vnet_router2 which uses netconfd instead of netopeer2

parent 3e994895
Branches
No related tags found
No related merge requests found
##############################################################################
##############################################################################
# instructions:
# 1. build container, e.g., by:
#> docker build -f Dockerfile.vnet_router1 -t vnet .
# 2. before running container make sure openvswitch module is loaded in kernel (modprobe openvswitch) and run container with --privileged (needed for openvswitch inside container)
#> modprobe openvswitch
#> docker run -t -i --privileged vnet
# 3. after being started you can additionally enter the container (find its DOCKERID by 'docker ps'), e.g., by:
#> docker exec -i -t DOCKERID /fod_vnet_router --mnexec h1 ping h2
#> docker exec -i -t DOCKERID /fod_vnet_router --mnexec h2 hping3 --udp -s 15 -k 10.0.0.3
# ADDITIONAL USE:
# 4. '/fod_vnet_router --init.sysstart' in the start CMD below accepts mininet arguments after '--init.sysstart' which it will pass on to the started mininet; so change line below accordingly (and rebuild container): e.g.,
# CMD [ "/fod_vnet_router", "--init.sysstart", "--topo=linear,10" ]
# CMD [ "/fod_vnet_router", "--init.sysstart", "--topo=tree" ]
# or alternatively just use modified command for running the container, e.g., by:
#> docker run -t -i --privileged vnet /fod_vnet_router --init.sysstart --topo=linear,10
#> docker run -t -i --privileged vnet /fod_vnet_router --init.sysstart --topo=tree,2
# 5. alternatively use container running in background only with netconf db server on startup
# (running more permanently, e.g., in order to remember netconf db data (FoD rules) + rules info with counters in ovs/snmp state file):
#> docker run -d -t -i --privileged vnet /fod_vnet_router --init.netconfserver
# then start vnet_router management in entered shell in container (find its DOCKERID by 'docker ps'), e.g., by:
#> docker exec -i -t DOCKERID /fod_vnet_router --init --topo=tree,2 # accepts arguments for mininet as --init.sysstart
# after exiting mininet shell, now ovs and snmpd will stay running
# ADDITIONAL INFOMATION:
# Of course one needs to have a running working FoD container in parallel
# and that one has to be configured
# to use the vnet_router container for NETCONF and SNMP stats polling:
# flowspy/settings.py OR flowspy/settings_local.py (the latter will override settings of thee former):
# ...
# 'NETCONF_DEVICE': '172.17.0.3', # only an example, so change value to whatever is the IP address of the netconf db server container
# 'NETCONF_PASS': 'netconf',
# 'NETCONF_PORT': 830,
# 'NETCONF_USER': 'netconf',
#
# 'SNMP_IP': ['172.17.0.3'], # only an example, so change value to whatever is the IP address of the netconf db server container
# 'SNMP_COMMUNITY': 'public',
# ...
##############################################################################
##############################################################################
# Dockerfile proper:
# 1. start from already built and working NETCONF container
# (built from router-container/Dockerfile , but currently fails to be rebuilt):
FROM cejkat/fod-router
##
# 2. install all dependencies in advance (/fod_vnet_router --init.sysstart will check again and might install anything still missing)
RUN apt-get -qqy update
RUN DEBIAN_FRONTEND="noninteractive" apt-get -qqy install mininet iptables iproute2 tcpdump tshark iputils-ping iputils-tracepath hping3 gawk sshpass lsof strace snmpd snmp
RUN DEBIAN_FRONTEND="noninteractive" apt-get -qqy install netconfd yangcli socat openssh-server rsyslog
# 3. copy vnet_router management script + snmp feeder pass_persisttest_bgpflowspec (+ pass_persisttest only for testing/demonstration)
COPY vnet_router/configuration.yang /opt/dev/
COPY vnet_router/fod_vnet_router /
COPY vnet_router/snmp/pass_persisttest_bgpflowspec /
COPY vnet_router/snmp/snmp-release/pass_persisttest /
##
# ./vnet_router/fod_vnet_router
# 4. default start command:
#CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
#CMD [ "bash", "-c", "set -x; nohup /usr/bin/supervisord -c /etc/supervisord.conf & sleep 5 ;/fod_vnet_router --init" ]
CMD [ "/fod_vnet_router", "--init.sysstart.netconfd" ]
##############################################################################
##############################################################################
This diff is collapsed.
...@@ -39,24 +39,12 @@ if [ "$1" = "--init" ]; then #arg ...@@ -39,24 +39,12 @@ if [ "$1" = "--init" ]; then #arg
## ##
"$0" --loop &> /dev/null & #"$0" --loop &> /dev/null &
nohup "$0" --loop &> poll-loop.log &
jobs jobs
"$0" --runmn "$@" #arg rest "$0" --runmn "$@" #arg rest
elif [ "$1" = "--init.sysstart" ]; then #arg
shift 1
"$0" --init.netconfserver &
sleep 5
exec "$0" --init "$@"
elif [ "$1" = "--init.netconfserver" ]; then #arg
shift 1
exec nohup /usr/bin/supervisord -c /etc/supervisord.conf # start NETCONF container
elif [ "$1" = "--runmn" ]; then #arg elif [ "$1" = "--runmn" ]; then #arg
shift 1 shift 1
...@@ -110,6 +98,60 @@ elif [ "$1" = "--init-snmp" ]; then #arg ...@@ -110,6 +98,60 @@ elif [ "$1" = "--init-snmp" ]; then #arg
snmpwalk -v2c -cpublic localhost .1 snmpwalk -v2c -cpublic localhost .1
##############################################################################
##############################################################################
# related to netconf server init
elif [ "$1" = "--init.sysstart.netopeer2" -o "$1" = "--init.sysstart" ]; then #arg
shift 1
"$0" --init.netconfserver.netopeer2 &
sleep 5
exec "$0" --init "$@"
elif [ "$1" = "--init.netconfserver.netopeer2" -o "$1" = "--init.netconfserver" ]; then #arg
shift 1
exec nohup /usr/bin/supervisord -c /etc/supervisord.conf # start netopeer2 NETCONF container, as provided in the docker image
elif [ "$1" = "--init.sysstart.netconfd" -o "$1" = "--init.sysstart2" ]; then #arg
shift 1
"$0" --init.netconfserver.netconfd &
sleep 5
exec "$0" --init "$@"
elif [ "$1" = "--init.netconfserver.netconfd" ]; then #arg # alternative to netopeer2 netconf server
shift 1
apt-get -qqy update
DEBIAN_FRONTEND="noninteractive" apt-get -qqy install netconfd yangcli socat openssh-server rsyslog
if ! grep -q "Subsystem netconf /usr/sbin/netconf-subsystem" "/etc/ssh/sshd_config"; then
(
echo "Port 22"
echo "Port 830"
echo "Subsystem netconf /usr/sbin/netconf-subsystem"
)>>/etc/ssh/sshd_config
fi
useradd netconf
chsh -s /bin/bash netconf
if grep -q '^netconf:' /etc/shadow; then
sed -i -e 's/^netconf:.*$/netconf:$6$VaQVpTvj$YKvNyGgEjtfohuXuFsp8WhMOY1WnpuNGs0KYksRu98IlNBAKY65E2DOmZulczhu.bsaeJWBSEM4rLlhK8.vOf0:18905:0:99999:7:::/' /etc/shadow # passwd = netconf
else
echo 'netconf:$6$VaQVpTvj$YKvNyGgEjtfohuXuFsp8WhMOY1WnpuNGs0KYksRu98IlNBAKY65E2DOmZulczhu.bsaeJWBSEM4rLlhK8.vOf0:18905:0:99999:7:::/' >> /etc/shadow # passwd = netconf
fi
/etc/init.d/ssh start
/etc/init.d/rsyslog start
#netconfd --module configuration --superuser=netconf --log-level=debug4
nohup netconfd --module configuration --superuser=netconf --log-level=info &> netconfd.log &
############################################################################## ##############################################################################
############################################################################## ##############################################################################
# related to netconf data fetching, parsing to ruleinfo list and processing that list to take effect on the switches # related to netconf data fetching, parsing to ruleinfo list and processing that list to take effect on the switches
...@@ -156,12 +198,34 @@ elif [ "$1" = "--process_netconf" ]; then #arg ...@@ -156,12 +198,34 @@ elif [ "$1" = "--process_netconf" ]; then #arg
elif [ "$1" = "--get_netconf_data" ]; then #arg elif [ "$1" = "--get_netconf_data" ]; then #arg
shift 1 shift 1
mkdir -p ~/.ssh if type -p yangcli &>/dev/null; then
ssh-keygen -l -f ~/.ssh/known_hosts -F [localhost]:830 >/dev/null || ssh-keyscan -4 -p 830 localhost >> ~/.ssh/known_hosts
#echo -e "connect server=localhost user=netconf password=netconf\nget-config --source running" | yangcli
#if type -p mktemp &>/dev/null; then
# tmpscript1="$(mktemp)"
#else
# tmpscript1="tmpscript1"
#fi
#echo "get-config --source running" > "$tmpscript1"
#yangcli display-mode=xml server=localhost user=netconf password=netconf batch-mode run-script="$tmpscript1" | awk '/^RPC Data Reply/ { start=1; } start { print; }'
#rm -f "$tmpscript1"
#which socat &>/dev/null || apt-get install socat 1>&2
#echo "get-config --source running" | socat - EXEC:'yangcli display-mode=xml server=localhost user=netconf password=netconf',pty,setsid,ctty | awk '/^yangcli netconf@localhost> get-config --source running/ { start=1; } start { print; }'
which sshpass &>/dev/null || apt-get install sshpass 1>&2 # yangcli has issue when it is not running on a terminal, even in batch-mode
#echo -e "connect -l netconf -p 830 localhost\nget-config --source running" | sshpass -pnetconf /usr/local/bin/netopeer2-cli echo "get-config --source running" | socat - EXEC:'yangcli display-mode=xml server=localhost user=netconf password=netconf',pty,setsid,ctty | awk '/^RPC Data Reply/ { start=1; } start { print; }'
echo -e "connect -l netconf -p 830 localhost\nget-config --source running" | sshpass -v -PPassword: -pnetconf /usr/local/bin/netopeer2-cli
elif [ -x /usr/local/bin/netopeer2-cli ]; then
mkdir -p ~/.ssh
ssh-keygen -l -f ~/.ssh/known_hosts -F [localhost]:830 >/dev/null || ssh-keyscan -4 -p 830 localhost >> ~/.ssh/known_hosts
which sshpass &>/dev/null || apt-get install sshpass 1>&2
#echo -e "connect -l netconf -p 830 localhost\nget-config --source running" | sshpass -pnetconf /usr/local/bin/netopeer2-cli
echo -e "connect -l netconf -p 830 localhost\nget-config --source running" | sshpass -v -PPassword: -pnetconf /usr/local/bin/netopeer2-cli
fi
elif [ "$1" = "--parse_netconf_to_ruleinfo" -o "$1" = "--parse" ]; then #arg elif [ "$1" = "--parse_netconf_to_ruleinfo" -o "$1" = "--parse" ]; then #arg
shift 1 shift 1
...@@ -370,7 +434,10 @@ elif [ "$1" = "--counter" ]; then #arg # for manual querying/testing only ...@@ -370,7 +434,10 @@ elif [ "$1" = "--counter" ]; then #arg # for manual querying/testing only
else #arg else #arg
#exec "$0" --init "$@" #arg rest #exec "$0" --init "$@" #arg rest
exec "$0" --process1 "$@" #arg rest #exec "$0" --process1 "$@" #arg rest
echo "unknown args $*" 1>&2
exit 2
fi fi
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment