containerlabを使ってAristaNetworksのcEOS-labを複数台動かす
はじめに
昔docker-composeを使ってcEOSを複数動かす記事をここに記載たが、今回はcontainerlabを使って複数のcEOS-labを起動した。
containerlabとはYAML形式でトポロジーを定義してコンテナの環境でネットワーク検証用ネットワークを作ることができるオーケストレーションツールである。
containerlabのインストールについては上記サイトのInstallationの項目を参照。 今回はWSL2の上でcontainerlabを動かしているのでInstallationのWindows Subsystem Linux (WSL)の項目をそのまま設定。
手順
定義ファイルの作成
起動したいcEOSの構成情報を記載した定義定義ファイルを作成する。 今回は4台のcEOSを起動させる。
name: demo3
topology:
nodes:
ceos1:
kind: ceos
image: ceos:4.28.4M
ceos2:
kind: ceos
image: ceos:4.28.4M
ceos3:
kind: ceos
image: ceos:4.28.4M
ceos4:
kind: ceos
image: ceos:4.28.4M
links:
- endpoints: ["ceos1:eth1", "ceos2:eth2"]
- endpoints: ["ceos1:eth2", "ceos4:eth1"]
- endpoints: ["ceos2:eth1", "ceos3:eth2"]
- endpoints: ["ceos4:eth2", "ceos3:eth1"]
デプロイと確認
設定した構成のデプロイを実施。
test@DESKTOP$ sudo service docker start * Starting Docker: docker [ OK ] test@DESKTOP$ sudo containerlab deploy --topo demo3.yml INFO[0000] Containerlab v0.35.2 started INFO[0000] Parsing & checking topology file: demo3.yml INFO[0000] Creating lab directory: /home/test/clab-test/ceos/clab-demo3 INFO[0000] Creating container: "ceos4" INFO[0000] Creating container: "ceos2" INFO[0000] Creating container: "ceos1" INFO[0000] Creating container: "ceos3" INFO[0001] Creating virtual wire: ceos2:eth1 <--> ceos3:eth2 INFO[0001] Creating virtual wire: ceos1:eth2 <--> ceos4:eth1 INFO[0001] Creating virtual wire: ceos1:eth1 <--> ceos2:eth2 INFO[0001] Creating virtual wire: ceos4:eth2 <--> ceos3:eth1 INFO[0002] Running postdeploy actions for Arista cEOS 'ceos4' node INFO[0002] Running postdeploy actions for Arista cEOS 'ceos1' node INFO[0002] Running postdeploy actions for Arista cEOS 'ceos3' node INFO[0002] Running postdeploy actions for Arista cEOS 'ceos2' node INFO[0177] Adding containerlab host entries to /etc/hosts file +---+------------------+--------------+--------------+------+---------+----------------+----------------------+ | # | Name | Container ID | Image | Kind | State | IPv4 Address | IPv6 Address | +---+------------------+--------------+--------------+------+---------+----------------+----------------------+ | 1 | clab-demo3-ceos1 | 70041bc2ac75 | ceos:4.28.4M | ceos | running | 172.20.20.4/24 | 2001:172:20:20::4/64 | | 2 | clab-demo3-ceos2 | bf8a2eff6de4 | ceos:4.28.4M | ceos | running | 172.20.20.6/24 | 2001:172:20:20::6/64 | | 3 | clab-demo3-ceos3 | e70a4a17361e | ceos:4.28.4M | ceos | running | 172.20.20.7/24 | 2001:172:20:20::7/64 | | 4 | clab-demo3-ceos4 | cb0381bfa89d | ceos:4.28.4M | ceos | running | 172.20.20.5/24 | 2001:172:20:20::5/64 | +---+------------------+--------------+--------------+------+---------+----------------+----------------------+
確認
test@DESKTOP$ sudo clab inspect --topo demo3.yml INFO[0000] Parsing & checking topology file: demo3.yml +---+------------------+--------------+--------------+------+---------+----------------+----------------------+ | # | Name | Container ID | Image | Kind | State | IPv4 Address | IPv6 Address | +---+------------------+--------------+--------------+------+---------+----------------+----------------------+ | 1 | clab-demo3-ceos1 | 70041bc2ac75 | ceos:4.28.4M | ceos | running | 172.20.20.4/24 | 2001:172:20:20::4/64 | | 2 | clab-demo3-ceos2 | bf8a2eff6de4 | ceos:4.28.4M | ceos | running | 172.20.20.6/24 | 2001:172:20:20::6/64 | | 3 | clab-demo3-ceos3 | e70a4a17361e | ceos:4.28.4M | ceos | running | 172.20.20.7/24 | 2001:172:20:20::7/64 | | 4 | clab-demo3-ceos4 | cb0381bfa89d | ceos:4.28.4M | ceos | running | 172.20.20.5/24 | 2001:172:20:20::5/64 | +---+------------------+--------------+--------------+------+---------+----------------+----------------------+ test@DESKTOP$ sudo clab inspect --all +---+-----------+----------+------------------+--------------+--------------+------+---------+----------------+----------------------+ | # | Topo Path | Lab Name | Name | Container ID | Image | Kind | State | IPv4 Address | IPv6 Address | +---+-----------+----------+------------------+--------------+--------------+------+---------+----------------+----------------------+ | 1 | demo3.yml | demo3 | clab-demo3-ceos1 | 70041bc2ac75 | ceos:4.28.4M | ceos | running | 172.20.20.4/24 | 2001:172:20:20::4/64 | | 2 | | | clab-demo3-ceos2 | bf8a2eff6de4 | ceos:4.28.4M | ceos | running | 172.20.20.6/24 | 2001:172:20:20::6/64 | | 3 | | | clab-demo3-ceos3 | e70a4a17361e | ceos:4.28.4M | ceos | running | 172.20.20.7/24 | 2001:172:20:20::7/64 | | 4 | | | clab-demo3-ceos4 | cb0381bfa89d | ceos:4.28.4M | ceos | running | 172.20.20.5/24 | 2001:172:20:20::5/64 | +---+-----------+----------+------------------+--------------+--------------+------+---------+----------------+----------------------+
トポロジーの確認
以下のコマンドでトポロジー図を見ることができる。
test@DESKTOP$ sudo containerlab graph --topo demo3.yml [sudo] password for test: INFO[0000] Parsing & checking topology file: demo3.yml INFO[0000] Serving static files from directory: /etc/containerlab/templates/graph/nextui/static INFO[0000] Serving topology graph on http://0.0.0.0:50080
cEOSへのログイン
起動の段階でManagementのIPアドレス等の設定が入っている状態になっている。
test@DESKTOP$ssh admin@172.20.20.4 (admin@172.20.20.4) Password: ceos1> ceos1> ceos1>ena ceos1#show running-config ! Command: show running-config ! device: ceos1 (cEOSLab, EOS-4.28.4M-29408925.4284M (engineering build)) ! no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$R4g7wA60vF7mT/IQ$jZc2r9mKF5mXJXxGr.NGXzH/5csKcOJ4yiaPlE9XdwEpdWCzdWZS1I8M1m3/zepivdSljHrdTuvC5o0oeAQly/ ! transceiver qsfp default-mode 4x10G ! service routing protocols model multi-agent ! hostname ceos1 ! spanning-tree mode mstp ! management api http-commands no shutdown ! management api gnmi transport grpc default ! management api netconf transport ssh default ! interface Ethernet1 ! interface Ethernet2 ! interface Management0 ip address 172.20.20.4/24 ipv6 address 2001:172:20:20::4/64 ! no ip routing ! ip route 0.0.0.0/0 172.20.20.1 ! ipv6 route ::/0 2001:172:20:20::1 ! end ceos1>exit Connection to 172.20.20.4 closed. test@DESKTOP$ sudo docker exec -it clab-demo3-ceos2 Cli ceos2> ceos2> ceos2>ena ceos2#show running-config ! Command: show running-config ! device: ceos2 (cEOSLab, EOS-4.28.4M-29408925.4284M (engineering build)) ! no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$iUlVLN3hUZFmMuFV$qif/2x2MGRY7MDx9bp37tNzrz8eRU21dvDMSa6OupQ5088Op4GmJSd0zi/G1zGrdwqmDV/LOvFpKwhvyEN5TE0 ! transceiver qsfp default-mode 4x10G ! service routing protocols model multi-agent ! hostname ceos2 ! spanning-tree mode mstp ! management api http-commands no shutdown ! management api gnmi transport grpc default ! management api netconf transport ssh default ! interface Ethernet1 ! interface Ethernet2 ! interface Management0 ip address 172.20.20.6/24 ipv6 address 2001:172:20:20::6/64 ! no ip routing ! ip route 0.0.0.0/0 172.20.20.1 ! ipv6 route ::/0 2001:172:20:20::1 ! end
設定ファイル等のディレクトリ
Ansibleのinventoryや各cEOSの設定ファイル等が自動生成されている。
clab-demo3$ ls ansible-inventory.yml ceos1 ceos2 ceos3 ceos4 topology-data.json
構成の保存
test@DESKTOP$ sudo containerlab save --topo demo3.yml INFO[0000] Parsing & checking topology file: demo3.yml INFO[0000] saved cEOS configuration from ceos3 node to /home/test/clab-test/ceos/clab-demo3/ceos3/flash/startup-config INFO[0000] saved cEOS configuration from ceos2 node to /home/test/clab-test/ceos/clab-demo3/ceos2/flash/startup-config INFO[0000] saved cEOS configuration from ceos1 node to /home/test/clab-test/ceos/clab-demo3/ceos1/flash/startup-config INFO[0000] saved cEOS configuration from ceos4 node to /home/test/clab-test/ceos/clab-demo3/ceos4/flash/startup-config
構成の削除
オプション(--cleanup)で先ほどのディレクトリの削除も一緒にできる。
test@DESKTOP$sudo containerlab destroy --topo demo3.yml INFO[0000] Parsing & checking topology file: demo3.yml INFO[0000] Destroying lab: demo3 INFO[0002] Removed container: clab-demo3-ceos2 INFO[0002] Removed container: clab-demo3-ceos1 INFO[0002] Removed container: clab-demo3-ceos3 INFO[0002] Removed container: clab-demo3-ceos4 INFO[0002] Removing containerlab host entries from /etc/hosts file
まとめ
containerlabは最近自分の周りで話題になり始めていたのでまずは手始めに触ってみた。 ルーティングの勉強等はcontainerlab上で今回使ったcEOSやノキア社のSRLinuxを使って比較的容易にできるので、物理的なルータが用意できない、CML(Cisco Modeling Labs)を自腹で用意するのはちょっと辛い等の場合、検討する余地は多いにあるのではないかと感じた。
Qiitaにも同じ記事載せてます。
