search

srl-labs / containerlab

container-based networking labs
https://containerlab.dev
BSD 3-Clause "New" or "Revised" License
1.48k stars 251 forks source link

passing variable of default gateway ipv4-gw (arista cEOS example) #796

Closed marekplaza closed 2 years ago

marekplaza commented 2 years ago

HI,

Could someone add an option to pass variable representing docker network (IP) assigned to bridge (ipv4-gw) in topology YAML file to make it possible to use in startup-config (to pass it as a variable in jinja template)? Or maybe it is easy to extract and pass - please give me a hint :) For instance, for Arista cEOS it could look just that:

in the topology file we have

name: test mgmt: bridge: oobbridge network: oobnetwork ipv4_subnet: 172.20.20.0/24 ipv4-gw: 172.20.20.11 <= variable to exclude from here..

topology: kinds: ceos: image: ceos64-lab:4.27.1.1F startup-config: vrf-mgmt.cfg <= and pass it as variable to jinja template in startup config.

The startup-config file vrf-mgmt.cfg looks like:

hostname {{ .ShortName }} ! username admin privilege 15 secret admin ! service routing protocols model multi-agent ! interface Management0 {{ if .MgmtIPv4Address }}ip address {{ .MgmtIPv4Address }}/{{.MgmtIPv4PrefixLength}}{{end}} {{ if .MgmtIPv6Address }}ipv6 address {{ .MgmtIPv6Address }}/{{.MgmtIPv6PrefixLength}}{{end}} ! interface Management1 vrf mgmt ! vrf instance mgmt ! no ip routing vrf mgmt ! management api gnmi transport grpc default vrf mgmt ! management api netconf transport ssh default vrf mgmt ! management api http-commands vrf mgmt no shutdown ! ip route vrf mgmt 0.0.0.0/0 {{ .ipv4-gw }} <== I would like to pass information about gw to startupconfig end

for some reason the ipv4_subnet would be available as well (i.e. for some ACL)

Thanks in , regards Marek

networkop commented 2 years ago

I might have a need for this as well. @hellt what's involved in getting this reviewed? Do we need a consensus from some of the Arista folks before we can start working on a PR?

hellt commented 2 years ago

@networkop I think it is good to be implemented in a PR if anybody comes up with one I will be happy to review/test

hellt commented 2 years ago

Hey @marekplaza do you want to test this? ipv4 gw is now part of the default startup config, with the static route create in the global VRF

if you need to change that for some VRF scope, then you would need to provide your own startup-config and reference this variable inside the template as 

{{ if .MgmtIPv4Gateway }}ip route 0.0.0.0/0 {{ .MgmtIPv4Gateway }}{{end}}

With the following pull command you get a containerlab binary at your working directory. To use this downloaded binary - ./containerlab deploy.... Make sure not forget to add ./ prefix in order to use the downloaded binary and not the globally installed containerlab!

docker run --rm -v $(pwd):/workspace ghcr.io/oras-project/oras:v0.12.0 pull ghcr.io/srl-labs/clab-oci:8e779e44

maybe you will see an error when trying to run this binary, then call it as

ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH=go1.18 containerlab deploy ...
marekplaza commented 2 years ago

Hello @hellt

It works like a charm:)

details:

root@chaos:/home/marpla# echo $ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH | ./containerlab deploy -t clab_ipv4_gw.yaml -d --reconfigure

where we have: a) topology file:

name: CLAB_GW_TEST
prefix: ""
mgmt:
  network: CLAB_GW_TEST
  ipv4_subnet: 172.100.16.0/24
  external-access: true
topology:
  kinds:
    ceos:
      image: marekplaza/ceos64-lab:4.27.1.1F
  nodes:
# clients
    CLIENT-1:
      kind: ceos
      startup-config: clab_ipv4_gw.cfg
      mgmt_ipv4: 172.100.16.10
  links:
# Clients links
  - endpoints:
    - CLIENT-1:eth1
    - CLIENT-1:eth2
#configpath: ""

b) configfile: 

hostname {{ .ShortName }}
!
no aaa root
!
username admin privilege 15 secret admin
username cvpadmin privilege 15 role network-admin secret sha512 XXX
!
service routing protocols model multi-agent
!
interface Management0
    vrf mgmt
{{ if .MgmtIPv4Address }}ip address {{ .MgmtIPv4Address }}/{{.MgmtIPv4PrefixLength}}{{end}}
{{ if .MgmtIPv6Address }}ipv6 address {{ .MgmtIPv6Address }}/{{.MgmtIPv6PrefixLength}}{{end}}
    no lldp transmit
    no lldp receive
!
interface Ethernet1
   channel-group 1 mode active
   lacp timer fast
!
interface Ethernet2
   channel-group 1 mode active
   lacp timer fast
!
interface Ethernet3
   channel-group 2 mode active
   lacp timer fast
!
interface Ethernet4
   channel-group 2 mode active
   lacp timer fast
!
vrf instance mgmt
!
ip routing
!
ip routing vrf mgmt
!
management api gnmi
    transport grpc default
      vrf mgmt
!
management api netconf
   transport ssh default
      vrf mgmt
!
management api http-commands
   protocol http
   protocol unix-socket
   no shutdown
   !
   vrf mgmt
      no shutdown
!
ip name-server vrf mgmt 8.8.8.8
!
ntp server vrf mgmt tempus1.gum.gov.pl iburst
!
{{ if .MgmtIPv4Gateway }}ip route vrf mgmt 0.0.0.0/0 {{ .MgmtIPv4Gateway }}{{end}}

and finally, we got things running (fragment of config):

...
!
interface Management0
   vrf mgmt
   ip address 172.100.16.10/24
!
ip routing
ip routing vrf mgmt
!
ip route vrf mgmt 0.0.0.0/0 172.100.16.1
!
ntp server vrf mgmt tempus1.gum.gov.pl iburst
!
end

and test:

CLIENT-1#ping vrf mgmt 8.8.8.8 repeat 1 source 172.100.16.10
PING 8.8.8.8 (8.8.8.8) 72(100) bytes of data.
76 bytes from 8.8.8.8: icmp_seq=1 ttl=116 (truncated)

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 7.500/7.500/7.500/0.000 ms
CLIENT-1#

Thank You so much for your involvement once again! Now it helps many NetDevOps build more IaC test labs and so on! :)