diff --git a/tools/multi_nodes_gate/airship_gate/lib/all.sh b/tools/multi_nodes_gate/airship_gate/lib/all.sh index d13cbe20..a594ebe5 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/all.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/all.sh @@ -15,6 +15,7 @@ source "$LIB_DIR"/ssh.sh source "$LIB_DIR"/virsh.sh source "$LIB_DIR"/airship.sh source "$LIB_DIR"/ingress.sh +source "$LIB_DIR"/bgp.sh if [[ -v GATE_DEBUG && ${GATE_DEBUG} = "1" ]]; then set -x diff --git a/tools/multi_nodes_gate/airship_gate/lib/bgp.sh b/tools/multi_nodes_gate/airship_gate/lib/bgp.sh new file mode 100644 index 00000000..8012ab22 --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/lib/bgp.sh @@ -0,0 +1,33 @@ +QUAGGA_DAEMONS="${TEMP_DIR}/daemons" +QUAGGA_DEBIAN_CONF="${TEMP_DIR}/debian.conf" +QUAGGA_BGPD_CONF="${TEMP_DIR}/bgpd.conf" + +bgp_router_config() { + quagga_as_number=$(config_bgp_as "quagga_as") + calico_as_number=$(config_bgp_as "calico_as") + quagga_ip=$(config_vm_ip "build") + + QUAGGA_AS=${quagga_as_number} CALICO_AS=${calico_as_number} QUAGGA_IP=${quagga_ip} envsubst '${QUAGGA_AS} ${CALICO_AS} ${QUAGGA_IP}' < "${TEMPLATE_DIR}/bgpd_conf.sub" > "${QUAGGA_BGPD_CONF}" + + cp "${TEMPLATE_DIR}/daemons.sub" "${QUAGGA_DAEMONS}" + cp "${TEMPLATE_DIR}/debian_conf.sub" "${QUAGGA_DEBIAN_CONF}" + +} + +bgp_router_start() { + # nodename where BGP router should run + nodename=$1 + remote_work_dir="/var/tmp/quagga" + + remote_daemons_file="${remote_work_dir}/$(basename $QUAGGA_DAEMONS)" + remote_debian_conf_file="${remote_work_dir}/$(basename $QUAGGA_DEBIAN_CONF)" + remote_bgpd_conf_file="${remote_work_dir}/$(basename $QUAGGA_BGPD_CONF)" + + ssh_cmd "${nodename}" mkdir -p "${remote_work_dir}" + + rsync_cmd "$QUAGGA_DAEMONS" "${nodename}:${remote_daemons_file}" + rsync_cmd "$QUAGGA_DEBIAN_CONF" "${nodename}:${remote_debian_conf_file}" + rsync_cmd "$QUAGGA_BGPD_CONF" "${nodename}:${remote_bgpd_conf_file}" + + ssh_cmd "${nodename}" docker run -ti -d --net=host --privileged -v /var/tmp/quagga:/etc/quagga --restart always --name Quagga $IMAGE_QUAGGA +} diff --git a/tools/multi_nodes_gate/airship_gate/lib/config.sh b/tools/multi_nodes_gate/airship_gate/lib/config.sh index 3c0b85a4..d60b866d 100644 --- a/tools/multi_nodes_gate/airship_gate/lib/config.sh +++ b/tools/multi_nodes_gate/airship_gate/lib/config.sh @@ -10,6 +10,7 @@ export IMAGE_PROMENADE_CLI=${IMAGE_PROMENADE_CLI:-quay.io/airshipit/promenade:cf export IMAGE_PEGLEG_CLI=${IMAGE_PEGLEG_CLI:-quay.io/airshipit/pegleg:50ce7a02e08a0a5277c2fbda96ece6eb5782407a} export IMAGE_SHIPYARD_CLI=${IMAGE_SHIPYARD_CLI:-quay.io/airshipit/shipyard:4dd6b484d11e86ad51da733841b9ef137421d461} export IMAGE_COREDNS=${IMAGE_COREDNS:-docker.io/coredns/coredns:1.2.2} +export IMAGE_QUAGGA=${IMAGE_QUAGGA:-docker.io/cumulusnetworks/quagga:CL3.3.2} export IMAGE_DRYDOCK_CLI=${IMAGE_DRYDOCK_CLI:-quay.io/airshipit/drydock:d93d6d5a0a370ced536180612d1ade708e29cd47} export IMAGE_DOCKER_REGISTRY=${IMAGE_DOCKER_REGISTRY:-"docker.io/registry:2"} export PROMENADE_DEBUG=${PROMENADE_DEBUG:-0} @@ -87,6 +88,11 @@ config_vm_userdata() { fi } +config_bgp_as() { + as_number=${1} + jq -cr ".bgp.${as_number}" < "${GATE_MANIFEST}" +} + config_ingress_domain() { jq -cr '.ingress.domain' < "${GATE_MANIFEST}" } diff --git a/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json b/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json index 75ebac87..9bb6a855 100644 --- a/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json +++ b/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json @@ -36,6 +36,11 @@ "script": "ingress-dns.sh", "arguments": ["build"] }, + { + "name": "Create BGP router", + "script": "bgp-router.sh", + "arguments": ["build"] + }, { "name": "Genesis", "script": "genesis.sh", @@ -102,5 +107,9 @@ "io_profile": "fast", "bootstrap": false } + }, + "bgp" : { + "quagga_as": 64688, + "calico_as": 64671 } } diff --git a/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json b/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json index 9dd4634b..028be0ef 100644 --- a/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json +++ b/tools/multi_nodes_gate/airship_gate/manifests/multinode_genesis.json @@ -36,6 +36,11 @@ "script": "ingress-dns.sh", "arguments": ["build"] }, + { + "name": "Create BGP router", + "script": "bgp-router.sh", + "arguments": ["build"] + }, { "name": "Genesis", "script": "genesis.sh", @@ -84,5 +89,9 @@ "ip": "172.24.1.13", "bootstrap": false } + }, + "bgp" : { + "quagga_as": 64688, + "calico_as": 64671 } } diff --git a/tools/multi_nodes_gate/airship_gate/stages/bgp-router.sh b/tools/multi_nodes_gate/airship_gate/stages/bgp-router.sh new file mode 100755 index 00000000..d9566777 --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/stages/bgp-router.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +# Copyright 2018 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +source "${GATE_UTILS}" + +BGP_ROUTER=$1 + +bgp_router_config +bgp_router_start ${BGP_ROUTER} diff --git a/tools/multi_nodes_gate/airship_gate/templates/bgpd_conf.sub b/tools/multi_nodes_gate/airship_gate/templates/bgpd_conf.sub new file mode 100644 index 00000000..f739e81e --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/templates/bgpd_conf.sub @@ -0,0 +1,20 @@ +log file /var/log/quagga/bgpd.log +! +! +router bgp ${QUAGGA_AS} + bgp router-id ${QUAGGA_IP} + neighbor calico peer-group + neighbor calico remote-as ${CALICO_AS} + bgp listen range 0.0.0.0/0 peer-group calico + ! + address-family ipv4 unicast + neighbor calico route-map calico-node-fix-same-as out + exit-address-family +! +route-map calico-node-fix-same-as permit 100 + set as-path exclude ${CALICO_AS} + set as-path prepend ${QUAGGA_AS} +! +line vty +! + diff --git a/tools/multi_nodes_gate/airship_gate/templates/daemons.sub b/tools/multi_nodes_gate/airship_gate/templates/daemons.sub new file mode 100644 index 00000000..86afd8ad --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/templates/daemons.sub @@ -0,0 +1,7 @@ +zebra=yes +bgpd=yes +ospfd=no +ospf6d=no +ripd=no +ripngd=no +isisd=no diff --git a/tools/multi_nodes_gate/airship_gate/templates/debian_conf.sub b/tools/multi_nodes_gate/airship_gate/templates/debian_conf.sub new file mode 100644 index 00000000..006c1904 --- /dev/null +++ b/tools/multi_nodes_gate/airship_gate/templates/debian_conf.sub @@ -0,0 +1,19 @@ +# +# If this option is set the quagga script automatically loads +# the config via "vtysh -b" when the servers are started. +# Check /etc/pam.d/quagga if you intend to use "vtysh"! +# +vtysh_enable=yes +zebra_options=" -s 90000000 --daemon -A 0.0.0.0" +bgpd_options=" --daemon -A 0.0.0.0 -p 179" +ospfd_options=" --daemon -A 127.0.0.1" +ospf6d_options=" --daemon -A ::1" +ripd_options=" --daemon -A 127.0.0.1" +ripngd_options=" --daemon -A ::1" +isisd_options=" --daemon -A 127.0.0.1" +pimd_options=" --daemon -A 127.0.0.1" +ldpd_options=" --daemon -A 127.0.0.1" + +# The list of daemons to watch is automatically generated by the init script. +watchquagga_enable=yes +watchquagga_options=(-adz -r /usr/sbin/servicebBquaggabBrestartbB%s -s /usr/sbin/servicebBquaggabBstartbB%s -k /usr/sbin/servicebBquaggabBstopbB%s -b bB -t 90) diff --git a/tools/multi_nodes_gate/setup_gate.sh b/tools/multi_nodes_gate/setup_gate.sh index 2b4bcaf8..973d3b53 100755 --- a/tools/multi_nodes_gate/setup_gate.sh +++ b/tools/multi_nodes_gate/setup_gate.sh @@ -94,6 +94,13 @@ if [[ ! -d ${VIRSH_POOL_PATH} ]]; then sudo mkdir -p "${VIRSH_POOL_PATH}" fi +log_stage_header "Disabling br_netfilter" +br_netfilter_files=('bridge-nf-call-arptables' 'bridge-nf-call-iptables' 'bridge-nf-call-ip6tables') +for br_netfilter_file in "${br_netfilter_files[@]}" +do + sudo sh -c "(echo "0" > /proc/sys/net/bridge/${br_netfilter_file})" +done + if [[ ${REQUIRE_RELOG} -eq 1 ]]; then echo log_note "You must ${C_HEADER}log out${C_CLEAR} and back in before the gate is ready to run."