Skip to content
Snippets Groups Projects
Commit cc3e0fa3 authored by root's avatar root
Browse files

add docker-compose support

parent 6fc340be
No related branches found
No related tags found
No related merge requests found
version: "3"
services:
fod:
build:
context: .
dockerfile: docker-compose/Dockerfile_FOD
container_name: fod
privileged: true
expose:
- "8000"
ports:
- "0.0.0.0:8000:8000"
env_file:
- ./docker-compose/.env_fod
networks:
fod:
ipv4_address: 10.197.36.2
volumes:
- ./:/opt/FOD
freertr:
build:
context: docker-compose
dockerfile: Dockerfile_FREERTR
container_name: freertr
privileged: true
expose:
- "23"
ports:
- "127.0.0.1:2323:2323"
env_file:
- ./docker-compose/.env_freertr
networks:
fod:
ipv4_address: 10.197.36.3
depends_on:
- fod
volumes:
- freertr:/opt
networks:
fod:
driver: bridge
ipam:
driver: default
config:
- subnet: 10.197.36.0/28
volumes:
freertr:
ADMIN_PASS=adminpwd
ADMIN_EMAIL=admin@localhost.local
FOD_ORG=testpeer
FOD_ORG_NET=0.0.0.0/0
FOD_EXABGP_LOCAL_ID=10.197.36.2
FOD_EXABGP_LOCAL_IP=10.197.36.2
FOD_EXABGP_LOCAL_AS=1001
FOD_EXABGP_REMOTE_ID=10.197.36.3
FOD_EXABGP_REMOTE_IP=10.197.36.3
FOD_EXABGP_REMOTE_AS=2001
VARIABLE=test
FROM ubuntu:latest
LABEL maintainer="FOD"
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update -y && apt-get install -y locales
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
dpkg-reconfigure --frontend=noninteractive locales && \
update-locale LANG=en_US.UTF-8
ENV LANG en_US.UTF-8
COPY docker-compose/fod_setup_environment.sh /opt/setup_environment.sh
RUN mkdir -p /var/run/supervisor
RUN apt-get update -y && apt-get -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confold' --assume-yes -fuy dist-upgrade
RUN apt-get install -y git less man make gcc strace ltrace lsof file vim tshark tcpdump curl wget net-tools sudo psutils procps iptables iputils-ping iputils-tracepath hping3 iproute2 supervisor
RUN useradd exabgp
WORKDIR /opt/FOD
EXPOSE 8000
CMD /opt/setup_environment.sh && supervisord -c docker-compose/fod_supervisord.conf
FROM debian:sid
LABEL maintainer="FOD"
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update -y && apt-get install -y locales wget netcat-openbsd less man vim
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
dpkg-reconfigure --frontend=noninteractive locales && \
update-locale LANG=en_US.UTF-8
ENV LANG en_US.UTF-8
WORKDIR /opt
RUN wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-deps.sh -O install-deps.sh && \
wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-rtr.sh -O install-rtr.sh && \
wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-clean.sh -O install-clean.sh && \
chmod +x /opt/*
RUN ./install-deps.sh
RUN ./install-rtr.sh
RUN ./install-clean.sh
RUN mkdir -p /rtr && \
wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/hwdet-init.sh -O /rtr/hwdet-init.sh && \
wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/hwdet-mgmt.sh -O /rtr/hwdet-mgmt.sh && \
wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/start-rtr.sh -O /rtr/start-rtr.sh && \
chmod +x /rtr/*
COPY freertr.cfg /rtr/rtr-sw.txt
COPY freertr_setup_environment.sh /usr/local/bin/setup_environment.sh
CMD /usr/local/bin/setup_environment.sh
#!/bin/bash
set -e
if [ -e /opt/setup_ok ]; then
exit 0
else
cd /opt/FOD
./install-debian.sh --here --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
/opt/FOD/venv/bin/python -m pip install exabgp
touch /opt/setup_ok
fi
[unix_http_server]
file=/var/run/supervisor/supervisor.sock
[supervisord]
pidfile=/tmp/supervisord.pid
nodaemon=true
logfile=/var/log/supervisor/supervisord.log
logfile_maxbytes=10MB
logfile_backups=10
loglevel=info
childlogdir=/var/log/supervisor
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/supervisor/supervisor.sock
[program:fod]
directory=/opt/FOD
command=/opt/FOD/pythonenv gunicorn -b 0.0.0.0:8000 flowspy.wsgi -w 10 -k gevent --limit-request-fields 10000 --timeout 30 --graceful-timeout 25
autostart=true
autorestart=true
priority=10
minfds=32768
numprocs=1
logfile_maxbytes=100MB
stdout_logfile_backups = 0
stderr_logfile_backups = 0
stdout_events_enabled=true
stderr_events_enabled=true
stderr_logfile=/opt/FOD/log/gunicorn-stdout.log
stdout_logfile=/opt/FOD/log/gunicorn-stderr.log
[program:celerybeat]
directory=/opt/FOD
command=/opt/FOD/pythonenv celery -A flowspy worker -B --concurrency=2 -l info -f logs/celery.log
autostart=true
autorestart=true
priority=10
minfds=32768
logfile_maxbytes=100MB
numprocs=1
startsecs=10
stdout_logfile_backups = 0
stderr_logfile_backups = 0
stdout_events_enabled=true
stderr_events_enabled=true
stderr_logfile=/var/log/supervisor/celerybeat.log
stdout_logfile=/var/log/supervisor/celerybeat.log
[program:exabgp]
directory=/opt/FOD
#command=/opt/FOD/exabgp/run-exabgp-generic 10.197.36.2 10.197.36.2 1001 10.197.36.3 10.197.36.3 2001
command=/opt/FOD/exabgp/run-exabgp-generic %(ENV_FOD_EXABGP_LOCAL_ID)s %(ENV_FOD_EXABGP_LOCAL_IP)s %(ENV_FOD_EXABGP_LOCAL_AS)s %(ENV_FOD_EXABGP_REMOTE_ID)s %(ENV_FOD_EXABGP_REMOTE_IP)s %(ENV_FOD_EXABGP_REMOTE_AS)s
autostart=true
autorestart=true
priority=10
minfds=32768
logfile_maxbytes=100MB
numprocs=1
startsecs=10
stdout_logfile_backups = 0
stderr_logfile_backups = 0
stdout_events_enabled=true
stderr_events_enabled=true
stderr_logfile=/var/log/supervisor/exabgp.log
stdout_logfile=/var/log/supervisor/exabgp.log
[program:redis]
command=/usr/bin/redis-server
autostart=true
autorestart=true
priority=10
minfds=32768
logfile_maxbytes=10MB
numprocs=1
startsecs=10
stdout_logfile_backups = 0
stderr_logfile_backups = 0
stdout_events_enabled=true
stderr_events_enabled=true
stderr_logfile=/var/log/supervisor/redis.log
stdout_logfile=/var/log/supervisor/redis.log
hostname router
buggy
!
!
crypto rsakey rsa import $v10$TUlJRW9nSUJBQUtDQVFCNUcxQjJGd216Ly9rTDJKN0xjdTZHckxmVGdjOEJ6aHpnNHVteEhJaVFrdFZ4U2xnQmFFSDBlQmhFdlhJMzA4d2ZNaUVvcWEzNnBMdFlKN3pmK0pGekIrRWJtdDJNZUc2ZURxc3IreGhsSmMzYkozTzhvNVRjZEIxblhKbEV2T0RlOTdycTJnT0xPSjJGaFdwbVBBd3dYTStLVXMxR05iL1hWR09tQUJrMzhlNXpYMU9XU01Oa0dEUXV1MEt3WUNub2pvbXBQdnMvZktVNW13b3ZCeXk3MjNTakdOQ3BYTEQweGRnTUord1ZSQ2NkV1huejk4bUNzRVBtKzJlbTJQbDMrVWU0WnNSVFJQb1JWTHdmVWdNcnViZ21BdFE1QWJtSTdDejdWZmQzRHVpbkVuZFJLSzl0N3dWeEVpcUZkN2Z2c2pYc0hoNVQrK2hqSnJ3TVc3UWxBZ01CQUFFQ2dnRUFSVWlvRm5jRm1SR204KzBBbzVuajllNFgySXZaMXNtSTRldFBFSUVuYTdabEg4UU5adml6U3QzdDNGMlpXM0R5eFNJVHNFU3FnTXIvVnVhYytuRWxITzcwREt2amRYcHNwa1gwRFZ4QVQ1VjZHSmVRY2VvUHZyTTdJeWZwazFhUE8xLzBjbWs1UDh1cTZua3lMcnpKcUYxZ2FsMEdqTlV4SkVwbUc5RFFuSjBrbkw1Vkp4WmQzSTMvOStPZFVtOWJWM3NrdTVBTXk2YnhQOCtSOTJ5QzVFdThvTFoxMUxUVXk2TXNBb3FsalhIcWhIOVlTQ2RLaEtpenFKVEpOSVI3WVVQK0FOb0E0aWwrZXlzSFFQaS94L3dEVGdRY2czZ1N5SFpNYXNIRW51d1VCV2pGOWdYZ2R1VEVtc3VQVGdKdCtZZG4zcXJIMWkxamcxbDlGSGUxWVFLQmdRREJNNjBNUFNkL1pqZU9nQW5MUS94VlBnN2V6NnlnOENweHdsbWNwL25YbWM2TDdJa3dVUXJ0OGlMREN2clZ2dUZYVS9jell1Q2ZYVUc2MVVnNENMQldSM05LcXFuYVJSQ2hNdTBNV2JGd01wVHRHcjN3NXFlbXVtdU1VYWp5Z0pmK2Y2RFNtU01nbG5sR1E3M2FsVkx4bHl6TlE3RGVNdGd6eThyV1lhSytpUUtCZ1FDZ2VKblFuVDN2dkVhT3RzWUdKQVFYUXBFNk5ocjl0OW9TSjJ5dGMyWGpoL0pDbGhSMTBjYndnRzJ0SWhHVHE2WnQxSWNzNCtxVWxsdUxkUDBrRWRjQTErTXBKa3FLand1UE9MTjVUL1JaQ2pxSUJVL3lGR2xkeDlaN29tNGVLUFBPRDROdGZTKzdHRmdqTHB5ajFEOGFldDZ4OFJRVXV6bGRvNksycnlLQnZRS0JnUUNidmVwN2VUakR6RVJ3ek9vWVB6L0QvM2pCU0N2aXVIZWVxSXJRYStCTldxRlR6bU53M1lPditJYnBMNHF3ajJUYm5zWWhXRTIyYWRpNG9ZSE1HY1Q4YURDYU9pVWQzSnJoTjBvN3NIb0c5ZDl6bXlFT2R3RWl1QmhHVHZXZ051VlB0TmFScmZ6UklqdTAxcHJPLzV5VFA4aFAxNGRXTnlwdDVwUW1hU0psOFFLQmdFbVlCYkxPNm1EUUQrdlRsdTJxQnRaRUNTYVJPYit5V2FpSnZDV3dEc0pTenFBTEJFY2tkZ0JHWmdaSTRaYS8yZ3YwdENtNlBSTDRBZlBySzAwbmdWczVwMHh2Nnkrd2VyU3NaR0wyY0RHRnAySktUV2ZRUktKbHk4L1hwbmplZnpHNW02VFRETmpaU1ZLWlJlMDhvZFFiRlphMTRXZkFsWWFFVFZOSzdxQmhBb0dBVmIyZmduRlM1ZWJjZUx5cXY1ZHFwYU9iUVljZC9vV0FaWVJBQ1BGNGNHZHk0cE85QWV2ejd5UHN4OXB6SUNsS0hNNU9DQmtXMHNLNkt2ZHI3TUR1NFVVenR5SnNXOURMUmFuSUg4OCtaZ0hYZnk3TThyNmJzTklrVlMyQml6SExXRmVZNW5kOWt2WFZMOHNQY3dVN2dvM29VUEZlVkRFdm1ZanpsVkZFcm1NPQ==
!
crypto dsakey dsa import $v10$TUlJQnVRSUJBQUtCZ0Rxa3VCZldzSW5TdW8zMkJ1N1FIS1lrSUczQ1pnS1BvT2NXK0NqNUY5ODNXNkFmV1h3RUpMZnNPWVM0OWpKUVh2RW9HUzJHM1lOb01tQm9kM3NEbUUrZFhCQjNTbjloTWdjdGhFS3FhOWNuR054ZG5nLzdwejBQYXJUbHdmYXpxeVNwL3RHeE9FTDNrNWFBRk91MUxNbXpEY1dlTTk3cEU0c2tVTnFyRmUrckFoVUF1YVMzdi8yWGpsMDM3U3VMZWFOR21POVNqQ0VDZ1lBTjU1dHlaNi9tL05VMHdWdy95ZnM2N3QxcWJ5dkp3MHFnZWRST2RSZEYyUzlXdjZmK3VRb0hzWEZDZVJibXIxdXZtUXFINVZTVEcrUzc3cDB4SEEraVR0cm1KU0JaREZLR2lLYzJDYWVzakNPZHJ4a2NVeEJTeG9jT0FUVVJId1UvSXJXbkxxSVlXTkFDcEJlQjJBTmVVcW9xaXdUMjVqQWhlM3lXTGZtTGFRS0JnQ25YNC9tdzZZUDArY1l4Q3RhbnJPcWNZeDR6bDlXSmtmSjJ6NENhL0lGSmxxeVJIUUhMNmxEWnprSTJBWmlMUmUzNksxUHVYT3E0NXlibkM3RlJKVGRvUSs3RWxydmdlUTlvT2M1blRzckk5UXRGdmJLVjVTa3RleFNtS0Z3RXRNbk9nUkdZems1VzIwb3lWOU5lU1lsNi9ZRkdFdGZKa0pzdHpkU3Y1YWI5QWhRM0ZFaW5XdFNnM2Y2S0pNSHN3WlZvd3IrRjZRPT0=
!
crypto ecdsakey ecdsa import $v10$TUhRQ0FRRUVJQURQR2VsOVU5ZndGNFRGOXNja1JoYWFFWUVYSHJEem5VV1lxVHh5ZHJNNW9BY0dCU3VCQkFBS29VUURRZ0FFdTN3TENSVVVzekFEWTlXOG0wbXhDMTJhQWMxUnpOWGh4bUFwRE9PUVlEWGFzRUtDNmdnVFYvUzNZUHFYdGd1Z3BEZ013WVpack5oNFVMQ1hTUTFhYVE9PQ==
!
aaa list auth1
exit
!
aaa userlist netconfusr
username netconf
username netconf password $v10$bmV0Y29uZg==
exit
!
access-list access-all
sequence 10 permit all any all any all
exit
!
access-list rule1
sequence 10 deny 6 15.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
sequence 20 deny 6 16.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
sequence 30 deny 7 16.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
sequence 80 deny 7 16.10.10.2 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
exit
!
policy-map flowspec-v4
sequence 1 action drop
sequence 1 match access-group rule1
!
exit
!
vrf definition CORE
rd 1:1
exit
!
vrf definition inet
exit
!
router uni2flow4 1
vrf CORE
distance 10
justadvert loopback1
exit
!
router uni2flow6 1
vrf CORE
distance 10
justadvert loopback1
exit
!
interface loopback0
vrf forwarding CORE
ipv4 address 2.2.2.1 255.255.255.255
ipv6 address 4321::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
no shutdown
no log-link-change
exit
!
interface loopback1
vrf forwarding CORE
ipv4 address 2.2.2.101 255.255.255.255
ipv6 address 4321::101 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
no shutdown
no log-link-change
exit
!
interface loopback2
vrf forwarding CORE
ipv4 address 2.2.2.201 255.255.255.255
ipv6 address 4321::201 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
no shutdown
no log-link-change
exit
!
!interface ethernet1
! description veth pair end point to crian testbed
! lldp enable
! vrf forwarding CORE
! ipv4 address 12.12.12.2 255.255.255.0
! mpls enable
! mpls ldp4
! no shutdown
! no log-link-change
! exit
!
!interface ethernet2
! description tap1 to exabgp
! lldp enable
! vrf forwarding CORE
! ipv4 address 14.0.0.2 255.255.255.0
! mpls enable
! mpls ldp4
! no shutdown
! no log-link-change
! exit
!
router bgp4 1
!vrf CORE
vrf OOB
local-as 1
router-id 4.4.4.1
no safe-ebgp
address-family unicast flowspec
flowspec-install
flowspec-advert flowspec-v4
!
neighbor 10.197.36.2 remote-as 1001
neighbor 10.197.36.2 local-as 2001
neighbor 10.197.36.2 address-family unicast flowspec
neighbor 10.197.36.2 distance 30
neighbor 10.197.36.2 send-community standard extended
!
!
!
redistribute connected
redistribute uni2flow4 1
exit
!
router bgp6 1
vrf CORE
local-as 1
router-id 6.6.6.1
no safe-ebgp
address-family unicast flowspec
!
neighbor 1234:1::2 remote-as 2
neighbor 1234:1::2 local-as 1
neighbor 1234:1::2 address-family unicast flowspec
neighbor 1234:1::2 distance 20
neighbor 1234:1::2 send-community standard extended
!
!
redistribute connected
redistribute uni2flow6 1
exit
!
console0
no exec authorization
no login authentication
exit
!
proxy-profile OOB
vrf CORE
exit
!
!
ipv4 route CORE 10.0.3.1 255.255.255.0 14.0.0.1
ipv4 route CORE 10.3.0.1 255.255.255.255 14.0.0.1
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
server telnet netconf1
security protocol ssh
security authentication netconfusr
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
port 830
second-port 829
exec autocommand netconf
no exec authorization
no login authentication
vrf inet
exit
!
server telnet tel1
security protocol telnet
exec height -1
exec monitor
no exec authorization
no login authentication
vrf inet
exit
!
server telnet teloob
security protocol telnet
exec height -1
exec monitor
no exec authorization
no login authentication
vrf OOB
exit
!
client capture-path /rtr/run/pcap/
!
end
#!/bin/bash
IFINDEX=$(docker exec freertr cat /sys/class/net/eth0/iflink)
IFNAME=$(ip a | grep ^${IFINDEX} | awk -F\: '{print $2}' | awk -F\@ '{print $1}')
ethtool -k $IFNAME | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K $IFNAME "$key" off; done
#!/bin/bash
ethtool -k eth0 | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K eth0 "$key" off; done
/rtr/hwdet-init.sh
/rtr/hwdet-mgmt.sh
exec java -Xmx1024m -jar /rtr/rtr.jar routerc /rtr/run/conf/rtr-
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment