1.4. Running vCGNAT in Docker¶
Warning
This installation is only suitable for functional tests!
First, install Docker and KVM. Make sure the following modules are installed:
- $ modprobe kvm kvm_intel¶
Building Docker Image¶
You do not need to build a Docker image yourself. You can contact our sales department for Docker and qcow2 images.
Running Container¶
Note
Here is a description of the network connection to the container using veth interfaces.
Run the container by specifying the required number of dataplane interfaces in the CLAB_INTFS environment variable. In this example, the default Docker network is used for management (usually it is 172.17.0.1/16). The address from this network is assigned to the vCGNAT management interface. It is possible to create another network and connect it with the
--networkoption:- $ docker run -d --name vcgnat -e CLAB_INTFS=1 --privileged <image_name> --username admin --password admin --hostname vcgnat --connection-mode tc --trace¶
It’s obligatory to create a shell access to the network namespace of the container (make network namespace available to work using the shell):
- $ export pid="$(docker inspect -f '{{.State.Pid}}' vcgnat)"¶
- $ sudo ln -sf /proc/$pid/ns/net "/var/run/netns/vcgnat"¶
Using a pair of
vethinterfaces, associate the main network namespace and the namespace in which vCGNAT works. Сreate as many pairs of interfaces as there are interfaces required for the dataplane. Enable interfaces on both sides:- $ sudo ip link add eth101 type veth peer eth1 netns vcgnat¶
- $ sudo ip link set eth101 up¶
- $ sudo ip netns exec vcgnat ip link set eth1 up¶
After that, the script inside the container should be able to find the dataplane interfaces that have been already added into it, and the virtual machine should start loading:
user:~$ docker logs vcgnat 2022-09-08 12:04:35,470: vrnetlab DEBUG Creating overlay disk image 2022-09-08 12:04:35,527: vrnetlab DEBUG Starting vrnetlab NFWare 2022-09-08 12:04:35,527: vrnetlab DEBUG VMs: [<__main__.NFWare_vm object at 0x7f44598bae80>] 2022-09-08 12:04:35,531: vrnetlab DEBUG VM not started; starting! 2022-09-08 12:04:35,531: vrnetlab INFO Starting NFWare_vm 2022-09-08 12:04:35,531: vrnetlab DEBUG number of provisioned data plane interfaces is 1 2022-09-08 12:04:35,532: vrnetlab DEBUG waiting for provisioned interfaces to appear... 2022-09-08 12:05:00,556: vrnetlab DEBUG interfaces provisioned, continuing... 2022-09-08 12:05:00,557: vrnetlab DEBUG ['qemu-system-x86_64', '-enable-kvm', '-display', 'none', '-machine', 'pc', '-monitor', 'tcp:0.0.0.0:4000,server,nowait', '-m', '7000', '-serial', 'telnet:0.0.0.0:5000,server,nowait', '-drive', 'if=ide,file=/None_968cbe26 405a_vcgnat_4.3.2.qcow2,cache=unsafe', '-cpu', 'host', '-smp', '2', '-monitor', 'tcp:0.0.0.0:3000,server,nowait', '-device', 'pci-bri dge,chassis_nr=1,id=pci.1', '-device', 'virtio-net-pci,netdev=p00,mac=52:54:00:1e:cc:00', '-netdev', 'user,id=p00,net=10.0.0.0/24,tft p=/tftpboot,hostfwd=tcp::2022-10.0.0.15:22,hostfwd=udp::2161-10.0.0.15:161,hostfwd=tcp::2830-10.0.0.15:830,hostfwd=tcp::2080-10.0.0.1 5:80,hostfwd=tcp::2443-10.0.0.15:443', '-device', 'virtio-net-pci,netdev=p01,mac=52:54:00:e2:38:01,bus=pci.1,addr=0x2', '-netdev', 't ap,id=p01,ifname=tap1,script=/etc/tc-tap-ifup,downscript=no'] 2022-09-08 12:05:00,557: vrnetlab DEBUG joined cmd: qemu-system-x86_64 -enable-kvm -display none -machine pc -monitor tcp:0.0.0. 0:4000,server,nowait -m 7000 -serial telnet:0.0.0.0:5000,server,nowait -drive if=ide,file=/None_968cbe26405a_vcgnat_4.3.2.qcow2,cache =unsafe -cpu host -smp 2 -monitor tcp:0.0.0.0:3000,server,nowait -device pci-bridge,chassis_nr=1,id=pci.1 -device virtio-net-pci,netd ev=p00,mac=52:54:00:1e:cc:00 -netdev user,id=p00,net=10.0.0.0/24,tftp=/tftpboot,hostfwd=tcp::2022-10.0.0.15:22,hostfwd=udp::2161-10.0 .0.15:161,hostfwd=tcp::2830-10.0.0.15:830,hostfwd=tcp::2080-10.0.0.15:80,hostfwd=tcp::2443-10.0.0.15:443 -device virtio-net-pci,netde v=p01,mac=52:54:00:e2:38:01,bus=pci.1,addr=0x2 -netdev tap,id=p01,ifname=tap1,script=/etc/tc-tap-ifup,downscript=no
Loading takes a few minutes, and once it is finished, you can connect to vCGNAT via ssh:
user:~$ ssh [email protected] [email protected]'s password: Last login: Thu Sep 8 12:09:14 2022 Hello, this is NFWare OS. vcgnat# sh int brief Interface Status VRF Addresses --------- ------ --- --------- if0 up default lo up default vcgnat#
Add
vethinterfaces in the main network namespace to bridges and send traffic using them according to your needs:- $ sudo ip link add br-vcgnat type bridge¶
- $ sudo ip link set up br-vcgnat¶
- $ sudo brctl addif br-vcgnat eth101¶
- $ sudo ip a add 10.0.100.1/24 dev br-vcgnat¶