Skip to main content

Configuring containers on a SD-WAN edge

 


Fusion Broadband has the ability to host containers and docker on the edge node. The configuration relies on creating a separate instance of debian using systemd's nspawn. That can be used for a number of different applications including docker. You can also install a VPN concentrator such as softether. This is how to configure it: 

# On the SD-WAN edge

sudo nano /etc/network/interfaces

auto lo
iface lo inet loopback

iface eth0 inet manual

auto br0
iface br0 inet static
    bridge_ports eth0
    address 10.207.35.254
    netmask 255.255.255.248
    scope link
    pre-up sysctl -w net.ipv6.conf.eth0.accept_ra=0


# On the SD-WAN edge
sudo apt-get update --allow-releaseinfo-change
sudo apt-get upgrade
sudo apt-get install systemd-container debootstrap
sudo mkdir /var/lib/machines/container
sudo debootstrap \
--include curl,bridge-utils,dbus,iptables,openssh-server,vim \
bullseye /var/lib/machines/container \
http://http.debian.net/debian

If you have debootstrap key errors, do this. 

# On the SD-WAN edge
sudo systemd-nspawn --directory /var/lib/machines/container passwd
sudo systemd-nspawn --boot --directory /var/lib/machines/container/
* Log in using root password that was created in above step

hostnamectl set-hostname container
apt-get install sudo ca-certificates mtr wget
adduser admin (or suitable alternative)
usermod -aG sudo admin

sudo nano /etc/network/interfaces

auto host0
iface host0 inet dhcp

sudo chmod 4711 /usr/bin/ping

# To exit the container press Ctl [ 3 times


# On the SD-WAN edge
sudo mkdir /etc/systemd/nspawn
sudo nano /etc/systemd/nspawn/container.nspawn

[Exec]
Boot=yes
[Network]
VirtualEthernet=yes
Bridge=br0

sudo systemctl enable systemd-nspawn@container
sudo systemctl enable machines.target
sudo systemctl start machines.target


# On the SD-WAN edge
# To access the container
sudo machinectl login container

sudo apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
sudo apt-get update
sudo apt install docker-ce

It is now possible to install various docker applications such as:

The mac address of the nspawn instance can be configured with a static IP using the custom DNSMASQ configuration ability of the Fusion SD-WAN. 

dhcp-host=08:55:31:D4:B5:AD,192.168.254.253
This article was originally published over on LinkedIn: Configuring containers on a SD-WAN edge
Labels:

Comments

Post a Comment

Popular posts from this blog

LDWin: Link Discovery for Windows

LDWin supports the following methods of link discovery: CDP - Cisco Discovery Protocol LLDP - Link Layer Discovery Protocol Download LDWin from here.
Post a Comment
Read more

Battery Room Explosion

A hydrogen explosion occurred in an Uninterruptible Power Source (UPS) battery room. The explosion blew a 400 ft2 hole in the roof, collapsed numerous walls and ceilings throughout the building, and significantly damaged a large portion of the 50,000 ft2 building. Fortunately, the computer/data center was vacant at the time and there were no injuries. Read more about the explosion over at hydrogen tools here .
Post a Comment
Read more

STG (SNMP Traffic Grapher)

This freeware utility allows monitoring of supporting SNMPv1 and SNMPv2c devices including Cisco. Intended as fast aid for network administrators who need prompt access to current information about state of network equipment. Access STG here (original site) or alternatively here .
Post a Comment
Read more