path: root/vicn/resource
diff options
Diffstat (limited to 'vicn/resource')
72 files changed, 7474 insertions, 0 deletions
diff --git a/vicn/resource/__init__.py b/vicn/resource/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/__init__.py
diff --git a/vicn/resource/application.py b/vicn/resource/application.py
new file mode 100644
index 00000000..f5341f2b
--- /dev/null
+++ b/vicn/resource/application.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.resource import Resource
+from vicn.resource.node import Node
+class Application(Resource):
+ node = Attribute(Node,
+ description = 'Node on which the application is installed',
+ mandatory = True,
+ multiplicity = Multiplicity.ManyToOne,
+ reverse_name = 'applications',
+ reverse_description = 'Applications installed on node')
diff --git a/vicn/resource/central.py b/vicn/resource/central.py
new file mode 100644
index 00000000..73a43478
--- /dev/null
+++ b/vicn/resource/central.py
@@ -0,0 +1,789 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import networkx as nx
+import logging
+from netmodel.model.type import String
+from netmodel.util.misc import pairwise
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import async_task, inline_task
+from vicn.core.task import EmptyTask, BashTask
+from vicn.resource.channel import Channel
+from vicn.resource.ip.route import IPRoute
+from vicn.resource.icn.forwarder import Forwarder
+from vicn.resource.icn.face import L2Face, L4Face, FaceProtocol
+from vicn.resource.icn.producer import Producer
+from vicn.resource.icn.route import Route as ICNRoute
+from vicn.resource.linux.file import TextFile
+from vicn.resource.lxd.lxc_container import LxcContainer
+from vicn.resource.node import Node
+log = logging.getLogger(__name__)
+CMD_CONTAINER_SET_DNS = 'echo "nameserver {ip_dns}" | ' \
+ 'resolvconf -a {interface_name}'
+# For host
+CMD_NAT = '\n'.join([
+ 'iptables -t nat -A POSTROUTING -o {bridge_name} -s {network} ' \
+ '! -d {network} -j MASQUERADE',
+ 'echo 1 > /proc/sys/net/ipv4/ip_forward'
+# For containers
+CMD_IP_FORWARD = 'echo 1 > /proc/sys/net/ipv4/ip_forward'
+HOST_FILE_PATH = "/etc/hosts.vicn"
+# Routing strategies
+def routing_strategy_spt(G, origins, weight_key = None):
+ """Routing strategy : Shortest path tree
+ This routing strategy uses the Dijkstra algorithm on an undirected graph
+ to build the shortest path tree towards all origin prefixes.
+ NOTE: weights are currently unsupported by this strategy.
+ Args:
+ G (nx.Graph): network graph
+ origins (dict): dictionary mapping nodes to the set of prefixes they
+ are origins for
+ weight_key (str): key corresponding to weight key in edge data. None
+ assumes all weights have unit cost
+ Returns:
+ generator : returning triplets (source, prefix, next hop)
+ """
+ assert weight_key is None
+ origin_nodes = origins.keys()
+ seen = set()
+ for dst_node in origin_nodes:
+ sssp = nx.shortest_path(G, target = dst_node)
+ # Notes from the documentation:
+ # - If only the target is specified, return a dictionary keyed by
+ # sources with a list of nodes in a shortest path from one of the
+ # sources to the target.
+ # - All returned paths include both the source and target in the
+ # path.
+ for _, path in sssp.items():
+ if len(path) == 1:
+ # Local prefix
+ continue
+ for s, d in pairwise(path):
+ for prefix in origins[dst_node]:
+ t = (s, prefix, d)
+ if t in seen:
+ continue
+ seen.add(t)
+ yield t
+def routing_strategy_max_flow(G, origins, weight_key = 'capacity'):
+ """Routing strategy : Maximum Flow
+ Args:
+ G (nx.Graph): network graph
+ origins (dict): dictionary mapping nodes to the set of prefixes they
+ are origins for
+ weight_key (str): key corresponding to weight key in edge data. None
+ assumes all weights have unit cost
+ Returns:
+ generator : returning triplets (source, prefix, next hop)
+ """
+ assert weight_key is None
+ origin_nodes = origins.keys()
+ for dst_node in origin_nodes:
+ for src_node in G.nodes:
+ if src_node == dst_node:
+ continue
+ _, flow_dict = nx.maximum_flow(G, src_node, dst_node,
+ capacity=weight_key)
+ # Notes from the documentation:
+ # https://networkx.github.io/documentation/networkx-1.10/reference/
+ # generated/networkx.algorithms.flow.maximum_flow.html
+ # - flow_dict (dict) – A dictionary containing the value of the
+ # flow that went through each edge.
+ for s, d_map in flow_dict.items():
+ for d, flow in d_map.items():
+ if flow == 0:
+ continue
+ for prefix in origins[dst_node]:
+ yield s, prefix, d
+ 'spt' : routing_strategy_spt,
+ 'max_flow' : routing_strategy_max_flow,
+# L2 and L4/ICN graphs
+def _get_l2_graph(manager, with_managed = False):
+ G = nx.Graph()
+ for node in manager.by_type(Node):
+ G.add_node(node._state.uuid)
+ for channel in manager.by_type(Channel):
+ if channel.has_type('emulatedchannel'):
+ src = channel._ap_if
+ for dst in channel._sta_ifs.values():
+ if not with_managed and (not src.managed or not dst.managed):
+ continue
+ if G.has_edge(src.node._state.uuid, dst.node._state.uuid):
+ continue
+ map_node_interface = { src.node._state.uuid : src._state.uuid,
+ dst.node._state.uuid: dst._state.uuid}
+ G.add_edge(src.node._state.uuid, dst.node._state.uuid,
+ map_node_interface = map_node_interface)
+ else:
+ # This is for a normal Channel
+ for src_it in range(0,len(channel.interfaces)):
+ src = channel.interfaces[src_it]
+ # Iterate over the remaining interface to create all the
+ # possible combination
+ for dst_it in range(src_it+1,len(channel.interfaces)):
+ dst = channel.interfaces[dst_it]
+ if not with_managed and (not src.managed or
+ not dst.managed):
+ continue
+ if G.has_edge(src.node._state.uuid, dst.node._state.uuid):
+ continue
+ map_node_interface = {
+ src.node._state.uuid : src._state.uuid,
+ dst.node._state.uuid: dst._state.uuid}
+ G.add_edge(src.node._state.uuid, dst.node._state.uuid,
+ map_node_interface = map_node_interface)
+ return G
+def _get_icn_graph(manager):
+ G = nx.Graph()
+ for forwarder in manager.by_type(Forwarder):
+ node = forwarder.node
+ G.add_node(node._state.uuid)
+ for face in forwarder.faces:
+ other_face = manager.by_uuid(face._internal_data['sibling_face'])
+ other_node = other_face.node
+ if G.has_edge(node._state.uuid, other_node._state.uuid):
+ continue
+ map_node_face = { node._state.uuid: face._state.uuid,
+ other_node._state.uuid: other_face._state.uuid }
+ G.add_edge(node._state.uuid, other_node._state.uuid,
+ map_node_face = map_node_face)
+ return G
+class IPAssignment(Resource):
+ """
+ Resource: IPAssignment
+ """
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ return ('Interface',)
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __subresources__(self):
+ self.host_file = TextFile(node = None, filename = HOST_FILE_PATH,
+ overwrite = True)
+ return self.host_file
+ def __create__(self):
+ """
+ IP assignment strategy /32: assign /32 IP address to each interface
+ We might use different subnets for resources involved in experiment,
+ and supporting resources, and to minimize routing tables.
+ """
+ log.info('Assigment of IP addresses')
+ tasks = EmptyTask()
+ # We sort nodes by names for IP assignment. This code ensures that
+ # interfaces on the same channel get consecutive IP addresses. That
+ # way, we can assign /31 on p2p channels.
+ channels = sorted(self._state.manager.by_type(Channel),
+ key = lambda x : x.get_sortable_name())
+ channels.extend(sorted(self._state.manager.by_type(Node),
+ key = lambda node : node.name))
+ host_file_content = ""
+ # Dummy code to start IP addressing on an even number for /31
+ ip = AddressManager().get_ip(None)
+ if int(ip[-1]) % 2 == 0:
+ ip = AddressManager().get_ip("dummy object")
+ for channel in channels:
+ # Sort interfaces in a deterministic order to ensure consistent
+ # addressing across restarts of the tool
+ interfaces = sorted(channel.interfaces,
+ key = lambda x : x.device_name)
+ for interface in interfaces:
+ if interface.ip_address is None:
+ ip = AddressManager().get_ip(interface)
+ @async_task
+ async def set_ip(interface, ip):
+ await interface.async_set('ip_address', ip)
+ if interface.managed:
+ tasks = tasks | set_ip(interface, ip)
+ else:
+ ip = interface.ip_address
+ # Note: interface.ip_address should still be None at this stage
+ # since we have not made the assignment yet
+ if isinstance(channel, Node):
+ host_file_content += '# {} {} {}\n'.format(
+ interface.node.name, interface.device_name, ip)
+ if interface == interface.node.host_interface:
+ host_file_content += '{} {}\n'.format(ip,
+ interface.node.name)
+ self.host_file.content = host_file_content
+ return tasks
+ __delete__ = None
+class IPRoutes(Resource):
+ """
+ Resource: IPRoutes
+ Centralized IP route computation.
+ """
+ routing_strategy = Attribute(String)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ @inline_task
+ def __create__(self):
+ routes = list()
+ pre_routes, routes = self._get_ip_routes()
+ routes.extend(pre_routes)
+ routes.extend(routes)
+ for route in routes:
+ route.node.routing_table.routes << route
+ def __delete__(self):
+ raise NotImplementedError
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _get_ip_origins(self):
+ origins = dict()
+ for node in self._state.manager.by_type(Node):
+ node_uuid = node._state.uuid
+ if not node_uuid in origins:
+ origins[node_uuid] = list()
+ for interface in node.interfaces:
+ origins[node_uuid].append(interface.ip_address)
+ return origins
+ def _get_ip_routes(self):
+ if self.routing_strategy == 'pair':
+ return [], self._get_pair_ip_routes()
+ strategy = MAP_ROUTING_STRATEGY.get(self.routing_strategy)
+ G = _get_l2_graph(self._state.manager)
+ origins = self._get_ip_origins()
+ # node -> list(origins for which we have routes)
+ ip_routes = dict()
+ pre_routes = list()
+ routes = list()
+ for src, prefix, dst in strategy(G, origins):
+ data = G.get_edge_data(src, dst)
+ map_ = data['map_node_interface']
+ next_hop_interface = map_[src]
+ next_hop_ingress = self._state.manager.by_uuid(map_[dst])
+ src_node = self._state.manager.by_uuid(src)
+ mac_addr = None
+ if ((hasattr(next_hop_ingress, 'vpp') and
+ next_hop_ingress.vpp is not None) or
+ (hasattr(src_node, 'vpp') and src_node.vpp is not None)):
+ mac_addr = next_hop_ingress.mac_address
+ # Avoid duplicate routes due to multiple paths in the network
+ if not src_node in ip_routes:
+ ip_routes[src_node] = list()
+ if prefix in ip_routes[src_node]:
+ continue
+ if prefix == next_hop_ingress.ip_address:
+ # Direct route on src_node.name :
+ # route add [prefix] dev [next_hop_interface_.device_name]
+ route = IPRoute(node = src_node,
+ managed = False,
+ owner = self,
+ ip_address = prefix,
+ mac_address = mac_addr,
+ interface = next_hop_interface)
+ else:
+ # We need to be sure we have a route to the gw from the node
+ if not next_hop_ingress.ip_address in ip_routes[src_node]:
+ pre_route = IPRoute(node = src_node,
+ managed = False,
+ owner = self,
+ ip_address = next_hop_ingress.ip_address,
+ mac_address = mac_addr,
+ interface = next_hop_interface)
+ ip_routes[src_node].append(next_hop_ingress.ip_address)
+ pre_routes.append(pre_route)
+ # Route on src_node.name:
+ # route add [prefix] dev [next_hop_interface_.device_name]
+ # via [next_hop_ingress.ip_address]
+ route = IPRoute(node = src_node,
+ managed = False,
+ owner = self,
+ ip_address = prefix,
+ interface = next_hop_interface,
+ mac_address = mac_addr,
+ gateway = next_hop_ingress.ip_address)
+ ip_routes[src_node].append(prefix)
+ routes.append(route)
+ return pre_routes, routes
+ def _get_pair_ip_routes(self):
+ """
+ IP routing strategy : direct routes only
+ """
+ routes = list()
+ G = _get_l2_graph(self._state.manager)
+ for src_node_uuid, dst_node_uuid, data in G.edges_iter(data = True):
+ src_node = self._state.manager.by_uuid(src_node_uuid)
+ dst_node = self._state.manager.by_uuid(dst_node_uuid)
+ map_ = data['map_node_interface']
+ src = self._state.manager.by_uuid(map_[src_node_uuid])
+ dst = self._state.manager.by_uuid(map_[dst_node_uuid])
+ log.debug('[IP ROUTE] NODES {}/{}/{} -> {}/{}/{}'.format(
+ src_node.name, src.device_name, src.ip_address,
+ dst_node.name, dst.device_name, dst.ip_address))
+ log.debug('[IP ROUTE] NODES {}/{}/{} -> {}/{}/{}'.format(
+ dst_node.name, dst.device_name, dst.ip_address,
+ src_node.name, src.device_name, src.ip_address))
+ route = IPRoute(node = src_node,
+ managed = False,
+ owner = self,
+ ip_address = dst.ip_address,
+ mac_address = dst.mac_address,
+ interface = src)
+ routes.append(route)
+ route = IPRoute(node = dst_node,
+ managed = False,
+ owner = self,
+ ip_address = src.ip_address,
+ mac_address = src.mac_address,
+ interface = dst)
+ routes.append(route)
+ return routes
+class ICNFaces(Resource):
+ """
+ Resource: ICNFaces
+ Centralized ICN face creation.
+ """
+ protocol_name = Attribute(String)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound # always create faces
+ @inline_task
+ def __create__(self):
+ icn_faces = self._get_faces()
+ for face in icn_faces:
+ face.node.forwarder.faces << face
+ def __delete__(self):
+ raise NotImplementedError
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _get_faces(self):
+ """
+ Face creation (heuristic: facemgr)
+ Requires: at least direct IP links
+ """
+ protocol = FaceProtocol.from_string(self.protocol_name)
+ faces = list()
+ G = _get_l2_graph(self._state.manager)
+ for src_node_uuid, dst_node_uuid, data in G.edges_iter(data = True):
+ src_node = self._state.manager.by_uuid(src_node_uuid)
+ dst_node = self._state.manager.by_uuid(dst_node_uuid)
+ map_ = data['map_node_interface']
+ src = self._state.manager.by_uuid(map_[src_node_uuid])
+ dst = self._state.manager.by_uuid(map_[dst_node_uuid])
+ log.debug('{} -> {} ({} -> {})'.format(src_node_uuid,
+ dst_node_uuid, src.device_name, dst.device_name))
+ if protocol == FaceProtocol.ether:
+ src_face = L2Face(node = src_node,
+ owner = self,
+ protocol = protocol,
+ src_nic = src,
+ dst_mac = dst.mac_address)
+ dst_face = L2Face(node = dst_node,
+ owner = self,
+ protocol = protocol,
+ src_nic = dst,
+ dst_mac = src.mac_address)
+ elif protocol in (FaceProtocol.tcp4, FaceProtocol.tcp6,
+ FaceProtocol.udp4, FaceProtocol.udp6):
+ src_face = L4Face(node = src_node,
+ owner = self,
+ protocol = protocol,
+ src_ip = src.ip_address,
+ dst_ip = dst.ip_address,
+ src_port = TMP_DEFAULT_PORT,
+ dst_port = TMP_DEFAULT_PORT)
+ dst_face = L4Face(node = dst_node,
+ owner = self,
+ protocol = protocol,
+ src_ip = dst.ip_address,
+ dst_ip = src.ip_address,
+ src_port = TMP_DEFAULT_PORT,
+ dst_port = TMP_DEFAULT_PORT)
+ else:
+ raise NotImplementedError
+ # We key the sibling face for easier building of the ICN graph
+ src_face._internal_data['sibling_face'] = dst_face._state.uuid
+ dst_face._internal_data['sibling_face'] = src_face._state.uuid
+ faces.append(src_face)
+ faces.append(dst_face)
+ return faces
+class ICNRoutes(Resource):
+ """
+ Resource: ICNRoutes
+ Centralized ICN route computation.
+ """
+ routing_strategy = Attribute(String)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound # always create routes
+ @inline_task
+ def __create__(self):
+ icn_routes = self._get_icn_routes()
+ for route in icn_routes:
+ route.node.forwarder.routes << route
+ def __delete__(self):
+ raise NotImplementedError
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _get_prefix_origins(self):
+ origins = dict()
+ for producer in self._state.manager.by_type(Producer):
+ node_uuid = producer.node._state.uuid
+ if not node_uuid in origins:
+ origins[node_uuid] = list()
+ origins[node_uuid].extend(producer.prefixes)
+ return origins
+ def _get_icn_routes(self):
+ strategy = MAP_ROUTING_STRATEGY.get(self.routing_strategy)
+ G = _get_icn_graph(self._state.manager)
+ origins = self._get_prefix_origins()
+ routes = list()
+ for src, prefix, dst in strategy(G, origins):
+ data = G.get_edge_data(src, dst)
+ map_ = data['map_node_face']
+ next_hop_face = map_[src]
+ route = ICNRoute(node = src,
+ owner = self,
+ prefix = prefix,
+ face = next_hop_face)
+ routes.append(route)
+ return routes
+class DnsServerEntry(Resource):
+ """
+ Resource: DnsServerEntry
+ Setup of DNS resolver for LxcContainers
+ Todo:
+ - This should be merged into the LxcContainer resource
+ """
+ node = Attribute(String)
+ ip_address = Attribute(String)
+ interface_name = Attribute(String)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ return BashTask(self.node, CMD_CONTAINER_SET_DNS,
+ {'ip_dns': self.ip_address,
+ 'interface_name': self.interface_name})
+ def __delete__(self):
+ raise NotImplementedError
+class ContainerSetup(Resource):
+ """
+ Resource: ContainerSetup
+ Setup of container networking
+ Todo:
+ - This should be merged into the LxcContainer resource
+ """
+ container = Attribute(LxcContainer)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ # a) routes: host -> container
+ # . container interfaces
+ # . container host (main) interface
+ # route add -host {ip_address} dev {bridge_name}
+ route = IPRoute(node = self.container.node,
+ managed = False,
+ owner = self,
+ ip_address = self.container.host_interface.ip_address,
+ interface = self.container.node.bridge)
+ route.node.routing_table.routes << route
+ # b) route: container -> host
+ # route add {ip_gateway} dev {interface_name}
+ # route add default gw {ip_gateway} dev {interface_name}
+ route = IPRoute(node = self.container,
+ owner = self,
+ managed = False,
+ ip_address = self.container.node.bridge.ip_address,
+ interface = self.container.host_interface)
+ route.node.routing_table.routes << route
+ route_gw = IPRoute(node = self.container,
+ managed = False,
+ owner = self,
+ ip_address = 'default',
+ interface = self.container.host_interface,
+ gateway = self.container.node.bridge.ip_address)
+ route_gw.node.routing_table.routes << route_gw
+ # c) dns
+ dns_server_entry = DnsServerEntry(node = self.container,
+ owner = self,
+ ip_address = self.container.node.bridge.ip_address,
+ interface_name = self.container.host_interface.device_name)
+ return dns_server_entry
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ return BashTask(self.container.node, CMD_IP_FORWARD)
+class ContainersSetup(Resource):
+ """
+ Resource: ContainersSetup
+ Setup of LxcContainers (main resource)
+ Todo:
+ - This should be merged into the LxcContainer resource
+ """
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ containers = self._state.manager.by_type(LxcContainer)
+ if len(containers) == 0:
+ return None
+ container_resources = [ContainerSetup(owner = self, container = c)
+ for c in containers]
+ return Resource.__concurrent__(*container_resources)
+class CentralIP(Resource):
+ """
+ Resource: CentralIP
+ Central IP management (main resource)
+ """
+ ip_routing_strategy = Attribute(String, description = 'IP routing strategy',
+ default = 'pair') # spt, pair
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after_init__(self):
+ return ('Node', 'Channel', 'Interface')
+ def __subresources__(self):
+ ip_assign = IPAssignment(owner=self)
+ containers_setup = ContainersSetup(owner=self)
+ ip_routes = IPRoutes(owner = self,
+ routing_strategy = self.ip_routing_strategy)
+ return ip_assign > (ip_routes | containers_setup)
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ __delete__ = None
+class CentralICN(Resource):
+ """
+ Resource: CentralICN
+ Central ICN management (main resource)
+ """
+ # Choices: spt, max_flow
+ icn_routing_strategy = Attribute(String,
+ description = 'ICN routing strategy',
+ default = 'spt')
+ face_protocol = Attribute(String,
+ description = 'Protocol used to create faces',
+ default = 'ether')
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ """
+ We need to wait for IP configuration in order to be able to build
+ overload ICN faces, and producers for prefix origins.
+ """
+ return ('CentralIP',)
+ def __subresources__(self):
+ icn_faces = ICNFaces(owner = self, protocol_name = self.face_protocol)
+ icn_routes = ICNRoutes(owner = self,
+ routing_strategy = self.icn_routing_strategy)
+ return icn_faces > icn_routes
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ __delete__ = None
diff --git a/vicn/resource/channel.py b/vicn/resource/channel.py
new file mode 100644
index 00000000..cd64b641
--- /dev/null
+++ b/vicn/resource/channel.py
@@ -0,0 +1,44 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.resource import Resource
+from vicn.core.attribute import Attribute
+class Channel(Resource):
+ """
+ Resource: Channel
+ """
+ #--------------------------------------------------------------------------
+ # Public API
+ #--------------------------------------------------------------------------
+ def get_remote_name(self, name):
+ if len(self._interfaces) != 2:
+ return None
+ return next(x for x in self._interfaces if x.get_name() != name)
+ def get_sortable_name(self):
+ """
+ This method is used to sort channel during IP assignment. This is
+ necessary to get the same IP configuration on the same experiment.
+ """
+ ret = "{:03}".format(len(self.interfaces))
+ ret = ret + ''.join(sorted(map(lambda x : x.node.name, self.interfaces)))
+ return ret
diff --git a/vicn/resource/dns_server.py b/vicn/resource/dns_server.py
new file mode 100644
index 00000000..3fbe89f9
--- /dev/null
+++ b/vicn/resource/dns_server.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.resource import FactoryResource
+from vicn.resource.application import Application
+class DnsServer(Application):
+ """
+ Resource: DnsServer
+ """
+ __type__ = FactoryResource
+ node = Attribute(
+ reverse_name = 'dns_server',
+ reverse_auto = True,
+ multiplicity = Multiplicity.OneToOne)
diff --git a/vicn/resource/gui.py b/vicn/resource/gui.py
new file mode 100644
index 00000000..3ded7a5a
--- /dev/null
+++ b/vicn/resource/gui.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.helpers.resource_definition import *
+class GUI(Resource):
+ """
+ Resource: GUI
+ This resource is empty on purpose. It is a temporary resource used as a
+ placeholder for controlling the GUI and should be deprecated in future
+ releases.
+ """
+ pass
diff --git a/vicn/resource/icn/__init__.py b/vicn/resource/icn/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/icn/__init__.py
diff --git a/vicn/resource/icn/ccnx_consumer_producer_test.py b/vicn/resource/icn/ccnx_consumer_producer_test.py
new file mode 100644
index 00000000..f682657d
--- /dev/null
+++ b/vicn/resource/icn/ccnx_consumer_producer_test.py
@@ -0,0 +1,109 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.requirement import Requirement
+from vicn.core.task import BashTask
+from vicn.resource.icn.icn_application import ICN_SUITE_CCNX_1_0
+from vicn.resource.icn.consumer import Consumer
+from vicn.resource.icn.producer import Producer
+from vicn.resource.node import Node
+class CcnxConsumerTest(Consumer):
+ """
+ Resource: CcnxConsumerTest
+ Test consumer exchanging dummy data.
+ """
+ __package_names__ = ["libconsumer-producer-ccnx"]
+ prefixes = Attribute(String,
+ description = "Name served by the producer server test",
+ default = lambda self: self.default_name(),
+ mandatory = False,
+ multiplicity = Multiplicity.OneToMany)
+ node = Attribute(Node,
+ requirements=[
+ Requirement("forwarder",
+ capabilities = set(['ICN_SUITE_CCNX_1_0']),
+ properties = {"protocol_suites" : ICN_SUITE_CCNX_1_0})
+ ])
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def default_name(self):
+ return ['/ccnxtest']
+ def _def_protocol_suite(self):
+ return ICN_SUITE_CCNX_1_0
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_start__(self):
+ template = ["consumer-test", " ccnx:{prefix}"]
+ params = {'prefix' : self.prefixes[0]}
+ return BashTask(self.node, ' '.join(template), parameters = params)
+ def __method_stop__(self):
+ raise NotImplementedError
+class CcnxProducerTest(Producer):
+ """
+ Resource: CcnxConsumerTest
+ Test producer exchanging dummy data.
+ """
+ __package_names__ = ["libconsumer-producer-ccnx"]
+ node = Attribute(Node,
+ requirements = [Requirement("forwarder",
+ capabilities = set(['ICN_SUITE_CCNX_1_0']),
+ properties = {"protocol_suites" : ICN_SUITE_CCNX_1_0})])
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def default_name(self):
+ return ['/ccnxtest']
+ def _def_protocol_suite(self):
+ return ICN_SUITE_CCNX_1_0
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_start__(self):
+ template = ["producer-test", " ccnx:{prefix}"]
+ params = {'prefix' : self.prefixes[0]}
+ return BashTask(self.node, ' '.join(template), parameters = params)
+ def __method_stop__(self):
+ raise NotImplementedError
diff --git a/vicn/resource/icn/ccnx_keystore.py b/vicn/resource/icn/ccnx_keystore.py
new file mode 100644
index 00000000..ddd87019
--- /dev/null
+++ b/vicn/resource/icn/ccnx_keystore.py
@@ -0,0 +1,87 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String, Integer
+from vicn.core.attribute import Attribute, Reference
+from vicn.core.task import BashTask
+from vicn.resource.linux.file import File
+from vicn.resource.linux.package_manager import Packages
+METIS_KEYSTORE_CREATE = ('parc-publickey -c {filename} {password} '
+ '{subject_name} {size} {validity}')
+# FIXME default passwords, not very sensitive
+DEFAULT_KEYSTORE_FILE = "keystore.pkcs12"
+class MetisKeystore(File):
+ """
+ Resource: MetisKeystore
+ """
+ filename = Attribute(String, description = "File containing the keystore",
+ default = DEFAULT_KEYSTORE_FILE, mandatory=False)
+ password = Attribute(String,
+ description = "Password for the keystore file",
+ subject_name = Attribute(String,
+ description = "Subject name for the keystore",
+ validity = Attribute(String,
+ description = "Validity period of the keystore",
+ size = Attribute(Integer, description = 'Length of the keys',
+ __package_names__ = ['libparc']
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ packages = Packages(node=Reference(self, 'node'),
+ names=self._get_package_names(), owner=self)
+ return packages
+ def __create__(self):
+ args = {'filename' : self.filename, 'password' : self.password,
+ 'subject_name' : self.subject_name, 'validity' : self.validity,
+ 'size' : self.size}
+ return BashTask(self.node, METIS_KEYSTORE_CREATE, args)
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _get_package_names(self):
+ package_names = list()
+ for base in self.__class__.mro():
+ if not '__package_names__' in vars(base):
+ continue
+ package_names.extend(getattr(base, '__package_names__'))
+ return package_names
+ def format_baseline(self, baseline):
+ return baseline.format(keystore_file=self.filename, password=self.password)
diff --git a/vicn/resource/icn/ccnx_metis.py b/vicn/resource/icn/ccnx_metis.py
new file mode 100644
index 00000000..ead9b9bf
--- /dev/null
+++ b/vicn/resource/icn/ccnx_metis.py
@@ -0,0 +1,368 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from functools import wraps
+from netmodel.model.type import String, Integer, Bool
+from vicn.core.attribute import Attribute
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource_mgr import wait_resource_task
+from vicn.core.task import BashTask, EmptyTask, task
+from vicn.resource.icn.ccnx_keystore import MetisKeystore
+from vicn.resource.icn.face import L2Face, L4Face, FaceProtocol
+from vicn.resource.icn.face import DEFAULT_ETHER_PROTO
+from vicn.resource.icn.forwarder import Forwarder
+from vicn.resource.linux.file import TextFile
+from vicn.resource.linux.service import Service
+ 'metis_control --keystore {keystore_file} --password {password}')
+ 'add listener ether ether{conn_id} {listener.src_nic.device_name} '
+ '{listener.ether_proto}')
+CMD_ADD_LISTENER_L4 = 'add listener {protocol} transport{conn_id} {infos}'
+CMD_ADD_CONNECTION_ETHER = ('add connection ether {face.id} {face.dst_mac} '
+ '{face.src_nic.device_name}')
+CMD_ADD_CONNECTION_L4 = ('add connection {protocol} {face.id} {face.dst_ip} '
+ '{face.dst_port} {face.src_ip} {face.src_port}')
+CMD_ADD_ROUTE = 'add route {route.face.id} ccnx:{route.prefix} {route.cost}'
+ 'metis_daemon --port {port} --daemon --log-file {log_file} '
+ '--capacity {cs_size} --config {config}')
+METIS_DAEMON_STOP = "killall -9 metis_daemon"
+BASE_CONN_NAME = "conn"
+METIS_ETC_DEFAULT = "/etc/default/metis-forwarder"
+# Listeners
+class MetisListener:
+ def __init__(self, protocol):
+ self.protocol = protocol
+ @staticmethod
+ def listener_from_face(face):
+ if face.protocol is FaceProtocol.ether:
+ return MetisEtherListener(face.protocol, face.src_nic,
+ face.ether_proto)
+ elif face.protocol in [FaceProtocol.tcp4, FaceProtocol.tcp6,
+ FaceProtocol.udp4, FaceProtocol.udp6]:
+ return MetisL4Listener(face.protocol, face.src_ip, face.src_port)
+ else:
+ raise ValueError("Metis only supports Ethernet and TCP/UDP faces")
+class MetisEtherListener(MetisListener):
+ def __init__(self, protocol, src_nic, ether_proto=DEFAULT_ETHER_PROTO):
+ super().__init__(protocol)
+ self.src_nic = src_nic
+ self.ether_proto = ether_proto
+ def get_setup_command(self, conn_id):
+ return CMD_ADD_LISTENER_ETHER.format(listener = self,
+ conn_id = conn_id)
+ def __eq__(self, other):
+ return (isinstance(other, MetisEtherListener)
+ and (other.src_nic == self.src_nic)
+ and (other.ether_proto == self.ether_proto))
+ def __ne__(self, other):
+ return ((not isinstance(other, MetisEtherListener))
+ or (other.src_nic != self.src_nic)
+ or (other.ether_proto != self.ether_proto))
+class MetisL4Listener(MetisListener):
+ def __init__(self, protocol, src_ip, src_port):
+ super().__init__(protocol)
+ self.src_ip = src_ip
+ self.src_port = src_port
+ def _get_proto_as_str(self):
+ if self.protocol in (FaceProtocol.tcp4, FaceProtocol.tcp6):
+ return "tcp"
+ elif self.protocol in (FaceProtocol.udp4, FaceProtocol.udp6):
+ return "udp"
+ def get_setup_command(self, conn_id):
+ infos = '{} {}'.format(self.src_ip, self.src_port)
+ return CMD_ADD_LISTENER_L4.format(protocol = self._get_proto_as_str(),
+ conn_id = conn_id, infos = infos)
+ def __eq__(self, other):
+ return (isinstance(other, MetisL4Listener) and
+ self.protocol == other.protocol and
+ self.src_ip == other.src_ip and
+ self.src_port == other.src_port)
+class MetisForwarder(Forwarder, Service):
+ __capabilities__ = set(['ICN_SUITE_CCNX_1_0'])
+ __package_names__ = ['metis-forwarder']
+ __service_name__ = "metis-forwarder"
+ log_file = Attribute(String, description = 'File for metis logging',
+ default = '/tmp/ccnx-metis.log') # '/dev/null')
+ port = Attribute(Integer, description = 'TCP port for metis',
+ default = 9695)
+ gen_config = Attribute(Bool,
+ description = 'Set to record all metis commands in a config file',
+ default = True)
+ config_file = Attribute(String, default = '/root/.ccnx_metis.conf')
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._nb_conn = 0
+ self._listeners = []
+ self._listeners_idx = 0
+ self.keystore = None
+ # Cache
+ self._faces = set()
+ self._routes = set()
+ # Internal subresources
+ self._config = None
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ return ('CentralICN',)
+ def __subresources__(self):
+ self.keystore = MetisKeystore(node = self.node, owner = self)
+ self.env_file = self._write_environment_file()
+ return self.keystore | self.env_file
+ @task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ # Alternatively, we might put all commands in a configuration file
+ # before starting the forwarder. In that case, we need to restart it if
+ # it is already started.
+ # XXX Need to schedule subresource before and after some other tasks
+ _, faces = self._cmd_create_faces()
+ _, routes = self._cmd_create_routes()
+ cfg = list()
+ cfg.append('add listener tcp local0 9695')
+ cfg.extend(faces)
+ cfg.extend(routes)
+ self._config = TextFile(filename = self.config_file,
+ node = self.node,
+ owner = self,
+ content = '\n'.join(cfg),
+ overwrite = True)
+ self._state.manager.commit_resource(self._config)
+ start_or_restart = self.__method_restart__()
+ return wait_resource_task(self._config) > start_or_restart
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ # Force local management of faces and routes
+ _add_faces = None
+ _remove_faces = None
+ _get_faces = None
+ _set_faces = None
+ _add_routes = None
+ _remove_routes = None
+ _get_routes = None
+ _set_routes = None
+ #--------------------------------------------------------------------------
+ # Method helpers
+ #--------------------------------------------------------------------------
+ def _start_as_daemon(self):
+ """
+ Start the metis forwarder as normal daemon
+ """
+ args = {'port' : self.port, 'log_file' : self.log_file,
+ 'cs_size' : self.cache_size, 'config' : self.config_file}
+ return BashTask(self.node, command, parameters = args)
+ def _restart_as_daemon(self):
+ """
+ Restart the metis forwarder as normal daemon
+ """
+ args = {'port' : self.port, 'log_file' : self.log_file,
+ 'cs_size' : self.cache_size, 'config' : self.config_file}
+ return BashTask(self.node, command, parameters = args)
+ def _start_as_service(self):
+ """
+ Start the metis forwarder as service managed by systemd
+ """
+ return super().__method_start__()
+ def _restart_as_service(self):
+ """
+ Restart the metis forwarder as service managed by systemd
+ """
+ return super().__method_restart__()
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_start__(self):
+ return self._start_as_service()
+ def __method_restart__(self):
+ return self._restart_as_service()
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _cmd_create_faces(self):
+ """Returns the list of commands used to update faces (delete and
+ create).
+ We need two lists because some delete might need to occur before create.
+ This function is used to populate the config file and also alter the
+ configuration of the forwarder live. It might be possible to further
+ optimize but keeping the two separate seems important, since delete is
+ only used for an already running metis.
+ """
+ create_cmds = list()
+ delete_cmds = list()
+ for face in self.faces:
+ listener = MetisListener.listener_from_face(face)
+ if listener not in self._listeners:
+ self._listeners.append(listener)
+ conn_id = self._listeners_idx
+ self._listeners_idx += 1
+ cmd = listener.get_setup_command(conn_id)
+ create_cmds.append(cmd)
+ face.id = 'conn{}'.format(self._nb_conn)
+ self._nb_conn += 1
+ if face.protocol is FaceProtocol.ether:
+ assert isinstance(face, L2Face), \
+ 'Ethernet face should be instance of L2Face'
+ cmd = CMD_ADD_CONNECTION_ETHER.format(face = face)
+ elif face.protocol in (FaceProtocol.tcp4, FaceProtocol.tcp6):
+ assert isinstance(face, L4Face), \
+ "TCP/UDP face should be instance of L4Face"
+ cmd = CMD_ADD_CONNECTION_L4.format(face = face,
+ protocol = 'tcp')
+ elif face.protocol in (FaceProtocol.udp4, FaceProtocol.udp6):
+ assert isinstance(face, L4Face), \
+ 'TCP/UDP face should be instance of L4Face'
+ cmd = CMD_ADD_CONNECTION_L4.format(face = face,
+ protocol = 'udp')
+ else:
+ raise ValueError('Unsupported face type for Metis')
+ create_cmds.append(cmd)
+ return (delete_cmds, create_cmds)
+ def _cmd_create_routes(self):
+ create_cmds = list()
+ delete_cmds = list()
+ for route in self.routes:
+ cmd = CMD_ADD_ROUTE.format(route = route)
+ create_cmds.append(cmd)
+ return (delete_cmds, create_cmds)
+ def _task_create_faces(self):
+ delete_cmds, create_cmds = self._cmd_create_faces()
+ delete_task = EmptyTask()
+ if len(delete_cmds) > 0:
+ cmds = '\n'.join('{} {}'.format(self._baseline, command)
+ for command in delete_cmds)
+ delete_task = BashTask(self.node, cmds)
+ create_task = EmptyTask()
+ if len(create_cmds) > 0:
+ cmds = '\n'.join('{} {}'.format(self._baseline, command)
+ for command in create_cmds)
+ create_task = BashTask(self.node, cmds)
+ return delete_task > create_task
+ def _task_create_routes(self):
+ delete_cmds, create_cmds = self._cmd_create_routes()
+ delete_task = EmptyTask()
+ if len(delete_cmds) > 0:
+ delete_task = BashTask(self.node, "\n".join(delete_cmds))
+ create_task = EmptyTask()
+ if len(create_cmds) > 0:
+ create_task = BashTask(self.node, '\n'.join(create_cmds))
+ return delete_task > create_task
+ def _write_environment_file(self):
+ param_port = "PORT={port}"
+ param_log_file = "LOG_FILE={log_file}"
+ param_cs_capacity = "CS_SIZE={cs_size}"
+ param_config = "CONFIG={config}"
+ env = [param_port.format(port = self.port),
+ param_log_file.format(log_file = self.log_file),
+ param_cs_capacity.format(cs_size = self.cache_size),
+ param_config.format(config = self.config_file)]
+ environment_file = TextFile(filename = METIS_ETC_DEFAULT,
+ node = self.node,
+ owner = self,
+ overwrite = True,
+ content = '\n'.join(env))
+ return environment_file
diff --git a/vicn/resource/icn/ccnx_simpleTrafficGenerator.py b/vicn/resource/icn/ccnx_simpleTrafficGenerator.py
new file mode 100644
index 00000000..221298fc
--- /dev/null
+++ b/vicn/resource/icn/ccnx_simpleTrafficGenerator.py
@@ -0,0 +1,106 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.resource import Resource, EmptyResource
+from vicn.core.task import EmptyTask
+from vicn.resource.icn.icn_application import ICN_SUITE_CCNX_1_0
+from vicn.resource.node import Node
+from vicn.resource.icn.ccnx_consumer_producer_test import CcnxConsumerTest
+from vicn.resource.icn.ccnx_consumer_producer_test import CcnxProducerTest
+class CcnxSimpleTrafficGenerator(Resource):
+ prefix = Attribute(String,
+ description = "Routable prefix for the applications",
+ default = lambda self: self.default_name(),
+ mandatory = False)
+ consumers = Attribute(Node,
+ multiplicity = Multiplicity.OneToMany)
+ producers = Attribute(Node,
+ multiplicity = Multiplicity.OneToMany)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._sr = None
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ """
+ Create the list of consumers and producers.
+ For each of them, assign a different namespace under the same prefix.
+ """
+ sr = EmptyResource()
+ for producer in self.producers:
+ producer = CcnxProducerTest(node = producer,
+ owner = self,
+ prefixes = [self.prefix])
+ sr = sr | producer
+ for consumer in self.consumers:
+ full_prefix = self.prefix
+ consumer = CcnxConsumerTest(node = consumer,
+ owner = self,
+ prefixes = [full_prefix])
+ sr = sr | consumer
+ self._sr = sr
+ return sr
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_start__(self):
+ if self._sr is None:
+ return
+ tasks = EmptyTask()
+ for sr in self._sr:
+ sr_task = sr.__method_start__()
+ tasks = tasks | sr_task
+ return tasks
+ def __method_stop__(self):
+ if self._sr is None:
+ return
+ tasks = EmptyTask()
+ for sr in self._sr:
+ sr_task = sr.__method_stop__()
+ tasks = tasks | sr_task
+ return tasks
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def default_name(self):
+ return ['/ccnxtest']
+ def _def_protocol_suite(self):
+ return ICN_SUITE_CCNX_1_0
diff --git a/vicn/resource/icn/consumer.py b/vicn/resource/icn/consumer.py
new file mode 100644
index 00000000..8c4c5e76
--- /dev/null
+++ b/vicn/resource/icn/consumer.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.icn.icn_application import ICNApplication
+class Consumer(ICNApplication):
+ """
+ Resource: Consumer
+ """
+ pass
diff --git a/vicn/resource/icn/face.py b/vicn/resource/icn/face.py
new file mode 100644
index 00000000..db72730d
--- /dev/null
+++ b/vicn/resource/icn/face.py
@@ -0,0 +1,140 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from enum import Enum
+from netmodel.model.type import Integer, String, Bool
+from vicn.core.attribute import Attribute
+from vicn.core.requirement import Requirement
+from vicn.core.resource import Resource
+from vicn.resource.node import Node
+from vicn.resource.interface import Interface
+FMT_L4FACE = '{protocol.name}://{dst_ip}:{dst_port}/'
+FMT_L2FACE = '{protocol.name}://[{dst_mac}]/{src_nic.device_name}'
+class FaceProtocol(Enum):
+ ether = 0
+ ip4 = 1
+ ip6 = 2
+ tcp4 = 3
+ tcp6 = 4
+ udp4 = 5
+ udp6 = 7
+ app = 8
+ @staticmethod
+ def from_string(protocol):
+ return getattr(FaceProtocol, protocol)
+class Face(Resource):
+ """
+ Resource: Face
+ """
+ node = Attribute(Node, mandatory = True,
+ requirements = [
+ Requirement('forwarder')
+ ])
+ protocol = Attribute(String,
+ description = 'Face underlying protocol',
+ mandatory = True)
+ id = Attribute(String, description = 'Local face ID',
+ ro = True)
+ # Cisco's extensions
+ wldr = Attribute(Bool, description = 'flag: WLDR enabled',
+ default = False)
+ x2 = Attribute(Bool, description = 'flag: X2 face',
+ default = False)
+ # NFD extensions
+ permanent = Attribute(Bool, description = 'flag: permanent face',
+ default = True)
+ nfd_uri = Attribute(String, description = 'Face uri',
+ func = lambda self : self._lambda_nfd_uri())
+ nfdc_flags = Attribute(String,
+ description = 'Flags for face creation with NFDC',
+ func = lambda self : self._lambda_nfdc_flags())
+ def __repr__(self):
+ flags = ''
+ if self.permanent:
+ flags += 'permanent '
+ if self.wldr:
+ flags += 'wldr '
+ if self.x2:
+ flags += 'x2 '
+ sibling_face_name = self.data.get('sibling_face', None)
+ sibling_face = self._state.manager.by_name(sibling_face_name) \
+ if sibling_face_name else None
+ dst_node = sibling_face.node.name if sibling_face else None
+ return '<Face {} {} on node {} -- to node {}>'.format(
+ self.nfd_uri, flags, self.node.name, dst_node)
+ __str__ = __repr__
+ # NFD specifics
+ def _lambda_nfd_uri(self):
+ raise NotImplementedError
+ def _lambda_nfdc_flags(self):
+ flags = ''
+ if self.permanent:
+ flags += '-P '
+ if self.wldr:
+ flags += '-W '
+ if self.x2:
+ flags += '-X '
+ return flags
+class L2Face(Face):
+ src_nic = Attribute(Interface,
+ description = "Name of the network interface linked to the face",
+ mandatory=True)
+ dst_mac = Attribute(String, description = "destination MAC address",
+ mandatory=True)
+ ether_proto = Attribute(String,
+ description = "Ethernet protocol number used by the face",
+ def _lambda_nfd_uri(self):
+ return self.format(FMT_L2FACE)
+class L4Face(Face):
+ ip_version = Attribute(Integer, description = "IPv4 or IPv6", default = 4)
+ src_ip = Attribute(String, description = "local IP address",
+ mandatory = True)
+ src_port = Attribute(Integer, description = "local TCP/UDP port")
+ dst_ip = Attribute(String, descrition = "remote IP address",
+ mandatory=True)
+ dst_port = Attribute(Integer, description = "remote TCP/UDP port",
+ mandatory=True)
+ def _lambda_nfd_uri(self):
+ return self.format(FMT_L4FACE)
diff --git a/vicn/resource/icn/forwarder.py b/vicn/resource/icn/forwarder.py
new file mode 100644
index 00000000..a719caf7
--- /dev/null
+++ b/vicn/resource/icn/forwarder.py
@@ -0,0 +1,64 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from abc import ABC
+from enum import Enum
+from netmodel.model.type import Integer, String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.resource import FactoryResource
+from vicn.resource.icn.icn_application import ICNApplication
+from vicn.resource.icn.face import Face
+from vicn.resource.icn.route import Route
+DEFAULT_STRATEGY = 'best-route'
+class Forwarder(ICNApplication, ABC):
+ """
+ Resource: Forwarder
+ """
+ __type__ = FactoryResource
+ faces = Attribute(Face, description = 'ICN ffaces of the forwarder',
+ multiplicity = Multiplicity.OneToMany,
+ reverse_name = 'forwarder')
+ routes = Attribute(Route, description = 'Routes in the ICN FIB',
+ multiplicity = Multiplicity.OneToMany,
+ reverse_name = 'forwarder')
+ cache_size = Attribute(Integer,
+ description = 'Size of the cache (in chunks)',
+ cache_policy = Attribute(String, description = 'Cache policy',
+ strategy = Attribute(String, description = 'Forwarding Strategy',
+ config_file = Attribute(String, description = 'Configuration file')
+ port = Attribute(Integer, description = 'Default listening port',
+ default = lambda self: self._get_default_port())
+ log_file = Attribute(String, description = 'Log file')
+ # Overloaded attributes
+ node = Attribute(
+ reverse_name = 'forwarder',
+ reverse_description = 'ICN forwarder attached to the node',
+ reverse_auto = True,
+ multiplicity = Multiplicity.OneToOne)
diff --git a/vicn/resource/icn/icn_application.py b/vicn/resource/icn/icn_application.py
new file mode 100644
index 00000000..5abee3c5
--- /dev/null
+++ b/vicn/resource/icn/icn_application.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.linux.application import LinuxApplication
+from vicn.core.attribute import Attribute
+from netmodel.model.type import Integer
+class ICNApplication(LinuxApplication):
+ """
+ Resource: ICNApplication
+ """
+ protocol_suites = Attribute(Integer,
+ description = 'Protocol suites supported by the application',
+ default = lambda self: self._def_protocol_suite())
+ def _def_protocol_suite(self):
+ return -1
diff --git a/vicn/resource/icn/icn_tools.py b/vicn/resource/icn/icn_tools.py
new file mode 100644
index 00000000..54823719
--- /dev/null
+++ b/vicn/resource/icn/icn_tools.py
@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.icn.icn_application import ICNApplication
+class ICNTools(ICNApplication):
+ """
+ Resource: ICNTools
+ """
+ __package_names__ = ['libconsumer-producer-ccnx']
diff --git a/vicn/resource/icn/iping.py b/vicn/resource/icn/iping.py
new file mode 100644
index 00000000..0e04eadc
--- /dev/null
+++ b/vicn/resource/icn/iping.py
@@ -0,0 +1,125 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import Integer, String, Bool
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.requirement import Requirement
+from vicn.core.task import BashTask
+from vicn.resource.icn.icn_application import ICNApplication
+from vicn.resource.icn.icn_application import ICN_SUITE_CCNX_1_0
+from vicn.resource.icn.producer import Producer
+from vicn.resource.icn.consumer import Consumer
+from vicn.resource.node import Node
+class IPing(ICNApplication):
+ """
+ Resource: IPingClient
+ """
+ __package_names__ = ["libicnet"]
+ prefixes = Attribute(String,
+ description = "name served by the ping server",
+ default = lambda self: self.default_name(),
+ mandatory = False,
+ multiplicity = Multiplicity.OneToMany)
+ node = Attribute(Node,
+ requirements=[
+ Requirement("forwarder",
+ capabilities = set(['ICN_SUITE_CCNX_1_0']),
+ properties = {"protocol_suites" : ICN_SUITE_CCNX_1_0})
+ ])
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_start__(self):
+ return self._build_command()
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def default_name(self):
+ return ['/iping']
+ def _def_protocol_suite(self):
+ return ICN_SUITE_CCNX_1_0
+class IPingClient(IPing, Producer):
+ """
+ Resource: IPingClient
+ """
+ flood = Attribute(Bool, description = 'enable flood mode',
+ default = False)
+ count = Attribute(Integer, description = 'number of ping to send')
+ interval = Attribute(Integer,
+ description = 'interval between interests in ping mode')
+ size = Attribute(Integer, description = 'size of the interests')
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _build_command(self):
+ template = ["iPing_Client", "-l ccnx:{prefix}"]
+ params={'prefix' : self.prefixes[0]}
+ if self.flood:
+ template.append("-f")
+ else:
+ template.append("-p") #Ping mode
+ if self.count:
+ template.append("-c {count}")
+ params["count"] = self.count
+ if self.size:
+ template.append("-s {size}")
+ params['size'] = self.size
+ if self.interval:
+ template.append("-i {interval}")
+ params['interval'] = self.interval
+ return BashTask(self.node, ' '.join(template), parameters=params)
+class IPingServer(IPing, Consumer):
+ size = Attribute(Integer, description = "size of the payload")
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _build_command(self):
+ template = ["iPing_Server", "-l ccnx:{prefix}"]
+ params={'prefix' : self.prefixes[0]}
+ if self.size:
+ template.append("-s {size}")
+ params['size'] = self.size
+ return BashTask(self.node, ' '.join(template), parameters=params)
diff --git a/vicn/resource/icn/ndnpingserver.py b/vicn/resource/icn/ndnpingserver.py
new file mode 100644
index 00000000..da13f59b
--- /dev/null
+++ b/vicn/resource/icn/ndnpingserver.py
@@ -0,0 +1,76 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute
+from vicn.core.requirement import Requirement
+from vicn.core.task import BashTask
+from vicn.resource.icn.producer import Producer
+from vicn.resource.linux.service import Service
+# defaults for ndnping server
+# Prefix should be set to a valid value
+CMD_START = 'ndnpingserver {prefix} &'
+class NDNPingServerBase(Producer):
+ """NDNPingServer Resource
+ This NDNPingServer resource wraps a NDN ping server
+ Attributes:
+ prefixes (List[str]) : (overloaded) One-element list containing the
+ prefix on which the ping server is listening.
+ - ndnpingserver only supports a single prefix.
+ """
+ prefixes = Attribute(String,
+ default = lambda self: self._default_prefixes())
+ node = Attribute(requirements = [
+ Requirement("forwarder",
+ capabilities = set(['ICN_SUITE_CCNX_1_0'])) ])
+ __package_names__ = ['ndnping']
+ def _default_prefixes(self):
+ return [self.format(TPL_DEFAULT_PREFIX)]
+class NDNPingServer(NDNPingServerBase):
+ def __method_start__(self):
+ return BashTask(self.node, CMD_START)
+class NDNPingService(NDNPingServerBase, Service):
+ __package_names__ = ['ndnping']
+ __service_name__ = 'ndnping'
diff --git a/vicn/resource/icn/nfd.py b/vicn/resource/icn/nfd.py
new file mode 100644
index 00000000..c65fdeb8
--- /dev/null
+++ b/vicn/resource/icn/nfd.py
@@ -0,0 +1,136 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import re
+from vicn.core.exception import ResourceNotFound
+from vicn.core.task import inline_task, BashTask
+from vicn.core.task import ParseRegexTask
+from vicn.resource.icn.forwarder import Forwarder
+from vicn.resource.icn.icn_application import ICN_SUITE_NDN
+log = logging.getLogger(__name__)
+NFD_CONF_FILE = "/etc/ndn/nfd.conf"
+ 'sed -i "s/^.*cs_max_packets .*$/ cs_max_packets {nfd.cache_size}/" ' \
+ '{conf_file}',
+ 'sed -i "0,/\/ / s/\/localhost\/nfd\/strategy\/.*/' \
+ '\/localhost\/nfd\/strategy\/{nfd.fw_strategy}/" {conf_file}',
+ 'service nfd restart'])
+sed -i "s/^.*cs_max_packets .*$/ cs_max_packets 65536/" {conf_file}
+service nfd restart
+CMD_ADD_ROUTE = 'nfdc register {route.prefix} {route.face.nfd_uri}'
+# or: nfdc register {route.prefix} {route.face.id}
+CMD_REMOVE_ROUTE = 'nfdc unregister {route.prefix} {route.face.nfd_uri}'
+# or: nfdc unregister {route.prefix} {route.face.id}
+CMD_ADD_FACE = 'nfdc create {face.nfdc_flags} {face.nfd_uri}'
+CMD_REMOVE_FACE = 'nfdc destroy {face.id}'
+# or: nfdc destroy {face.nfd_uri}
+# FIXME redundant with Forwarder.FaceType
+layer_2_protocols = ["udp", "udp4", "tcp", "tcp4", "ether"]
+# Regular expressions used for parsing nfdc results
+STR_ADD_FACE = ('Face creation succeeded: ControlParameters\(FaceId: '
+ '(?P<id>.*?), Uri: (?P<face_uri>.*?), \)')
+RX_ADD_FACE = re.compile(STR_ADD_FACE)
+class NFD(Forwarder):
+ """
+ Resource: NFD
+ """
+ __capabilities__ = set(['ICN_SUITE_NDN'])
+ __service_name__ = 'nfd'
+ __package_names__ = ['nfd']
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ # NFD is assumed not to exist
+ raise ResourceNotFound
+ def __create__(self):
+ # Modify the configuration file before running the forwarder service
+ conf = BashTask(self.node, CMD_SET_STRATEGY_CACHE, {'nfd': self})
+ forwarder = Forwarder.__create__(self)
+ return conf.then(forwarder)
+ def __delete__(self):
+ raise NotImplementedError
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ @inline_task
+ def _get_routes(self):
+ return {'routes': list()}
+ @inline_task
+ def _add_routes(self, route):
+ return BashTask(self.node, CMD_ADD_ROUTE, {'route': route})
+ @inline_task
+ def _remove_routes(self, route):
+ return BashTask(self.node, CMD_REMOVE_ROUTE, {'route': route})
+ @inline_task
+ def _get_faces(self):
+ return {'faces': list()}
+ @inline_task
+ def _add_faces(self, face):
+ add_face = BashTask(self.node, CMD_ADD_FACE, {'face': face})
+ set_face_id = ParseRegexTask(RX_ADD_FACE)
+ return add_face.compose(set_face_id)
+ @inline_task
+ def _remove_faces(self, face):
+ return BashTask(self.node, CMD_REMOVE_FACE, {'face': face})
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ def __method_reset_cache__(self, conf_file):
+ return BashTask(self.node, CMD_RESET_CACHE, {'conf_file': conf_file})
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _get_default_port(self):
+ def _def_protocol_suite(self):
+ return ICN_SUITE_NDN
diff --git a/vicn/resource/icn/producer.py b/vicn/resource/icn/producer.py
new file mode 100644
index 00000000..23434ebd
--- /dev/null
+++ b/vicn/resource/icn/producer.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.resource.icn.icn_application import ICNApplication
+from vicn.core.attribute import Attribute, Multiplicity
+class Producer(ICNApplication):
+ """
+ Resource: Producer
+ """
+ prefixes = Attribute(String, description = 'List of served prefixes',
+ multiplicity = Multiplicity.OneToMany)
diff --git a/vicn/resource/icn/repo-ng.py b/vicn/resource/icn/repo-ng.py
new file mode 100644
index 00000000..7b654a6a
--- /dev/null
+++ b/vicn/resource/icn/repo-ng.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.linux.service import Service
+class RepoNG(Service):
+ """
+ Resource: RepoNG
+ """
+ __service_name__ = 'repo-ng'
diff --git a/vicn/resource/icn/route.py b/vicn/resource/icn/route.py
new file mode 100644
index 00000000..0dc2ed2f
--- /dev/null
+++ b/vicn/resource/icn/route.py
@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import Integer, String
+from vicn.core.attribute import Attribute
+from vicn.core.resource import Resource
+from vicn.resource.icn.face import Face
+from vicn.resource.node import Node
+class Route(Resource):
+ node = Attribute(Node, mandatory = True)
+ prefix = Attribute(String, mandatory = True)
+ face = Attribute(Face, description = "face used to forward interests",
+ mandatory=True)
+ cost = Attribute(Integer, default=1)
+ def __repr__(self):
+ return '<Route {} {} on node {}>'.format(self.prefix, self.face,
+ self.node.name)
+ __str__ = __repr__
diff --git a/vicn/resource/icn/virtual-repo.py b/vicn/resource/icn/virtual-repo.py
new file mode 100644
index 00000000..8cb306d9
--- /dev/null
+++ b/vicn/resource/icn/virtual-repo.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String, Integer
+from vicn.core.attribute import Attribute
+from vicn.resource.icn.producer import Producer
+class VirtualRepo(Producer):
+ """
+ Resource: VirtualRepo
+ Note:
+ ndn-virtual-repo {self.folder} -s {self.chunk_size}
+ """
+ __package_names__ = ['ndn-virtual-repo']
+ folder = Attribute(String, description = "Folder")
+ chunk_size = Attribute(Integer, description = "Chunk size",
diff --git a/vicn/resource/icn/webserver.py b/vicn/resource/icn/webserver.py
new file mode 100644
index 00000000..8b8e2ef3
--- /dev/null
+++ b/vicn/resource/icn/webserver.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.icn.producer import Producer
+class WebServer(Producer):
+ """
+ Resource: WebServer
+ CCNX Webserver
+ """
+ __package_names__ = ['webserver-ccnx']
+ __service_name__ = 'webserver-ccnx'
diff --git a/vicn/resource/interface.py b/vicn/resource/interface.py
new file mode 100644
index 00000000..db5f5427
--- /dev/null
+++ b/vicn/resource/interface.py
@@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Attribute, Multiplicity
+from netmodel.model.type import Bool
+from vicn.core.resource import Resource
+from vicn.resource.node import Node
+from vicn.resource.channel import Channel
+class Interface(Resource):
+ """
+ Resource: Interface
+ """
+ node = Attribute(Node, description = 'Node to which the interface belongs',
+ multiplicity = Multiplicity.ManyToOne,
+ reverse_name = 'interfaces',
+ mandatory = True)
+ channel = Attribute(Channel, description = 'Channel to which the interface is attached',
+ multiplicity = Multiplicity.ManyToOne,
+ reverse_name = 'interfaces')
+ promiscuous = Attribute(Bool, description = 'Promiscuous mode',
+ default = False)
+ up = Attribute(Bool, description = 'Interface up/down status',
+ default = True)
+ monitored = Attribute(Bool, default = True)
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ # Flag to check whether vpp uses that interface
+ self.has_vpp_child = False
diff --git a/vicn/resource/ip/__init__.py b/vicn/resource/ip/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/ip/__init__.py
diff --git a/vicn/resource/ip/route.py b/vicn/resource/ip/route.py
new file mode 100644
index 00000000..f073e426
--- /dev/null
+++ b/vicn/resource/ip/route.py
@@ -0,0 +1,32 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.resource.node import Node
+from vicn.core.attribute import Attribute
+from vicn.core.resource import Resource
+from vicn.resource.interface import Interface
+class IPRoute(Resource):
+ node = Attribute(Node, mandatory = True)
+ ip_address = Attribute(String, mandatory = True)
+ interface = Attribute(Interface, mandatory = True)
+ gateway = Attribute(String)
+ # FIXME Temp hack for VPP, migrate this to an ARP table resource
+ mac_address = Attribute(String)
diff --git a/vicn/resource/ip/routing_table.py b/vicn/resource/ip/routing_table.py
new file mode 100644
index 00000000..52b81794
--- /dev/null
+++ b/vicn/resource/ip/routing_table.py
@@ -0,0 +1,175 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import EmptyTask, BashTask
+from vicn.resource.ip.route import IPRoute
+from vicn.resource.node import Node
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ADD_ROUTE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ADD_ROUTE_GW
+CMD_ADD_ROUTE = ('ip route add {route.ip_address} '
+ 'dev {route.interface.device_name} || true')
+CMD_ADD_ROUTE_GW = ('ip route add {route.ip_address} '
+ 'dev {route.interface.device_name} via {route.gateway} || true')
+CMD_DEL_ROUTE = ('ip route del {route.ip_address} '
+ 'dev {route.interface.device_name}')
+CMD_SHOW_ROUTES = 'ip route show'
+CMD_ADD_ARP_ENTRY = 'arp -s {route.ip_address} {route.mac_address}'
+# Populate arp table too. The current configuration with one single bridge
+# connecting every container and vpp nodes seem to create loops that prevent
+# vpp from netmodel.network.interface for routing ip packets.
+def _iter_routes(out):
+ for line in out.splitlines():
+ toks = line.strip().split()
+ route = {'ip_address': toks[0]}
+ for pos in range(1, len(toks)):
+ if toks[pos] == '':
+ pos+=1
+ elif toks[pos] == 'dev':
+ route['interface_name'] = toks[pos+1]
+ pos+=2
+ elif toks[pos] in ['src', 'proto', 'scope', 'metric']:
+ pos+=2
+ elif toks[pos] == 'via':
+ route['gateway'] = toks[pos+1]
+ pos+=2
+ elif toks[pos] in ['linkdown', 'onlink']:
+ pos+=1
+ yield route
+class RoutingTable(Resource):
+ """
+ Resource: RoutingTable
+ IP Routing Table management
+ """
+ node = Attribute(Node,
+ mandatory = True,
+ reverse_name = 'routing_table',
+ reverse_description = 'Routing table of the node',
+ reverse_auto = True,
+ multiplicity = Multiplicity.OneToOne)
+ routes = Attribute(IPRoute,
+ multiplicity = Multiplicity.OneToMany)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self._routes = dict()
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ return ('CentralIP', 'VPPInterface')
+ def __get__(self):
+ def cache(rv):
+ for route in _iter_routes(rv.stdout):
+ self._routes[route['ip_address']] = route
+ # Force routing update
+ raise ResourceNotFound
+ return BashTask(self.node, CMD_SHOW_ROUTES, parse=cache)
+ def __create__(self):
+ """
+ Create a single BashTask for all routes
+ """
+ done = set()
+ routes_cmd = list()
+ routes_via_cmd = list()
+ arp_cmd = list()
+ # vppctl lock
+ # NOTE: we currently lock vppctl during the whole route update
+ routes_lock = None
+ routes_via_lock = None
+ for route in self.routes:
+ if route.ip_address in self._routes:
+ continue
+ if route.ip_address in done:
+ continue
+ done.add(route.ip_address)
+ # TODO VPP should provide its own implementation of routing table
+ # on the node
+ if not route.interface.has_vpp_child:
+ if route.gateway is None:
+ cmd = CMD_ADD_ROUTE.format(route = route)
+ routes_cmd.append(cmd)
+ else:
+ cmd = CMD_ADD_ROUTE_GW.format(route = route)
+ routes_via_cmd.append(cmd)
+ if VPP_ARP_FIX and route.mac_address:
+ if route.ip_address != "default":
+ cmd = CMD_ADD_ARP_ENTRY.format(route = route)
+ arp_cmd.append(cmd)
+ else:
+ if route.gateway is None:
+ cmd = CMD_VPP_ADD_ROUTE.format(route = route)
+ routes_cmd.append(cmd)
+ routes_lock = route.node.vpp.vppctl_lock
+ else:
+ cmd = CMD_VPP_ADD_ROUTE_GW.format(route = route)
+ routes_via_cmd.append(cmd)
+ routes_via_lock = route.node.vpp.vppctl_lock
+ # TODO: checks
+ clean_routes_task = EmptyTask()
+ if len(routes_cmd) > 0:
+ routes_task = BashTask(self.node, '\n'.join(routes_cmd),
+ lock = routes_lock)
+ else:
+ routes_task = EmptyTask()
+ if len(routes_via_cmd) > 0:
+ routes_via_task = BashTask(self.node, '\n'.join(routes_via_cmd),
+ lock = routes_via_lock)
+ else:
+ routes_via_task = EmptyTask()
+ if len(arp_cmd) > 0:
+ arp_task = BashTask(self.node, '\n'.join(arp_cmd))
+ else:
+ arp_task = EmptyTask()
+ return ((clean_routes_task > routes_task) > routes_via_task) > arp_task
+ def __delete__(self):
+ raise NotImplementedError
diff --git a/vicn/resource/linux/__init__.py b/vicn/resource/linux/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/linux/__init__.py
diff --git a/vicn/resource/linux/application.py b/vicn/resource/linux/application.py
new file mode 100644
index 00000000..d2b5139e
--- /dev/null
+++ b/vicn/resource/linux/application.py
@@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Reference
+from vicn.core.resource import Resource, EmptyResource
+from vicn.resource.application import Application
+from vicn.resource.linux.package_manager import Packages
+class LinuxApplication(Application):
+ """
+ Resource: Linux Application
+ This resource ensures that the application is present on the system, and
+ installs it during setup if necessary.
+ """
+ def __subresources__(self):
+ package_names = self._get_package_names()
+ if package_names:
+ packages = Packages(node=Reference(self, 'node'),
+ names=package_names,
+ owner=self)
+ else:
+ packages = EmptyResource()
+ process = None
+ return packages > process
+ #--------------------------------------------------------------------------
+ # Private methods
+ #--------------------------------------------------------------------------
+ def _get_package_names(self):
+ package_names = list()
+ for base in self.__class__.mro():
+ if not '__package_names__' in vars(base):
+ continue
+ package_names.extend(getattr(base, '__package_names__'))
+ return package_names
diff --git a/vicn/resource/linux/bridge.py b/vicn/resource/linux/bridge.py
new file mode 100644
index 00000000..882f0226
--- /dev/null
+++ b/vicn/resource/linux/bridge.py
@@ -0,0 +1,104 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.task import inline_task
+from vicn.resource.channel import Channel
+from vicn.resource.linux.bridge_mgr import BridgeManager
+from vicn.resource.linux.net_device import BaseNetDevice
+log = logging.getLogger(__name__)
+# FIXME This should use the AddressManager to get allocated a name that does
+# not exist
+class Bridge(Channel, BaseNetDevice):
+ """
+ Resource: Bridge
+ """
+ node = Attribute(
+ reverse_name = 'bridge',
+ reverse_description = 'Main bridge',
+ reverse_auto = 'true',
+ multiplicity = Multiplicity.OneToOne,
+ requirements = [
+ Requirement('bridge_manager')
+ ])
+ device_name = Attribute(
+ mandatory = False)
+ #--------------------------------------------------------------------------
+ # Constructor / Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self.prefix = 'br'
+ self.netdevice_type = 'bridge'
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ # FIXME we currently force the recreation of the bridge, delegating the
+ # check to the creation function
+ raise ResourceNotFound
+ def __create__(self):
+ # FIXME : reserves .1 IP address for the bridge, provided no other
+ # class uses this trick
+ AddressManager().get_ip(self)
+ return self.node.bridge_manager.add_bridge(self.device_name)
+ # Everything should be handled by BaseNetDevice
+ __delete__ = None
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def _add_interface(self, interface, vlan=None):
+ """
+ Returns:
+ Task
+ """
+ return self.node.bridge_manager.add_interface(self.device_name,
+ interface.device_name, vlan)
+ def __method_add_interface__(self, interface, vlan=None):
+ return self._add_interface(interface, vlan)
+ def _remove_interface(self, interface):
+ """
+ Returns:
+ Task
+ """
+ log.info('Removing interface {} from bridge {}'.format(
+ interface.device_name, self.name))
+ return self.node.bridge_manager.del_interface(self.device_name,
+ interface.device_name)
diff --git a/vicn/resource/linux/bridge_mgr.py b/vicn/resource/linux/bridge_mgr.py
new file mode 100644
index 00000000..b7035221
--- /dev/null
+++ b/vicn/resource/linux/bridge_mgr.py
@@ -0,0 +1,34 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.linux.application import LinuxApplication
+from vicn.core.resource import FactoryResource
+from vicn.core.attribute import Attribute, Multiplicity
+class BridgeManager(LinuxApplication):
+ """
+ Resource: Bridge Manager
+ A bridge manager is responsible to manage bridges on a node.
+ """
+ __type__ = FactoryResource
+ # Overloaded reverse attribute
+ node = Attribute(reverse_name = 'bridge_manager',
+ reverse_auto = True,
+ multiplicity = Multiplicity.OneToOne)
diff --git a/vicn/resource/linux/certificate.py b/vicn/resource/linux/certificate.py
new file mode 100644
index 00000000..e8750dff
--- /dev/null
+++ b/vicn/resource/linux/certificate.py
@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import os.path
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity, Reference
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import task, inline_task, BashTask
+from vicn.resource.linux.file import File
+from vicn.resource.node import Node
+DEFAULT_SUBJECT = '/CN=www.cisco.com/L=Paris/O=Cisco/C=FR'
+ '# Generate a new certificate',
+ 'openssl req -x509 -newkey rsa:' + DEFAULT_RSA_LENGTH +
+ ' -keyout {self.key} -out {self.cert} -subj ' + DEFAULT_SUBJECT + ' -nodes'
+class Certificate(Resource):
+ """
+ Resource: Certificate
+ Implements a SSL certificate.
+ Todo:
+ - ideally, this should be implemented as a pair of tightly coupled files.
+ """
+ node = Attribute(Node,
+ description = 'Node on which the certificate is created',
+ mandatory = True,
+ multiplicity = Multiplicity.ManyToOne)
+ cert = Attribute(String, description = 'Certificate path',
+ mandatory = True)
+ key = Attribute(String, description = 'Key path',
+ mandatory = True)
+ @inline_task
+ def __initialize__(self):
+ self._cert_file = File(node = Reference(self, 'node'),
+ filename = Reference(self, 'cert'),
+ managed = False)
+ self._key_file = File(node = Reference(self, 'node'),
+ filename = Reference(self, 'key'),
+ managed = False)
+ def __get__(self):
+ return self._cert_file.__get__() | self._key_file.__get__()
+ def __create__(self):
+ return BashTask(None, CMD_CREATE, {'self': self})
+ def __delete__(self):
+ return self._cert_file.__delete__() | self._key_file.__delete__()
diff --git a/vicn/resource/linux/dnsmasq.py b/vicn/resource/linux/dnsmasq.py
new file mode 100644
index 00000000..e18f750f
--- /dev/null
+++ b/vicn/resource/linux/dnsmasq.py
@@ -0,0 +1,118 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import ipaddress
+import logging
+from string import Template
+from netmodel.model.type import String, Bool
+from vicn.core.attribute import Attribute
+from vicn.core.resource import EmptyResource
+from vicn.resource.dns_server import DnsServer
+from vicn.resource.interface import Interface
+from vicn.resource.linux.file import TextFile
+from vicn.resource.linux.service import Service
+log = logging.getLogger(__name__)
+# Configuration file for dnsmasq.
+# Format is one option per line, legal options are the same
+# as the long options legal on the command line. See
+# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
+class DnsMasq(Service, DnsServer):
+ """
+ Todo:
+ - Currently, a single interface is supported.
+ - DHCP range is hardcoded
+ """
+ __package_names__ = ['dnsmasq']
+ __service_name__ = 'dnsmasq'
+ interface = Attribute(Interface,
+ description = 'Interface on which to listen')
+ lease_interval = Attribute(String,
+ default = '12h')
+ server = Attribute(String)
+ dhcp_authoritative = Attribute(Bool,
+ description = 'Flag: DHCP authoritative',
+ default = True)
+ log_queries = Attribute(Bool, description = 'Flag: log DNS queries',
+ default = True)
+ log_dhcp = Attribute(Bool, description = 'Flag: log DHCP queries',
+ default = True)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ if not self.interface:
+ if self.node.bridge:
+ self.interface = self.node.bridge
+ else:
+ self.interface = self.node.host_interface
+ def __subresources__(self):
+ # Overwrite configuration file
+ flags = list()
+ if self.dhcp_authoritative:
+ flags.append('dhcp-authoritative')
+ if self.log_queries:
+ flags.append('log-queries')
+ if self.log_dhcp:
+ flags.append('log-dhcp')
+ network = self._state.manager.get('network')
+ network = ipaddress.ip_network(network, strict=False)
+ dhcp_range = '{},{},{},{},{}'.format(
+ self.interface.device_name,
+ str(network[DHCP_OFFSET]),
+ str(network[DHCP_OFFSET + 5]), # eg. .253
+ "",
+ self.lease_interval)
+ t_dict = {
+ 'interface' : self.interface.device_name,
+ 'dhcp_range': dhcp_range,
+ 'server' : str(network[-2]), # unused so far
+ 'flags' : '\n'.join(flags)
+ }
+ t = Template(TPL_CONF)
+ conf = t.substitute(t_dict)
+ return TextFile(node = self.node, owner = self, filename = FN_CONF,
+ content = conf, overwrite = True)
diff --git a/vicn/resource/linux/file.py b/vicn/resource/linux/file.py
new file mode 100644
index 00000000..cddda8ed
--- /dev/null
+++ b/vicn/resource/linux/file.py
@@ -0,0 +1,110 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String, Bool
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import BashTask, inline_task
+from vicn.resource.node import Node
+CREATE_DIR_CMD = "mkdir -p {dir}"
+CREATE_FILE_CMD = "mkdir -p $(dirname {file.filename}) && touch {file.filename}"
+DELETE_FILE_CMD = "rm -f {file.filename}"
+GET_FILE_CMD = 'test -f {file.filename} && readlink -e {file.filename}'
+GREP_FILE_CMD = "cat {file.filename}"
+CMD_PRINT_TO_FILE = 'echo -n "{file.content}" > {file.filename}'
+class File(Resource):
+ """
+ Resource: File
+ """
+ filename = Attribute(String, description = 'Path to the file',
+ mandatory = True)
+ node = Attribute(Node, description = 'Node on which the file is created',
+ mandatory = True,
+ multiplicity = Multiplicity.ManyToOne,
+ reverse_name = 'files',
+ reverse_description = 'Files created on the node')
+ overwrite = Attribute(Bool,
+ description = 'Determines whether an existing file is overwritten',
+ default = False)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __get__(self):
+ # UGLY
+ @inline_task
+ def not_found():
+ raise ResourceNotFound
+ if self.overwrite:
+ return not_found()
+ def is_path (rv):
+ if rv is None or rv.stdout is None or len(rv.stdout) == 0 or \
+ rv.return_value != 0:
+ raise ResourceNotFound
+ return {} # 'filename': rv.stdout}
+ test = BashTask(self.node, GET_FILE_CMD, {"file": self}, parse=is_path)
+ return test
+ def __create__(self):
+ ctask = BashTask(self.node, CREATE_FILE_CMD, {"file": self})
+ if self.overwrite:
+ ctask = BashTask(self.node, DELETE_FILE_CMD, {'file': self}) > ctask
+ return ctask
+ def __delete__(self):
+ return BashTask(self.node, DELETE_FILE_CMD, { "file" : self})
+class TextFile(File):
+ """
+ Resource: TextFile
+ A file with text content.
+ """
+ content = Attribute(String, default='')
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __create__(self):
+ return BashTask(self.node, CMD_PRINT_TO_FILE, {'file': self})
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _set_content(self):
+ return self.__create__()
+ def _get_content(self):
+ return BashTask(self.node, GREP_FILE_CMD, {'file': self},
+ parse =( lambda x : x.stdout))
diff --git a/vicn/resource/linux/iperf.py b/vicn/resource/linux/iperf.py
new file mode 100644
index 00000000..a0780a1c
--- /dev/null
+++ b/vicn/resource/linux/iperf.py
@@ -0,0 +1,27 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from abc import ABC
+from netmodel.model.type import Integer
+from vicn.core.attribute import Attribute
+from vicn.resource.linux.application import LinuxApplication
+class Iperf3(LinuxApplication, ABC):
+ __package_names__ = ['iperf3']
diff --git a/vicn/resource/linux/link.py b/vicn/resource/linux/link.py
new file mode 100644
index 00000000..4304a948
--- /dev/null
+++ b/vicn/resource/linux/link.py
@@ -0,0 +1,201 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import random
+import string
+import logging
+from netmodel.model.type import Integer, String
+from vicn.core.attribute import Attribute, Reference
+from vicn.core.exception import ResourceNotFound
+from vicn.core.state import ResourceState, AttributeState
+from vicn.core.task import inline_task, async_task, run_task
+from vicn.core.task import get_attributes_task, BashTask
+from vicn.resource.channel import Channel
+from vicn.resource.interface import Interface
+from vicn.resource.linux.net_device import NonTapBaseNetDevice
+from vicn.resource.node import Node
+# FIXME remove VPP specific code
+from vicn.resource.vpp.interface import VPPInterface
+log = logging.getLogger(__name__)
+CMD_DELETE_IF_EXISTS='ip link show {interface.device_name} && ' \
+ 'ip link delete {interface.device_name} || true'
+# Create veth pair in the host node
+ip link add name {tmp_src} type veth peer name {tmp_dst}
+ip link set dev {tmp_src} netns {pid[0]} name {interface.src.device_name}
+ip link set dev {tmp_dst} netns {pid[1]} name {interface.dst.device_name}
+ip link set dev {interface.device_name} up
+class Link(Channel):
+ """
+ Resource: Link
+ Implements a virtual wired link between containers. It is a VethPair, both
+ sides of which sit inside a different container.
+ Because of this, the resource only supports passing source and destination
+ containers, and not interfaces. It also explains the relative complexity of
+ the current implementation.
+ """
+ src = Attribute(Interface, description = 'Source interface')
+ dst = Attribute(Interface, description = 'Destination interface')
+ capacity = Attribute(Integer, description = 'Link capacity (Mb/s)')
+ delay = Attribute(String, description = 'Link propagation delay')
+ src_node = Attribute(Node, description = 'Source node',
+ mandatory = True)
+ dst_node = Attribute(Node, description = 'Destination node',
+ mandatory = True)
+ def __init__(self, *args, **kwargs):
+ assert 'src' not in kwargs and 'dst' not in kwargs
+ assert 'src_node' in kwargs and 'dst_node' in kwargs
+ super().__init__(*args, **kwargs)
+ @inline_task
+ def __initialize__(self):
+ # We create two managed net devices that are pre-setup
+ # but the resource manager has to take over for IP addresses etc.
+ # Being done in initialize, those attributes won't be considered as
+ # dependencies and will thus not block the resource state machine.
+ self.src = NonTapBaseNetDevice(node = self.src_node,
+ device_name = self.dst_node.name,
+ channel = self,
+ capacity = self.capacity,
+ owner = self.owner)
+ self.dst = NonTapBaseNetDevice(node = self.dst_node,
+ device_name = self.src_node.name,
+ channel = self,
+ capacity = self.capacity,
+ owner = self.owner)
+ self.dst.remote = self.src
+ self.src.remote = self.dst
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ async def _commit(self):
+ manager = self._state.manager
+ # We mark the src and dst interfaces created because we are pre-setting
+ # them up in __create__ using a VethPair
+ # We go through both INITIALIZED and CREATED stats to raise the proper
+ # events and satisfy any eventual wait_* command.
+ await manager._set_resource_state(self.src, ResourceState.INITIALIZED)
+ await manager._set_resource_state(self.dst, ResourceState.INITIALIZED)
+ await manager._set_resource_state(self.src, ResourceState.CREATED)
+ await manager._set_resource_state(self.dst, ResourceState.CREATED)
+ # We mark the attribute clean so that it is not updated
+ await manager._set_attribute_state(self, 'src', AttributeState.CLEAN)
+ await manager._set_attribute_state(self, 'dst', AttributeState.CLEAN)
+ manager.commit_resource(self.src)
+ manager.commit_resource(self.dst)
+ # Disable rp_filtering
+ # self.src.rp_filter = False
+ # self.dst.rp_filter = False
+ if hasattr(self.src_node, 'vpp') and not self.src_node.vpp is None:
+ vpp_src = VPPInterface(parent = self.src,
+ vpp = self.src_node.vpp,
+ ip_address = Reference(self.src, 'ip_address'),
+ device_name = 'vpp' + self.src.device_name)
+ manager.commit_resource(vpp_src)
+ if hasattr(self.dst_node, 'vpp') and not self.dst_node.vpp is None:
+ vpp_dst = VPPInterface(parent = self.dst,
+ vpp = self.dst_node.vpp,
+ ip_address = Reference(self.dst, 'ip_address'),
+ device_name = 'vpp' + self.dst.device_name)
+ manager.commit_resource(vpp_dst)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @async_task
+ async def __get__(self):
+ manager = self._state.manager
+ try:
+ await run_task(self.src.__get__(), manager)
+ await run_task(self.dst.__get__(), manager)
+ except ResourceNotFound:
+ # This is raised if any of the two side of the VethPair is missing
+ raise ResourceNotFound
+ # We always need to commit the two endpoints so that their attributes
+ # are correctly updated
+ await self._commit()
+ def __create__(self):
+ assert self.src_node.get_type() == 'lxccontainer'
+ assert self.dst_node.get_type() == 'lxccontainer'
+ src_host = self.src_node.node
+ dst_host = self.dst_node.node
+ assert src_host == dst_host
+ host = src_host
+ # Sometimes a down interface persists on one side
+ delif_src = BashTask(self.src_node, CMD_DELETE_IF_EXISTS,
+ {'interface': self.src})
+ delif_dst = BashTask(self.dst_node, CMD_DELETE_IF_EXISTS,
+ {'interface': self.dst})
+ pid_src = get_attributes_task(self.src_node, ['pid'])
+ pid_dst = get_attributes_task(self.dst_node, ['pid'])
+ tmp_src = 'tmp-veth-' + ''.join(random.choice(string.ascii_uppercase +
+ string.digits) for _ in range(5))
+ tmp_dst = 'tmp-veth-' + ''.join(random.choice(string.ascii_uppercase +
+ string.digits) for _ in range(5))
+ create = BashTask(host, CMD_CREATE, {'interface': self,
+ 'tmp_src': tmp_src, 'tmp_dst': tmp_dst})
+ up_src = BashTask(self.src_node, CMD_UP, {'interface': self.src})
+ up_dst = BashTask(self.dst_node, CMD_UP, {'interface': self.dst})
+ @async_task
+ async def set_state():
+ # We always need to commit the two endpoints so that their attributes
+ # are correctly updated
+ await self._commit()
+ delif = delif_src | delif_dst
+ up = up_src | up_dst
+ pid = pid_src | pid_dst
+ return ((delif > (pid @ create)) > up) > set_state()
diff --git a/vicn/resource/linux/macvlan.py b/vicn/resource/linux/macvlan.py
new file mode 100644
index 00000000..ea9c37c1
--- /dev/null
+++ b/vicn/resource/linux/macvlan.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute
+from vicn.core.task import BashTask
+from vicn.resource.linux.net_device import SlaveBaseNetDevice
+CMD_CREATE_PARENT = 'ip link add name {netdevice.device_name} ' \
+ 'link {netdevice.parent.device_name} ' \
+ 'type {netdevice.netdevice_type} mode {netdevice.mode}'
+class MacVlan(SlaveBaseNetDevice):
+ """
+ Resource: MacVlan
+ Implements a MacVlan interface.
+ """
+ mode = Attribute(String, description = 'MACVLAN mode',
+ default = 'bridge')
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self.prefix = 'macvlan'
+ self.netdevice_type = 'macvlan'
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __create__(self):
+ return BashTask(self.node, CMD_CREATE_PARENT, {'netdevice': self})
diff --git a/vicn/resource/linux/macvtap.py b/vicn/resource/linux/macvtap.py
new file mode 100644
index 00000000..82002e02
--- /dev/null
+++ b/vicn/resource/linux/macvtap.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute
+from vicn.core.task import BashTask
+from vicn.resource.linux.net_device import SlaveBaseNetDevice
+CMD_CREATE_PARENT = 'ip link add name {netdevice.device_name} ' \
+ 'link {netdevice.parent.device_name} ' \
+ 'type {netdevice.netdevice_type} mode {netdevice.mode}'
+class MacVtap(SlaveBaseNetDevice):
+ """
+ Resource: MacVtap
+ Implements a MacVtap interface.
+ """
+ mode = Attribute(String, description = 'MACVTAP mode',
+ default = 'bridge'),
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self.prefix = 'macvtap'
+ self.netdevice_type = 'macvtap'
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __create__(self):
+ return BashTask(self.node, CMD_CREATE_PARENT, {'netdevice': self})
diff --git a/vicn/resource/linux/net_device.py b/vicn/resource/linux/net_device.py
new file mode 100644
index 00000000..f0a08991
--- /dev/null
+++ b/vicn/resource/linux/net_device.py
@@ -0,0 +1,519 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import re
+import math
+import random
+import string
+from netmodel.model.type import Integer, String, Bool
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import BaseResource
+from vicn.core.task import BashTask, task, EmptyTask
+from vicn.resource.application import Application
+from vicn.resource.interface import Interface
+# parse_ip_addr inspired from:
+# From: https://github.com/ohmu/poni/blob/master/poni/cloud_libvirt.py
+LXD_FIX = lambda cmd: 'sleep 1 && {}'.format(cmd)
+CMD_FLUSH_IP = 'ip addr flush dev {device_name}'
+CMD_INTERFACE_LIST = 'ip link show | grep -A 1 @{}'
+RX_INTERFACE_LIST = '.*?(?P<ifname>[^ ]*)@{}:'
+CMD_INTERFACE_GET = 'ip link show | grep -A 1 {}@{}'
+RX_INTERFACE_GET = '.*?(?P<ifname>{})@{}:'
+log = logging.getLogger(__name__)
+CMD_GET = LXD_FIX('ip link show {netdevice.device_name}')
+CMD_CREATE = 'ip link add name {netdevice.device_name} ' \
+ 'type {netdevice.netdevice_type}'
+CMD_CREATE_PARENT = 'ip link add name {netdevice.device_name} ' \
+ 'link {netdevice.parent.device_name} ' \
+ 'type {netdevice.netdevice_type}'
+CMD_DELETE = 'ip link delete {netdevice.device_name}'
+CMD_SET_MAC_ADDRESS = 'ip link set dev {netdevice.device_name} ' \
+ 'address {netdevice.mac_address}'
+CMD_GET_IP_ADDRESS = 'ip addr show {netdevice.device_name}'
+CMD_SET_IP_ADDRESS = 'ip addr add dev {netdevice.device_name} ' \
+ '{netdevice.ip_address} brd + || true'
+CMD_SET_PROMISC = 'ip link set dev {netdevice.device_name} promisc {on_off}'
+CMD_SET_UP = 'ip link set {netdevice.device_name} {up_down}'
+ 'tc qdisc del dev {netdevice.device_name} root || true',
+ 'tc qdisc add dev {netdevice.device_name} root handle 1: tbf rate '
+ '{netdevice.capacity}Mbit burst {burst}kb latency 70ms'
+ 'tc qdisc add dev {netdevice.device_name} parent 1:1 codel',
+CMD_GET_PCI_ADDRESS='ethtool -i {netdevice.device_name} | ' \
+ "sed -n '/bus-info/{{s/.*: [^:]*:\(.*\)/\\1/p}}'"
+CMD_GET_OFFLOAD='ethtool -k {netdevice.device_name} | ' \
+ 'grep rx-checksumming | cut -d " " -f 2'
+CMD_SET_OFFLOAD='ethtool -K {netdevice.device_name} rx on tx on'
+CMD_UNSET_OFFLOAD='ethtool -K {netdevice.device_name} rx off tx off'
+sysctl -w net.ipv4.conf.all.rp_filter=0
+sysctl -w net.ipv4.conf.{netdevice.device_name}.rp_filter=0
+CMD_SET_RP_FILTER = 'sysctl -w ' \
+ 'net.ipv4.conf.{netdevice.device_name}.rp_filter=1'
+sysctl net.ipv4.conf.all.rp_filter
+sysctl net.ipv4.conf.{netdevice.device_name}.rp_filter
+# FIXME GPL code
+# Copyright 2015 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+"""Utility to parse 'ip link [show]'.
+Example dictionary returned by parse_ip_link():
+{u'eth0': {u'flags': set([u'BROADCAST', u'LOWER_UP', u'MULTICAST', u'UP']),
+ u'index': 2,
+ u'mac': u'80:fa:5c:0d:43:5e',
+ u'name': u'eth0',
+ u'settings': {u'group': u'default',
+ u'mode': u'DEFAULT',
+ u'mtu': u'1500',
+ u'qdisc': u'pfifo_fast',
+ u'qlen': u'1000',
+ u'state': u'UP'}},
+ u'lo': {u'flags': set([u'LOOPBACK', u'LOWER_UP', u'UP']),
+ u'index': 1,
+ u'name': u'lo',
+ u'settings': {u'group': u'default',
+ u'mode': u'DEFAULT',
+ u'mtu': u'65536',
+ u'qdisc': u'noqueue',
+ u'state': u'UNKNOWN'}}}
+The dictionary above is generated given the following input:
+ 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN \
+mode DEFAULT group default
+ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+ 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast \
+state UP mode DEFAULT group default qlen 1000
+ link/ether 80:fa:5c:0d:43:5e brd ff:ff:ff:ff:ff:ff
+def _get_settings_dict(settings_line):
+ """
+ Given a string of the format:
+ "[[<key1> <value1>] <key2> <value2>][...]"
+ Returns a dictionary mapping each key to its corresponding value.
+ :param settings_line: unicode
+ :return: dict
+ """
+ settings = settings_line.strip().split()
+ num_tokens = len(settings)
+ assert num_tokens % 2 == 0
+ return {
+ settings[2 * i]: settings[2 * i + 1] for i in range(num_tokens // 2)
+ }
+def _parse_interface_definition(line):
+ """Given a string of the format:
+ <interface_index>: <interface_name>: <flags> <settings>
+ Returns a dictionary containing the component parts.
+ :param line: unicode
+ :return: dict
+ :raises: ValueError if a malformed interface definition line is presented
+ """
+ interface = {}
+ # This line is in the format:
+ # <interface_index>: <interface_name>: <properties>
+ [index, name, properties] = map(
+ lambda s: s.strip(), line.split(':'))
+ interface['index'] = int(index)
+ if '@' in name:
+ name, parent = name.split('@')
+ interface['name'] = name
+ interface['parent'] = parent
+ else:
+ interface['name'] = name
+ interface['parent'] = None
+ # Now parse the <properties> part from above.
+ # This will be in the form "<FLAG1,FLAG2> key1 value1 key2 value2 ..."
+ matches = re.match(r"^<(.*)>(.*)", properties)
+ if matches:
+ flags = matches.group(1)
+ if len(flags) > 0:
+ flags = flags.split(',')
+ else:
+ flags = []
+ interface['flags'] = set(flags)
+ interface['settings'] = _get_settings_dict(matches.group(2))
+ else:
+ raise ValueError("Malformed 'ip link' line (%s)" % line)
+ return interface
+def _add_additional_interface_properties(interface, line):
+ """
+ Given the specified interface and a specified follow-on line containing
+ more interface settings, adds any additional settings to the interface
+ dictionary. (currently, the only relevant setting is the interface MAC.)
+ :param interface: dict
+ :param line: unicode
+ """
+ settings = _get_settings_dict(line)
+ # We only care about the MAC address for Ethernet interfaces.
+ mac = settings.get('link/ether')
+ if mac is not None:
+ interface['mac'] = mac
+def parse_ip_link(output):
+ """
+ Given the full output from 'ip link [show]', parses it and returns a
+ dictionary mapping each interface name to its settings.
+ :param output: string or unicode
+ :return: dict
+ """
+ interfaces = {}
+ interface = None
+ for line in output.splitlines():
+ if re.match(r'^[0-9]', line):
+ interface = _parse_interface_definition(line)
+ if interface is not None:
+ interfaces[interface['name']] = interface
+ else:
+ if interface is not None:
+ _add_additional_interface_properties(interface, line)
+ return interfaces
+_IP_ADDR_SPLIT_RE = re.compile("^[0-9]+: ", flags=re.MULTILINE)
+def parse_ip_addr(data):
+ """
+ Parse addresses from 'ip addr' output
+ """
+ for iface in _IP_ADDR_SPLIT_RE.split(data.strip()):
+ if not iface:
+ continue
+ lines = [l.strip() for l in iface.splitlines()]
+ # XXX @ in name not supported
+ name = lines.pop(0).partition(":")[0]
+ info = {
+ "ip-addresses": [],
+ "hardware-address": None,
+ }
+ if '@' in name:
+ name, parent = name.split('@')
+ info['name'] = name
+ info['parent'] = parent
+ else:
+ info['name'] = name
+ info['parent'] = None
+ for line in lines:
+ words = line.split()
+ if words[0].startswith("link/") and len(words) >= 2:
+ info["hardware-address"] = words[1]
+ elif words[0] in ("inet", "inet6"):
+ addrtype = "ipv6" if words[0] == "inet6" else "ipv4"
+ addr, _, prefix = words[1].partition("/")
+ if prefix == '':
+ prefix = 128 if addrtype == "ipv6" else 32
+ info["ip-addresses"].append({"ip-address-type": addrtype,
+ "ip-address": addr, "prefix": int(prefix)})
+ yield info
+class BaseNetDevice(Interface, Application):
+ __type__ = BaseResource
+ # XXX note: ethtool only required if we need to get the pci address
+ __package_names__ = ['ethtool']
+ device_name = Attribute(String, description = 'Name of the NetDevice',
+ default = lambda x : x._default_device_name(),
+ max_size = MAX_DEVICE_NAME_SIZE)
+ capacity = Attribute(Integer,
+ description = 'Capacity for interface shaping (Mb/s)')
+ mac_address = Attribute(String, description = 'Mac address of the device')
+ ip_address = Attribute(String, description = 'IP address of the device')
+ pci_address = Attribute(String,
+ description = 'PCI bus address of the device',
+ ro = True)
+ promiscuous = Attribute(Bool, description = 'Promiscuous', default = False)
+ up = Attribute(Bool, description = 'Promiscuous', default = True)
+ netdevice_type = Attribute(String, description = 'Type of the netdevice',
+ ro = True)
+ prefix = Attribute(String, default = 'dev')
+ rp_filter = Attribute(Bool, description = 'Reverse-path filtering enabled',
+ default = True)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ # Dummy member to store the other side of a VethPair
+ # We use it to disable offloading on interfaces connected to VPP
+ self.remote = None
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __get__(self):
+ def check(rv):
+ if not bool(rv):
+ raise ResourceNotFound
+ return BashTask(self.node, CMD_GET, {'netdevice' : self}, output=True,
+ parse=check)
+ __create__ = None
+ def __delete__(self):
+ return BashTask(self.node, CMD_DELETE, {'netdevice': self})
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _get_mac_address(self):
+ # Merge into parse_ip_link
+ def parse(rv):
+ assert rv is not None
+ nds = parse_ip_link(rv.stdout)
+ # This will raise an exception is the interface does not exist
+ nd = nds[self.device_name]
+ attrs = { 'mac_address': nd['mac'], }
+ return attrs
+ return BashTask(self.node, CMD_GET, {'netdevice' : self}, output=True,
+ parse=parse)
+ def _set_mac_address(self):
+ return BashTask(self.node, CMD_SET_MAC_ADDRESS, {'netdevice': self})
+ def _get_ip_address(self):
+ """
+ NOTE: Incidently, this will also give the MAC address, as well as other
+ attributes...
+ """
+ def parse(rv):
+ attrs = dict()
+ assert rv is not None
+ nds = list(parse_ip_addr(rv.stdout))
+ assert nds
+ assert len(nds) <= 1
+ nd = nds[0]
+ assert nd['name'] == self.device_name
+ attrs['mac_address'] = nd['hardware-address']
+ # We assume a single IPv4 address for now...
+ ips = [ip for ip in nd['ip-addresses']
+ if ip['ip-address-type'] == 'ipv4']
+ if len(ips) >= 1:
+ if len(ips) > 1:
+ log.warning('Keeping only first of many IP addresses...')
+ ip = ips[0]
+ attrs['ip_address'] = ip['ip-address']
+ else:
+ attrs['ip_address'] = None
+ return attrs
+ return BashTask(self.node, CMD_GET_IP_ADDRESS,
+ {'netdevice': self}, parse=parse)
+ def _set_ip_address(self):
+ if self.ip_address is None:
+ # Unset IP
+ return BashTask(self.node, CMD_FLUSH_IP,
+ {'device_name': self.device_name})
+ return BashTask(self.node, CMD_SET_IP_ADDRESS,
+ {'netdevice': self})
+ @task
+ def _get_promiscuous(self):
+ return {'promiscuous': False}
+ def _set_promiscuous(self):
+ on_off = 'on' if self.promiscuous else 'off'
+ return BashTask(self.node, CMD_SET_PROMISC,
+ {'netdevice': self, 'on_off' : on_off})
+ @task
+ def _get_up(self):
+ return {'up': False}
+ def _set_up(self):
+ up_down = 'up' if self.up else 'down'
+ return BashTask(self.node, CMD_SET_UP,
+ {'netdevice': self, 'up_down': up_down})
+ @task
+ def _get_capacity(self):
+ return {'capacity': None}
+ def _set_capacity(self):
+ if self.capacity is None:
+ log.warning('set_capacity(None) not implemented')
+ return EmptyTask()
+ # http://unix.stackexchange.com/questions/100785/bucket-size-in-tbf
+ MBPS = 1000000
+ KBPS = 1024
+ BYTES = 8
+ HZ = 250
+ # Round to power of two... see manpage
+ burst = math.ceil((((self.capacity * MBPS) / HZ) / BYTES) / KBPS)
+ burst = 1 << (burst - 1).bit_length()
+ return BashTask(self.node, CMD_SET_CAPACITY,
+ {'netdevice': self, 'burst': burst})
+ def _get_rp_filter(self):
+ def parse(rv):
+ lines = rv.stdout.splitlines()
+ return (int(lines[0][-1]) + int(lines[1][-1]) > 0)
+ return BashTask(self.node, CMD_GET_RP_FILTER, {'netdevice' :self},
+ parse = parse)
+ def _set_rp_filter(self):
+ cmd = CMD_SET_RP_FILTER if self.rp_filter else CMD_UNSET_RP_FILTER
+ return BashTask(self.node, cmd, {'netdevice' : self})
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _remote_node_name(self):
+ remote_interface = self._remote_interface()
+ if remote_interface:
+ return remote_interface.node.name
+ else:
+ rnd = ''.join(random.choice(string.ascii_uppercase + string.digits)
+ for _ in range(3))
+ return 'unk{}'.format(rnd)
+ def _remote_interface(self):
+ if not self.channel:
+ return None
+ interfaces = self.channel.interfaces
+ for interface in interfaces:
+ if interface == self:
+ continue
+ return interface
+ def _default_device_name(self):
+ remote_node_name = self._remote_node_name()
+ if remote_node_name:
+ return remote_node_name
+ else:
+ return AddressManager().get('device_name', self,
+ prefix = self.prefix, scope = self.prefix)
+class NonTapBaseNetDevice(BaseNetDevice):
+ # Tap devices for instance don't have offload
+ offload = Attribute(Bool, description = 'Offload', default=True)
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _get_offload(self):
+ return BashTask(self.node, CMD_GET_OFFLOAD, {'netdevice': self},
+ parse = lambda rv : rv.stdout.strip() == 'on')
+ def _set_offload(self):
+ cmd = None
+ if self.offload:
+ else:
+ return BashTask(self.node, cmd, {'netdevice' : self})
+class NetDevice(NonTapBaseNetDevice):
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __create__(self):
+ return BashTask(self.node, CMD_CREATE, {'netdevice': self})
+class SlaveBaseNetDevice(BaseNetDevice):
+ parent = Attribute(NetDevice, description = 'Parent NetDevice')
+ host = Attribute(NetDevice, description = 'Host interface',
+ default = lambda x : x._default_host())
+ def _default_host(self):
+ if self.node.__class__.__name__ == 'LxcContainer':
+ host = self.node.node
+ else:
+ host = self.node
+ max_len = MAX_DEVICE_NAME_SIZE - len(self.node.name) - 1
+ device_name = self.device_name[:max_len]
+ return NetDevice(node = host,
+ device_name = '{}-{}'.format(self.node.name, device_name),
+ managed = False)
+class SlaveNetDevice(SlaveBaseNetDevice):
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __create__(self):
+ return BashTask(self.node, CMD_CREATE_PARENT, {'netdevice': self})
diff --git a/vicn/resource/linux/netmon.py b/vicn/resource/linux/netmon.py
new file mode 100644
index 00000000..8472f308
--- /dev/null
+++ b/vicn/resource/linux/netmon.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.linux.service import Service
+class NetMon(Service):
+ """
+ Resource: NetMon
+ Generic network monitoring daemon, used internally by VICN for resource
+ monitoring.
+ """
+ __package_names__ = ['netmon']
+ __service_name__ = 'netmon'
diff --git a/vicn/resource/linux/numa_mgr.py b/vicn/resource/linux/numa_mgr.py
new file mode 100644
index 00000000..632264ce
--- /dev/null
+++ b/vicn/resource/linux/numa_mgr.py
@@ -0,0 +1,113 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import re
+from itertools import cycle
+from netmodel.model.type import BaseType
+from vicn.core.resource import Resource
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.task import BashTask
+from vicn.resource.node import Node
+PATTERN_LSCPU_NUMA = 'NUMA node[0-9]+ CPU\(s\)'
+CMD_LSCPU = 'lscpu'
+class CycleType(BaseType, cycle):
+ """
+ Type: CycleType
+ """
+ pass
+def parse_lscpu_line(line):
+ #Format: NUMA node0 CPU(s): 0-17,36-53
+ line = line.split(':')[1]
+ #line = 0-17,36,53
+ def limits_to_list(string):
+ limits = string.split('-')
+ lower_limit = int(limits[0])
+ #Removes core 0 as it is used the most often by the kernl
+ if lower_limit is 0 : lower_limit = 1
+ return cycle(range(lower_limit, int(limits[1])))
+ return cycle(map(limits_to_list, line.split(',')))
+def parse_lscpu_rv(rv):
+ ret = []
+ for line in rv.stdout.splitlines():
+ if re.search(PATTERN_LSCPU_NUMA, line):
+ ret.append(parse_lscpu_line(line))
+ return ret
+class NumaManager(Resource):
+ """
+ Resource: NumaManager
+ """
+ node = Attribute(Node,
+ mandatory = True,
+ multiplicity = Multiplicity.OneToOne,
+ reverse_auto = True,
+ reverse_name = 'numa_mgr')
+ numa_repartitor = Attribute(CycleType,
+ description = 'Tool to separate cores/CPUs/sockets',
+ multiplicity = Multiplicity.OneToMany,
+ ro = True)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ __create__ = None
+ __delete__ = None
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self.current_numa_node = 0
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _get_numa_repartitor(self):
+ return BashTask(self.node, CMD_LSCPU, parse=parse_lscpu_rv)
+ #--------------------------------------------------------------------------
+ # Public API
+ #--------------------------------------------------------------------------
+ def get_numa_core(self, numa_node=None):
+ if numa_node is None:
+ numa_node = self.current_numa_node
+ self.current_numa_node = (self.current_numa_node+1) % \
+ len(self.numa_repartitor)
+ numa_list = self.numa_repartitor[numa_node]
+ socket = next(numa_list)
+ return numa_node, next(socket)
+ def get_number_of_numa(self):
+ return len(self.numa_repartitor)
diff --git a/vicn/resource/linux/ovs.py b/vicn/resource/linux/ovs.py
new file mode 100644
index 00000000..d67e4bca
--- /dev/null
+++ b/vicn/resource/linux/ovs.py
@@ -0,0 +1,68 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.task import BashTask
+from vicn.resource.linux.bridge_mgr import BridgeManager
+ovs-vsctl --may-exist add-br {bridge_name}
+ip link set dev {bridge_name} up
+CMD_DEL_BRIDGE = 'ovs-vsctl --if-exists del-br {bridge_name}'
+CMD_ADD_INTERFACE = 'ovs-vsctl --may-exist add-port {bridge_name} ' \
+ '{interface_name}'
+CMD_DEL_INTERFACE = 'ovs-vsctl --if-exists del-port {bridge_name} ' \
+ '{interface_name}'
+class OVS(BridgeManager):
+ """
+ Resource: OVS
+ OpenVSwitch bridge manager
+ """
+ __package_names__ = ['openvswitch-switch']
+ #---------------------------------------------------------------------------
+ # BridgeManager API
+ #---------------------------------------------------------------------------
+ def add_bridge(self, bridge_name):
+ return BashTask(self.node, CMD_ADD_BRIDGE,
+ {'bridge_name': bridge_name},
+ output = False, as_root = True)
+ def del_bridge(self, bridge_name):
+ return BashTask(self.node, CMD_DEL_BRIDGE,
+ {'bridge_name': bridge_name},
+ output = False, as_root = True)
+ def add_interface(self, bridge_name, interface_name, vlan=None):
+ cmd = CMD_ADD_INTERFACE_VLAN if vlan is not None else CMD_ADD_INTERFACE
+ return BashTask(self.node, cmd, {'bridge_name': bridge_name,
+ 'interface_name': interface_name, 'vlan': vlan},
+ output = False, as_root = True)
+ def del_interface(self, bridge_name, interface_name, vlan=None):
+ return BashTask(self.node, CMD_DEL_INTERFACE,
+ {'bridge_name': bridge_name, 'interface_name': interface_name,
+ 'vlan': vlan},
+ output = False, as_root = True)
diff --git a/vicn/resource/linux/package_manager.py b/vicn/resource/linux/package_manager.py
new file mode 100644
index 00000000..cb149ac6
--- /dev/null
+++ b/vicn/resource/linux/package_manager.py
@@ -0,0 +1,232 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import asyncio
+import logging
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource import Resource
+from vicn.core.task import BashTask, EmptyTask, async_task
+from vicn.core.task import inline_task, run_task
+from vicn.resource.node import Node
+log = logging.getLogger(__name__)
+CMD_APT_GET_KILL = 'kill -9 $(pidof apt-get) || true'
+CMD_DPKG_CONFIGURE_A = 'dpkg --configure -a'
+# Force IPv4
+echo 'Acquire::ForceIPv4 "true";' > /etc/apt/apt.conf.d/99force-ipv4
+# Update package repository on node {node}
+apt-get update
+# We need to double { } we want to preserve
+CMD_PKG_TEST='dpkg -s {self.package_name}'
+# Installing package {package_name}
+apt-get -y --allow-unauthenticated install {package_name}
+# Uninstalling package {self.package_name}
+apt-get remove {self.package_name}
+# Initialize package repository {repository.repo_name} on node {self.node.name}
+echo "{deb_source}" > {path}
+class PackageManager(Resource):
+ """
+ Resource: PackageManager
+ APT package management wrapper.
+ Todo:
+ - We assume a package manager is always installed on every machine.
+ - Currently, we limit ourselves to debian/ubuntu, and voluntarily don't
+ subclass this as we have (so far) no code for selecting the right
+ subclass, eg choising dynamically between DebRepositoryManager and
+ RpmRepositoryManager.
+ - We currently don't use package version numbers, which means a package
+ can be installed but not be up to date.
+ """
+ node = Attribute(Node,
+ reverse_name = 'package_manager',
+ reverse_auto = True,
+ mandatory = True,
+ multiplicity = Multiplicity.OneToOne)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._up_to_date = False
+ self.apt_lock = asyncio.Lock()
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ if self.node.__class__.__name__ == 'Physical':
+ # UGLY : This blocking code is currently needed
+ task = self.node.host_interface._get_ip_address()
+ ip_dict = task.execute_blocking()
+ self.node.host_interface.ip_address = ip_dict['ip_address']
+ return ('Repository',)
+ else:
+ return ('Repository', 'CentralIP', 'RoutingTable')
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ repos = EmptyTask()
+ for repository in self._state.manager.by_type_str('Repository'):
+ deb_source = self._get_deb_source(repository)
+ path = self._get_path(repository)
+ repo = BashTask(self.node, CMD_SETUP_REPO,
+ {'deb_source': deb_source, 'path': path})
+ repos = repos | repo
+ return repos
+ #---------------------------------------------------------------------------
+ # Methods
+ #---------------------------------------------------------------------------
+ def __method_update__(self):
+ kill = BashTask(self.node, CMD_APT_GET_KILL, {'node': self.node.name},
+ lock = self.apt_lock)
+ # Setup during a reattempt
+ if hasattr(self, '_dpkg_configure_a'):
+ dpkg_configure_a = BashTask(self.node, CMD_DPKG_CONFIGURE_A,
+ lock = self.apt_lock)
+ else:
+ dpkg_configure_a = EmptyTask()
+ if not self.node.package_manager._up_to_date:
+ update = BashTask(self.node, CMD_APT_GET_UPDATE, {'node': self.node.name},
+ lock = self.apt_lock, post = self._mark_updated)
+ else:
+ update = EmptyTask()
+ return (kill > dpkg_configure_a) > update
+ def __method_install__(self, package_name):
+ update = self.__method_update__()
+ install = BashTask(self.node, CMD_PKG_INSTALL, {'package_name':
+ package_name}, lock = self.apt_lock)
+ return update > install
+ #---------------------------------------------------------------------------
+ # Internal methods
+ #---------------------------------------------------------------------------
+ def _mark_updated(self):
+ self._up_to_date = True
+ def _get_path(self, repository):
+ return '/etc/apt/sources.list.d/{}.list'.format(repository.repo_name)
+ def _get_deb_source(self, repository):
+ path = repository.node.host_interface.ip_address + '/'
+ if repository.directory:
+ path += repository.directory + '/'
+ return 'deb http://{} {}/'.format(path, self.node.dist)
+class Package(Resource):
+ """
+ Resource: Package
+ deb package support
+ """
+ package_name = Attribute(String, mandatory = True)
+ node = Attribute(Node,
+ mandatory = True,
+ requirements=[
+ Requirement('package_manager')
+ ])
+ #---------------------------------------------------------------------------
+ # Resource lifecycle
+ #---------------------------------------------------------------------------
+ def __get__(self):
+ return BashTask(self.node, CMD_PKG_TEST, {'self': self})
+ def __create__(self):
+ return self.node.package_manager.__method_install__(self.package_name)
+ @async_task
+ async def __delete__(self):
+ with await self.node.package_manager._lock:
+ task = BashTask(self.node, CMD_PKG_UNINSTALL, {'self': self})
+ ret = await run_task(task, self._state.manager)
+ return ret
+class Packages(Resource):
+ """
+ Resource: Packages
+ Todo:
+ - The number of concurrent subresources is not dynamically linked to the
+ nodes. We may need to link subresources to the attribute in general, but
+ since package_names are static for a resource, this is not a problem here.
+ """
+ names = Attribute(String, multiplicity = Multiplicity.OneToMany)
+ node = Attribute(Node,
+ mandatory = True,
+ requirements=[
+ Requirement('package_manager')
+ ])
+ #---------------------------------------------------------------------------
+ # Resource lifecycle
+ #---------------------------------------------------------------------------
+ def __subresources__(self):
+ """
+ Note: Although packages are (rightfully) specified concurrent, apt tasks
+ will be exlusive thanks to the use of a lock in the package manager.
+ """
+ if self.names:
+ packages = [Package(node=self.node, package_name=name, owner=self)
+ for name in self.names]
+ return Resource.__concurrent__(*packages)
+ else:
+ return None
diff --git a/vicn/resource/linux/phy_interface.py b/vicn/resource/linux/phy_interface.py
new file mode 100644
index 00000000..c1aef27e
--- /dev/null
+++ b/vicn/resource/linux/phy_interface.py
@@ -0,0 +1,49 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute
+from vicn.core.resource import BaseResource
+from vicn.resource.interface import Interface
+class PhyInterface(Interface):
+ """
+ Resource: PhyInterface
+ Physical network interface.
+ """
+ __type__ = BaseResource
+ device_name = Attribute(String, description = 'Name of the DpdkDevice',
+ mandatory = True)
+ pci_address = Attribute(String, description = "Device's PCI bus address",
+ mandatory = True)
+ mac_address = Attribute(String, description = "Device's MAC address",
+ mandatory=True)
+ ip_address = Attribute(String, description = "Device's IP address")
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ if not self.name:
+ self.name = self.node.name + '-' + self.device_name
diff --git a/vicn/resource/linux/phy_link.py b/vicn/resource/linux/phy_link.py
new file mode 100644
index 00000000..878cf7c6
--- /dev/null
+++ b/vicn/resource/linux/phy_link.py
@@ -0,0 +1,39 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.attribute import Attribute
+from vicn.core.task import inline_task
+from vicn.resource.channel import Channel
+from vicn.resource.linux.phy_interface import PhyInterface
+class PhyLink(Channel):
+ """
+ Resource: PhyLink
+ Physical Link to inform the orchestrator about Layer2 connectivity.
+ """
+ src = Attribute(PhyInterface, description = 'Source interface',
+ mandatory = True)
+ dst = Attribute(PhyInterface, description = 'Destination interface',
+ mandatory = True)
+ @inline_task
+ def __initialize__(self):
+ self.src.set('channel', self)
+ self.dst.set('channel', self)
diff --git a/vicn/resource/linux/physical.py b/vicn/resource/linux/physical.py
new file mode 100644
index 00000000..e5eba2d3
--- /dev/null
+++ b/vicn/resource/linux/physical.py
@@ -0,0 +1,144 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import os
+import stat
+import logging
+import subprocess
+import shlex
+from netmodel.model.type import String, Integer
+from netmodel.util.misc import is_local_host
+from netmodel.util.socket import check_port
+from vicn.core.attribute import Attribute
+from vicn.core.commands import Command, ReturnValue
+from vicn.core.exception import ResourceNotFound
+from vicn.core.task import Task, task
+from vicn.resource.node import Node, DEFAULT_USERNAME
+from vicn.resource.node import DEFAULT_SSH_PUBLIC_KEY
+from vicn.resource.node import DEFAULT_SSH_PRIVATE_KEY
+log = logging.getLogger(__name__)
+CMD_SSH_COPY_ID = 'ssh-copy-id {ssh_options} -i {public_key} -p {port} ' \
+ '{user}@{host}'
+CMD_SSH = 'ssh {ssh_options} -i {private_key} -p {port} ' \
+ '{user}@{host} {command}'
+CMD_SSH_NF = 'ssh -n -f {ssh_options} -i {private_key} -p {port} ' \
+ '{user}@{host} {command}'
+class Physical(Node):
+ """
+ Resource: Physical
+ Physical node
+ """
+ hostname = Attribute(String, description = 'Hostname or IP address',
+ mandatory = True)
+ ssh_port = Attribute(Integer, description = 'SSH port number',
+ default = 22)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self.node_with_kernel = self
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @task
+ def __get__(self, attributes=None):
+ if not check_port(self.hostname, self.ssh_port):
+ raise ResourceNotFound
+ def __create__(self):
+ tasks = list()
+ modes = (True, False) if DEFAULT_USERNAME != 'root' else (True,)
+ for as_root in modes:
+ tasks.append(self._setup_ssh_key(as_root))
+ return Task.__concurrent__(*tasks)
+ __delete__ = None
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ @task
+ def _setup_ssh_key(self, as_root):
+ os.chmod(DEFAULT_SSH_PUBLIC_KEY, stat.S_IRUSR | stat.S_IWUSR)
+ os.chmod(DEFAULT_SSH_PRIVATE_KEY, stat.S_IRUSR | stat.S_IWUSR)
+ cmd_params = {
+ 'public_key' : DEFAULT_SSH_PUBLIC_KEY,
+ 'ssh_options' : '',
+ 'port' : self.ssh_port,
+ 'user' : 'root' if as_root else DEFAULT_USERNAME,
+ 'host' : self.hostname,
+ }
+ c = Command(CMD_SSH_COPY_ID, parameters = cmd_params)
+ return self._do_execute_process(c.full_commandline, output=False)
+ #--------------------------------------------------------------------------
+ # Public API
+ #--------------------------------------------------------------------------
+ def _do_execute_process(self, command, output = False):
+ p = subprocess.Popen(shlex.split(command), stdout=subprocess.PIPE)
+ if output:
+ out, err = p.communicate()
+ return ReturnValue(p.returncode, stdout=out, stderr=err)
+ p.wait()
+ return ReturnValue(p.returncode)
+ def _do_execute_ssh(self, command, output=False, as_root=False,
+ ssh_options=None):
+ if not ssh_options:
+ ssh_options = dict()
+ cmd_params = {
+ 'private_key' : DEFAULT_SSH_PRIVATE_KEY,
+ 'ssh_options' : ' '.join(['-o {}={}'.format(k, v)
+ for k, v in ssh_options.items()]),
+ 'port' : self.ssh_port,
+ 'user' : 'root' if as_root else DEFAULT_USERNAME,
+ 'host' : self.hostname,
+ 'command' : shlex.quote(command),
+ }
+ if (command[-1] != '&'):
+ c = Command(CMD_SSH, parameters = cmd_params)
+ else:
+ c = Command(CMD_SSH_NF, parameters = cmd_params)
+ return self._do_execute_process(c.full_commandline_nobashize, output)
+ def execute(self, command, output=False, as_root=False):
+ if is_local_host(self.hostname):
+ rv = self._do_execute_process(command, output = output)
+ else:
+ rv = self._do_execute_ssh(command, output = output,
+ as_root = as_root)
+ return rv
diff --git a/vicn/resource/linux/repository.py b/vicn/resource/linux/repository.py
new file mode 100644
index 00000000..f3e70565
--- /dev/null
+++ b/vicn/resource/linux/repository.py
@@ -0,0 +1,41 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.resource.application import Application
+class Repository(Application):
+ """
+ Resource: Repository
+ deb package repository
+ Note: As PackageManager uses a Repository, this resource cannot be a
+ LinuxApplication resource. We have no package to install since they are
+ part of any basic distribution install.
+ """
+ repo_name = Attribute(String, description = 'Name of the repository',
+ default = 'vicn')
+ directory = Attribute(String, description = 'Directory holding packages',
+ default = '')
+ distributions = Attribute(String,
+ description = 'List of distributions served by this repository',
+ multiplicity = Multiplicity.ManyToMany,
+ default = ['sid', 'trusty', 'xenial'])
diff --git a/vicn/resource/linux/service.py b/vicn/resource/linux/service.py
new file mode 100644
index 00000000..3eb753fc
--- /dev/null
+++ b/vicn/resource/linux/service.py
@@ -0,0 +1,83 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import CategoryResource
+from vicn.core.task import inline_task, BashTask, EmptyTask
+from vicn.resource.linux.application import LinuxApplication
+log = logging.getLogger(__name__)
+CMD_START = 'service {service_name} start'
+CMD_STOP = 'service {service_name} stop'
+CMD_RESTART = 'service {service_name} restart'
+CMD_STOP_START = 'service {service_name} stop && sleep 1 && ' \
+ 'service {service_name} start'
+class Service(LinuxApplication):
+ """Service resource
+ This resource wraps a Linux Service, and ensure the service is started
+ (resp. stopped) during setup (resp. teardown).
+ Required tags:
+ __service_name__ (str): all classes that inherit from Service should
+ inform this tag which gives the name of the service known to the
+ system.
+ * Support for upstart, sysvinit and systemd services.
+ * Start and Stop method
+ * Status attribute
+ """
+ __type__ = CategoryResource
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __method_restart__(self):
+ return BashTask(self.node, CMD_RESTART,
+ {'service_name': self.__service_name__})
+ def __method_start__(self):
+ return BashTask(self.node, CMD_START,
+ {'service_name': self.__service_name__})
+ def __create__(self):
+ if self.__service_name__ == 'lxd':
+ log.warning('Not restarting LXD')
+ return EmptyTask()
+ if self.__service_name__ == 'dnsmasq':
+ return BashTask(self.node, CMD_STOP_START,
+ {'service_name': self.__service_name__})
+ return self.__method_restart__()
+ def __delete__(self):
+ return BashTask(self.node, CMD_STOP,
+ {'service_name': self.__service_name__})
diff --git a/vicn/resource/linux/sym_veth_pair.py b/vicn/resource/linux/sym_veth_pair.py
new file mode 100644
index 00000000..bf79a69b
--- /dev/null
+++ b/vicn/resource/linux/sym_veth_pair.py
@@ -0,0 +1,151 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import random
+import string
+from netmodel.model.type import Integer
+from vicn.core.attribute import Attribute
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.state import ResourceState, AttributeState
+from vicn.core.task import BashTask, get_attributes_task
+from vicn.core.task import async_task, task, inline_task
+from vicn.core.task import run_task
+from vicn.resource.interface import Interface
+from vicn.resource.node import Node
+from vicn.resource.linux.net_device import NonTapBaseNetDevice
+from vicn.resource.linux.link import CMD_DELETE_IF_EXISTS
+from vicn.resource.linux.link import CMD_UP
+# Create veth pair in the host node
+ip link add name {tmp_side1} type veth peer name {tmp_side2}
+ip link set dev {tmp_side1} netns {pid[0]} name {side1_device_name}
+ip link set dev {tmp_side2} netns {pid[1]} name {side2_device_name}
+class SymVethPair(Resource):
+ """
+ Resource: SymVethPair
+ This resource is used in VPPBridge. The main difference with the Link
+ resource is that is it not a channel.
+ """
+ node1 = Attribute(Node,
+ description = 'Node on which one side of the veth will sit',
+ mandatory = True)
+ node2 = Attribute(Node,
+ description = 'Node on which the other side of the veth will sit',
+ mandatory = True)
+ capacity = Attribute(Integer,
+ description = 'Capacity of the veth pair (Mb/s)')
+ side1 = Attribute(Interface, description = 'Source interface')
+ side2 = Attribute(Interface, description = 'Destination interface')
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ async def _commit(self):
+ # see link.py for explanations
+ manager = self._state.manager
+ await manager._set_resource_state(self.side1,
+ ResourceState.INITIALIZED)
+ await manager._set_resource_state(self.side2,
+ ResourceState.INITIALIZED)
+ await manager._set_resource_state(self.side1, ResourceState.CREATED)
+ await manager._set_resource_state(self.side2, ResourceState.CREATED)
+ await manager._set_attribute_state(self, 'side1', AttributeState.CLEAN)
+ await manager._set_attribute_state(self, 'side2', AttributeState.CLEAN)
+ manager.commit_resource(self.side1)
+ manager.commit_resource(self.side2)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __initialize__(self):
+ self.side1 = NonTapBaseNetDevice(node = self.node1,
+ device_name = self.node2.name,
+ capacity = self.capacity,
+ owner = self.owner)
+ self.side2 = NonTapBaseNetDevice(node = self.node2,
+ device_name = self.node1.name,
+ capacity = self.capacity,
+ owner = self.owner)
+ self.side1.remote = self.side2
+ self.side2.remote = self.side1
+ @async_task
+ async def __get__(self):
+ manager = self._state.manager
+ try:
+ await run_task(self.side1.__get__(), manager)
+ await run_task(self.side2.__get__(), manager)
+ except ResourceNotFound:
+ raise ResourceNotFound
+ await self._commit()
+ def __create__(self):
+ assert self.node1.get_type() == 'lxccontainer'
+ assert self.node2.get_type() == 'lxccontainer'
+ node1_host = self.node1.node
+ node2_host = self.node2.node
+ assert node1_host == node2_host
+ host = node1_host
+ # Sometimes a down interface persists on one side
+ delif_side1 = BashTask(self.node1, CMD_DELETE_IF_EXISTS,
+ {'interface': self.side1})
+ delif_side2 = BashTask(self.node2, CMD_DELETE_IF_EXISTS,
+ {'interface': self.side2})
+ pid_node1 = get_attributes_task(self.node1, ['pid'])
+ pid_node2 = get_attributes_task(self.node2, ['pid'])
+ tmp_side1 = 'tmp-veth-' + ''.join(random.choice(
+ string.ascii_uppercase + string.digits) for _ in range(5))
+ tmp_side2 = 'tmp-veth-' + ''.join(random.choice(
+ string.ascii_uppercase + string.digits) for _ in range(5))
+ create = BashTask(host, CMD_CREATE,
+ {'side1_device_name': self.side1.device_name,
+ 'side2_device_name': self.side2.device_name,
+ 'tmp_side1': tmp_side1, 'tmp_side2': tmp_side2})
+ up_side1 = BashTask(self.node1, CMD_UP, {'interface': self.side1})
+ up_side2 = BashTask(self.node2, CMD_UP, {'interface': self.side2})
+ @async_task
+ async def set_state():
+ await self._commit()
+ delif = delif_side1 | delif_side2
+ up = up_side1 | up_side2
+ pid = pid_node1 | pid_node2
+ return ((delif > (pid @ create)) > up) > set_state()
+ def __delete__(self):
+ raise NotImplementedError
diff --git a/vicn/resource/linux/tap_device.py b/vicn/resource/linux/tap_device.py
new file mode 100644
index 00000000..68c0b9c7
--- /dev/null
+++ b/vicn/resource/linux/tap_device.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute
+from vicn.core.task import BashTask
+from vicn.resource.linux.net_device import BaseNetDevice
+CMD_CREATE='ip tuntap add name {netdevice.device_name} mode tap'
+CMD_FLUSH_IP='ip addr flush dev {device_name}'
+CMD_SET_IP_ADDRESS='ip addr add dev {netdevice.device_name}'
+class TapDevice(BaseNetDevice):
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self.prefix = 'tap'
+ self.netdevice_type = 'tap'
+ def __create__(self):
+ return BashTask(self.node, CMD_CREATE, {'netdevice': self})
+ def _set_ip_address(self):
+ if self.ip_address is None:
+ # Unset IP
+ return BashTask(self.node, CMD_FLUSH_IP,
+ {'device_name': self.device_name})
+ return BashTask(self.node, CMD_SET_IP_ADDRESS,
+ {'netdevice': self})
+class TapChannel(TapDevice):
+ station_name = Attribute(String)
+ channel_name = Attribute(String)
diff --git a/vicn/resource/linux/traceroute.py b/vicn/resource/linux/traceroute.py
new file mode 100644
index 00000000..2f8cb2c9
--- /dev/null
+++ b/vicn/resource/linux/traceroute.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.linux.application import LinuxApplication
+class Traceroute(LinuxApplication):
+ __package_names__ = ['traceroute']
diff --git a/vicn/resource/linux/veth_pair.py b/vicn/resource/linux/veth_pair.py
new file mode 100644
index 00000000..53fa9bf8
--- /dev/null
+++ b/vicn/resource/linux/veth_pair.py
@@ -0,0 +1,62 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import random
+import string
+from vicn.resource.linux.net_device import SlaveBaseNetDevice
+from vicn.core.task import BashTask, get_attributes_task
+# ip link add veth0 type veth peer name veth1
+# Create veth pair in the host node
+ip link add name {interface.host.device_name} type veth peer name {tmp_name}
+# The host interface will always be up...
+ip link set dev {interface.host.device_name} up
+# Move interface into container and rename it
+ip link set dev {tmp_name} netns {pid} name {interface.device_name}
+ip link set dev {interface.device_name} up
+# see:
+# http://stackoverflow.com/questions/22780927/lxc-linux-containers-add-new-network-interface-without-restarting
+class VethPair(SlaveBaseNetDevice):
+ # Do not need the parent attribute...
+ def __init__(self, *args, **kwargs):
+ super().__init__(self, *args, **kwargs)
+ self.prefix = 'veth'
+ self.netdevice_type = 'veth'
+ def __create__(self):
+ assert self.node.__class__.__name__ == 'LxcContainer'
+ host = self.node.node
+ pid = get_attributes_task(self.node, ['pid'])
+ tmp_name = 'tmp-veth-' + ''.join(random.choice(string.ascii_uppercase \
+ + string.digits) for _ in range(5))
+ create = BashTask(host, CMD_CREATE, {'tmp_name': tmp_name,
+ 'interface': self})
+ up = BashTask(self.node, CMD_UP, {'interface': self})
+ bridge = host.bridge_manager.add_interface(host.bridge.device_name,
+ self.host.device_name)
+ return ((pid @ create) > up) > bridge
+ # ... IP and UP missing...
diff --git a/vicn/resource/lxd/__init__.py b/vicn/resource/lxd/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/lxd/__init__.py
diff --git a/vicn/resource/lxd/lxc_container.py b/vicn/resource/lxd/lxc_container.py
new file mode 100644
index 00000000..afa64aba
--- /dev/null
+++ b/vicn/resource/lxd/lxc_container.py
@@ -0,0 +1,317 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import shlex
+import time
+# Suppress logging from pylxd dependency on ws4py
+# (this needs to be included before pylxd)
+from ws4py import configure_logger
+import pylxd
+from netmodel.model.type import String, Integer, Bool, Self
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute, Reference, Multiplicity
+from vicn.core.commands import ReturnValue
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource_mgr import wait_resource_task
+from vicn.core.task import task, inline_task, BashTask
+from vicn.resource.linux.net_device import NetDevice
+from vicn.resource.node import Node
+from vicn.resource.vpp.scripts import APPARMOR_VPP_PROFILE
+log = logging.getLogger(__name__)
+# Default name of VICN management/monitoring interface
+# Default remote server (pull mode only)
+DEFAULT_SOURCE_URL = 'https://cloud-images.ubuntu.com/releases/'
+# Default protocol used to download images (lxd or simplestreams)
+DEFAULT_SOURCE_PROTOCOL = 'simplestreams'
+# Commands used to interact with LXD (in addition to pylxd bindings)
+CMD_GET_PID='lxc info {container.name} | grep Pid | cut -d " " -f 2'
+# Type: ContainerName
+ContainerName = String(max_size = 64, ascii = True,
+ forbidden = ('/', ',', ':'))
+class LxcContainer(Node):
+ """
+ Resource: LxcContainer
+ Todo:
+ - Remove VPP dependency
+ - The bridge is not strictly needed, but we currently have no automated
+ way to determine whether we need it or not
+ - The management interface should be added by VICN, not part of the
+ resource, and its name should be determined automatically.
+ """
+ architecture = Attribute(String, description = 'Architecture',
+ default = 'x86_64')
+ container_name = Attribute(ContainerName,
+ description = 'Name of the container',
+ default = Reference(Self, 'name'))
+ ephemeral = Attribute(Bool, description = 'Ephemeral container flag',
+ default = False)
+ node = Attribute(Node,
+ description = 'Node on which the container is running',
+ mandatory = True,
+ requirements = [
+ # We need the hypervisor setup to be able to check for the
+ # container; more generally, all dependencies
+ Requirement('lxd_hypervisor'), # not null
+ # The bridge is not strictly needed, but we currently have
+ # no automated way to determine whether we need it or not
+ Requirement('bridge'),
+ # A DNS server is required to provide internet connectivity to
+ # the containers
+ Requirement('dns_server'),
+ ])
+ profiles = Attribute(String, multiplicity = Multiplicity.OneToMany,
+ default = ['default'])
+ image = Attribute(String, description = 'image', default = None)
+ is_image = Attribute(Bool, defaut = False)
+ pid = Attribute(Integer, description = 'PID of the container')
+ #--------------------------------------------------------------------------
+ # Constructor / Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._container = None
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __initialize__(self):
+ """
+ We need to intanciate VPPHost before container creation.
+ """
+ self.node_with_kernel = Reference(self, 'node')
+ # We automatically add the management/monitoring interface
+ self._host_interface = NetDevice(node = self,
+ owner = self,
+ monitored = False,
+ device_name = DEFAULT_LXC_NETDEVICE)
+ self._state.manager.commit_resource(self._host_interface)
+ for iface in self.interfaces:
+ if iface.get_type() == "dpdkdevice":
+ self.node.vpp_host.dpdk_devices.append(iface.pci_address)
+ if 'vpp' in self.profiles:
+ dummy = self.node.vpp_host.uio_devices
+ @task
+ def __get__(self):
+ client = self.node.lxd_hypervisor.client
+ try:
+ self._container = client.containers.get(self.name)
+ except pylxd.exceptions.NotFound:
+ raise ResourceNotFound
+ def __create__(self):
+ """
+ Make sure vpp_host is instanciated before starting the container.
+ """
+ wait_vpp_host = wait_resource_task(self.node.vpp_host)
+ create = self._create_container()
+ start = self.__method_start__()
+ return wait_vpp_host > (create > start)
+ @task
+ def _create_container(self):
+ container = self._get_container_description()
+ log.debug('Container description: {}'.format(container))
+ client = self.node.lxd_hypervisor.client
+ self._container = client.containers.create(container, wait=True)
+ self._container.start(wait = True)
+ def _get_container_description(self):
+ # Base configuration
+ container = {
+ 'name' : self.container_name,
+ 'architecture' : self.architecture,
+ 'ephemeral' : self.ephemeral,
+ 'profiles' : ['default'],
+ 'config' : {},
+ 'devices' : {},
+ }
+ devices = {}
+ # FIXME Container profile support is provided by setting changes into
+ # configuration (currently only vpp profile is supported)
+ for profile in self.profiles:
+ if profile == 'vpp':
+ # Set the new apparmor profile. This will be created in VPP
+ # application
+ # Mount hugetlbfs in the container.
+ container['config']['raw.lxc'] = APPARMOR_VPP_PROFILE
+ container['config']['security.privileged'] = 'true'
+ for device in self.node.vpp_host.uio_devices:
+ container['devices'][device] = {
+ 'path' : '/dev/{}'.format(device),
+ 'type' : 'unix-char' }
+ # NETWORK (not for images)
+ if not self.is_image:
+ container['config']['user.network_mode'] = 'link-local'
+ device = {
+ 'type' : 'nic',
+ 'name' : self.host_interface.device_name,
+ 'nictype' : 'bridged',
+ 'parent' : self.node.bridge.device_name,
+ }
+ device['hwaddr'] = AddressManager().get_mac(self)
+ prefix = 'veth-{}'.format(self.container_name)
+ device['host_name'] = AddressManager().get('device_name', self,
+ prefix = prefix, scope = prefix)
+ container['devices'][device['name']] = device
+ image_names = [alias['name'] for alias in self.node.lxd_hypervisor.aliases]
+ image_exists = self.image is not None and self.image in image_names
+ if image_exists:
+ container['source'] = {
+ 'type' : 'image',
+ 'mode' : 'local',
+ 'alias' : self.image,
+ }
+ else:
+ container['source'] = {
+ 'type' : 'image',
+ 'mode' : 'pull',
+ 'server' : DEFAULT_SOURCE_URL,
+ 'alias' : self.dist,
+ }
+ log.info('Creating container: {}'.format(container))
+ return container
+ @task
+ def __delete__(self):
+ log.info("Delete container {}".format(self.container_name))
+ self.node.lxd_hypervisor.client.containers.remove(self.name)
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _get_pid(self):
+ """
+ Attribute: pid (getter)
+ """
+ return BashTask(self.node, CMD_GET_PID, {'container': self},
+ parse = lambda rv: {'pid': rv.stdout.strip()})
+ #--------------------------------------------------------------------------
+ # Methods
+ #--------------------------------------------------------------------------
+ @task
+ def __method_start__(self):
+ """
+ Method: Start the container
+ """
+ self._container.start(wait = True)
+ @task
+ def __method_stop__(self):
+ """
+ Method: Stop the container
+ """
+ self._container.stop(wait = True)
+ @task
+ def __method_to_image__(self):
+ """
+ Returns:
+ Image metadata as returned by LXD REST API.
+ """
+ publish_description = {
+ "public": True,
+ "properties": {
+ "os": "Ubuntu",
+ "architecture": "x86_64",
+ "description": "Image generated from container {}".format(
+ self.container_name),
+ },
+ "source": {
+ "type": "container", # One of "container" or "snapshot"
+ "name": 'image-{}'.format(self.container_name),
+ }
+ }
+ return self.node.lxd_hypervisor.publish_image(publish_description)
+ #--------------------------------------------------------------------------
+ # Node API
+ #--------------------------------------------------------------------------
+ def execute(self, command, output = False, as_root = False):
+ """
+ Executes a command on the node
+ Params:
+ output (bool) : Flag determining whether the method should return
+ the output value.
+ as_root (bool) : Flag telling whether the command should be
+ executed as root.
+ Returns:
+ ReturnValue containing exit code, and eventually stdout and stderr.
+ Raises
+ Exception in case of error
+ The node exposes an interface allowing command execution through LXD.
+ We don't currently use an eventually available SSH connection.
+ """
+ ret = self._container.execute(shlex.split(command))
+ # NOTE: pylxd documents the return value as a tuple, while it is in
+ # fact a ContainerExecuteResult object
+ if not hasattr(ret, "exit_code"):
+ log.error("LXD return value does not have an exit code. "
+ "Try installing pylxd>=2.2.2 with pip3")
+ import sys; sys.exit(1)
+ args = (ret.exit_code,)
+ if output:
+ args += (ret.stdout, ret.stderr)
+ return ReturnValue(*args)
diff --git a/vicn/resource/lxd/lxc_image.py b/vicn/resource/lxd/lxc_image.py
new file mode 100644
index 00000000..2cc7220d
--- /dev/null
+++ b/vicn/resource/lxd/lxc_image.py
@@ -0,0 +1,116 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import time
+from netmodel.model.type import Self
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource import Resource
+from vicn.core.task import task, inline_task
+from vicn.resource.linux.application import LinuxApplication as Application
+from vicn.resource.node import Node
+log = logging.getLogger(__name__)
+class LxcImage(Resource):
+ """
+ Resource: LxcImage
+ """
+ node = Attribute(Node, description = 'Node on which the image is stored',
+ mandatory = True,
+ requirements = [
+ Requirement('lxd_hypervisor')
+ ])
+ image = Attribute(Self, description = 'image', default = None)
+ applications = Attribute(Application, multiplicity = Multiplicity.OneToMany)
+ #---------------------------------------------------------------------------
+ # Constructor / Accessors
+ #---------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ self.fingerprint = None
+ self._tmp_container = None
+ super().__init__(*args, **kwargs)
+ #---------------------------------------------------------------------------
+ # Resource lifecycle
+ #---------------------------------------------------------------------------
+ @task
+ def __get__(self):
+ aliases = [alias['name'] for images in self.node.lxd_hypervisor.client.images.all()
+ for alias in images.aliases]
+ if not self.image in aliases:
+ raise ResourceNotFound
+ @inline_task
+ def __create__(self):
+ log.warning('Image creation is currently disabled')
+ return
+ @task
+ def __create_DISABLED__(self):
+ """
+ Image creation consists in setting up a temporary container, stopping
+ it, publishing an image of it, setting an alias, and deleting it.
+ """
+ tmp_container.setup()
+ print("TODO: Installing applications...")
+ for application in self.applications:
+ print('Installing application on image')
+ application.setup()
+ # XXX stop() hangs if run to early wrt container start
+ # - is it related to ZFS ? is it a more general problem ?
+ time.sleep(5)
+ print("I: Stopping container")
+ tmp_container.stop()
+ print("I: Publishing image")
+ image_metadata = tmp_container.publish_image() # METHOD !
+ print("MD=", image_metadata)
+ self.fingerprint = image_metadata['fingerprint']
+ self.set_alias()
+ tmp_container.delete()
+ @task
+ def __delete__(self):
+ self.node.lxd_hypervisor.client.images.delete(self.name)
+ #---------------------------------------------------------------------------
+ # Public methods
+ #---------------------------------------------------------------------------
+ def set_alias(self):
+ alias_dict = {
+ "description": "Ubuntu 14.04 image with ICN software already installed",
+ "target": self.fingerprint,
+ "name": self.name
+ }
+ self.node.lxd_hypervisor.set_alias(alias_dict)
diff --git a/vicn/resource/lxd/lxd_hypervisor.py b/vicn/resource/lxd/lxd_hypervisor.py
new file mode 100644
index 00000000..328f3fdf
--- /dev/null
+++ b/vicn/resource/lxd/lxd_hypervisor.py
@@ -0,0 +1,223 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# - lxd >= 2.0.4 is required
+# daemon/container: Remember the return code in the non wait-for-websocket
+# case (Issue #2243)
+# - Reference: https://github.com/lxc/lxd/tree/master/doc
+import logging
+import os
+from pylxd import Client
+from pylxd.exceptions import LXDAPIException
+from netmodel.model.type import String, Integer
+from vicn.core.attribute import Attribute, Multiplicity, Reference
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import BashTask, task
+from vicn.resource.linux.application import LinuxApplication as Application
+from vicn.resource.linux.service import Service
+from vicn.resource.linux.certificate import Certificate
+# Suppress non-important logging messages from requests and urllib3
+log = logging.getLogger(__name__)
+# FIXME use system-wide files
+DEFAULT_CERT_PATH = os.path.join(os.path.dirname(__file__),
+ '..', '..', '..', 'config', 'lxd_client_cert', 'client_cert.pem')
+DEFAULT_KEY_PATH = os.path.join(os.path.dirname(__file__),
+ '..', '..', '..', 'config', 'lxd_client_cert', 'client_key.pem')
+# FIXME hardcoded password for LXD server
+# Commands used to interact with the LXD hypervisor
+CMD_LXD_CHECK_INIT = 'lsof -i:{lxd.lxd_port}'
+CMD_LXD_INIT_BASE = 'lxd init --auto '
+lxc profile unset default environment.http_proxy
+lxc profile unset default user.network_mode
+# Subresources
+class LxdInit(Application):
+ __package_names__ = ['lxd', 'zfsutils-linux', 'lsof']
+ def __get__(self):
+ return BashTask(self.owner.node, CMD_LXD_CHECK_INIT,
+ {'lxd': self.owner})
+ def __create__(self):
+ cmd_params = {
+ 'storage-backend' : self.owner.storage_backend,
+ 'network-port' : self.owner.lxd_port,
+ 'network-address' : '',
+ 'trust-password' : DEFAULT_TRUST_PASSWORD,
+ }
+ if self.owner.storage_backend == 'zfs':
+ cmd_params['storage-pool'] = self.owner.zfs_pool
+ # zpool list -H -o name,cap
+ # don't create it if it exists
+ zfs_pool_exists = True
+ if zfs_pool_exists:
+ cmd_params['storage-create-loop'] = self.owner.storage_size
+ elif self.owner.storage_backend == 'dir':
+ raise NotImplementedError
+ else:
+ raise NotImplementedError
+ cmd = CMD_LXD_INIT_BASE + ' '.join('--{}={}'.format(k, v)
+ for k, v in cmd_params.items())
+ # error: Failed to create the ZFS pool: The ZFS modules are not loaded.
+ # Try running '/sbin/modprobe zfs' as root to load them.
+ # zfs-dkms in the host
+ return BashTask(self.owner.node, CMD_LXD_INIT, {'base': cmd},
+ as_root = True)
+ def __delete__(self):
+ raise NotImplementedError
+class LxdInstallCert(Resource):
+ certificate = Attribute(Certificate, mandatory = True)
+ @task
+ def __get__(self):
+ try:
+ self.owner.client.certificates.all()
+ except LXDAPIException as e:
+ if e.response.raw.status == 403:
+ raise ResourceNotFound
+ raise
+ except Exception:
+ # Missing certificates raises an exception
+ raise ResourceNotFound
+ @task
+ def __create__(self):
+ """
+ Some operations with containers requires the client to be trusted by
+ the server. So at the beginning we have to upload a (self signed)
+ client certificate for the LXD daemon.
+ """
+ log.info('Adding certificate on LXD')
+ self.owner.client.authenticate(DEFAULT_TRUST_PASSWORD)
+ if not self.owner.client.trusted:
+ raise Exception
+class LxdHypervisor(Service):
+ """
+ Resource: LxdHypervisor
+ Manages a LXD hypervisor, accessible through a REST API.
+ """
+ __service_name__ = 'lxd'
+ lxd_port = Attribute(Integer, description = 'LXD REST API port',
+ default = 8443)
+ storage_backend = Attribute(String, description = 'Storage backend',
+ default = 'zfs',
+ choices = ['zfs'])
+ storage_size = Attribute(Integer, description = 'Storage size',
+ zfs_pool = Attribute(String, description = 'ZFS pool',
+ default='vicn')
+ # Just overload attribute with a new reverse
+ node = Attribute(
+ reverse_name = 'lxd_hypervisor',
+ reverse_description = 'LXD hypervisor',
+ reverse_auto = True,
+ multiplicity = Multiplicity.OneToOne)
+ #--------------------------------------------------------------------------
+ # Constructor / Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._client = None
+ self._images = None
+ @property
+ def client(self):
+ if not self._client:
+ self._client = Client(endpoint = self._get_server_url(),
+ verify=False)
+ return self._client
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ lxd_init = LxdInit(owner=self, node = self.node)
+ lxd_local_cert = Certificate(node = Reference(self, 'node'),
+ owner = self)
+ lxd_cert_install = LxdInstallCert(node = Reference(self, 'node'),
+ certificate = lxd_local_cert,
+ owner = self)
+ return (lxd_init | lxd_local_cert) > lxd_cert_install
+ #--------------------------------------------------------------------------
+ # Private methods
+ #--------------------------------------------------------------------------
+ def _get_server_url(self):
+ return 'https://{0}:{1}'.format(self.node.hostname, self.lxd_port)
+ #--------------------------------------------------------------------------
+ # Public interface
+ #--------------------------------------------------------------------------
+ @property
+ def images(self):
+ """
+ This method caches available images to minimize the number of queries
+ done when creating multiple containers.
+ """
+ if not self._images:
+ self._images = self.node.lxd_hypervisor.client.images.all()
+ return self._images
+ @property
+ def aliases(self):
+ return [alias for image in self.images for alias in image.aliases]
diff --git a/vicn/resource/node.py b/vicn/resource/node.py
new file mode 100644
index 00000000..bfb2f9ec
--- /dev/null
+++ b/vicn/resource/node.py
@@ -0,0 +1,93 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import os
+from netmodel.model.type import Double, String, Self
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute
+from vicn.core.resource import Resource
+log = logging.getLogger(__name__)
+DEFAULT_SSH_PRIVATE_KEY = os.path.join(os.path.dirname(__file__),
+ '..', '..', 'config', 'ssh_client_cert', 'ssh_client_key')
+DEFAULT_SSH_PUBLIC_KEY = os.path.join(os.path.dirname(__file__),
+ '..', '..', 'config', 'ssh_client_cert', 'ssh_client_key.pub')
+class Node(Resource):
+ """
+ Resource: Node
+ """
+ x = Attribute(Double, description = 'X coordinate',
+ default = 0.0)
+ y = Attribute(Double, description = 'Y coordinate',
+ default = 0.0)
+ category = Attribute(String)
+ os = Attribute(String, description = 'OS',
+ default = 'ubuntu',
+ choices = ['debian', 'ubuntu'])
+ dist = Attribute(String, description = 'Distribution name',
+ default = 'xenial',
+ choices = ['trusty', 'xenial', 'sid'])
+ arch = Attribute(String, description = 'Architecture',
+ default = 'amd64',
+ choices = ['amd64'])
+ node_with_kernel = Attribute(Self,
+ description = 'Node on which the kernel sits',
+ ro = True)
+ #---------------------------------------------------------------------------
+ # Constructor and Accessors
+ #---------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._host_interface = None
+ #---------------------------------------------------------------------------
+ # Public API
+ #---------------------------------------------------------------------------
+ @property
+ def host_interface(self):
+ """
+ We assume that any unmanaged interface associated to the host is the
+ main host interface. It should thus be declared in the JSON topology.
+ We might later perform some kind of auto discovery.
+ This unmanaged interface is only required to get the device_name:
+ - to create Veth (need a parent)
+ - to ssh a node, get its ip address (eg for the repo)
+ - to avoid loops in type specification
+ It is used for all nodes to provide network connectivity.
+ """
+ for interface in self.interfaces:
+ if not interface.managed or interface.owner is not None:
+ return interface
+ raise Exception('Cannot find host interface for node {}: {}'.format(
+ self, self.interfaces))
+ def execute(self, command, output = False, as_root = False):
+ raise NotImplementedError
diff --git a/vicn/resource/ns3/__init__.py b/vicn/resource/ns3/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/ns3/__init__.py
diff --git a/vicn/resource/ns3/emulated_channel.py b/vicn/resource/ns3/emulated_channel.py
new file mode 100644
index 00000000..08d7a14b
--- /dev/null
+++ b/vicn/resource/ns3/emulated_channel.py
@@ -0,0 +1,209 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import logging
+import random
+from netmodel.model.type import Integer
+from netmodel.util.socket import check_port
+from vicn.core.address_mgr import AddressManager
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource import BaseResource
+from vicn.core.resource_mgr import wait_resources
+from vicn.core.task import inline_task, async_task, task
+from vicn.core.task import BashTask, run_task
+from vicn.resource.channel import Channel
+from vicn.resource.linux.application import LinuxApplication as Application
+from vicn.resource.linux.net_device import NetDevice
+from vicn.resource.linux.tap_device import TapDevice
+from vicn.resource.linux.veth_pair import VethPair
+from vicn.resource.lxd.lxc_container import LxcContainer
+from vicn.resource.node import Node
+log = logging.getLogger(__name__)
+class EmulatedChannel(Channel, Application):
+ """EmulatedChannel resource
+ This resources serves as a base class for wireless channels emulated by
+ means of ns3 simulation.
+ Attributes:
+ ap (Reference[node]): Reference to the AP node
+ stations (Reference[node]): Reference to the list of stations.
+ control_port (int): Port used to communicate with the management
+ interface of the simulation.
+ Implementation notes:
+ - Both AP and stations are allocated a separate VLAN to isolate broadcast
+ traffic and prevent loops on the bridge.
+ - We also need that all interfaces related to ap and stations are created
+ before we run the commandline (currently, dynamically adding/removing
+ AP and stations is not supported by the emulator). This is made
+ possible thanks to the key=True parameter, which makes sure the
+ attributes are processed before the __create__ is called.
+ Todo:
+ - Retrieve the process PID to kill it during __delete__
+ """
+ __resource_type__ = BaseResource
+ ap = Attribute(Node, description = 'AP', key = True)
+ stations = Attribute(Node, description = 'List of stations',
+ multiplicity = Multiplicity.OneToMany, key = True)
+ control_port = Attribute(Integer,
+ description = 'Control port for the simulation')
+ # Overloaded attributes
+ node = Attribute(requirements = [
+ Requirement('bridge')
+ ])
+ #--------------------------------------------------------------------------
+ # Constructor
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ # AP (resp. stations) interfaces (for external connectivity) and
+ # tap_devices (for connection to emulator)
+ self._ap_if = None
+ self._ap_tap = None
+ self._sta_ifs = dict()
+ self._sta_taps = dict()
+ # Device names to be attached to the bridge (differs according to the
+ # node type, Physical or LxcContainer, and eventually None for an
+ # unmanaged stations)
+ self._ap_bridged = None
+ self._sta_bridged = dict()
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ # NOTE: http://stackoverflow.com/questions/21141352/python-subprocess-
+ # calling-a-script-which-runs-a-background-process-hanging
+ # The output of the background scripts is still going to the same file
+ # descriptor as the child script, thus the parent script waits for it
+ # to finish.
+ cmd = '(' + self.__app_name__ + ' ' + self._get_cmdline_params() + \
+ '>/dev/null 2>&1) &'
+ return BashTask(self.node, cmd)
+ def __delete__(self):
+ raise NotImplementedError
+ #--------------------------------------------------------------------------
+ # Attribute handlers
+ #--------------------------------------------------------------------------
+ @async_task
+ async def _set_ap(self, ap=None):
+ if ap is None:
+ ap = self.ap
+ if ap is None:
+ log.info('Ignored setting ap to None...')
+ return
+ # Add a WiFi interface for the AP...
+ interfaces = list()
+ if isinstance(ap, LxcContainer):
+ # Ideally, We need to create a VethPair for each station
+ # This should be monitored for the total channel bw
+ host = NetDevice(node = ap.node,
+ device_name='vhh-' + ap.name + '-' + self.name,
+ monitored = False,
+ managed = False)
+ self._ap_if = VethPair(node = self.ap,
+ name = 'vh-' + ap.name + '-' + self.name,
+ device_name = 'vh-' + ap.name + '-' + self.name,
+ host = host,
+ owner = self)
+ self._ap_bridged = self._ap_if.host
+ else:
+ raise NotImplementedError
+ self._state.manager.commit_resource(self._ap_if)
+ interfaces.append(self._ap_if)
+ # Add a tap interface for the AP...
+ self._ap_tap = TapDevice(node = self.node,
+ owner = self,
+ device_name = 'tap-' + ap.name + '-' + self.name,
+ up = True,
+ promiscuous = True,
+ monitored = False)
+ self._state.manager.commit_resource(self._ap_tap)
+ interfaces.append(self._ap_tap)
+ # Wait for interfaces to be setup
+ await wait_resources(interfaces)
+ # NOTE: only set channel after the resource is created or it might
+ # create loops which, at this time, are not handled
+ self._ap_if.set('channel', self)
+ # Add interfaces to bridge
+ vlan = AddressManager().get('vlan', self, tag='ap')
+ # AS the container has created the VethPair already without Vlan, we
+ # need to delete and recreate it
+ task = self.node.bridge._remove_interface(self._ap_bridged)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(self._ap_bridged, vlan = vlan)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(self._ap_tap, vlan = vlan)
+ await run_task(task, self._state.manager)
+ print('/!\ pass information to the running simulation')
+ @inline_task
+ def _get_ap(self):
+ return {'ap': None}
+ @inline_task
+ def _get_stations(self):
+ return {'stations': list()}
+ @async_task
+ async def _set_stations(self, stations=None):
+ print('adding stations...')
+ if stations is None:
+ stations = self.stations
+ for station in stations:
+ await self._add_station(station)
+ def _add_stations(self, stations):
+ raise NotImplementedError
+ @inline_task
+ def _remove_stations(self, station):
+ raise NotImplementedError
diff --git a/vicn/resource/ns3/emulated_lte_channel.py b/vicn/resource/ns3/emulated_lte_channel.py
new file mode 100644
index 00000000..8c7382cb
--- /dev/null
+++ b/vicn/resource/ns3/emulated_lte_channel.py
@@ -0,0 +1,188 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.core.address_mgr import AddressManager
+from vicn.core.resource_mgr import wait_resources
+from vicn.core.task import run_task
+from vicn.resource.ns3.emulated_channel import EmulatedChannel
+from vicn.resource.linux.net_device import NetDevice
+class EmulatedLteChannel(EmulatedChannel):
+ """
+ Resource: EmulatedLteChannel
+ This resource uses ns3 based emulation to emulate a lte subnet with one pgw,
+ one enode B, and multiple UEs.
+ This model needs to be extended with LTE specific features like "network
+ resource" in the future. Currently it works in same way as wifi emulator
+ with no lte specific features.
+ Attributes:
+ ap (Reference[node]): Reference to the AP/pgw node
+ stations (Reference[node]): Reference to the list of UE.
+ control_port (int): Port used to communicate with the management
+ interface of the simulation.
+ """
+ __package_names__ = ['lte-emulator']
+ __app_name__ = 'lte_emulator'
+ #---------------------------------------------------------------------------
+ # Attribute handlers
+ #---------------------------------------------------------------------------
+ async def _add_station(self, station):
+ from vicn.resource.lxd.lxc_container import LxcContainer
+ from vicn.resource.linux.veth_pair import VethPair
+ from vicn.resource.linux.tap_device import TapChannel
+ interfaces = list()
+ # ... and each station
+ if not station.managed:
+ sta_if = None
+ else:
+ if isinstance(station, LxcContainer):
+ host = NetDevice(node = station.node,
+ device_name='vhh-' + station.name + '-' + self.name,
+ managed = False)
+ sta_if = VethPair(node = station,
+ name = 'vh-' + station.name + '-' + self.name,
+ device_name = 'vh-' + station.name + '-' + self.name,
+ host = host,
+ owner = self)
+ bridged_sta = sta_if.host
+ else:
+ raise NotImplementedError
+ if sta_if:
+ self._sta_ifs[station] = sta_if
+ self._sta_bridged[station] = bridged_sta
+ interfaces.append(sta_if)
+ self._state.manager.commit_resource(sta_if)
+ sta_tap = TapChannel(node = self.node,
+ owner = self,
+ device_name = 'tap-' + station.name + '-' + self.name,
+ up = True,
+ promiscuous = True,
+ station_name = station.name,
+ channel_name = self.name)
+ self._sta_taps[station] = sta_tap
+ interfaces.append(sta_tap)
+ self._state.manager.commit_resource(sta_tap)
+ # Wait for interfaces to be setup
+ await wait_resources(interfaces)
+ # Add interfaces to bridge
+ # One vlan per station is needed to avoid broadcast loops
+ vlan = AddressManager().get('vlan', sta_tap)
+ if sta_if:
+ sta_if.set('channel', self)
+ task = self.node.bridge._remove_interface(bridged_sta)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(bridged_sta,
+ vlan = vlan)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(sta_tap, vlan = vlan)
+ await run_task(task, self._state.manager)
+ def _get_cmdline_params(self):
+ # IP have not been assign, use AddressManager for simplicity since it
+ # will remember the assignment
+ # NOTE: here the IP address passed to emulator program is hardcoded with
+ # a /24 mask(even if the associated IP with the station does not have a
+ # /24 mask). This is not a problem at all because the netmask passed to
+ # the emulator program has no impact on configuration in the emulator
+ # program. Indeed, the IP routing table in the emulator program are
+ # configured on a per address basis(one route per IP address) instead of
+ # on a per prefix basis(one route per prefix). This guarantees the IP
+ # routing will not change regardless of what netmask is. That is why we
+ # can always safely pass a hardcoded /24 mask to the emulator program.
+ sta_list = list() # list of identifiers
+ sta_macs = list() # list of macs
+ sta_taps = list()
+ sta_ips = list()
+ for station in self.stations:
+ if not station.managed:
+ interface = [i for i in station.interfaces if i.channel == self]
+ assert len(interface) == 1
+ interface = interface[0]
+ sta_list.append(interface.name)
+ sta_macs.append(interface.mac_address)
+ sta_ips.append(interface.ip_address + '/24')
+ else:
+ identifier = self._sta_ifs[station]._state.uuid._uuid
+ sta_list.append(identifier)
+ mac = self._sta_ifs[station].mac_address
+ sta_macs.append(mac)
+ # Preallocate IP address
+ ip = AddressManager().get_ip(self._sta_ifs[station]) + '/24'
+ sta_ips.append(ip)
+ tap = self._sta_taps[station].device_name
+ sta_taps.append(tap)
+ params = {
+ # Name of the tap between NS3 and the base station
+ 'bs-tap' : self._ap_tap.device_name,
+ # Number of stations
+ 'n-sta' : len(self._sta_taps),
+ # List of the stations of the simulation
+ 'sta-list' : ','.join(sta_list),
+ # List of the taps between NS3 and the mobile stations
+ 'sta-taps' : ','.join(sta_taps),
+ # List of the macs of the mobile stations
+ 'sta-macs' : ','.join(sta_macs),
+ # X position of the Base Station
+ 'bs-x' : 0, #self.ap.x,
+ # Y position of the Base Station
+ 'bs-y' : 0, #self.ap.y,
+ # Experiment ID
+ 'experiment-id' : 'vicn',
+ # Index of the base station
+ 'bs-name' : self._ap_tap.device_name,
+ # Base station IP address
+ 'bs-mac' : self._ap_if.mac_address,
+ # Control port for dynamically managing the stations movement
+ 'control-port' : self.control_port,
+ # Coma-separated list of stations' IP/netmask len
+ 'sta-ips' : ','.join(sta_ips),
+ # Base station IP/netmask len
+ 'bs-ip' : AddressManager().get_ip(self._ap_if) +
+ 'txBuffer' : '800000',
+ 'isFading' : 'true' if DEFAULT_FADING_ENABLED else 'false',
+ }
+ return ' '.join(['--{}={}'.format(k, v) for k, v in params.items()])
diff --git a/vicn/resource/ns3/emulated_wifi_channel.py b/vicn/resource/ns3/emulated_wifi_channel.py
new file mode 100644
index 00000000..088d4444
--- /dev/null
+++ b/vicn/resource/ns3/emulated_wifi_channel.py
@@ -0,0 +1,148 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.resource.ns3.emulated_channel import EmulatedChannel
+from vicn.resource.linux.net_device import NetDevice
+from vicn.core.address_mgr import AddressManager
+from vicn.core.resource_mgr import wait_resources
+from vicn.core.task import async_task, run_task
+class EmulatedWiFiChannel(EmulatedChannel):
+ """EmulatedWiFiChannel Resource
+ This resource uses the ns3 simulator to emulate an 80211n wireless channel.
+ It assume no interference between base stations, and thus the emulated
+ channel corresponds to a single base station.
+ """
+ __package_names__ = ['wifi-emulator']
+ __app_name__ = 'wifi_emulator'
+ #---------------------------------------------------------------------------
+ # Attribute handlers
+ #---------------------------------------------------------------------------
+ async def _add_station(self, station):
+ from vicn.resource.lxd.lxc_container import LxcContainer
+ from vicn.resource.linux.veth_pair import VethPair
+ from vicn.resource.linux.tap_device import TapChannel
+ from vicn.resource.linux.macvlan import MacVlan
+ interfaces = list()
+ if not station.managed:
+ sta_if = None
+ else:
+ if isinstance(station, LxcContainer):
+ host = NetDevice(node = station.node,
+ device_name='vhh-' + station.name + '-' + self.name,
+ managed = False)
+ sta_if = VethPair(node = station,
+ name = 'vh-' + station.name + '-' + self.name,
+ device_name = 'vh-' + station.name + '-' + self.name,
+ host = host,
+ owner = self)
+ bridged_sta = sta_if.host
+ else:
+ raise NotImplementedError
+ if sta_if:
+ self._sta_ifs[station] = sta_if
+ self._sta_bridged[station] = bridged_sta
+ interfaces.append(sta_if)
+ self._state.manager.commit_resource(sta_if)
+ sta_tap = TapChannel(node = self.node,
+ owner = self,
+ device_name = 'tap-' + station.name + '-' + self.name,
+ up = True,
+ promiscuous = True,
+ station_name = station.name,
+ channel_name = self.name)
+ self._sta_taps[station] = sta_tap
+ interfaces.append(sta_tap)
+ self._state.manager.commit_resource(sta_tap)
+ # Wait for interfaces to be setup
+ await wait_resources(interfaces)
+ # Add interfaces to bridge
+ # One vlan per station is needed to avoid broadcast loops
+ vlan = AddressManager().get('vlan', sta_tap)
+ # sta_tap choosen because always there
+ if sta_if:
+ sta_if.set('channel', self)
+ task = self.node.bridge._remove_interface(bridged_sta)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(bridged_sta,
+ vlan = vlan)
+ await run_task(task, self._state.manager)
+ task = self.node.bridge._add_interface(sta_tap, vlan = vlan)
+ await run_task(task, self._state.manager)
+ def _get_cmdline_params(self, ):
+ # sta-macs and sta-list for unmanaged stations
+ sta_list = list() # list of identifiers
+ sta_macs = list() # list of macs
+ sta_taps = list()
+ for station in self.stations:
+ if not station.managed:
+ interface = [i for i in station.interfaces if i.channel == self]
+ assert len(interface) == 1
+ interface = interface[0]
+ sta_list.append(interface.name)
+ sta_macs.append(interface.mac_address)
+ else:
+ identifier = self._sta_ifs[station]._state.uuid._uuid
+ sta_list.append(identifier)
+ mac = self._sta_ifs[station].mac_address
+ sta_macs.append(mac)
+ tap = self._sta_taps[station].device_name
+ sta_taps.append(tap)
+ params = {
+ # Name of the tap between NS3 and the base station
+ 'bs-tap' : self._ap_tap.device_name,
+ # Number of stations
+ 'n-sta' : len(self._sta_taps),
+ # List of the stations of the simulation # identifiers
+ 'sta-list' : ','.join(sta_list),
+ # List of the taps between NS3 and the mobile stations
+ 'sta-taps' : ','.join(sta_taps),
+ # List of the macs of the mobile stations
+ 'sta-macs' : ','.join(sta_macs),
+ # X position of the Base Station
+ 'bs-x' : 0, #self.ap.x,
+ # Y position of the Base Station
+ 'bs-y' : 0, #self.ap.y,
+ # Experiment ID
+ 'experiment-id' : 'vicn',
+ # Index of the base station
+ 'bs-name' : self._ap_tap.device_name,
+ # Base station MAC address
+ 'bs-mac' : self._ap_if.mac_address,
+ # Control port for dynamically managing the stations movement
+ 'control-port' : self.control_port,
+ }
+ return ' '.join(['--{}={}'.format(k, v) for k, v in params.items()])
diff --git a/vicn/resource/script.py b/vicn/resource/script.py
new file mode 100644
index 00000000..30196b21
--- /dev/null
+++ b/vicn/resource/script.py
@@ -0,0 +1,31 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from vicn.helpers.resource_definition import *
+class Script(Resource):
+ """
+ Resource: Script
+ This resource is empty on purpose. It is a temporary resource used as a
+ placeholder for controlling the tool from GUI and should be deprecated in
+ future releases.
+ """
+ id = Attribute(String)
+ name = Attribute(String)
diff --git a/vicn/resource/vpp/__init__.py b/vicn/resource/vpp/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/vicn/resource/vpp/__init__.py
diff --git a/vicn/resource/vpp/cicn.py b/vicn/resource/vpp/cicn.py
new file mode 100644
index 00000000..be523a6c
--- /dev/null
+++ b/vicn/resource/vpp/cicn.py
@@ -0,0 +1,138 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import re
+from netmodel.model.type import Integer, Bool
+from vicn.core.attribute import Attribute
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource_mgr import wait_resource_task
+from vicn.core.task import async_task, task, BashTask, EmptyTask
+from vicn.resource.icn.forwarder import Forwarder
+from vicn.resource.node import Node
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ENABLE_PLUGIN
+from vicn.resource.vpp.vpp_commands import CMD_VPP_CICN_GET
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ADD_ICN_FACE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ADD_ICN_ROUTE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_CICN_GET_CACHE_SIZE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_CICN_SET_CACHE_SIZE
+_ADD_FACE_RETURN_FORMAT = "Face ID: [0-9]+"
+def check_face_id_return_format(data):
+ prog = re.compile(_ADD_FACE_RETURN_FORMAT)
+ return prog.match(data)
+def parse_face_id(data):
+ return data.partition(':')[2]
+class CICNForwarder(Forwarder):
+ """
+ NOTE: Based on the Vagrantfile, we recommend a node with mem=4096, cpu=4
+ """
+ node = Attribute(Node,
+ mandatory=True,
+ requirements = [Requirement('vpp')],
+ reverse_name='cicn')
+ numa_node = Attribute(Integer,
+ description = 'Numa node on which vpp will run',
+ default = None)
+ core = Attribute(Integer,
+ description = 'Core belonging the numa node on which vpp will run',
+ default = None)
+ enable_worker = Attribute(Bool,
+ description = 'Enable one worker for packet processing',
+ default = False)
+ #__packages__ = ['vpp-plugin-cicn']
+ def __after__(self):
+ return ['CentralICN']
+ def __get__(self):
+ def parse(rv):
+ if rv.return_value > 0 or 'cicn: not enabled' in rv.stdout:
+ raise ResourceNotFound
+ return BashTask(self.node, CMD_VPP_CICN_GET,
+ lock = self.node.vpp.vppctl_lock, parse=parse)
+ def __create__(self):
+ #self.node.vpp.plugins.append("cicn")
+ lock = self.node.vpp.vppctl_lock
+ create_task = BashTask(self.node, CMD_VPP_ENABLE_PLUGIN,
+ {'plugin' : 'cicn'}, lock = lock)
+ face_task = EmptyTask()
+ route_task = EmptyTask()
+ def parse_face(rv, face):
+ if check_face_id_return_format(rv.stdout):
+ face.id = parse_face_id(rv.stdout)
+ return {}
+ for face in self.faces:
+ face_task = face_task > BashTask(self.node, CMD_VPP_ADD_ICN_FACE,
+ {'face':face},
+ parse = (lambda x : parse_face(x, face)), lock = lock)
+ if not self.routes:
+ from vicn.resource.icn.route import Route
+ for route in self._state.manager.by_type(Route):
+ if route.node is self.node:
+ self.routes.append(route)
+ for route in self.routes:
+ route_task = route_task > BashTask(self.node,
+ CMD_VPP_ADD_ICN_ROUTE, {'route' : route}, lock = lock)
+ return (wait_resource_task(self.node.vpp) > create_task) > (face_task > route_task)
+ # Nothing to do
+ __delete__ = None
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ # Force local update
+ _add_faces = None
+ _remove_faces = None
+ _get_faces = None
+ _set_faces = None
+ _add_routes = None
+ _remove_routes = None
+ _get_routes = None
+ _set_routes = None
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _set_cache_size(self):
+ return BashTask(self.node, CMD_VPP_CICN_SET_CACHE_SIZE, {'self': self},
+ lock = self.node.vpp.vppctl_lock)
+ def _get_cache_size(self):
+ def parse(rv):
+ return int(rv.stdout)
+ return BashTask(self.node, CMD_VPP_CICN_GET_CACHE_SIZE, parse=parse,
+ lock = self.node.vpp.vppctl_lock)
diff --git a/vicn/resource/vpp/dpdk_device.py b/vicn/resource/vpp/dpdk_device.py
new file mode 100644
index 00000000..69449e48
--- /dev/null
+++ b/vicn/resource/vpp/dpdk_device.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import Integer, String
+from vicn.core.attribute import Attribute
+from vicn.resource.linux.phy_interface import PhyInterface
+class DpdkDevice(PhyInterface):
+ """
+ Resource: DpdkDevice
+ A DpdkDevice is a physical net device supported by Dpdk and with parameters
+ specific to VPP.
+ """
+ numa_node = Attribute(Integer,
+ description = 'NUMA node on the same PCI bus as the DPDK card')
+ socket_mem = Attribute(Integer,
+ description = 'Memory used by the vpp forwarder',
+ default = 512)
+ mac_address = Attribute(String)
diff --git a/vicn/resource/vpp/interface.py b/vicn/resource/vpp/interface.py
new file mode 100644
index 00000000..efe4fe5a
--- /dev/null
+++ b/vicn/resource/vpp/interface.py
@@ -0,0 +1,125 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import Integer, String, Bool
+from vicn.core.resource import Resource
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.task import inline_task, BashTask, task
+from vicn.core.task import EmptyTask
+from vicn.resource.interface import Interface
+from vicn.resource.linux.net_device import NonTapBaseNetDevice
+from vicn.resource.vpp.vpp import VPP
+from vicn.resource.vpp.vpp_commands import CMD_VPP_CREATE_IFACE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_SET_IP, CMD_VPP_SET_UP
+class VPPInterface(Resource):
+ """
+ Resource: VPPInterface
+ An interface representation in VPP
+ """
+ vpp = Attribute(VPP,
+ description = 'Forwarder to which this interface belong to',
+ mandatory = True,
+ multiplicity = Multiplicity.ManyToOne,
+ key = True,
+ reverse_name = 'interfaces')
+ parent = Attribute(Interface, description = 'parent',
+ mandatory = True, reverse_name = 'vppinterface')
+ ip_address = Attribute(String)
+ prefix_len = Attribute(Integer, default = 31)
+ up = Attribute(Bool, description = 'Interface up/down status')
+ monitored = Attribute(Bool, default = True)
+ device_name = Attribute(String)
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ """
+ We need CentralIP to get the parent interface IP address
+ """
+ return ['CentralIP']
+ @inline_task
+ def __get__(self):
+ raise ResourceNotFound
+ def __create__(self):
+ # We must control what is the type of the parent netDevice (currently
+ # supported only veths, physical nics are coming)
+ create_task = EmptyTask()
+ # We must let the routing algorithm know that the parent interface
+ # belongs to vpp
+ self.parent.has_vpp_child = True
+ self.ip_address = self.parent.ip_address
+ self.up = True
+ if isinstance(self.parent,NonTapBaseNetDevice):
+ # Remove ip address in the parent device, it must only be set in
+ # the vpp interface otherwise vpp and the linux kernel will reply
+ # to non-icn request (e.g., ARP replies, port ureachable etc)
+ self.device_name = 'host-' + self.parent.device_name
+ create_task = BashTask(self.vpp.node, CMD_VPP_CREATE_IFACE,
+ {'vpp_interface': self},
+ lock = self.vpp.vppctl_lock)
+ self.parent.set('ip_address', None)
+ self.parent.set('offload', False)
+ self.parent.remote.set('offload', False)
+ elif self.parent.get_type() == 'dpdkdevice':
+ self.device_name = self.parent.device_name
+ else :
+ # Currently assume naively that everything else will be a physical
+ # NIC for VPP
+ #
+ # Before initialization, we need to make sure that the parent
+ # interface is down (vpp will control the nic)
+ self.device_name = 'host-' + self.parent.device_name
+ self.parent.set('up', False)
+ return create_task
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _set_ip_address(self):
+ if self.ip_address:
+ return BashTask(self.vpp.node, CMD_VPP_SET_IP, {'netdevice': self},
+ lock = self.vpp.vppctl_lock)
+ def _set_up(self):
+ return BashTask(self.vpp.node, CMD_VPP_SET_UP, {'netdevice': self},
+ lock = self.vpp.vppctl_lock)
+ @task
+ def _get_up(self):
+ return {'up' : False}
+ @task
+ def _get_ip_address(self):
+ return {'ip_address' : None}
diff --git a/vicn/resource/vpp/scripts.py b/vicn/resource/vpp/scripts.py
new file mode 100644
index 00000000..3a3d5e8f
--- /dev/null
+++ b/vicn/resource/vpp/scripts.py
@@ -0,0 +1,287 @@
+profile lxc-dpdk flags=(attach_disconnected,mediate_deleted) {
+ ### Base profile
+ capability,
+ dbus,
+ file,
+ network,
+ umount,
+ # Allow us to receive signals from anywhere.
+ signal (receive),
+ # Allow us to send signals to ourselves
+ signal peer=@{profile_name},
+ # Allow other processes to read our /proc entries, futexes, perf tracing and
+ # kcmp for now (they will need 'read' in the first place). Administrators can
+ # override with:
+ # deny ptrace (readby) ...
+ ptrace (readby),
+ # Allow other processes to trace us by default (they will need 'trace' in
+ # the first place). Administrators can override with:
+ # deny ptrace (tracedby) ...
+ ptrace (tracedby),
+ # Allow us to ptrace ourselves
+ ptrace peer=@{profile_name},
+ # ignore DENIED message on / remount
+ deny mount options=(ro, remount) -> /,
+ deny mount options=(ro, remount, silent) -> /,
+ # allow tmpfs mounts everywhere
+ mount fstype=tmpfs,
+ # allow hugetlbfs mounts everywhere
+ mount fstype=hugetlbfs,
+ # allow mqueue mounts everywhere
+ mount fstype=mqueue,
+ # allow fuse mounts everywhere
+ mount fstype=fuse,
+ mount fstype=fuse.*,
+ # deny access under /proc/bus to avoid e.g. messing with pci devices directly
+ deny @{PROC}/bus/** wklx,
+ # deny writes in /proc/sys/fs but allow binfmt_misc to be mounted
+ mount fstype=binfmt_misc -> /proc/sys/fs/binfmt_misc/,
+ deny @{PROC}/sys/fs/** wklx,
+ # allow efivars to be mounted, writing to it will be blocked though
+ mount fstype=efivarfs -> /sys/firmware/efi/efivars/,
+ # block some other dangerous paths
+ deny @{PROC}/kcore rwklx,
+ deny @{PROC}/kmem rwklx,
+ deny @{PROC}/mem rwklx,
+ deny @{PROC}/sysrq-trigger rwklx,
+ # deny writes in /sys except for /sys/fs/cgroup, also allow
+ # fusectl, securityfs and debugfs to be mounted there (read-only)
+ mount fstype=fusectl -> /sys/fs/fuse/connections/,
+ mount fstype=securityfs -> /sys/kernel/security/,
+ mount fstype=debugfs -> /sys/kernel/debug/,
+ deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/,
+ mount fstype=proc -> /proc/,
+ mount fstype=sysfs -> /sys/,
+ mount options=(rw, nosuid, nodev, noexec, remount) -> /sys/,
+ deny /sys/firmware/efi/efivars/** rwklx,
+ # note, /sys/kernel/security/** handled below
+ mount options=(move) /sys/fs/cgroup/cgmanager/ -> /sys/fs/cgroup/cgmanager.lower/,
+ mount options=(ro, nosuid, nodev, noexec, remount, strictatime) -> /sys/fs/cgroup/,
+ mount options=(ro, nosuid, nodev, noexec, remount, strictatime) -> /sys,
+ # deny reads from debugfs
+ deny /sys/kernel/debug/{,**} rwklx,
+ # allow paths to be made slave, shared, private or unbindable
+ # FIXME: This currently doesn't work due to the apparmor parser treating those as allowing all mounts.
+# mount options=(rw,make-slave) -> **,
+# mount options=(rw,make-rslave) -> **,
+# mount options=(rw,make-shared) -> **,
+# mount options=(rw,make-rshared) -> **,
+# mount options=(rw,make-private) -> **,
+# mount options=(rw,make-rprivate) -> **,
+# mount options=(rw,make-unbindable) -> **,
+# mount options=(rw,make-runbindable) -> **,
+ # allow bind-mounts of anything except /proc, /sys and /dev
+ mount options=(rw,bind) /[^spd]*{,/**},
+ mount options=(rw,bind) /d[^e]*{,/**},
+ mount options=(rw,bind) /de[^v]*{,/**},
+ mount options=(rw,bind) /dev/.[^l]*{,/**},
+ mount options=(rw,bind) /dev/.l[^x]*{,/**},
+ mount options=(rw,bind) /dev/.lx[^c]*{,/**},
+ mount options=(rw,bind) /dev/.lxc?*{,/**},
+ mount options=(rw,bind) /dev/[^.]*{,/**},
+ mount options=(rw,bind) /dev?*{,/**},
+ mount options=(rw,bind) /p[^r]*{,/**},
+ mount options=(rw,bind) /pr[^o]*{,/**},
+ mount options=(rw,bind) /pro[^c]*{,/**},
+ mount options=(rw,bind) /proc?*{,/**},
+ mount options=(rw,bind) /s[^y]*{,/**},
+ mount options=(rw,bind) /sy[^s]*{,/**},
+ mount options=(rw,bind) /sys?*{,/**},
+ # allow moving mounts except for /proc, /sys and /dev
+ mount options=(rw,move) /[^spd]*{,/**},
+ mount options=(rw,move) /d[^e]*{,/**},
+ mount options=(rw,move) /de[^v]*{,/**},
+ mount options=(rw,move) /dev/.[^l]*{,/**},
+ mount options=(rw,move) /dev/.l[^x]*{,/**},
+ mount options=(rw,move) /dev/.lx[^c]*{,/**},
+ mount options=(rw,move) /dev/.lxc?*{,/**},
+ mount options=(rw,move) /dev/[^.]*{,/**},
+ mount options=(rw,move) /dev?*{,/**},
+ mount options=(rw,move) /p[^r]*{,/**},
+ mount options=(rw,move) /pr[^o]*{,/**},
+ mount options=(rw,move) /pro[^c]*{,/**},
+ mount options=(rw,move) /proc?*{,/**},
+ mount options=(rw,move) /s[^y]*{,/**},
+ mount options=(rw,move) /sy[^s]*{,/**},
+ mount options=(rw,move) /sys?*{,/**},
+ # generated by: lxc-generate-aa-rules.py container-rules.base
+ deny /proc/sys/[^kn]*{,/**} wklx,
+ deny /proc/sys/k[^e]*{,/**} wklx,
+ deny /proc/sys/ke[^r]*{,/**} wklx,
+ deny /proc/sys/ker[^n]*{,/**} wklx,
+ deny /proc/sys/kern[^e]*{,/**} wklx,
+ deny /proc/sys/kerne[^l]*{,/**} wklx,
+ deny /proc/sys/kernel/[^smhd]*{,/**} wklx,
+ deny /proc/sys/kernel/d[^o]*{,/**} wklx,
+ deny /proc/sys/kernel/do[^m]*{,/**} wklx,
+ deny /proc/sys/kernel/dom[^a]*{,/**} wklx,
+ deny /proc/sys/kernel/doma[^i]*{,/**} wklx,
+ deny /proc/sys/kernel/domai[^n]*{,/**} wklx,
+ deny /proc/sys/kernel/domain[^n]*{,/**} wklx,
+ deny /proc/sys/kernel/domainn[^a]*{,/**} wklx,
+ deny /proc/sys/kernel/domainna[^m]*{,/**} wklx,
+ deny /proc/sys/kernel/domainnam[^e]*{,/**} wklx,
+ deny /proc/sys/kernel/domainname?*{,/**} wklx,
+ deny /proc/sys/kernel/h[^o]*{,/**} wklx,
+ deny /proc/sys/kernel/ho[^s]*{,/**} wklx,
+ deny /proc/sys/kernel/hos[^t]*{,/**} wklx,
+ deny /proc/sys/kernel/host[^n]*{,/**} wklx,
+ deny /proc/sys/kernel/hostn[^a]*{,/**} wklx,
+ deny /proc/sys/kernel/hostna[^m]*{,/**} wklx,
+ deny /proc/sys/kernel/hostnam[^e]*{,/**} wklx,
+ deny /proc/sys/kernel/hostname?*{,/**} wklx,
+ deny /proc/sys/kernel/m[^s]*{,/**} wklx,
+ deny /proc/sys/kernel/ms[^g]*{,/**} wklx,
+ deny /proc/sys/kernel/msg*/** wklx,
+ deny /proc/sys/kernel/s[^he]*{,/**} wklx,
+ deny /proc/sys/kernel/se[^m]*{,/**} wklx,
+ deny /proc/sys/kernel/sem*/** wklx,
+ deny /proc/sys/kernel/sh[^m]*{,/**} wklx,
+ deny /proc/sys/kernel/shm*/** wklx,
+ deny /proc/sys/kernel?*{,/**} wklx,
+ deny /proc/sys/n[^e]*{,/**} wklx,
+ deny /proc/sys/ne[^t]*{,/**} wklx,
+ deny /proc/sys/net?*{,/**} wklx,
+ deny /sys/[^fdck]*{,/**} wklx,
+ deny /sys/c[^l]*{,/**} wklx,
+ deny /sys/cl[^a]*{,/**} wklx,
+ deny /sys/cla[^s]*{,/**} wklx,
+ deny /sys/clas[^s]*{,/**} wklx,
+ deny /sys/class/[^nu]*{,/**} wklx,
+ deny /sys/class/n[^e]*{,/**} wklx,
+ deny /sys/class/ne[^t]*{,/**} wklx,
+ deny /sys/class/net?*{,/**} wklx,
+ deny /sys/class/u[^i]*{,/**} wklx,
+ deny /sys/class/ui[^o]*{,/**} wklx,
+ deny /sys/class?*{,/**} wklx,
+ deny /sys/d[^e]*{,/**} wklx,
+ deny /sys/de[^v]*{,/**} wklx,
+ deny /sys/dev[^i]*{,/**} wklx,
+ deny /sys/devi[^c]*{,/**} wklx,
+ deny /sys/devic[^e]*{,/**} wklx,
+ deny /sys/device[^s]*{,/**} wklx,
+# deny /sys/devices/[^vu]*{,/**} wklx,
+# deny /sys/devices/v[^i]*{,/**} wklx,
+# deny /sys/devices/vi[^r]*{,/**} wklx,
+# deny /sys/devices/vir[^t]*{,/**} wklx,
+# deny /sys/devices/virt[^u]*{,/**} wklx,
+# deny /sys/devices/virtu[^a]*{,/**} wklx,
+# deny /sys/devices/virtua[^l]*{,/**} wklx,
+# deny /sys/devices/virtual/[^n]*{,/**} wklx,
+# deny /sys/devices/virtual/n[^e]*{,/**} wklx,
+# deny /sys/devices/virtual/ne[^t]*{,/**} wklx,
+# deny /sys/devices/virtual/net?*{,/**} wklx,
+# deny /sys/devices/virtual?*{,/**} wklx,
+# deny /sys/devices?*{,/**} wklx,
+ deny /sys/f[^s]*{,/**} wklx,
+ deny /sys/fs/[^c]*{,/**} wklx,
+ deny /sys/fs/c[^g]*{,/**} wklx,
+ deny /sys/fs/cg[^r]*{,/**} wklx,
+ deny /sys/fs/cgr[^o]*{,/**} wklx,
+ deny /sys/fs/cgro[^u]*{,/**} wklx,
+ deny /sys/fs/cgrou[^p]*{,/**} wklx,
+ deny /sys/fs/cgroup?*{,/**} wklx,
+ deny /sys/fs?*{,/**} wklx,
+ ### Feature: unix
+ # Allow receive via unix sockets from anywhere
+ unix (receive),
+ # Allow all unix in the container
+ unix peer=(label=@{profile_name}),
+ ### Feature: cgroup namespace
+ mount fstype=cgroup -> /sys/fs/cgroup/**,
+ ### Feature: apparmor stacking
+ ### Configuration: apparmor loading disabled in privileged containers
+ deny /sys/k[^e]*{,/**} rwklx,
+ deny /sys/ke[^r]*{,/**} rwklx,
+ deny /sys/ker[^n]*{,/**} rwklx,
+ deny /sys/kern[^e]*{,/**} rwklx,
+ deny /sys/kerne[^l]*{,/**} rwklx,
+ deny /sys/kernel/[^sm]*{,/**} rwklx,
+ deny /sys/kernel/s[^e]*{,/**} rwklx,
+ deny /sys/kernel/se[^c]*{,/**} rwklx,
+ deny /sys/kernel/sec[^u]*{,/**} rwklx,
+ deny /sys/kernel/secu[^r]*{,/**} rwklx,
+ deny /sys/kernel/secur[^i]*{,/**} rwklx,
+ deny /sys/kernel/securi[^t]*{,/**} rwklx,
+ deny /sys/kernel/securit[^y]*{,/**} rwklx,
+ deny /sys/kernel/security/[^a]*{,/**} rwklx,
+ deny /sys/kernel/security/a[^p]*{,/**} rwklx,
+ deny /sys/kernel/security/ap[^p]*{,/**} rwklx,
+ deny /sys/kernel/security/app[^a]*{,/**} rwklx,
+ deny /sys/kernel/security/appa[^r]*{,/**} rwklx,
+ deny /sys/kernel/security/appar[^m]*{,/**} rwklx,
+ deny /sys/kernel/security/apparm[^o]*{,/**} rwklx,
+ deny /sys/kernel/security/apparmo[^r]*{,/**} rwklx,
+ deny /sys/kernel/security/apparmor?*{,/**} rwklx,
+ deny /sys/kernel/security?*{,/**} rwklx,
+ deny /sys/kernel?*{,/**} rwklx,
+unix {
+ nodaemon
+ log /tmp/vpp.log
+ full-coredump
+api-trace {
+ on
+api-segment {
+ gid vpp
+unix {
+ log /tmp/vpp.log
+ full-coredump
+api-trace {
+ on
+api-segment {
+ gid vpp
+lxc.aa_profile = lxc-dpdk
+lxc.mount.entry = hugetlbfs dev/hugepages hugetlbfs rw,relatime,create=dir 0 0
+lxc.mount.auto = sys:rw'''
diff --git a/vicn/resource/vpp/vpp.py b/vicn/resource/vpp/vpp.py
new file mode 100644
index 00000000..f9d10703
--- /dev/null
+++ b/vicn/resource/vpp/vpp.py
@@ -0,0 +1,187 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import asyncio
+from netmodel.model.type import String, Integer, Bool
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.resource import Resource
+from vicn.core.task import BashTask, task, inline_task
+from vicn.resource.lxd.lxc_container import LxcContainer
+from vicn.resource.node import Node
+from vicn.resource.linux.file import TextFile
+from vicn.resource.vpp.dpdk_device import DpdkDevice
+from vicn.resource.vpp.scripts import FN_VPP_DPDK_SCRIPT
+from vicn.resource.vpp.scripts import TPL_VPP_DPDK_DAEMON_SCRIPT
+from vicn.resource.vpp.vpp_commands import CMD_VPP_DISABLE, CMD_VPP_STOP
+from vicn.resource.vpp.vpp_commands import CMD_VPP_START
+from vicn.resource.vpp.vpp_commands import CMD_VPP_ENABLE_PLUGIN
+# VPP forwarder
+CMD_GET = 'killall -0 vpp_main'
+CMD_DISABLE_IP_FORWARD = 'sysctl -w net.ipv4.ip_forward=0'
+class VPP(Resource):
+ """
+ Todo:
+ - make VPP an application with package install
+ - vpp should be a service (hence a singleton) for which we override the
+ start and stop commands
+ """
+ #__package_names__ = ['vpp', 'vpp-dbg', 'vpp-dpdk-dev']
+ plugins = Attribute(String,
+ multiplicity = Multiplicity.OneToMany)
+ node = Attribute(Node,
+ multiplicity = Multiplicity.OneToOne,
+ reverse_name = 'vpp')
+ numa_node = Attribute(Integer,
+ description = 'Numa node on which vpp will run')
+ core = Attribute(Integer,
+ description = 'Core belonging the numa node on which vpp will run')
+ enable_worker = Attribute(Bool,
+ description = 'Enable one worker for packet processing',
+ default = False)
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self.vppctl_lock = asyncio.Lock()
+ self.dpdk_setup_file = None
+ if isinstance(self.node, LxcContainer):
+ if not 'vpp' in self.node.profiles:
+ self.node.profiles.append('vpp')
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __after__(self):
+ return ['BaseNetDevice']
+ def __get__(self):
+ return BashTask(self.node, CMD_GET)
+ def __subresources__(self):
+ self.dpdk_setup_file = TextFile(node = self.node,
+ filename = FN_VPP_DPDK_SCRIPT,
+ overwrite = True)
+ return self.dpdk_setup_file
+ def __create__(self):
+ socket_mem = dict()
+ numa_mgr = self.node.node_with_kernel.numa_mgr
+ for interface in self.node.interfaces:
+ if isinstance(interface, DpdkDevice):
+ # Assign as numa node the first numa node specified in a
+ # physical card (if any). If multiple nics connected to
+ # different numa nodes are assigned to this vpp memory access
+ # will be inefficient for the nics sitting in the other numa
+ # node.
+ socket_mem[interface.numa_node] = interface.socket_mem
+ for iface in self.interfaces:
+ if isinstance(iface.parent, DpdkDevice) and \
+ not iface.parent.numa_node is None:
+ self.numa_node = iface.parent.numa_node
+ break
+ if self.numa_node is None or self.core is None:
+ self.numa_node, self.core = \
+ numa_mgr.get_numa_core(numa_node = self.numa_node)
+ dpdk_list = list()
+ # On numa architecture socket-mem requires to set the amount of memory
+ # to be reserved on each numa node
+ socket_mem_str = 'socket-mem '
+ for numa in range (0,numa_mgr.get_number_of_numa()):
+ if numa in socket_mem:
+ socket_mem_str = socket_mem_str + str(socket_mem[numa])
+ else:
+ socket_mem_str = socket_mem_str + '0'
+ if numa < numa_mgr.get_number_of_numa()-1:
+ socket_mem_str = socket_mem_str + ','
+ dpdk_list.append(socket_mem_str)
+ for interface in self.node.interfaces:
+ if isinstance(interface, DpdkDevice):
+ dpdk_list.append('dev ' + interface.pci_address)
+ # Add the core on which running vpp and the dpdk parameters
+ setup = TPL_VPP_DPDK_DAEMON_SCRIPT + 'cpu {'
+ setup = setup + ''' \n main-core ''' + str(self.core)
+ if self.enable_worker:
+ self.numa_node, cpu_worker =numa_mgr.get_numa_core(self.numa_node)
+ setup = setup + '''\n corelist-workers ''' + str(cpu_worker)
+ setup = setup + '''\n}\n\n dpdk { '''
+ for dpdk_dev in dpdk_list:
+ setup = setup + ''' \n ''' + dpdk_dev
+ setup = setup + '\n}'
+ if any([isinstance(interface,DpdkDevice) for interface in self.node.interfaces]):
+ self.dpdk_setup_file.content = setup
+ else:
+ self.dpdk_setup_file.content = TPL_VPP_DPDK_DAEMON_SCRIPT
+ lock = self.node.node_with_kernel.vpp_host.vppstart_lock
+ vpp_disable = BashTask(self.node, CMD_VPP_DISABLE, lock = lock)
+ vpp_stop = BashTask(self.node, CMD_VPP_STOP, lock = lock)
+ enable_ip_forward = BashTask(self.node, CMD_DISABLE_IP_FORWARD)
+ start_vpp = BashTask(self.node, CMD_VPP_START, lock = lock)
+ return ((vpp_disable > vpp_stop) | enable_ip_forward) > start_vpp
+ def __delete__(self):
+ return BashTask(self.node, CMD_VPP_STOP)
+ def _add_plugins(self, plugin):
+ return BashTask(self.node, CMD_VPP_ENABLE_PLUGIN, {'plugin': plugin})
+ def _set_plugins(self):
+ cmd = None
+ for plugin in self.plugins:
+ cmd = cmd > BashTask(self.node, CMD_VPP_ENABLE_PLUGIN,
+ {'plugin' : plugin})
+ return cmd
+ def _remove_plugins(self, plugin):
+ raise NotImplementedError
+ @inline_task
+ def _get_plugins(self):
+ return {'plugins' : []}
diff --git a/vicn/resource/vpp/vpp_bridge.py b/vicn/resource/vpp/vpp_bridge.py
new file mode 100644
index 00000000..c7a70c02
--- /dev/null
+++ b/vicn/resource/vpp/vpp_bridge.py
@@ -0,0 +1,130 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from netmodel.model.type import Integer
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.attribute import Reference
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.resource_mgr import wait_resource_task
+from vicn.core.resource import Resource
+from vicn.core.task import task, BashTask, EmptyTask
+from vicn.resource.channel import Channel
+from vicn.resource.linux.application import LinuxApplication
+from vicn.resource.linux.sym_veth_pair import SymVethPair
+from vicn.resource.linux.sym_veth_pair import SymVethPair
+from vicn.resource.node import Node
+from vicn.resource.vpp.dpdk_device import DpdkDevice
+from vicn.resource.vpp.interface import VPPInterface
+from vicn.resource.vpp.vpp import VPP
+CMD_ADD_INTERFACE_TO_BR = ('vppctl set interface l2 bridge '
+ '{interface.device_name} {br_domain}')
+class VPPBridge(Channel, LinuxApplication):
+ """
+ Resource: VPPBridge
+ VPPBridge instantiate a vpp resource and set it as a vpp bridge.
+ This resource requires to be run within a LxcContainer which will have VPP.
+ Every interface in the lxc_container (i.e., the ones contained in
+ self.node.interfaces) will be added to the vpp bridge. To connect other vpp
+ node to the bridge, the corresponding dpdkdevice must be added as an
+ interface to the channel.
+ """
+ # The vpp bridge _USES_ a VPP forwarder on the node
+ node = Attribute(Node, mandatory=True,
+ description = 'Node on which vpp is running',
+ requirements = [Requirement('vpp')])
+ connected_nodes = Attribute(Node, multiplicity = Multiplicity.OneToMany,
+ description = 'List of nodes to connect to the bridge')
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self._vpp_interfaces = list()
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__ (self):
+ # We don't need any reference to the list of SymVethPair because each
+ # side of a veth will be included in the node.interfaces list
+ self._veths = [SymVethPair(node1 = self.node, node2 = node,
+ owner = self) for node in self.connected_nodes]
+ return Resource.__concurrent__(*self._veths)
+ @task
+ def __initialize__ (self):
+ # Add the veth side on the connected_nodes to the set of interfaces of
+ # the channel
+ self.interfaces.extend([veth.side2 for veth in self._veths])
+ @task
+ def __get__(self):
+ # Forces creation
+ raise ResourceNotFound
+ # Nothing to do
+ __delete__ = None
+ def __create__(self):
+ manager = self._state.manager
+ # Create a VPPInterface for each interface in the node. These will be
+ # the interfaces we will connect to the vpp bridge process
+ vpp_interfaces = list()
+ for interface in self.node.interfaces:
+ # FIXME harcoded value
+ if interface.device_name == 'eth0':
+ continue
+ vpp_interface = VPPInterface(vpp = self.node.vpp,
+ parent = interface,
+ ip_address = Reference(interface, 'ip_address'),
+ device_name = 'host-' + interface.device_name)
+ vpp_interfaces.append(vpp_interface)
+ manager.commit_resource(vpp_interface)
+ tasks = EmptyTask()
+ for vpp_interface in vpp_interfaces:
+ tasks = tasks > (wait_resource_task(vpp_interface) >
+ self._add_interface(vpp_interface,0))
+ return wait_resource_task(self.node.vpp) > tasks
+ #--------------------------------------------------------------------------
+ # Internal methods
+ #--------------------------------------------------------------------------
+ def _add_interface(self, interface, br_domain):
+ return BashTask(self.node, CMD_ADD_INTERFACE_TO_BR,
+ {'interface': interface, 'br_domain': br_domain})
+ def _del_interface(self, interface, br_domain):
+ raise NotImplementedError('Interface removal not supported')
diff --git a/vicn/resource/vpp/vpp_commands.py b/vicn/resource/vpp/vpp_commands.py
new file mode 100644
index 00000000..8ee64bf6
--- /dev/null
+++ b/vicn/resource/vpp/vpp_commands.py
@@ -0,0 +1,41 @@
+##### VPP SETUP #####
+CMD_VPP_STOP_SERVICE = 'systemctl stop vpp.service'
+CMD_VPP_DISABLE = 'systemctl disable vpp.service'
+# 'sleep 1' ensures that VPP has enough time to start
+systemctl start vpp
+sleep 1
+systemctl stop vpp
+killall -9 vpp_main || true
+CMD_VPP_ENABLE_PLUGIN = 'vppctl {plugin} enable'
+##### VPP INTERFACES #####
+# Create vpp interface from netmodel.network.interface.device_name} with mac {self.parent.mac_address}
+vppctl create host-interface name {vpp_interface.parent.device_name} hw-addr {vpp_interface.parent.mac_address}
+vppctl set interface state {vpp_interface.device_name} up
+CMD_VPP_SET_IP = 'vppctl set int ip address {netdevice.device_name} {netdevice.ip_address}/{netdevice.prefix_len}'
+CMD_VPP_SET_UP = 'vppctl set int state {netdevice.device_name} up'
+##### VPP IP ROUTING #####
+CMD_VPP_ADD_ROUTE = 'vppctl set ip arp static {route.interface.vppinterface.device_name} {route.ip_address} {route.mac_address}'
+CMD_VPP_DEL_ROUTE = 'vppctl set ip arp del static {route.interface.vppinterface.device_name} {route.ip_address} {route.mac_address}'
+CMD_VPP_ADD_ROUTE_GW = 'vppctl ip route add {route.ip_address}/32 via {route.gateway} {route.interface.vppinterface.device_name}'
+CMD_VPP_DEL_ROUTE_GW = 'vppctl ip route del {route.ip_address}/32 via {route.gateway} {route.interface.vppinterface.device_name}'
+##### VPP CICN PLUGIN #####
+CMD_VPP_CICN_GET = "timeout 1 vppctl cicn show" #We timeout if vpp is not started
+CMD_VPP_ADD_ICN_ROUTE = 'vppctl cicn cfg fib add prefix {route.prefix} face {route.face.id}'
+CMD_VPP_ADD_ICN_FACE = 'vppctl cicn cfg face add local {face.src_ip}:{face.src_port} remote {face.dst_ip}:{face.dst_port}'
+CMD_VPP_CICN_GET_CACHE_SIZE = 'vppctl cicn show | grep "CS entries" | grep -E "[0-9]+"'
+CMD_VPP_CICN_SET_CACHE_SIZE = 'vppctl cicn control param cs size {self.cache_size}'
diff --git a/vicn/resource/vpp/vpp_host.py b/vicn/resource/vpp/vpp_host.py
new file mode 100644
index 00000000..134e65b0
--- /dev/null
+++ b/vicn/resource/vpp/vpp_host.py
@@ -0,0 +1,144 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+# Copyright (c) 2017 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import asyncio
+from netmodel.model.type import String
+from vicn.core.attribute import Attribute, Multiplicity
+from vicn.core.exception import ResourceNotFound
+from vicn.core.requirement import Requirement
+from vicn.core.task import BashTask, task, EmptyTask
+from vicn.resource.linux.application import LinuxApplication
+from vicn.resource.linux.file import TextFile
+from vicn.resource.node import Node
+from vicn.resource.vpp.scripts import FN_APPARMOR_DPDK_SCRIPT
+from vicn.resource.vpp.scripts import TPL_APPARMOR_DPDK_SCRIPT
+from vicn.resource.vpp.scripts import FN_VPP_DPDK_SCRIPT
+from vicn.resource.vpp.scripts import TPL_VPP_DPDK_DAEMON_SCRIPT
+from vicn.resource.vpp.vpp_commands import CMD_VPP_DISABLE
+from vicn.resource.vpp.vpp_commands import CMD_VPP_STOP_SERVICE
+CMD_INSERT_MODULES = 'modprobe uio && modprobe igb_uio'
+# Force apparmor to reload profiles to include the new profile
+/etc/init.d/apparmor reload
+CMD_SYSCTL_HUGEPAGES = 'sysctl -w vm.nr_hugepages={nb_hp}'
+CMD_GREP_UIO_DEV = 'ls /dev | grep uio'
+CMD_CREATE_UIO_DEVICES = "dpdk_nic_bind --bind=igb_uio {pci_address}"
+class VPPHost(LinuxApplication):
+ """
+ Resource: VPPHost
+ Only used for container deployment
+ Packages required on the host
+ - vpp : sysctl configuration
+ - vpp-dpdk-dkms : kernel modules
+ Host must be configured to let vpp to work into container:
+ - install new apparmor profile (to let the container to read
+ hugepages info in /sys/kernel/mm/hugepages)
+ - set hugepages into the host
+ """
+ node = Attribute(Node,
+ description = 'Node on which the application is installed',
+ mandatory = True,
+ multiplicity = Multiplicity.OneToOne,
+ reverse_name = 'vpp_host',
+ reverse_description = 'Setup for hosting vpp containers',
+ reverse_auto = True,
+ requirements = [Requirement('numa_mgr')])
+ uio_devices = Attribute(String,
+ description = 'uio devices on the node',
+ multiplicity = Multiplicity.OneToMany,
+ ro = True)
+ dpdk_devices = Attribute(String,
+ description = 'Dpdk devices on the node',
+ multiplicity = Multiplicity.OneToMany)
+ __package_names__ = ['dpdk', 'vpp', 'vpp-dpdk-dkms']
+ #--------------------------------------------------------------------------
+ # Constructor and Accessors
+ #--------------------------------------------------------------------------
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self.vppstart_lock = asyncio.Lock()
+ #--------------------------------------------------------------------------
+ # Resource lifecycle
+ #--------------------------------------------------------------------------
+ def __subresources__(self):
+ app_armor_file = TextFile(node = self.node,
+ overwrite = True)
+ startup_conf = TextFile(node = self.node,
+ filename = FN_VPP_DPDK_SCRIPT,
+ overwrite = True)
+ return app_armor_file | startup_conf
+ @task
+ def __get__(self):
+ """
+ This method always assumes the resource does not exist, since it is not
+ an issue to perform the modprobe call everytime.
+ """
+ raise ResourceNotFound
+ def __create__(self):
+ modules = BashTask(self.node, CMD_INSERT_MODULES)
+ app_armor_reload = BashTask(self.node, CMD_APP_ARMOR_RELOAD)
+ sysctl_hugepages = BashTask(self.node, CMD_SYSCTL_HUGEPAGES,
+ # Hook
+ # The following is needed to create uio devices in /dev. They are
+ # required to let vpp to use dpdk (or other compatibles) nics. From a
+ # container, vpp cannot create those devices, therefore we need to
+ # create them in the host and then mount them on each container running
+ # vpp (and using a physical nic)
+ stop_vpp = BashTask(self.node, CMD_VPP_STOP_SERVICE)
+ disable_vpp = BashTask(self.node, CMD_VPP_DISABLE)
+ disable_vpp = stop_vpp > disable_vpp
+ create_uio = EmptyTask()
+ for device in self.dpdk_devices:
+ create_uio = create_uio > BashTask(self.node,
+ CMD_CREATE_UIO_DEVICES, {'pci_address' : device})
+ return ((modules | app_armor_reload) | sysctl_hugepages) > \
+ (disable_vpp > create_uio)
+ __delete__ = None
+ #--------------------------------------------------------------------------
+ # Attributes
+ #--------------------------------------------------------------------------
+ def _get_uio_devices(self):
+ def parse(rv):
+ return rv.stdout.splitlines()
+ return BashTask(self.node, CMD_GREP_UIO_DEV, parse = parse)