vnet_router: add Dockerfile.vnet_router0a which provides only NETCONF server...

vnet_router: add Dockerfile.vnet_router0a which provides only NETCONF server based on netconfd, not a full vnet

Dockerfile.vnet_router0

+router-container/Dockerfile
\ No newline at end of file

Dockerfile.vnet_router0a

+
+##############################################################################
+##############################################################################
+# instructions:
+
+# 1. build container, e.g., by: 
+#> docker build -f Dockerfile.vnet_router0a -t vnet0a .
+
+#> docker run -t -i vnet0a
+
+# ADDITIONAL INFOMATION:
+# Of course one needs to have a running working FoD container in parallel
+# and that one has to be configured
+# to use the vnet_router container for NETCONF:
+# flowspy/settings.py OR flowspy/settings_local.py (the latter will override settings of thee former):
+
+# ...
+# 'NETCONF_DEVICE': '172.17.0.3', # only an example, so change value to whatever is the IP address of the netconf db server container
+# 'NETCONF_PASS': 'netconf',
+# 'NETCONF_PORT': 830,
+# 'NETCONF_USER': 'netconf',
+# ...
+
+##############################################################################
+##############################################################################
+# Dockerfile proper:
+
+# 1.
+FROM ubuntu:18.04
+
+##
+
+# 2. install all dependencies in advance 
+RUN apt-get -qqy update
+RUN DEBIAN_FRONTEND="noninteractive" apt-get -qqy install mininet iptables iproute2 tcpdump tshark iputils-ping iputils-tracepath hping3 gawk sshpass lsof strace snmpd snmp
+  
+RUN DEBIAN_FRONTEND="noninteractive" apt-get -qqy install netconfd yangcli socat openssh-server rsyslog
+
+# 3. copy yang config
+RUN mkdir -p /opt/dev
+WORKDIR /opt/dev
+COPY vnet_router/configuration.yang /opt/dev/
+
+# 3. copy vnet_router management script 
+COPY vnet_router/fod_vnet_router /
+
+##
+
+# ./vnet_router/fod_vnet_router
+# 4. default start command:
+#CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
+#CMD [ "bash", "-c", "set -x; nohup /usr/bin/supervisord -c /etc/supervisord.conf & sleep 5 ;/fod_vnet_router --init" ]
+#CMD [ "/fod_vnet_router", "--init.sysstart.netconfd" ]
+CMD [ "/fod_vnet_router", "--init.netconfserver.netconfd" ]
+
+##############################################################################
+##############################################################################
+

Dockerfile.vnet_router2

@@ -4,11 +4,11 @@
 # instructions:
 
 # 1. build container, e.g., by: 
-#> docker build -f Dockerfile.vnet_router1 -t vnet .
+#> docker build -f Dockerfile.vnet_router2 -t vnet2 .
 
 # 2. before running container make sure openvswitch module is loaded in kernel (modprobe openvswitch) and run container with --privileged (needed for openvswitch inside container)
 #> modprobe openvswitch
-#> docker run -t -i --privileged vnet
+#> docker run -t -i --privileged vnet2
 
 # 3. after being started you can additionally enter the container (find its DOCKERID by 'docker ps'), e.g., by:
 #> docker exec -i -t DOCKERID /fod_vnet_router --mnexec h1 ping h2

doc/installation/v1.7/docker.md

@@ -102,6 +102,10 @@ with NETCONF port 830, NETCONF_USER "netconf" and NETCONF_PASS "netconf"
 Now, FoD can submit FlowSpec rules which are actually only stored inside the NETCONF test server
 without an actual effect on any network, but FoD functionality of controlling rules can be tested. 
 
+### NETCONF test server docker container based on netconfd instead of netopeer
+
+similar to router-container/Dockerfile but will use netconfd (DEBIAN package) instead of CESNET's netopeer NETCONF server
+
 ### NETCONF test server docker container extended to virtual DDoS test network
 
 Based on an instance of the NETCONF test server docker container
@@ -114,7 +118,7 @@ SNMPd and a Perl SNMPd statistic collector script
 Yields a more complete simulation of a router for FoD.
 
 Dockerfile.vnet_router1 : 
-Dockerfile.vnet_router2 : similar to Dockerfile.vnet_router1, but will use netconf instead of CENSET's netopeer NETCONF server
+Dockerfile.vnet_router2 : similar to Dockerfile.vnet_router1, but will use netconfd (DEBIAN package) instead of CESNET's netopeer NETCONF server
 (instructions how to build and run inside the Dockerfiles)
 
 

vnet_router/fod_vnet_router

@@ -118,13 +118,17 @@ elif [ "$1" = "--init.netconfserver.netopeer2" -o "$1" = "--init.netconfserver"
 elif [ "$1" = "--init.sysstart.netconfd" -o "$1" = "--init.sysstart2" ]; then #arg
   shift 1
 
-  "$0" --init.netconfserver.netconfd &
+  "$0" --init.netconfserver.netconfd 1 &
   sleep 5
 
   exec "$0" --init "$@"
 
 elif [ "$1" = "--init.netconfserver.netconfd" ]; then #arg # alternative to netopeer2 netconf server
   shift 1
+  inbg="$1"
+  shift 1
+
+  #set -x
 
   apt-get -qqy update
   DEBIAN_FRONTEND="noninteractive" apt-get -qqy install netconfd yangcli socat openssh-server rsyslog
@@ -149,9 +153,17 @@ elif [ "$1" = "--init.netconfserver.netconfd" ]; then #arg # alternative to neto
   /etc/init.d/ssh start
   /etc/init.d/rsyslog start
 
-  #netconfd --module configuration --superuser=netconf --log-level=debug4
-  #nohup netconfd --modpath "/usr/share/yuma/modules/:." --module configuration --superuser=netconf --log-level=info &> netconfd.log &
-  nohup netconfd --module configuration --superuser=netconf --log-level=info &> netconfd.log &
+  if [ "$inbg" = 1 ]; then
+    #netconfd --module configuration --superuser=netconf --log-level=debug4
+    #nohup netconfd --modpath "/usr/share/yuma/modules/:." --module configuration --superuser=netconf --log-level=info &> netconfd.log &
+    ip -4 address show eth0 | grep inet 1>&2
+    echo 1>&2
+    nohup netconfd --module configuration --superuser=netconf --log-level=info &> netconfd.log &
+  else
+    ip -4 address show eth0 | grep inet 1>&2
+    echo 1>&2
+    exec netconfd --module configuration --superuser=netconf --log-level=info #&> netconfd.log
+  fi
 
 ##############################################################################
 ##############################################################################