RARE user and assistance email list

[Frédéric LOUI <>]

Hi,

For the race condition please look at this:
https://github.com/rare-freertr/freeRtr-containerlab/blob/main/hwdet-init.sh#L18

When launching the lab with containerlab there is a CLAB_INTFS env var 
indicating the number of expected interface.

It will help create yours with FoD.
You can create a generic container by testing CLAB_INTFS env VAR but in my 
case I just decided to create a specific one.

Frederic

> Le 24 avr. 2023 à 15:32, David Schmitz <> a écrit :
> 
> Hi Frédéric,
> 
> obviously the IP address setup of eth1 in cl1 container does not work
> reliably yet, because of a race condition.
> 
> It seems the veth end point is just injected/moved into (like "ip link dev 
> eth1 set netns ...")
> the container when it is already running.
> 
> I have to work on a workaround.
> 
> Best Regards
> David
> 
> On Mon, 24 Apr 2023, David Schmitz wrote:
> 
>> Date: Mon, 24 Apr 2023 15:04:45 +0200 (CEST)
>> From: David Schmitz <>
>> To: Frédéric LOUI <>
>> Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git 
>> denied
>>     to dschmitz2017.
>> Hi Frédéric,
>> 
>> On Mon, 24 Apr 2023, Frédéric LOUI wrote:
>> 
>>> Date: Mon, 24 Apr 2023 14:37:52 +0200
>>> From: Frédéric LOUI <>
>>> To: David Schmitz <>
>>> Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git 
>>> denied
>>>     to dschmitz2017.
>>> Hi David !
>>> If you are OK we can take it at rare-users list.
>>> In that case I’ll you cc the list next time !
>> Ok.
>> 
>>> 1- Congrats ! Excellent work !
>>> 2- Not sure what you meant by « excluding eth1 » but I trust your 
>>> judgement :-)
>>>   (Or you might be thinking of containerlab eth0 management address ?)
>> eth0 container management IP address is initialized by docker/OS in 
>> container (dhcp?),
>> and will be changing depending on the other docker containers running on 
>> the host
>> and can even change when destroying/deploying the clab.
>> 
>> Of course, that is why we agreed on the extra veth link defined
>> in freeRtr-containerlab/lab/005-rare-hello-fod/rtr005.clab.yml
>> fod1:eth1 <-> rtr1:eth3 ,
>> whose endpoint inside the cl1 container is namend eth1.
>> That one is not initialized by the OS (ubuntu in container) nor docker,
>> and so the agreed IP address 10.3.10.3 has to be set by some other means.
>> In fact, now FoD installer/runtime start script has some simple support 
>> for it:
>> 
>> Check
>> inst/testing/fodexabgp-containerlab1/Dockerfile for
>> ...
>> ... /opt/install-debian.sh ... --ip-addr-set eth1 10.3.10.3 ...
>> 
>> When the container is started,
>> and so /opt/FOD/runfod.sh (CMD) is started inside, that script will also 
>> init the eth1 IP address.
>> (Of course something like CMD [ "sh" "-c" "ifconfig eth1 10.3.10.3; exec 
>> /opt/FOD/runfod.sh" ]
>> also would be an option, but that looks more dirty to me,
>> especially as the 10.3.10.3 has to match the BGP peer adddress 10.3.10.10,
>> which is also specified in the /opt/install-debian.sh ... command line in
>> inst/testing/fodexabgp-containerlab1/Dockerfile)
>> 
>>>> and build the cl1:latest locally:
>>> You should be able to build 
>>> https://github.com/GEANT/FOD/blob/python3/inst/testing/fodexabgp-containerlab1/Dockerfile
>>> Daily for example using GitHub Actions. Seem dig into this during my 
>>> spare (vacation) time
>>> 3- IIRC there is using docker CMD or other primitives in order to achieve 
>>> that.
>> I thought so as well,
>> but unfortunately seem not to be the case.
>> "EXPOSE ..." is only a kind of documentation between provider of a 
>> dockerfile
>> and someone using that dockerfile:
>> https://stackoverflow.com/questions/61234941/docker-expose-and-p .
>> Actually, the "-p 8000:8000 " as part of the "docker run ..." is necessary,
>> either manually or by containerlab.
>> 
>>>   But I would suggest you ask to ContainerLab Discord server in #general 
>>> channel.
>>>   I met the lead developer physically in Paris during MPLS World Congress 
>>> and he is super friendly and reactive.
>>>   (He is from the Netherlands so European shift)
>> 
>> Regarding container lab, it supports the following:
>> https://containerlab.dev/manual/published-ports/ ,
>> but that is too much, it will connect the port to some VPN tunnel system
>> to make it available for the public,
>> not to make it available on the host.
>> 
>> Anyway, socat as a workaround for now is ok as well.
>> 
>>> Keep up the good work !
>>> Let’s tackle demo with Eugene/NEMO crew after that :-)
>> Ok.
>> 
>> Best Regards
>> David
>> 
>> 
>> Best Regards
>> David
>> 
>>> Frederic
>>>> Le 24 avr. 2023 à 12:58, David Schmitz <> a écrit :
>>>> Hi Frédéric,
>>>> On Mon, 24 Apr 2023, Frédéric LOUI wrote:
>>>>> Date: Mon, 24 Apr 2023 11:52:39 +0200
>>>>> From: Frédéric LOUI <>
>>>>> To: David Schmitz <>
>>>>> Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git 
>>>>> denied
>>>>>    to dschmitz2017.
>>>>> Corrected.
>>>>> You should be able to push now :-)
>>>> Thanks. It works.
>>>> 1.
>>>> Now I have pushed an update with some rtr-sw-conf for rtr1 for FlowSpec 
>>>> injection
>>>> locally + via BGP from exabgp.
>>>> 2.
>>>> The container 
>>>> https://github.com/GEANT/FOD/blob/python3/inst/testing/fodexabgp-containerlab1/Dockerfile
>>>> is slightly updated as well,
>>>> in order to include setting of the eth1 interface address when started.
>>>> So, the exabgp BGP session should just work.
>>>> The next rebuild of 
>>>> https://github.com/GEANT/FOD/blob/python3/.github/workflows/docker-publish.yml
>>>> referencing the Dockerfile above
>>>> should include this.
>>>> Anyway, currently 
>>>> https://github.com/rare-freertr/freeRtr-containerlab/blob/main/lab/005-rare-hello-fod/rtr005.clab.yml
>>>> still references cl1:latest as FoD container.
>>>> So, it is still needed to checkout FoD (either main branch "python3" or 
>>>> "feature/exabgp_support2")
>>>> and build the cl1:latest locally:
>>>> (actually only the Dockerfile 
>>>> inst/testing/fodexabgp-containerlab1/Dockerfile
>>>> and used ./install-debian.sh should be needed, not the whole FoD git 
>>>> checkout)
>>>> # run from FoD main dir:
>>>> docker build -f inst/testing/fodexabgp-containerlab1/Dockerfile -t 
>>>> cl1:latest .
>>>> 3.
>>>> There seems to be no way of making containerlab to map the port 8000 
>>>> inside cl1:latest to the outside port on the host
>>>> ("docker run .... -p 8000:8000 ....").
>>>> Anyway, a workaround for now can be, e.g.
>>>> socat TCP-LISTEN:8000,fork TCP-CONNECT:172.20.20.3:8000
>>>> (assuming that 172.20.20.3 is the IP address of the management interface 
>>>> eth0
>>>> of the running cl1:latest container)
>>>> Best Regards
>>>> David
>>>>>> Le 24 avr. 2023 à 08:37, David Schmitz <> a écrit :
>>>>>> HI Frédéric,
>>>>>> It seems my last changes on Friday morning fixed the Docker 
>>>>>> build/pulish action:
>>>>>> https://github.com/GEANT/FOD/actions/runs/4777103267
>>>>>> yesterday it run successfully.
>>>>>> Best Regards
>>>>>> David
>>>>>> On Mon, 24 Apr 2023, David Schmitz wrote:
>>>>>>> Date: Mon, 24 Apr 2023 08:18:37 +0200 (CEST)
>>>>>>> From: David Schmitz <>
>>>>>>> To: Fréderic LOUI <>
>>>>>>> Subject: ERROR: Permission to rare-freertr/freeRtr-containerlab.git 
>>>>>>> denied to
>>>>>>>  dschmitz2017.
>>>>>>> Hi Frédéric,
>>>>>>> I tried to push my rtr config for rtr1 in containerlab
>>>>>>> (basically, file 
>>>>>>> ./lab/005-rare-hello-fod/clab-rtr005/rtr1/run/conf/rtr-sw.txt).
>>>>>>> But it failed:
>>>>>>> ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied to 
>>>>>>> dschmitz2017.
>>>>>>> fatal: Could not read from remote repository.
>>>>>>> Could you grant user dschmitz2017 write/push access?
>>>>>>> Best Regards
>>>>>>> David
>>>>>> --
>>>>>> David Schmitz
>>>>>> Boltzmannstrasse 1, 85748 Garching
>>>>>> Telefon:   +49 89 35831-8765
>>>>>> Leibniz-Rechenzentrum, Germany
>>>>>> Mail:  
>>>> --
>>>> David Schmitz
>>>> Boltzmannstrasse 1, 85748 Garching
>>>> Telefon:   +49 89 35831-8765
>>>> Leibniz-Rechenzentrum, Germany
>>>> Mail:  
>> 
>> 
> 
> -- 
> 
> David Schmitz
> 
> Boltzmannstrasse 1, 85748 Garching
> Telefon:   +49 89 35831-8765
> Leibniz-Rechenzentrum, Germany
> Mail:  
> 
>