RARE user and assistance email list

[David Schmitz <>]

Hi Frédéric,

On Mon, 24 Apr 2023, Frédéric LOUI wrote:

> Date: Mon, 24 Apr 2023 15:39:49 +0200
> From: Frédéric LOUI <>
> To: David Schmitz <>
> Cc: 
> Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied
>      to dschmitz2017.
>
> Hi,
>
> For the race condition please look at this:
> https://github.com/rare-freertr/freeRtr-containerlab/blob/main/hwdet-init.sh#L18
>
> When launching the lab with containerlab there is a CLAB_INTFS env var 
> indicating the number of expected interface.
>
> It will help create yours with FoD.
> You can create a generic container by testing CLAB_INTFS env VAR but in my 
> case I just decided to create a specific one.
Thank you.
I have a similar while loop solution for the single interface eth1 now
in https://github.com/GEANT/FOD/blob/python3/runfod.sh .
Now it should always work.


For freertr which might have a number of interfaces to be injected
the comparison of the number is an elegant solution.
I will remember that.


Best Reards
David

> Frederic
>
> > Le 24 avr. 2023 à 15:32, David Schmitz <> a écrit :
> >
> > Hi Frédéric,
> >
> > obviously the IP address setup of eth1 in cl1 container does not work
> > reliably yet, because of a race condition.
> >
> > It seems the veth end point is just injected/moved into (like "ip link dev eth1 
> > set netns ...")
> > the container when it is already running.
> >
> > I have to work on a workaround.
> >
> > Best Regards
> > David
> >
> > On Mon, 24 Apr 2023, David Schmitz wrote:
> >
> > > Date: Mon, 24 Apr 2023 15:04:45 +0200 (CEST)
> > > From: David Schmitz <>
> > > To: Frédéric LOUI <>
> > > Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied
> > >     to dschmitz2017.
> > > Hi Frédéric,
> > >
> > > On Mon, 24 Apr 2023, Frédéric LOUI wrote:
> > >
> > > > Date: Mon, 24 Apr 2023 14:37:52 +0200
> > > > From: Frédéric LOUI <>
> > > > To: David Schmitz <>
> > > > Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied
> > > >     to dschmitz2017.
> > > > Hi David !
> > > > If you are OK we can take it at rare-users list.
> > > > In that case I’ll you cc the list next time !
> > > Ok.
> > >
> > > > 1- Congrats ! Excellent work !
> > > > 2- Not sure what you meant by « excluding eth1 » but I trust your judgement 
> > > > :-)
> > > >   (Or you might be thinking of containerlab eth0 management address ?)
> > > eth0 container management IP address is initialized by docker/OS in container 
> > > (dhcp?),
> > > and will be changing depending on the other docker containers running on the 
> > > host
> > > and can even change when destroying/deploying the clab.
> > >
> > > Of course, that is why we agreed on the extra veth link defined
> > > in freeRtr-containerlab/lab/005-rare-hello-fod/rtr005.clab.yml
> > > fod1:eth1 <-> rtr1:eth3 ,
> > > whose endpoint inside the cl1 container is namend eth1.
> > > That one is not initialized by the OS (ubuntu in container) nor docker,
> > > and so the agreed IP address 10.3.10.3 has to be set by some other means.
> > > In fact, now FoD installer/runtime start script has some simple support for 
> > > it:
> > >
> > > Check
> > > inst/testing/fodexabgp-containerlab1/Dockerfile for
> > > ...
> > > ... /opt/install-debian.sh ... --ip-addr-set eth1 10.3.10.3 ...
> > >
> > > When the container is started,
> > > and so /opt/FOD/runfod.sh (CMD) is started inside, that script will also init 
> > > the eth1 IP address.
> > > (Of course something like CMD [ "sh" "-c" "ifconfig eth1 10.3.10.3; exec 
> > > /opt/FOD/runfod.sh" ]
> > > also would be an option, but that looks more dirty to me,
> > > especially as the 10.3.10.3 has to match the BGP peer adddress 10.3.10.10,
> > > which is also specified in the /opt/install-debian.sh ... command line in
> > > inst/testing/fodexabgp-containerlab1/Dockerfile)
> > >
> > > > > and build the cl1:latest locally:
> > > > You should be able to build 
> > > > https://github.com/GEANT/FOD/blob/python3/inst/testing/fodexabgp-containerlab1/Dockerfile
> > > > Daily for example using GitHub Actions. Seem dig into this during my spare 
> > > > (vacation) time
> > > > 3- IIRC there is using docker CMD or other primitives in order to achieve 
> > > > that.
> > > I thought so as well,
> > > but unfortunately seem not to be the case.
> > > "EXPOSE ..." is only a kind of documentation between provider of a dockerfile
> > > and someone using that dockerfile:
> > > https://stackoverflow.com/questions/61234941/docker-expose-and-p .
> > > Actually, the "-p 8000:8000 " as part of the "docker run ..." is necessary,
> > > either manually or by containerlab.
> > >
> > > >   But I would suggest you ask to ContainerLab Discord server in #general 
> > > > channel.
> > > >   I met the lead developer physically in Paris during MPLS World Congress and 
> > > > he is super friendly and reactive.
> > > >   (He is from the Netherlands so European shift)
> > >
> > > Regarding container lab, it supports the following:
> > > https://containerlab.dev/manual/published-ports/ ,
> > > but that is too much, it will connect the port to some VPN tunnel system
> > > to make it available for the public,
> > > not to make it available on the host.
> > >
> > > Anyway, socat as a workaround for now is ok as well.
> > >
> > > > Keep up the good work !
> > > > Let’s tackle demo with Eugene/NEMO crew after that :-)
> > > Ok.
> > >
> > > Best Regards
> > > David
> > >
> > >
> > > Best Regards
> > > David
> > >
> > > > Frederic
> > > > > Le 24 avr. 2023 à 12:58, David Schmitz <> a écrit :
> > > > > Hi Frédéric,
> > > > > On Mon, 24 Apr 2023, Frédéric LOUI wrote:
> > > > > > Date: Mon, 24 Apr 2023 11:52:39 +0200
> > > > > > From: Frédéric LOUI <>
> > > > > > To: David Schmitz <>
> > > > > > Subject: Re: ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied
> > > > > >    to dschmitz2017.
> > > > > > Corrected.
> > > > > > You should be able to push now :-)
> > > > > Thanks. It works.
> > > > > 1.
> > > > > Now I have pushed an update with some rtr-sw-conf for rtr1 for FlowSpec 
> > > > > injection
> > > > > locally + via BGP from exabgp.
> > > > > 2.
> > > > > The container 
> > > > > https://github.com/GEANT/FOD/blob/python3/inst/testing/fodexabgp-containerlab1/Dockerfile
> > > > > is slightly updated as well,
> > > > > in order to include setting of the eth1 interface address when started.
> > > > > So, the exabgp BGP session should just work.
> > > > > The next rebuild of 
> > > > > https://github.com/GEANT/FOD/blob/python3/.github/workflows/docker-publish.yml
> > > > > referencing the Dockerfile above
> > > > > should include this.
> > > > > Anyway, currently 
> > > > > https://github.com/rare-freertr/freeRtr-containerlab/blob/main/lab/005-rare-hello-fod/rtr005.clab.yml
> > > > > still references cl1:latest as FoD container.
> > > > > So, it is still needed to checkout FoD (either main branch "python3" or 
> > > > > "feature/exabgp_support2")
> > > > > and build the cl1:latest locally:
> > > > > (actually only the Dockerfile inst/testing/fodexabgp-containerlab1/Dockerfile
> > > > > and used ./install-debian.sh should be needed, not the whole FoD git checkout)
> > > > > # run from FoD main dir:
> > > > > docker build -f inst/testing/fodexabgp-containerlab1/Dockerfile -t cl1:latest 
> > > > > .
> > > > > 3.
> > > > > There seems to be no way of making containerlab to map the port 8000 inside 
> > > > > cl1:latest to the outside port on the host
> > > > > ("docker run .... -p 8000:8000 ....").
> > > > > Anyway, a workaround for now can be, e.g.
> > > > > socat TCP-LISTEN:8000,fork TCP-CONNECT:172.20.20.3:8000
> > > > > (assuming that 172.20.20.3 is the IP address of the management interface eth0
> > > > > of the running cl1:latest container)
> > > > > Best Regards
> > > > > David
> > > > > > > Le 24 avr. 2023 à 08:37, David Schmitz <> a écrit :
> > > > > > > HI Frédéric,
> > > > > > > It seems my last changes on Friday morning fixed the Docker build/pulish 
> > > > > > > action:
> > > > > > > https://github.com/GEANT/FOD/actions/runs/4777103267
> > > > > > > yesterday it run successfully.
> > > > > > > Best Regards
> > > > > > > David
> > > > > > > On Mon, 24 Apr 2023, David Schmitz wrote:
> > > > > > > > Date: Mon, 24 Apr 2023 08:18:37 +0200 (CEST)
> > > > > > > > From: David Schmitz <>
> > > > > > > > To: Fréderic LOUI <>
> > > > > > > > Subject: ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied to
> > > > > > > >  dschmitz2017.
> > > > > > > > Hi Frédéric,
> > > > > > > > I tried to push my rtr config for rtr1 in containerlab
> > > > > > > > (basically, file 
> > > > > > > > ./lab/005-rare-hello-fod/clab-rtr005/rtr1/run/conf/rtr-sw.txt).
> > > > > > > > But it failed:
> > > > > > > > ERROR: Permission to rare-freertr/freeRtr-containerlab.git denied to 
> > > > > > > > dschmitz2017.
> > > > > > > > fatal: Could not read from remote repository.
> > > > > > > > Could you grant user dschmitz2017 write/push access?
> > > > > > > > Best Regards
> > > > > > > > David
> > > > > > > --
> > > > > > > David Schmitz
> > > > > > > Boltzmannstrasse 1, 85748 Garching
> > > > > > > Telefon:   +49 89 35831-8765
> > > > > > > Leibniz-Rechenzentrum, Germany
> > > > > > > Mail:  
> > > > > --
> > > > > David Schmitz
> > > > > Boltzmannstrasse 1, 85748 Garching
> > > > > Telefon:   +49 89 35831-8765
> > > > > Leibniz-Rechenzentrum, Germany
> > > > > Mail:  
> >
> > --
> >
> > David Schmitz
> >
> > Boltzmannstrasse 1, 85748 Garching
> > Telefon:   +49 89 35831-8765
> > Leibniz-Rechenzentrum, Germany
> > Mail:  

--

David Schmitz

Boltzmannstrasse 1, 85748 Garching
Telefon:   +49 89 35831-8765
Leibniz-Rechenzentrum, Germany
Mail: