Added Requirements for SDN networks (#11)

* Added sflow build to OVS

* Added python overrides

* Update ubuntu.dockerfile

* Updates on onos frr

* Onos updates

* Updates

* Trying with Zulu

* Onos build with ZULU jre

* onos log to stdout

* Sflow + SflowRT

* ONOS with hsflowsd

* hsflowd

* Added hping3

* Added parallel

.github/workflows/build-image.yml

@@ -41,7 +41,7 @@ jobs:
     needs: simple_base_images
     strategy:
       matrix:
-        singlestage_images: [ab, apache, coredns, frr, ipv6, ovs, quagga, traefik, wireguard]
+        singlestage_images: [ab, apache, coredns, frr, ipv6, quagga, traefik, wireguard, sflowrt]
     runs-on: ubuntu-latest
     steps:
      - name: Checkout
@@ -115,7 +115,7 @@ jobs:
     needs: simple_base_images
     strategy:
       matrix:
-        multistage_images: [softether, whoami]
+        multistage_images: [softether, whoami, ovs]
     runs-on: ubuntu-latest
     steps:
      - name: Checkout

.github/workflows/pr-build-image.yml

@@ -67,7 +67,7 @@ jobs:
     needs: base_images
     strategy:
       matrix:
-        singlestage_images: [ab, apache, coredns, frr, ipv6, ovs, quagga, traefik, wireguard]
+        singlestage_images: [ab, apache, coredns, frr, ipv6, quagga, traefik, wireguard, sflowrt]
     runs-on: ubuntu-latest
     steps:
       - name: Set time
@@ -179,7 +179,7 @@ jobs:
     needs: base_images
     strategy:
       matrix:
-        multistage_images: [softether, whoami]
+        multistage_images: [softether, whoami, ovs]
     runs-on: ubuntu-latest
     steps:
       - name: Set time

.github/workflows/release-image.yml

@@ -63,7 +63,7 @@ jobs:
     needs: base_images
     strategy:
       matrix:
-        singlestage_images: [ab, apache, coredns, frr, ipv6, ovs, quagga, traefik, wireguard]
+        singlestage_images: [ab, apache, coredns, frr, ipv6, quagga, traefik, wireguard, sflowrt]
     runs-on: ubuntu-latest
     steps:
       - name: Set time
@@ -169,7 +169,7 @@ jobs:
     needs: base_images
     strategy:
       matrix:
-        multistage_images: [softether, whoami]
+        multistage_images: [softether, whoami, ovs]
     runs-on: ubuntu-latest
     steps:
       - name: Set time
@@ -222,7 +222,7 @@ jobs:
     needs: base_images
     strategy:
       matrix:
-        multistage_images: [onos]
+        multistage_images: [onos, ovs]
     runs-on: ubuntu-latest
     steps:
       - name: Set time

base_images/alpine.dockerfile

@@ -4,10 +4,11 @@ ADD ./profile/*.sh /etc/profile.d/
 ADD ./profile/.bashrc /root/
 ENV ENV="/etc/profile"
 
-RUN apk add --no-cache busybox bash curl bind-tools iptables dnsmasq iperf vim nano rsync tcpdump python3 py3-pip
+RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
+    apk add --no-cache busybox bash curl bind-tools iptables dnsmasq iperf vim nano rsync tcpdump python3 py3-pip parallel \
+        hping3@testing
 
-RUN python3 -m pip install --no-cache-dir --upgrade pip && \
-    python3 -m pip install --no-cache-dir scapy
+RUN python3 -m pip install --break-system-packages --no-cache-dir scapy
 
 
 WORKDIR /

base_images/debian.dockerfile

@@ -11,8 +11,7 @@ RUN apt-get update && apt-get install -y \
     iproute2 iptables busybox dnsmasq curl vim nano rsync gpg procps iperf net-tools tcpdump traceroute iputils-ping iputils-tracepath python3 python3-pip && \
     rm -rf /var/lib/apt/lists/*
 
-RUN python3 -m pip install --no-cache-dir --upgrade pip && \
-    python3 -m pip install --no-cache-dir scapy
+RUN python3 -m pip install --break-system-packages --no-cache-dir scapy
 
 
 WORKDIR /

base_images/ubuntu.dockerfile

@@ -11,8 +11,8 @@ RUN apt-get update && apt-get install -y \
     iproute2 iptables busybox dnsmasq curl vim nano rsync gpg procps net-tools iperf tcpdump traceroute iputils-ping iputils-tracepath python3 python3-pip && \
     rm -rf /var/lib/apt/lists/*
 
-RUN python3 -m pip install --no-cache-dir --upgrade pip && \
-    python3 -m pip install --no-cache-dir scapy
+RUN python3 -m pip install --no-cache-dir scapy
+
 
 
 WORKDIR /

multistage_images/onos.dockerfile

@@ -1,42 +1,89 @@
 ARG image=unibaktr/debian
-FROM $image AS builder
+ARG ZULU_TAG=11.0.13-11.52.13
+
+FROM $image AS hsflow
+RUN apt-get -y update && apt-get install -y --no-install-recommends \
+      build-essential \
+      git-all \
+      libpcap-dev \
+      libvirt-dev \
+      libnfnetlink-dev \
+      libxml2-dev \
+      libssl-dev \
+      libdbus-1-dev \
+      uuid-dev \
+      dmidecode
+RUN mkdir /packages && chown 777 /packages
+COPY onos/build_hsflowd /root/build_hsflowd
+RUN chmod +x /root/build_hsflowd && \
+    /root/build_hsflowd
+
+
+FROM azul/zulu-openjdk:${ZULU_TAG} AS builder
+ARG ONOS_VERSION=2.5.9
 ARG JOBS=2
 ARG PROFILE=default
-ARG TAG=11.0.8-11.41.23
-ARG JAVA_PATH=/usr/lib/jvm/java-11-openjdk-amd64
+ARG JAVA_PATH=/usr/lib/jvm/zulu11
+
+#RUN sed -i '/stable stable-updates unstable/!s/stable stable-updates/& unstable/' /etc/apt/sources.list.d/debian.sources
+
+#RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0xB1998361219BD9C9 && \
+#    curl -sLO https://cdn.azul.com/zulu/bin/zulu-repo_${ZULU_REPO_VER}_all.deb && \
+#    dpkg -i zulu-repo_${ZULU_REPO_VER}_all.deb
 
 RUN apt-get update && \
-    apt-get install -y ca-certificates zip python python3 git bzip2 curl unzip openjdk-11-jdk build-essential
+    apt-get install -y ca-certificates zip python3 git bzip2 curl unzip build-essential
 
-RUN curl -L -o bazelisk https://github.com/bazelbuild/bazelisk/releases/download/v1.12.0/bazelisk-linux-amd64
+RUN curl -L -o bazelisk https://github.com/bazelbuild/bazelisk/releases/download/v1.19.0/bazelisk-linux-amd64
 RUN chmod +x bazelisk && mv bazelisk /usr/bin
-RUN mkdir /src && cd /src && git clone https://gerrit.onosproject.org/onos
+RUN mkdir /src && cd /src && git clone --depth 1 --branch ${ONOS_VERSION} https://gerrit.onosproject.org/onos
+
+# Build-stage environment variables
+ENV ONOS_ROOT /src/onos
+ENV BUILD_NUMBER docker
+ENV JAVA_TOOL_OPTIONS=-Dfile.encoding=UTF8
 
-WORKDIR /src/onos
+WORKDIR ${ONOS_ROOT}
 
+RUN cat WORKSPACE-docker >> WORKSPACE
 RUN bazelisk build onos \
     --jobs ${JOBS} \
     --verbose_failures \
-    --javabase=@bazel_tools//tools/jdk:absolute_javabase \
-    --host_javabase=@bazel_tools//tools/jdk:absolute_javabase \
-    --define=ABSOLUTE_JAVABASE=${JAVA_PATH} \
+    --java_runtime_version=dockerjdk_11 \
+    --tool_java_runtime_version=dockerjdk_11 \
     --define profile=${PROFILE}
-
+#
 RUN mkdir /output
 RUN tar -xf bazel-bin/onos.tar.gz -C /output --strip-components=1
 
 ## Second and final stage is the runtime environment.
 FROM $image
+ARG JAVA_PATH=/usr/lib/jvm/zulu11
+ARG ZULU_REPO_VER=1.0.0-3
+
+#RUN sed -i '/stable stable-updates unstable/!s/stable stable-updates/& unstable/' /etc/apt/sources.list.d/debian.sources
+
+RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0xB1998361219BD9C9 && \
+    curl -sLO https://cdn.azul.com/zulu/bin/zulu-repo_${ZULU_REPO_VER}_all.deb && \
+    dpkg -i zulu-repo_${ZULU_REPO_VER}_all.deb && \
+    rm zulu-repo_${ZULU_REPO_VER}_all.deb
 
-RUN apt-get update && apt-get install -y curl openjdk-11-jre openssh-server && \
+RUN echo "Package: zulu11-*\nPin: version 11.0.13-*\nPin-Priority: 1001" > /etc/apt/preferences
+RUN apt-get update && apt-get install -y curl zulu11-jre=11.0.13-* openssh-server supervisor dmidecode && \
     rm -rf /var/lib/apt/lists/*
 
+ADD onos/supervisord.conf /etc/supervisord.conf
+
+COPY --from=hsflow /packages /packages
+
+RUN dpkg -i /packages/*.deb && \
+    rm -rf /packages
+
 # Install ONOS in /root/onos
 COPY --from=builder /output/ /root/onos/
 WORKDIR /root/onos
 
 # Set JAVA_HOME (by default not exported by zulu images)
-ARG JAVA_PATH=/usr/lib/jvm/java-11-openjdk-amd64
 ENV JAVA_HOME ${JAVA_PATH}
 
 # Ports
@@ -48,5 +95,6 @@ ENV JAVA_HOME ${JAVA_PATH}
 EXPOSE 6653 6640 8181 8101 9876
 
 # Run ONOS
-ENTRYPOINT ["./bin/onos-service"]
-CMD ["server"]
+ENTRYPOINT /usr/bin/supervisord -c /etc/supervisord.conf
+#ENTRYPOINT ["./bin/onos-service"]
+#CMD ["server"]

multistage_images/onos/build_hsflowd

@@ -0,0 +1,11 @@
+#!/bin/bash
+echo "build_hsflowd on platform:  $1"
+
+git clone --depth=1 https://github.com/sflow/host-sflow \
+&& cd host-sflow \
+&& make deb FEATURES="NFLOG PCAP TCP DOCKER KVM OVS DBUS SYSTEMD DROPMON PSAMPLE DENT CONTAINERD"
+
+for deb in `ls *.deb`; do cp "$deb" "/packages/${deb/hsflowd/hsflowd-$1}"; done
+echo ""
+echo "files in /packages:"
+ls -l /packages

singlestage_images/ovs/supervisord.conf → multistage_images/onos/supervisord.conf

@@ -1,11 +1,13 @@
 [unix_http_server]
 file=/tmp/supervisor.sock                       ; path to your socket file
+username = dummy
+password = dummy
 
 [supervisord]
 logfile=/var/log/supervisord.log                ; supervisord log file
 logfile_maxbytes=50MB                           ; maximum size of logfile before rotation
 logfile_backups=5                               ; number of backed up logfiles
-loglevel=error                                  ; info, debug, warn, trace
+loglevel=info                                   ; info, debug, warn, trace
 pidfile=/var/run/supervisord.pid                ; pidfile location
 nodaemon=true                                   ; do not run supervisord as a daemon
 minfds=1024                                     ; number of startup file descriptors
@@ -18,25 +20,28 @@ supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
 
 [supervisorctl]
 serverurl=unix:///tmp/supervisor.sock         ; use a unix:// URL  for a unix socket
+username = dummy
+password = dummy
 
 ;
-; Runs the Open vSwitch database
+; Runs the ONOS daemon
 ;
-[program:ovsdb]
-command=/usr/sbin/ovsdb-server --detach --remote=punix:/var/run/openvswitch/db.sock --pidfile=ovsdb-server.pid --remote=ptcp:6640
+[program:onos-service]
+command=/root/onos/bin/onos-service server
 autorestart=true
 startretries=3
-stdout_logfile=/var/log/%(program_name)s.log
-stderr_logfile=/var/log/%(program_name)s.log
-priority=20
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+priority=30
 startsecs=5
 
-
 ;
-; Runs the Open vSwitch daemon
+; Runs the hsflow daemon
 ;
-[program:vswitchd]
-command=/usr/sbin/ovs-vswitchd --detach --verbose --pidfile
+[program:hsflowd]
+command=/usr/sbin/hsflowd -d -P
 autorestart=true
 startretries=3
 stdout_logfile=/var/log/%(program_name)s.log

multistage_images/ovs.dockerfile

@@ -0,0 +1,32 @@
+ARG image=unibaktr/alpine
+ARG ALPINE_VERSION=3.19
+
+FROM golang:alpine${ALPINE_VERSION} as build
+RUN apk --update add \
+      libpcap-dev \
+      build-base \
+      linux-headers \
+      gcc \
+      git \
+      openssl-dev \
+      util-linux-dev
+RUN git clone --depth=1 --branch=master https://github.com/sflow/host-sflow.git
+WORKDIR host-sflow
+RUN make all install FEATURES="DOCKER PCAP OVS TCP DROPMON CONTAINERD CONTAINERDGO K8S" PROCFS=/rootproc
+
+FROM $image as complete
+COPY --from=build /usr/sbin/hsflowd_containerd /usr/sbin/hsflowd_containerd
+COPY --from=build /usr/sbin/hsflowd /usr/sbin/hsflowd
+COPY --from=build /etc/hsflowd/ /etc/hsflowd/
+COPY ovs/start.sh /
+COPY ovs/supervisord.conf /etc/supervisord.conf
+RUN apk add --no-cache tini dmidecode libpcap libuuid uuidgen supervisor openvswitch && \
+    chmod +x /start.sh && \
+    ln -s /proc /rootproc && \
+    /usr/bin/ovsdb-tool create /etc/openvswitch/conf.db && \
+    mkdir -pv /var/run/openvswitch/
+
+
+#HEALTHCHECK CMD pidof hsflowd > /dev/null || exit 1
+#CMD ["/sbin/tini","--","/start.sh"]
+ENTRYPOINT /usr/bin/supervisord -c /etc/supervisord.conf

multistage_images/ovs/start.sh

@@ -0,0 +1,79 @@
+#!/bin/sh
+
+COLLECTOR="${COLLECTOR:-127.0.0.1}"
+PORT="${PORT:-6343}"
+POLLING="${POLLING:-30}"
+SAMPLING="${SAMPLING:-1000}"
+NET="${NET:-docker}"
+DROPMON="${DROPMON:-disable}"
+DEBUG="${DEBUG:-none}"
+
+CONF='/etc/hsflowd.conf'
+
+case "$DEBUG" in
+  none)
+    FLAGS='-d'
+    ;;
+  info)
+    FLAGS='-dd'
+    ;;
+  fine)
+    FLAGS='-ddd'
+    ;;
+  finer)
+    FLAGS='-dddd'
+    ;;
+  finest)
+    FLAGS='-ddddd'
+    ;;
+  *)
+    FLAGS='-d'
+    ;;
+esac
+
+printf "sflow {\n" > $CONF
+printf " sampling=$SAMPLING\n" >> $CONF
+printf " sampling.bps_ratio=0\n" >> $CONF
+printf " polling=$POLLING\n" >> $CONF
+for ip in $COLLECTOR
+do
+  printf " collector { ip=$ip udpport=$PORT }\n" >> $CONF
+done
+if [ -e /var/run/docker.sock ]
+then
+  printf " docker { }\n" >> $CONF
+elif [ -e /run/containerd/containerd.sock ]
+then
+  printf " k8s { markTraffic=on eof=on }\n" >> $CONF
+fi
+if [ "$DROPMON" = "enable" ]
+then
+  printf " dropmon { limit=50 start=on sw=on hw=off }\n" >> $CONF
+fi
+case "$NET" in
+  docker)
+    printf " pcap { dev=docker0 }\n" >> $CONF
+    printf " pcap { dev=docker_gwbridge }\n" >> $CONF
+    ;;
+  ovs)
+    printf " ovs { }\n" >> $CONF
+    ;;
+  flannel)
+    printf " pcap { dev=cni0 }\n" >> $CONF
+    ;;
+  host)
+    printf " tcp { }\n" >> $CONF
+    printf " pcap { speed=1G- }\n" >> $CONF
+    ;;
+  *)
+    printf " tcp { }\n" >> $CONF
+    for dev in `ls /sys/class/net/ | grep "$NET"`
+    do
+      printf " pcap { dev=$dev }\n" >> $CONF
+    done
+    ;;
+esac
+printf "}\n" >> $CONF
+
+echo "Sending sFlow to $COLLECTOR UDP port $PORT"
+exec /usr/sbin/hsflowd $FLAGS