SONiC(3):手动运行docker ptf

尝试直接启动

  • 确认ptf这个docker是存在的
testbed@u1804-vm:~$ docker images | grep ptf
sonicdev-microsoft.azurecr.io:443/docker-ptf   latest              b8abca09d487        5 weeks ago         792MB

没有的话手动拉到本地

testbed@u1804-vm:~$ docker pull sonicdev-microsoft.azurecr.io:443/docker-ptf:latest
  • 直接启动容器
testbed@u1804-vm:~$ docker run --name ptf -d sonicdev-microsoft.azurecr.io:443/docker-ptf
71702d94ba4d48fd12b9ebc35e76968bbc290047fae187091e760e54f2b98810
testbed@u1804-vm:~$ 
  • 进入容器查看,发现除了lo外只有一个端口
testbed@u1804-vm:~$ docker exec -it ptf bash
root@71702d94ba4d:/# 
root@71702d94ba4d:/# 
root@71702d94ba4d:/# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
889: eth0@if890: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
root@71702d94ba4d:/# 

给容器添加网卡

  • 因为默认docker把创建的网络命名空间链接文件隐藏起来了,需要先获取docker的pid
testbed@u1804-vm:~$ nspid=$(docker inspect -f '{{.State.Pid}}' ptf) 
testbed@u1804-vm:~$ 
testbed@u1804-vm:~$ echo $nspid
31242
testbed@u1804-vm:~$ 
  • 如果服务器没有/var/run/netns这个目录,那么就手动创建一下
testbed@u1804-vm:~$ sudo mkdir -p /var/run/netns
  • 建立软连接后,可以看到netns
testbed@u1804-vm:~$ ln -s /proc/${nspid}/ns/net /var/run/netns/${nspid} 
testbed@u1804-vm:~$ ip netns
31242
testbed@u1804-vm:~$ 
  • 添加一对veth,将其中一个up
testbed@u1804-vm:~$ sudo ip link add tt0 type veth peer name tt1 
testbed@u1804-vm:~$ sudo ip link set dev tt1 up
  • 将另一个加到容器netns
testbed@u1804-vm:~$ sudo ip link set dev tt0 name eth1 netns ${nspid}
testbed@u1804-vm:~$ sudo ip netns exec ${nspid} ip link set dev eth1 up
  • 此时ptf这个docker里面会多出eth1这个网口
root@71702d94ba4d:/# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
889: eth0@if890: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
892: eth1@if891: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
    link/ether 2a:e3:41:19:2d:0b brd ff:ff:ff:ff:ff:ff link-netnsid 0

验证连通

  • 将veth的一端加到和之前创建的vlab-02-1在同一个OVS bridge上
testbed@u1804-vm:~$ sudo ovs-vsctl add-port br-VM0100-1 tt1
  • vlab-02上在eth1抓包
admin@sonic:~$ sudo tcpdump -i eth1 -enn 
  • 在ptf上启动scapy组一个ARP报文并从eth1发出
root@71702d94ba4d:/# scapy
INFO: Can't import python gnuplot wrapper . Won't be able to plot.
INFO: Can't import PyX. Won't be able to use psdump() or pdfdump().
INFO: No IPv6 support in kernel
WARNING: No route found for IPv6 destination :: (no default route?)
INFO: Can't import python Crypto lib. Won't be able to decrypt WEP.
INFO: Can't import python Crypto lib. Disabled certificate manipulation tools
Welcome to Scapy (2.2.0-dev)
>>> 
>>> pkt = Ether(src='11:22:33:44:55:77', dst='ff:ff:ff:ff:ff:ff')/ARP(op="who-has", pdst='1.1.1.200')/("0"*20)
>>> pkt.show()
###[ Ethernet ]###
  dst= ff:ff:ff:ff:ff:ff
  src= 11:22:33:44:55:77
  type= 0x806
###[ ARP ]###
     hwtype= 0x1
     ptype= 0x800
     hwlen= 6
     plen= 4
     op= who-has
     hwsrc= 02:42:ac:11:00:02
     psrc= 172.17.0.2
     hwdst= 00:00:00:00:00:00
     pdst= 1.1.1.200
###[ Raw ]###
        load= '00000000000000000000'
>>> 
>>>> sendp(pkt,iface="eth1")
.
Sent 1 packets.
>>> 
  • 回到vlab-02,可以看到能够抓到报文,证明添加成功!
admin@sonic:~$ sudo tcpdump -i eth1 -enn 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes
06:24:49.178962 11:22:33:44:55:77 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 62: Request who-has 1.1.1.200 tell 172.17.0.2, length 48
^C
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值