forked from kvetrivel-contractor/boardfarm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy-boardfarm-nodes.sh
executable file
·254 lines (205 loc) · 8.09 KB
/
deploy-boardfarm-nodes.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
#!/bin/bash -xe
IFACE=${1:-undefined}
START_VLAN=${2:-101}
END_VLAN=${3:-144}
OPTS=${4:-"both"} # both, odd, even, odd-dhcp, even-dhcp
BRINT=br-bft
BF_IMG=${BF_IMG:-"bft:node"}
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
random_private_mac () {
python - <<END
import random
def randomMAC():
mac = [ (random.randint(0x00,0xff) & 0xfe), # the lsb is 0, i.e. no multicat bit
random.randint(0x00, 0xff),
random.randint(0x00, 0xff),
random.randint(0x00, 0xff),
random.randint(0x00, 0xff),
random.randint(0x00, 0xff) ]
mac_to_be_decided = ':'.join(map(lambda x : hex(x)[2:].lstrip("0x").zfill(2),mac))
return (mac_to_be_decided)
if __name__ == '__main__':
print randomMAC()
END
}
local_route () {
# TODO: This is a problem if the router network matches the host network
host_dev=$(ip route list | grep ^default | awk '{print $5}' )
local_route=$(ip route | grep "dev $host_dev" | grep src | awk '{print $1}' | head -n1)
docker0=$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
docker exec $cname ip route add $local_route dev eth0 via $docker0
}
# eth0 is docker private network, eth1 is vlan on specific interface
create_container_eth1_vlan () {
local vlan=$1
local offset=${2:-0}
cname=bft-node-$IFACE-$vlan-$offset
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-p $(( 5000 + $offset + $vlan )):22 \
-p $(( 8000 + $offset + $vlan )):8080 \
-d $BF_IMG /usr/sbin/sshd -D
sudo ip link del $IFACE.$vlan || true
sudo ip link add link $IFACE name $IFACE.$vlan type vlan id $vlan
cspace=$(docker inspect --format '{{.State.Pid}}' $cname)
sudo ip link set netns $cspace dev $IFACE.$vlan
docker exec $cname ip link set $IFACE.$vlan name eth1
docker exec $cname ip link set dev eth1 address $(random_private_mac $vlan)
}
# eth0 is docker private network, eth1 is vlan on specific interface within a bridge
create_container_eth1_bridged_vlan () {
local vlan=$1
local offset=${2:-0}
# verify settings are correct
# TODO: verify the set
sudo sysctl -w net.bridge.bridge-nf-call-arptables=0
sudo sysctl -w net.bridge.bridge-nf-call-ip6tables=0
sudo sysctl -w net.bridge.bridge-nf-call-iptables=0
cname=bft-node-$IFACE-$vlan-$offset
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-p $(( 5000 + $offset + $vlan )):22 \
-p $(( 8000 + $offset + $vlan )):8080 \
-d $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format '{{.State.Pid}}' $cname)
# create bridge
sudo ip link add br-$IFACE.$vlan type bridge || true
sudo ip link set br-$IFACE.$vlan up
# create uplink vlan on IFACE
sudo ip link delete $IFACE.$vlan || true
sudo ip link add link $IFACE name $IFACE.$vlan type vlan id $vlan
sudo ip link set dev $IFACE.$vlan address $(random_private_mac $vlan)
sudo ip link set $IFACE.$vlan master br-$IFACE.$vlan
sudo ip link set $IFACE up
sudo ip link set $IFACE.$vlan up
# add veth for new container (one per container vs. the two above are shared)
sudo ip link add v$IFACE-$vlan-$offset type veth peer name eth1 netns $cspace
sudo ip link set v$IFACE-$vlan-$offset master br-$IFACE.$vlan
sudo ip link set v$IFACE-$vlan-$offset up
docker exec $cname ip link set eth1 up
}
# eth0/eth1 are both dhcp on the main network
create_container_eth1_dhcp () {
local vlan=$1
cname=bft-node-$IFACE-$vlan
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-d --network=none $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format '{{.State.Pid}}' $cname)
# create lab network access port
sudo ip link add tempfoo link $IFACE type macvlan mode bridge
sudo ip link set dev tempfoo up
sudo ip link set netns $cspace dev tempfoo
docker exec $cname ip link set tempfoo name eth1
docker exec $cname ifconfig eth1 up
docker exec $cname dhclient eth1
}
# eth1 is on main network and static
create_container_eth1_static () {
local name=$1
local ip=$2
local default_route=$3
cname=bft-node-$IFACE-$name
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-d --network=none $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format {{.State.Pid}} $cname)
# create lab network access port
sudo ip link add tempfoo link $IFACE type macvlan mode bridge
sudo ip link set dev tempfoo up
sudo ip link set netns $cspace dev tempfoo
docker exec $cname ip link set tempfoo name eth1
docker exec $cname ip link set eth1 up
docker exec $cname ip addr add $ip dev eth1
docker exec $cname ip route add default via $default_route dev eth1
docker exec $cname ping $default_route -c3
}
# eth1 is on main network and static
create_container_eth1_static_ipvlan () {
local name=$1
local ip=$2
local default_route=$3
cname=bft-node-$IFACE-$name
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-d --network=none $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format {{.State.Pid}} $cname)
# create lab network access port
sudo ip link add tempfoo link $IFACE type ipvlan mode l2
sudo ip link set dev tempfoo up
sudo ip link set netns $cspace dev tempfoo
docker exec $cname ip link set tempfoo name eth1
docker exec $cname ip link set eth1 up
docker exec $cname ip addr add $ip dev eth1
docker exec $cname ip route add default via $default_route dev eth1
docker exec $cname ping $default_route -c3
}
# eth0 is docker private network, eth1 is static ip
create_container_eth1_static_linked () {
local name=$1
local ip=$2
local default_route=$3
local offset=$4
cname=bft-node-$IFACE-$name
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-p $(( 5000 + $offset )):22 \
-p $(( 8000 + $offset )):8080 \
-d $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format {{.State.Pid}} $cname)
# create lab network access port
sudo ip link add tempfoo link $IFACE type macvlan mode bridge
sudo ip link set dev tempfoo up
sudo ip link set netns $cspace dev tempfoo
docker exec $cname ip link set tempfoo name eth1
docker exec $cname ip link set eth1 up
docker exec $cname ip addr add $ip dev eth1
docker exec $cname ip route add default via $default_route dev eth1
docker exec $cname ping $default_route -c3
}
# eth0 is docker private network, eth1 physical device
create_container_eth1_phys () {
local dev=$1
local offset=$2
cname=bft-node-$dev
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-p $(( 5000 + $offset )):22 \
-p $(( 8000 + $offset )):8080 \
-d $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format {{.State.Pid}} $cname)
# create lab network access port
sudo ip link set netns $cspace dev $dev
docker exec $cname ip link set $dev name wlan1
docker exec $cname ip link set wlan1 up
}
# eth0 is docker private network, eth1 with device
create_container_eth1_wifi () {
local dev=$1
local offset=$2
cname=bft-node-$dev
docker stop $cname && docker rm $cname
docker run --name $cname --privileged -h $cname --restart=always \
-p $(( 5000 + $offset )):22 \
-p $(( 8000 + $offset )):8080 \
-d $BF_IMG /usr/sbin/sshd -D
cspace=$(docker inspect --format {{.State.Pid}} $cname)
# create lab network access port
sudo iw phy $(cat /sys/class/net/"$dev"/phy80211/name) set netns $cspace
docker exec $cname ip link set $dev name wlan1
docker exec $cname ip link set wlan1 up
}
[ "$IFACE" = "undefined" ] && return
echo "Creating nodes starting on vlan $START_VLAN to $END_VLAN on iface $IFACE"
for vlan in $(seq $START_VLAN $END_VLAN); do
echo "Creating node on vlan $vlan"
create_container_eth1_vlan $vlan
[ "$OPTS" = "both" ] && { local_route; continue; }
if [ $((vlan%2)) -eq 0 ]; then
[ "$OPTS" = "even" ] && local_route
elif [ "$OPTS" = "odd" ]; then
local_route
fi
done
echo "Running the command below will stop all containers and clean up everything:"
echo 'docker stop $(docker ps -q) && docker rm $(docker ps -a -q)'