search

networkop / docker-topo

Docker topology builder for network simulations
BSD 3-Clause "New" or "Revised" License
138 stars 41 forks source link

docker-topo crash when running bridge driver #14

Open mkurjanski opened 5 years ago

mkurjanski commented 5 years ago

Hi, I've been experimenting with this topology builder and it's working well using veth connections. Now I'd like to expose port 22 so I could ssh into the ma1 ceos interfaces. I've read that for this I need to use bridge interfaces. After creating those it looks like the docker-topo is crushing. Could you please have a look? Thank you, Mat

`[mkurjanski@netopslab1 ceos-lab]$ cat topo2 VERSION: 2 CONF_DIR: './config' PUBLISH_BASE: 22/tcp: 2000

driver: veth

links:

[mkurjanski@netopslab1 ceos-lab]$ sudo docker-topo topo2 Traceback (most recent call last): File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 222, in _raise_for_status response.raise_for_status() File "/usr/lib/python3.4/site-packages/requests/models.py", line 893, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localunixsocket/v1.30/networks/create

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/bin/docker-topo", line 703, in main() File "/bin/docker-topo", line 602, in main devices, links = parse_v2(t_yml) File "/bin/docker-topo", line 216, in parse_v2 link = Link(link_type, 'net-{}'.format(idx), link_driver, driver_opts) File "/bin/docker-topo", line 511, in init self.get_or_create() File "/bin/docker-topo", line 517, in get_or_create self.network = self._create() File "/bin/docker-topo", line 526, in _create options=self.opts File "/usr/lib/python3.4/site-packages/docker/models/networks.py", line 153, in create resp = self.client.api.create_network(name, *args, *kwargs) File "/usr/lib/python3.4/site-packages/docker/utils/decorators.py", line 34, in wrapper return f(self, args, **kwargs) File "/usr/lib/python3.4/site-packages/docker/api/network.py", line 154, in create_network return self._result(res, json=True) File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 228, in _result self._raise_for_status(response) File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 224, in _raise_for_status raise create_api_error_from_http_exception(e) File "/usr/lib/python3.4/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception raise cls(e, response=response, explanation=explanation) docker.errors.APIError: 500 Server Error: Internal Server Error ("Failed to Setup IP tables: Unable to enable SKIP DNAT rule: (iptables failed: iptables --wait -t nat -I DOCKER -i br-c744d61204ff -j RETURN: iptables: No chain/target/match by that name. (exit status 1))") `

networkop commented 5 years ago

Hi Mat, here's the preferred way of exposing ports. You don't need to configure all ports as docker bridge interfaces. most of the times it's enough to have the first port configured a "docker bridge" port and the rest can be standard veth. Try this and see if it works for you:

VERSION: 2
CEOS_IMAGE: ceosimage:latest
PUBLISH_BASE: 
  22/tcp: 2000
driver: veth
links:
  - endpoints: ["cEOS-1:eth0", "cEOS-2:eth0"]
    driver: bridge
  - endpoints: ["cEOS-1:eth1", "cEOS-2:eth2"]

In here the first link is of type "bridge" which allows it to publish ports outside of container and the next one is normal veth.