Merge branch 'master' of https://github.com/metal-stack/mini-lab into…

… dualstack-support
metal-stack · Aug 2, 2024 · ef7a8a6 · ef7a8a6
2 parents 57fc27a + 6460a0d
commit ef7a8a6
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 47 deletions.
diff --git a/Makefile b/Makefile
@@ -254,11 +254,11 @@ ssh-machine:
 	))
 	ssh -F files/ssh/config $(machine) $(COMMAND)
 
-.PHONY: connect-to-cloudflare
-connect-to-cloudflare:
-	@echo "Attempting to connect to Cloudflare..."
+.PHONY: connect-to-www
+connect-to-www:
+	@echo "Attempting to connect to container www..."
 	@for i in $$(seq 1 $(MAX_RETRIES)); do \
-		if $(MAKE) ssh-machine COMMAND="sudo curl --connect-timeout 1 --fail --silent https://1.1.1.1" > /dev/null 2>&1; then \
+		if $(MAKE) ssh-machine COMMAND="sudo curl --connect-timeout 1 --fail --silent http://203.0.113.3" > /dev/null 2>&1; then \
 			echo "Connected successfully"; \
 			exit 0; \
 		else \

diff --git a/files/inet/frr.conf b/files/inet/frr.conf
@@ -6,11 +6,7 @@ ipv6 forwarding
 vrf vrfInternet
  vni 104009
  ip route 0.0.0.0/0 203.0.113.1
-exit-vrf
-!
-vrf vrfInternet6
- vni 106009
- ipv6 route ::/0 2001:db8:1::1
+ ipv6 route ::/0 2001:db8:1::42
 exit-vrf
 !
 interface eth1
@@ -58,23 +54,12 @@ router bgp 4200000021 vrf vrfInternet
   redistribute static
  exit-address-family
  !
- address-family l2vpn evpn
-  advertise ipv4 unicast
- exit-address-family
-!
-route-map LOOPBACKS permit 10
- match interface lo
-!
-
-router bgp 4200000021 vrf vrfInternet6
- bgp router-id 10.0.0.21
- bgp bestpath as-path multipath-relax
- !
  address-family ipv6 unicast
   redistribute static
  exit-address-family
  !
  address-family l2vpn evpn
+  advertise ipv4 unicast
   advertise ipv6 unicast
  exit-address-family
 !

diff --git a/files/inet/network.sh b/files/inet/network.sh
@@ -5,11 +5,6 @@ ip link add vrfInternet type vrf table 1000
 ip link set dev vrfInternet up
 ip link set dev ext master vrfInternet
 
-# IPv6
-ip link add vrfInternet6 type vrf table 1006
-ip link set dev vrfInternet6 up
-ip link set dev eth0 master vrfInternet6
-
 ip link add name bridge type bridge stp_state 0
 ip link set dev bridge type bridge vlan_filtering 1
 ip link set dev bridge mtu 9000
@@ -22,12 +17,6 @@ bridge vlan del vid 1 dev bridge self
 bridge vlan add vid 1000 dev bridge self
 ip link set dev vlanInternet up
 
-# IPv6
-ip link add link bridge up name vlanInternet6 type vlan id 1006
-ip link set dev vlanInternet6 mtu 9000
-ip link set dev vlanInternet6 master vrfInternet6
-bridge vlan add vid 1006 dev bridge self
-ip link set dev vlanInternet6 up
 
 ip link add vniInternet type vxlan id 104009 dstport 4789 local 10.0.0.21 nolearning
 ip link set dev vniInternet mtu 9000
@@ -38,17 +27,5 @@ bridge vlan add vid 1000 dev vniInternet
 bridge vlan add vid 1000 untagged pvid dev vniInternet
 ip link set up dev vniInternet
 
-# IPv6
-ip link add vniInternet6 type vxlan id 106009 dstport 4789 local 10.0.0.21 nolearning
-ip link set dev vlanInternet6 mtu 9000
-ip link set dev vniInternet6 master bridge
-bridge vlan del vid 1 dev vniInternet6
-bridge vlan del vid 1 untagged pvid dev vniInternet6
-bridge vlan add vid 1006 dev vniInternet6
-bridge vlan add vid 1006 untagged pvid dev vniInternet6
-ip link set up dev vniInternet6
-
 # Does not have a ipv6 address on eth0 on startup, fix this
-ip ad add 2001:db8:1::42/64 dev eth0
-
-iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+ip ad add 2001:db8:1::42/64 dev eth0
diff --git a/files/rules.yaml b/files/rules.yaml
@@ -1,5 +1,11 @@
 ---
 egress:
+  - comment: allow outgoing http
+    ports:
+      - 80
+    protocol: TCP
+    to:
+      - 0.0.0.0/0
   - comment: allow outgoing https
     ports:
       - 443

diff --git a/mini-lab.cumulus.yaml b/mini-lab.cumulus.yaml
@@ -38,10 +38,17 @@ topology:
       binds:
         - /dev:/dev
         - scripts:/mini-lab
-
+    www:
+      kind: linux
+      image: docker.io/library/nginx:alpine-slim
+      network-mode: none
+      exec:
+        - ip addr add 203.0.113.3/24 dev ext
+        - ip route add 203.0.113.128/25 via 203.0.113.2 dev ext
   links:
     - endpoints: ["inet:ext", "mini_lab_ext:inet"]
       mtu: 9000
+    - endpoints: ["www:ext", "mini_lab_ext:www"]
     - endpoints: ["leaf01:swp1", "vms:lan0"]
     - endpoints: ["leaf02:swp1", "vms:lan1"]
     - endpoints: ["leaf01:swp2", "vms:lan2"]

diff --git a/mini-lab.sonic.yaml b/mini-lab.sonic.yaml
@@ -41,9 +41,17 @@ topology:
       binds:
         - /dev:/dev
         - scripts:/mini-lab
+    www:
+      kind: linux
+      image: docker.io/library/nginx:alpine-slim
+      network-mode: none
+      exec:
+        - ip addr add 203.0.113.3/24 dev ext
+        - ip route add 203.0.113.128/25 via 203.0.113.2 dev ext
   links:
     - endpoints: ["inet:ext", "mini_lab_ext:inet"]
       mtu: 9000
+    - endpoints: ["www:ext", "mini_lab_ext:www"]
     - endpoints: ["leaf01:eth1", "inet:eth1"]
     - endpoints: ["leaf02:eth1", "inet:eth2"]
     - endpoints: ["leaf01:eth2", "vms:lan0"]

diff --git a/test/integration.sh b/test/integration.sh
@@ -43,7 +43,7 @@ done
 echo "$phoned/$minPhoned machines have phoned home"
 
 echo "Test connectivity to outside"
-make connect-to-cloudflare
+make connect-to-www
 
 echo "Test connectivity from outside"
 ssh -o StrictHostKeyChecking=no -o "PubkeyAcceptedKeyTypes +ssh-rsa" -i files/ssh/id_rsa [email protected] -C exit