Add bgp peering in virtual airship

Simulate a bgp router by using quagga and make
calico bird to peer with it.

Change-Id: I6c8770ba48e24d2994cfe615905602ba4b92c207
Signed-off-by: Dimitrios Markou <dimitrios.markou@att.com>
This commit is contained in:
Dimitrios Markou 2019-03-08 16:28:15 -06:00
parent 6ff3e527e1
commit 5b435d6526
10 changed files with 134 additions and 0 deletions

View File

@ -15,6 +15,7 @@ source "$LIB_DIR"/ssh.sh
source "$LIB_DIR"/virsh.sh source "$LIB_DIR"/virsh.sh
source "$LIB_DIR"/airship.sh source "$LIB_DIR"/airship.sh
source "$LIB_DIR"/ingress.sh source "$LIB_DIR"/ingress.sh
source "$LIB_DIR"/bgp.sh
if [[ -v GATE_DEBUG && ${GATE_DEBUG} = "1" ]]; then if [[ -v GATE_DEBUG && ${GATE_DEBUG} = "1" ]]; then
set -x set -x

View File

@ -0,0 +1,33 @@
QUAGGA_DAEMONS="${TEMP_DIR}/daemons"
QUAGGA_DEBIAN_CONF="${TEMP_DIR}/debian.conf"
QUAGGA_BGPD_CONF="${TEMP_DIR}/bgpd.conf"
bgp_router_config() {
quagga_as_number=$(config_bgp_as "quagga_as")
calico_as_number=$(config_bgp_as "calico_as")
quagga_ip=$(config_vm_ip "build")
QUAGGA_AS=${quagga_as_number} CALICO_AS=${calico_as_number} QUAGGA_IP=${quagga_ip} envsubst '${QUAGGA_AS} ${CALICO_AS} ${QUAGGA_IP}' < "${TEMPLATE_DIR}/bgpd_conf.sub" > "${QUAGGA_BGPD_CONF}"
cp "${TEMPLATE_DIR}/daemons.sub" "${QUAGGA_DAEMONS}"
cp "${TEMPLATE_DIR}/debian_conf.sub" "${QUAGGA_DEBIAN_CONF}"
}
bgp_router_start() {
# nodename where BGP router should run
nodename=$1
remote_work_dir="/var/tmp/quagga"
remote_daemons_file="${remote_work_dir}/$(basename $QUAGGA_DAEMONS)"
remote_debian_conf_file="${remote_work_dir}/$(basename $QUAGGA_DEBIAN_CONF)"
remote_bgpd_conf_file="${remote_work_dir}/$(basename $QUAGGA_BGPD_CONF)"
ssh_cmd "${nodename}" mkdir -p "${remote_work_dir}"
rsync_cmd "$QUAGGA_DAEMONS" "${nodename}:${remote_daemons_file}"
rsync_cmd "$QUAGGA_DEBIAN_CONF" "${nodename}:${remote_debian_conf_file}"
rsync_cmd "$QUAGGA_BGPD_CONF" "${nodename}:${remote_bgpd_conf_file}"
ssh_cmd "${nodename}" docker run -ti -d --net=host --privileged -v /var/tmp/quagga:/etc/quagga --restart always --name Quagga $IMAGE_QUAGGA
}

View File

@ -10,6 +10,7 @@ export IMAGE_PROMENADE_CLI=${IMAGE_PROMENADE_CLI:-quay.io/airshipit/promenade:cf
export IMAGE_PEGLEG_CLI=${IMAGE_PEGLEG_CLI:-quay.io/airshipit/pegleg:50ce7a02e08a0a5277c2fbda96ece6eb5782407a} export IMAGE_PEGLEG_CLI=${IMAGE_PEGLEG_CLI:-quay.io/airshipit/pegleg:50ce7a02e08a0a5277c2fbda96ece6eb5782407a}
export IMAGE_SHIPYARD_CLI=${IMAGE_SHIPYARD_CLI:-quay.io/airshipit/shipyard:4dd6b484d11e86ad51da733841b9ef137421d461} export IMAGE_SHIPYARD_CLI=${IMAGE_SHIPYARD_CLI:-quay.io/airshipit/shipyard:4dd6b484d11e86ad51da733841b9ef137421d461}
export IMAGE_COREDNS=${IMAGE_COREDNS:-docker.io/coredns/coredns:1.2.2} export IMAGE_COREDNS=${IMAGE_COREDNS:-docker.io/coredns/coredns:1.2.2}
export IMAGE_QUAGGA=${IMAGE_QUAGGA:-docker.io/cumulusnetworks/quagga:CL3.3.2}
export IMAGE_DRYDOCK_CLI=${IMAGE_DRYDOCK_CLI:-quay.io/airshipit/drydock:d93d6d5a0a370ced536180612d1ade708e29cd47} export IMAGE_DRYDOCK_CLI=${IMAGE_DRYDOCK_CLI:-quay.io/airshipit/drydock:d93d6d5a0a370ced536180612d1ade708e29cd47}
export IMAGE_DOCKER_REGISTRY=${IMAGE_DOCKER_REGISTRY:-"docker.io/registry:2"} export IMAGE_DOCKER_REGISTRY=${IMAGE_DOCKER_REGISTRY:-"docker.io/registry:2"}
export PROMENADE_DEBUG=${PROMENADE_DEBUG:-0} export PROMENADE_DEBUG=${PROMENADE_DEBUG:-0}
@ -87,6 +88,11 @@ config_vm_userdata() {
fi fi
} }
config_bgp_as() {
as_number=${1}
jq -cr ".bgp.${as_number}" < "${GATE_MANIFEST}"
}
config_ingress_domain() { config_ingress_domain() {
jq -cr '.ingress.domain' < "${GATE_MANIFEST}" jq -cr '.ingress.domain' < "${GATE_MANIFEST}"
} }

View File

@ -36,6 +36,11 @@
"script": "ingress-dns.sh", "script": "ingress-dns.sh",
"arguments": ["build"] "arguments": ["build"]
}, },
{
"name": "Create BGP router",
"script": "bgp-router.sh",
"arguments": ["build"]
},
{ {
"name": "Genesis", "name": "Genesis",
"script": "genesis.sh", "script": "genesis.sh",
@ -102,5 +107,9 @@
"io_profile": "fast", "io_profile": "fast",
"bootstrap": false "bootstrap": false
} }
},
"bgp" : {
"quagga_as": 64688,
"calico_as": 64671
} }
} }

View File

@ -36,6 +36,11 @@
"script": "ingress-dns.sh", "script": "ingress-dns.sh",
"arguments": ["build"] "arguments": ["build"]
}, },
{
"name": "Create BGP router",
"script": "bgp-router.sh",
"arguments": ["build"]
},
{ {
"name": "Genesis", "name": "Genesis",
"script": "genesis.sh", "script": "genesis.sh",
@ -84,5 +89,9 @@
"ip": "172.24.1.13", "ip": "172.24.1.13",
"bootstrap": false "bootstrap": false
} }
},
"bgp" : {
"quagga_as": 64688,
"calico_as": 64671
} }
} }

View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -e
source "${GATE_UTILS}"
BGP_ROUTER=$1
bgp_router_config
bgp_router_start ${BGP_ROUTER}

View File

@ -0,0 +1,20 @@
log file /var/log/quagga/bgpd.log
!
!
router bgp ${QUAGGA_AS}
bgp router-id ${QUAGGA_IP}
neighbor calico peer-group
neighbor calico remote-as ${CALICO_AS}
bgp listen range 0.0.0.0/0 peer-group calico
!
address-family ipv4 unicast
neighbor calico route-map calico-node-fix-same-as out
exit-address-family
!
route-map calico-node-fix-same-as permit 100
set as-path exclude ${CALICO_AS}
set as-path prepend ${QUAGGA_AS}
!
line vty
!

View File

@ -0,0 +1,7 @@
zebra=yes
bgpd=yes
ospfd=no
ospf6d=no
ripd=no
ripngd=no
isisd=no

View File

@ -0,0 +1,19 @@
#
# If this option is set the quagga script automatically loads
# the config via "vtysh -b" when the servers are started.
# Check /etc/pam.d/quagga if you intend to use "vtysh"!
#
vtysh_enable=yes
zebra_options=" -s 90000000 --daemon -A 0.0.0.0"
bgpd_options=" --daemon -A 0.0.0.0 -p 179"
ospfd_options=" --daemon -A 127.0.0.1"
ospf6d_options=" --daemon -A ::1"
ripd_options=" --daemon -A 127.0.0.1"
ripngd_options=" --daemon -A ::1"
isisd_options=" --daemon -A 127.0.0.1"
pimd_options=" --daemon -A 127.0.0.1"
ldpd_options=" --daemon -A 127.0.0.1"
# The list of daemons to watch is automatically generated by the init script.
watchquagga_enable=yes
watchquagga_options=(-adz -r /usr/sbin/servicebBquaggabBrestartbB%s -s /usr/sbin/servicebBquaggabBstartbB%s -k /usr/sbin/servicebBquaggabBstopbB%s -b bB -t 90)

View File

@ -94,6 +94,13 @@ if [[ ! -d ${VIRSH_POOL_PATH} ]]; then
sudo mkdir -p "${VIRSH_POOL_PATH}" sudo mkdir -p "${VIRSH_POOL_PATH}"
fi fi
log_stage_header "Disabling br_netfilter"
br_netfilter_files=('bridge-nf-call-arptables' 'bridge-nf-call-iptables' 'bridge-nf-call-ip6tables')
for br_netfilter_file in "${br_netfilter_files[@]}"
do
sudo sh -c "(echo "0" > /proc/sys/net/bridge/${br_netfilter_file})"
done
if [[ ${REQUIRE_RELOG} -eq 1 ]]; then if [[ ${REQUIRE_RELOG} -eq 1 ]]; then
echo echo
log_note "You must ${C_HEADER}log out${C_CLEAR} and back in before the gate is ready to run." log_note "You must ${C_HEADER}log out${C_CLEAR} and back in before the gate is ready to run."