FRR image and PoC lesson

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 ## In development
 
+- Added FRR PTR demo [#273](https://github.com/nre-learning/nrelabs-curriculum/pull/273)
 - Fixed Cumulus PTR demo [#271](https://github.com/nre-learning/nrelabs-curriculum/pull/271)
 - Added Cumulus PTR demo [#253](https://github.com/nre-learning/nrelabs-curriculum/pull/253)
 - Updated collection in BASH lesson file to 9 (PacketPushers) [#258](https://github.com/nre-learning/nrelabs-curriculum/pull/258)

images/frr/Dockerfile

@@ -0,0 +1,26 @@
+FROM debian:stable
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update -qy \
+ && apt-get upgrade -qy \
+ && apt-get install -y \
+    bridge-utils \
+    iproute2 \
+    python3-ipy \
+    socat \
+    screen \
+    qemu-kvm \
+    ssh \
+    tcpdump \
+    ethtool \
+    telnet \
+    procps \
+ && rm -rf /var/lib/apt/lists/*
+
+COPY frr.qcow2 /frr.qcow2
+COPY launch.sh /
+
+EXPOSE 22 161/udp 830 5000 10000-10099
+ENTRYPOINT ["/launch.sh"]
+

images/frr/Makefile

@@ -0,0 +1,11 @@
+# SHELL=/bin/bash
+
+TARGET_VERSION ?= latest
+
+all: docker
+
+docker:
+	gsutil cp "gs://nrelabs-curriculum-base-images/frr-7.2-dev/frr-7.2-dev.qcow2" "./frr.qcow2"
+	docker build --pull --no-cache -t antidotelabs/frr:$(TARGET_VERSION) .
+	docker push antidotelabs/frr:$(TARGET_VERSION)
+

images/frr/launch.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+
+mount -o rw,remount /sys
+
+random_mac () {
+    hexchars="0123456789abcdef"
+    end=$( for i in {1..6} ; do echo -n ${hexchars:$(( $RANDOM % 16 )):1} ; done | sed -e 's/\(..\)/:\1/g' )
+
+    # QEMU OUI space - important to use this
+    echo 52:54:00$end
+}
+
+ethlist=$(ls /sys/class/net | grep 'net' | grep -v 'eth0')
+
+NETDEVS=""
+
+COUNTER=0
+for eth in $ethlist
+do
+
+    let COUNTER1=COUNTER+1
+
+    net="net$COUNTER1"
+    tap="tap$COUNTER"
+    bridge=br$net$tap
+
+    ip link add $bridge type bridge
+    ip addr flush dev $net
+    ip link set $net master $bridge
+    ip tuntap add dev $tap mode tap
+    ip link set $tap master $bridge
+    ip link set $bridge up
+    ip link set $tap up
+
+    # Enable LLDP
+    echo 16384 > /sys/class/net/$bridge/bridge/group_fwd_mask
+
+    NETDEVS="$NETDEVS -netdev tap,id=dev$COUNTER,ifname=$tap,script=no,downscript=no -device virtio-net-pci,netdev=dev$COUNTER,id=eth$COUNTER1,mac=$(random_mac),multifunction=off,addr=3.$COUNTER1"
+    let COUNTER=COUNTER+1 
+done
+
+printf "%s\n" $NETDEVS
+
+
+
+
+/usr/bin/qemu-system-x86_64 \
+ --enable-kvm \
+ -cpu host \
+ -display none \
+ -machine q35 \
+ -m 2048 \
+ -serial telnet:0.0.0.0:5000,server,nowait \
+ -monitor telnet:0.0.0.0:4000,server,nowait \
+ -drive if=ide,file=/frr.qcow2,index=0 \
+ -virtfs local,path=/antidote,security_model=passthrough,mount_tag=antidote \
+ -netdev user,id=user,net=10.0.0.0/24,hostfwd=tcp::22-10.0.0.15:22,hostfwd=tcp::830-10.0.0.15:830 \
+ -device virtio-net-pci,netdev=user,mac=$(random_mac),multifunction=on,addr=3.0 \
+ $NETDEVS
+

lessons/fundamentals/lesson-98-frr/lesson.meta.yaml

@@ -0,0 +1,50 @@
+---
+lessonName: FR in NRELabs
+lessonId: 98
+category: fundamentals
+lessondiagram: https://raw.githubusercontent.com/nre-learning/nrelabs-curriculum/v0.3.2/lessons/lesson-98/lessondiagram.png
+tier: ptr
+prereqs:
+  - 22  # Python
+  - 23  # Linux
+description: FRR in NRELabs
+slug: FRR demo
+tags:
+- troubleshooting
+- tshoot
+
+endpoints:
+- name: hub
+  image: antidotelabs/frr
+  configurationType: python
+  presentations:
+  - name: cli
+    port: 22
+    type: ssh
+
+- name: branch-1
+  image: antidotelabs/frr
+  configurationType: python
+  presentations:
+  - name: cli
+    port: 22
+    type: ssh
+
+- name: branch-2
+  image: antidotelabs/frr
+  configurationType: python
+  presentations:
+  - name: cli
+    port: 22
+    type: ssh
+
+connections:
+- a: hub
+  b: branch-1
+- a: hub
+  b: branch-2
+
+stages:
+  - id: 1
+    description: FRR in NRELabs
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1.py

@@ -0,0 +1,42 @@
+import paramiko
+from glob import glob
+import os
+from scp import SCPClient
+
+host=os.environ['SYRINGE_TARGET_HOST']
+
+def createSSHClient(server, port, user, password):
+    client = paramiko.SSHClient()
+    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+    client.connect(server, port, user, password)
+    return client
+
+ssh=createSSHClient(host,22,"antidote","antidotepassword")
+
+scp=SCPClient(ssh.get_transport())
+
+#Change hostname
+
+ssh.exec_command("sudo sed -E -i 's/^(127\.0\.1\.1\s+).*/\\1branch-1/' /etc/hosts")  
+ssh.exec_command("sudo printf '%s' 'branch-1' > /etc/hostname") 
+ssh.exec_command("sudo hostname branch-1")
+
+#Copy configuration files over
+
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-1/interfaces /etc/network/interfaces')
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-1/daemons /etc/frr/daemons')
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-1/*.conf /etc/frr')
+
+ssh.exec_command('sudo chown frr:frr /etc/frr/*.conf')
+ssh.exec_command('sudo chown frr:frrvty /etc/frr/vtysh.conf')
+ssh.exec_command('sudo chmod 640 /etc/frr/*.conf')
+
+#Restart FRR and bump interfaces
+ssh.exec_command('sudo systemctl restart frr.service')
+ssh.exec_command('sudo systemctl restart networking')
+
+scp.close()
+ssh.close()
+
+
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1/bgpd.conf

@@ -0,0 +1,23 @@
+!
+! Zebra configuration saved from vty
+!   2019/09/26 08:24:11
+!
+frr version 7.2-dev
+frr defaults traditional
+!
+hostname branch-1
+log file /var/log/frr/frr.log
+!
+!
+!
+router bgp 65001
+ bgp router-id 1.1.1.2
+ neighbor 10.10.10.1 remote-as 65000
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+!
+!
+line vty
+!

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1/daemons

@@ -0,0 +1,27 @@
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr and zebra daemons are always started.
+bgpd=yes
+
+#
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -M sysrepo -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1/interfaces

@@ -0,0 +1,14 @@
+auto lo
+iface lo inet loopback
+
+auto lo:0
+iface lo:0 inet static
+    address 10.1.1.2/32
+
+auto enp0s3f0
+iface enp0s3f0 inet dhcp
+
+auto enp0s3f1
+iface enp0s3f1 inet static
+    address 10.10.10.2/30
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1/vtysh.conf

@@ -0,0 +1,2 @@
+no service integrated-vtysh-config
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-1/zebra.conf

@@ -0,0 +1,12 @@
+!
+! Zebra configuration saved from vty
+!   2019/09/26 08:24:11
+!
+frr version 7.2-dev
+frr defaults traditional
+!
+hostname branch-1
+log file /var/log/frr/frr.log
+!
+line vty
+!

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-2.py

@@ -0,0 +1,42 @@
+import paramiko
+from glob import glob
+import os
+from scp import SCPClient
+
+host=os.environ['SYRINGE_TARGET_HOST']
+
+def createSSHClient(server, port, user, password):
+    client = paramiko.SSHClient()
+    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+    client.connect(server, port, user, password)
+    return client
+
+ssh=createSSHClient(host,22,"antidote","antidotepassword")
+
+scp=SCPClient(ssh.get_transport())
+
+#Change hostname
+
+ssh.exec_command("sudo sed -E -i 's/^(127\.0\.1\.1\s+).*/\\1branch-2/' /etc/hosts")  
+ssh.exec_command("sudo printf '%s' 'branch-2' > /etc/hostname") 
+ssh.exec_command("sudo hostname branch-2")
+
+#Copy configuration files over
+
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-2/interfaces /etc/network/interfaces')
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-2/daemons /etc/frr/daemons')
+ssh.exec_command('sudo cp /antidote/stage1/configs/branch-2/*.conf /etc/frr')
+
+ssh.exec_command('sudo chown frr:frr /etc/frr/*.conf')
+ssh.exec_command('sudo chown frr:frrvty /etc/frr/vtysh.conf')
+ssh.exec_command('sudo chmod 640 /etc/frr/*.conf')
+
+#Restart FRR and bump interfaces
+ssh.exec_command('sudo systemctl restart frr.service')
+ssh.exec_command('sudo systemctl restart networking')
+
+scp.close()
+ssh.close()
+
+
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-2/bgpd.conf

@@ -0,0 +1,23 @@
+!
+! Zebra configuration saved from vty
+!   2019/09/26 08:24:11
+!
+frr version 7.2-dev
+frr defaults traditional
+!
+hostname branch-2
+log file /var/log/frr/frr.log
+!
+!
+!
+router bgp 65002
+ bgp router-id 1.1.1.3
+ neighbor 10.10.20.1 remote-as 65000
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+!
+!
+line vty
+!

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-2/daemons

@@ -0,0 +1,27 @@
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr and zebra daemons are always started.
+bgpd=yes
+
+#
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -M sysrepo -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-2/interfaces

@@ -0,0 +1,14 @@
+auto lo
+iface lo inet loopback
+
+auto lo:0
+iface lo:0 inet static
+    address 10.1.1.3/32
+
+auto enp0s3f0 
+iface enp0s3f0 inet dhcp
+
+auto enp0s3f1 
+iface enp0s3f1 inet static
+    address 10.10.20.2/30
+

lessons/fundamentals/lesson-98-frr/stage1/configs/branch-2/vtysh.conf

@@ -0,0 +1,2 @@
+no service integrated-vtysh-config
+