diff --git a/bin/run_controller b/bin/run_controller index 1eef8d35a..1916de65f 100755 --- a/bin/run_controller +++ b/bin/run_controller @@ -119,8 +119,10 @@ forch_port="-p 500$faucet_id:9019" docker_envs="--env RUN_MODE=$run_mode" if [[ -n $vxlan ]]; then - docker_ip=$(ip addr show docker0 | sed -nr 's~.*inet ([0-9.]+)/.*~\1~p') - docker_envs+=" --env VXLAN_IP=$docker_ip --env DTS_IP=$vxlan" + # Extract the local src IP address that can be used as return address. + local_ip=$(ip route get $vxlan | sed -nr 's~.*src ([0-9.]+) .*~\1~p') + echo Using $local_ip/$vxlan as vxlan endpoints. + docker_envs+=" --env VXLAN_IP=$local_ip --env DTS_IP=$vxlan" fi docker_volumes+="\ diff --git a/bin/setup_base b/bin/setup_base index 265ed1d2b..0ce925ee6 100755 --- a/bin/setup_base +++ b/bin/setup_base @@ -36,11 +36,13 @@ fi pip3 install -r etc/requirements.txt -DEF_IFACE=`route -n | egrep '\sUG\s' | awk '{print $8}'` -if [ -n "$DEF_IFACE" ]; then - echo Allowing docker external access through interface $DEF_IFACE... - sudo iptables -o docker0 -i $DEF_IFACE -A FORWARD -j ACCEPT - sudo iptables -i docker0 -o $DEF_IFACE -A FORWARD -j ACCEPT +DEF_IFACE=`ip route | fgrep default | awk '{print $5}'` +if [[ -n $DEF_IFACE ]]; then + for IFACE in $DEF_IFACE; do + echo Allowing docker external access through interface $IFACE... + sudo iptables -o docker0 -i $IFACE -A FORWARD -j ACCEPT + sudo iptables -i docker0 -o $IFACE -A FORWARD -j ACCEPT + done else echo No default interface found. If this causes problems, maybe you need ipv4! false diff --git a/etc/DAQ_VERSION b/etc/DAQ_VERSION index 6323875dc..7382fef8b 100644 --- a/etc/DAQ_VERSION +++ b/etc/DAQ_VERSION @@ -1 +1 @@ -1.10.20 +1.10.22 diff --git a/etc/Dockerfile.faucet b/etc/Dockerfile.faucet index 1a6e6a029..ddc5c1afe 100644 --- a/etc/Dockerfile.faucet +++ b/etc/Dockerfile.faucet @@ -5,6 +5,13 @@ FROM faucet/python3:5.0.1 RUN apk add -q tcpdump iptables sudo linux-headers build-base COPY faucet/ /faucet-src/ + +# Workaround for numpy/alpine dependency problem. +RUN sed -i 's/networkx>=1.9/networkx<=2.2/' /faucet-src/requirements.txt + +# We don't need no stinkin' unit-tests... +RUN sed -i 's/.*unit.*//' /faucet-src/docker/install-faucet.sh + RUN /faucet-src/docker/install-faucet.sh && rm -rf /faucet-src/.git # Check for target executable since installer doesn't error out properly. diff --git a/forch/endpoint_handler.py b/forch/endpoint_handler.py index 0e89fedbe..913275250 100644 --- a/forch/endpoint_handler.py +++ b/forch/endpoint_handler.py @@ -33,8 +33,7 @@ class SessionServerServicer: DEFAULT_VXLAN_PORT = 4789 DEFAULT_VXLAN_VNI = 0 -VXLAN_CONFIG_CMD = 'sudo ovs-vsctl set interface vxlan type=vxlan ' -VXLAN_CONFIG_OPTS = 'options:remote_ip=%s options:key=%s options:dst_port=%s' +VXLAN_CMD_FMT = 'ip link add %s type vxlan id %s remote %s dstport %s srcport %s %s nolearning' CONNECT_TIMEOUT_SEC = 60 @@ -88,9 +87,16 @@ def StartSession(self, request, context): """Start a session servicer""" endpoint = request.endpoint self._logger.info('Redirect tunnel to %s', endpoint.ip) - cmd = VXLAN_CONFIG_CMD + VXLAN_CONFIG_OPTS % ( - endpoint.ip, DEFAULT_VXLAN_VNI, DEFAULT_VXLAN_PORT) - self._exec(cmd) + try: + self._exec('sudo ip link set vxlan down') + self._exec('sudo ip link del vxlan') + except Exception as e: + self._logger.info('Ignoring exception: %s', str(e)) + + cmd = VXLAN_CMD_FMT % ('vxlan', DEFAULT_VXLAN_VNI, endpoint.ip, + DEFAULT_VXLAN_PORT, DEFAULT_VXLAN_PORT, DEFAULT_VXLAN_PORT) + self._exec('sudo ' + cmd) + self._exec('sudo ip link set vxlan up') return self._session_stream(request)