-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 32a3c36
Showing
12 changed files
with
421 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
## Image name: faucet/gnmi | ||
|
||
FROM ubuntu:16.04 | ||
|
||
RUN apt-get update \ | ||
&& DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \ | ||
apt-utils \ | ||
ca-certificates \ | ||
software-properties-common \ | ||
&& add-apt-repository -y ppa:longsleep/golang-backports \ | ||
&& apt-get update | ||
|
||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \ | ||
fping \ | ||
git \ | ||
golang-go \ | ||
iproute2 \ | ||
iputils-ping \ | ||
net-tools \ | ||
netcat-openbsd \ | ||
openssh-client \ | ||
psmisc \ | ||
sudo \ | ||
vim | ||
|
||
ENV HOME=/home/faucet | ||
RUN mkdir $HOME | ||
WORKDIR $HOME | ||
|
||
COPY ./ . | ||
|
||
ENV GOPATH=$HOME/go | ||
ENV GOBIN=$GOPATH/bin | ||
ENV PATH=$GOBIN:${PATH} | ||
|
||
RUN mkdir -p \ | ||
$GOPATH \ | ||
&& go get -u \ | ||
github.com/google/gnxi/gnmi_capabilities \ | ||
github.com/google/gnxi/gnmi_get \ | ||
github.com/google/gnxi/gnmi_set \ | ||
github.com/google/gnxi/gnmi_target | ||
|
||
RUN go install -v \ | ||
github.com/google/gnxi/gnmi_capabilities \ | ||
github.com/google/gnxi/gnmi_get \ | ||
github.com/google/gnxi/gnmi_set \ | ||
github.com/google/gnxi/gnmi_target | ||
|
||
|
||
RUN cd $HOME/certs/ \ | ||
&& ./generate.sh | ||
|
||
ENV GNMI_TARGET=localhost | ||
ENV GNMI_PORT=10161 | ||
|
||
CMD ./_startup.sh \ | ||
&& /bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
## Image name: faucet/gnmi-pi | ||
|
||
FROM multiarch/ubuntu-core:armhf-xenial | ||
|
||
RUN apt-get update \ | ||
&& DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \ | ||
apt-utils \ | ||
ca-certificates \ | ||
software-properties-common \ | ||
&& add-apt-repository -y ppa:longsleep/golang-backports \ | ||
&& apt-get update | ||
|
||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \ | ||
fping \ | ||
git \ | ||
golang-go \ | ||
iproute2 \ | ||
iputils-ping \ | ||
net-tools \ | ||
netcat-openbsd \ | ||
openssh-client \ | ||
psmisc \ | ||
sudo \ | ||
vim | ||
|
||
ENV HOME=/home/faucet | ||
RUN mkdir $HOME | ||
WORKDIR $HOME | ||
|
||
COPY ./ . | ||
|
||
ENV GOPATH=$HOME/go | ||
ENV GOBIN=$GOPATH/bin | ||
ENV PATH=$GOBIN:${PATH} | ||
|
||
RUN mkdir -p \ | ||
$GOPATH \ | ||
&& go get -u \ | ||
github.com/google/gnxi/gnmi_capabilities \ | ||
github.com/google/gnxi/gnmi_get \ | ||
github.com/google/gnxi/gnmi_set \ | ||
github.com/google/gnxi/gnmi_target | ||
|
||
RUN go install -v \ | ||
github.com/google/gnxi/gnmi_capabilities \ | ||
github.com/google/gnxi/gnmi_get \ | ||
github.com/google/gnxi/gnmi_set \ | ||
github.com/google/gnxi/gnmi_target | ||
|
||
|
||
RUN cd $HOME/certs/ \ | ||
&& ./generate.sh | ||
|
||
ENV GNMI_TARGET=localhost | ||
ENV GNMI_PORT=10161 | ||
|
||
CMD ./_startup.sh \ | ||
&& /bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
gNMI - gRPC Network Management Interface | ||
======================================== | ||
|
||
A docker image that facilitates testing the gNMI protocol using Openconfig models. | ||
|
||
* See `gNMI Protocol documentation <https://github.com/openconfig/reference/tree/master/rpc/gnmi>`_. | ||
* See `Openconfig documentation <http://www.openconfig.net/>`_. | ||
|
||
How to build | ||
------------ | ||
|
||
From the gnmi directory: | ||
|
||
.. code:: bash | ||
docker build -t faucet/gnmi -f Dockerfile . | ||
When building the image, a set of helper certificates is generated and added to ``$HOME/certs/`` folder: | ||
|
||
* Self signed CA Certificates | ||
* Client Certificates signed by the CA | ||
* Server Certificates signed by the CA | ||
|
||
How to run | ||
---------- | ||
|
||
.. code:: bash | ||
docker run -ti faucet/gnmi:latest | ||
When running the docker image a default test gNMI target is initiated with a default mock configuration defined in json: | ||
|
||
.. code:: bash | ||
root@090fe3d66fe7:~# cat run_target.sh | ||
#!/bin/sh | ||
gnmi_target \ | ||
-bind_address :$GNMI_PORT \ | ||
-key $HOME/certs/server.key \ | ||
-cert $HOME/certs/server.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-alsologtostderr \ | ||
-config target_configs/typical_ofsw_config.json | ||
root@090fe3d66fe7:~# set | grep GNMI | ||
GNMI_PORT=32123 | ||
GNMI_TARGET=localhost | ||
Run a gNMI Get: | ||
|
||
.. code:: bash | ||
root@090fe3d66fe7:~# cat get.sh | ||
#!/bin/sh | ||
gnmi_get \ | ||
-target_addr $GNMI_TARGET:$GNMI_PORT \ | ||
-key $HOME/certs/client.key \ | ||
-cert $HOME/certs/client.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-target_name server.com \ | ||
-alsologtostderr \ | ||
-xpath "/system/openflow/agent/config/datapath-id" \ | ||
-xpath "/system/openflow/controllers/controller[name=main]/connections/connection[aux-id=0]/config/address" | ||
Run gNMI Capabilities: | ||
|
||
.. code:: bash | ||
root@090fe3d66fe7:~# cat capabilities.sh | ||
#!/bin/sh | ||
gnmi_capabilities \ | ||
-target_addr $GNMI_TARGET:$GNMI_PORT \ | ||
-key $HOME/certs/client.key \ | ||
-cert $HOME/certs/client.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-target_name server.com \ | ||
-alsologtostderr | ||
Override ``GNMI_TARGET`` and ``GNMI_PORT`` to perform the gNMI Get against other targets, or use the binaries directly. | ||
|
||
gNxI tools | ||
---------- | ||
|
||
* `gNxI <https://github.com/google/gnxi>`_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
#!/bin/sh | ||
nohup ./run_target.sh > $HOME/target.log & |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/sh | ||
gnmi_capabilities \ | ||
-target_addr $GNMI_TARGET:$GNMI_PORT \ | ||
-key $HOME/certs/client.key \ | ||
-cert $HOME/certs/client.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-target_name server.com \ | ||
-alsologtostderr |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
#!/bin/sh | ||
|
||
rm -f *.key *.csr *.crt *.pem *.srl | ||
|
||
SUBJ="/C=NZ/ST=Test/L=Test/O=Test/OU=Test/CN=ca" | ||
|
||
# Generate CA Private Key | ||
openssl req \ | ||
-newkey rsa:2048 \ | ||
-nodes \ | ||
-keyout ca.key \ | ||
-subj $SUBJ | ||
|
||
# Generate Req | ||
openssl req \ | ||
-key ca.key \ | ||
-new -out ca.csr \ | ||
-subj $SUBJ | ||
|
||
# Generate self signed x509 | ||
openssl x509 \ | ||
-signkey ca.key \ | ||
-in ca.csr \ | ||
-req \ | ||
-days 365 -out ca.crt | ||
|
||
SUBJ="/C=NZ/ST=Test/L=Test/O=Test/OU=Test/CN=server.com" | ||
|
||
# Generate Server Private Key | ||
openssl req \ | ||
-newkey rsa:2048 \ | ||
-nodes \ | ||
-keyout server.key \ | ||
-subj $SUBJ | ||
|
||
# Generate Req | ||
openssl req \ | ||
-key server.key \ | ||
-new -out server.csr \ | ||
-subj $SUBJ | ||
|
||
# Generate x509 with signed CA | ||
openssl x509 \ | ||
-req \ | ||
-in server.csr \ | ||
-CA ca.crt \ | ||
-CAkey ca.key \ | ||
-CAcreateserial \ | ||
-out server.crt | ||
|
||
SUBJ="/C=NZ/ST=Test/L=Test/O=Test/OU=Test/CN=client.com" | ||
|
||
# Generate Client Private Key | ||
openssl req \ | ||
-newkey rsa:2048 \ | ||
-nodes \ | ||
-keyout client.key \ | ||
-subj $SUBJ | ||
|
||
# Generate Req | ||
openssl req \ | ||
-key client.key \ | ||
-new -out client.csr \ | ||
-subj $SUBJ | ||
|
||
# Generate x509 with signed CA | ||
openssl x509 \ | ||
-req \ | ||
-in client.csr \ | ||
-CA ca.crt \ | ||
-CAkey ca.key \ | ||
-out client.crt | ||
|
||
echo "" | ||
echo " == Validate Server" | ||
openssl verify -verbose -CAfile ca.crt server.crt | ||
echo "" | ||
echo " == Validate Client" | ||
openssl verify -verbose -CAfile ca.crt client.crt | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
#!/bin/sh | ||
gnmi_get \ | ||
-target_addr $GNMI_TARGET:$GNMI_PORT \ | ||
-key $HOME/certs/client.key \ | ||
-cert $HOME/certs/client.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-target_name server.com \ | ||
-alsologtostderr \ | ||
-xpath "/system/openflow/agent/config/datapath-id" \ | ||
-xpath "/system/openflow/controllers/controller[name=main]/connections/connection[aux-id=0]/config/address" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
#!/bin/bash | ||
|
||
# We need qemu-user-static for arm/pi builds | ||
docker run --rm --privileged multiarch/qemu-user-static:register --reset |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/sh | ||
gnmi_target \ | ||
-bind_address :$GNMI_PORT \ | ||
-key $HOME/certs/server.key \ | ||
-cert $HOME/certs/server.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-alsologtostderr \ | ||
-config target_configs/typical_ofsw_config.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
#!/bin/sh | ||
gnmi_set \ | ||
-replace /system/openflow/agent/config/max-backoff:12 \ | ||
-update /system/clock/config/timezone-name:"US/New York" \ | ||
-target_addr $GNMI_TARGET:$GNMI_PORT \ | ||
-key $HOME/certs/client.key \ | ||
-cert $HOME/certs/client.crt \ | ||
-ca $HOME/certs/ca.crt \ | ||
-target_name server.com \ | ||
-alsologtostderr |
Oops, something went wrong.