Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Nextepc in a Docker Container #16
I really like NextEPC design, and tried to dockerize it. Besides freediameter docker instruction, I couldn't find a Docker file for NextEPC.
I tried to use Ubuntu base image and applied same installation instructions as you described, but got following:
Then, I tried to copy /install dir into image, after building nextepc directly, but I got error on symbolic links. I tried to re-link them, but didn't work either. My knowledge in shared libs is not great and probably that is one of reason.
Do you have any tips/pointers on how I can create a container? Am I missing something obvious?
Thank you for liking NextEPC.
Note that freeDiameter docker instruction is depreciated. At first, we was trying to build a debian package for freeDiameter. Unfortunately, freeDiameter seems to be no longer maintaining. So, we put this library into our source tree.
BTW, the problem is related to TAP/TUN driver in docker container. You may need to
For your reference,
I'm hoping that you can use nextepc in docker environment.
Thank you for the guide.
Yes, I am now able to install nextepc in a container and can resolve TAP/TUN with the host (
However, there is a difficulty of preparing a docker image. Since
This is not a major issue, but wonder is it feasible to separate binary installation from startup services? With that way you could have non-debian based container images also supported?
Please let me know what you think.
You made a good point!
For creating Dockerfile, we seem to separate startup services from the installation of binaries. The followings are my proposal.
I'm not sure which name is good for us? How about
Anyway, I'll try to make new debian package. I'm hoping that v0.3.3 supports this stuff.
Thank you for your comment.
added a commit
Feb 10, 2018
added a commit
Feb 10, 2018
Version 0.3.3 has been released, but this issue has not been resolved yet.
First, I wanted to solve this problem without creating a new debian package(previously called nextepc-org). So, I changed the method of creating TUN device with using systemd-networkd. Nevertheless, the following two lines are preventing to create docker image.
The two things are executed at the PGW installation phase to bring up TUN(pgwtun) device. So, the startup failed to create docker image.
I'm hoping to solve this problem using systemd framework. Is it possible to move them to PGW's systemd service file. See nextepc-pgw.service
I need to study a little more to move those two lines.
I would try to solve the problem next version.
Thank you for raising this very nice issue!
added a commit
Feb 13, 2018
We might be solving the problem using
In docker container, /usr/sbin/policy-rc.d can prevent the command
We released v0.3.3 again. It's just package revision. All source code is same.
Let me describe simple guide for docker user. Docker is just container. So, please remove all the installed NextEPC package including MongoDB and Web User Interface.
acetcom@nextepc:~/docker$ docker build -t nextepc .
acetcom@nextepc:~/docker$ docker run --net=host --hostname nextepc -ti --name nextepc --privileged --cap-add=SYS_ADMIN -e "container=docker" -v /sys/fs/cgroup:/sys/fs/cgroup -v $PWD:/mnt nextepc /sbin/init
acetcom@nextepc:~/docker$ docker exec -it nextepc /bin/bash
root@nextepc:~# apt-get -y install curl sudo root@nextepc:~# curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash - root@nextepc:~# curl -sL http://nextepc.org/static/webui/install | sudo -E bash - root@nextepc:~# systemctl start nextepc-webui
Edit /etc/nextepc/mme.conf Edit /etc/nextepc/sgw.conf root@nextepc:~# systemctl restart nextepc-mmed root@nextepc:~# systemctl restart nextepc-sgwd Add Subscriber using WebUI
Now, turn on eNodeb and UE. In my case, ping is working.
Thanks for that. Building docker image works.
I think I can get around this. But, I wonder do I need to have a service created inside running container? Can I simply just invoke
The obvious issue with this approach are Mongo and WebUI which are now part of the same container. and have to be started alltogether. However, I believe that they can be 'containerized' in additional 2 containers. Probably one docker-compose file can be the simplest way to connect these 3 containers and have NextEPC up and running. Let me know what you think. I can offer help here.
Thanks again for the effort.
added a commit
Feb 17, 2018
You're right. My initial proposal is generally not used in docker world. Of course, in a VM like fedora that requires root privileges, if we are using
To make this discussion a litter further, I've checked-in a docker-compose.yml for WebUI/MongoDB in git repository. It's okay up to here.
Next, we need to include MME/SGW/PGW/HSS/PCRF in docker-compose.yml.
As I know, we cannot expose SCTP port from docker container.(e.g "36412:36412/sctp"). Right? If it is true on docker latest version, eNodeB cannot connect to MME in docker container on default docker running network configuration. At this point, I'm hesitant how to improve docker-compose.yml.
Of course, regardless of
What do you think is the best solution of NextEPC
Thank you for your advice!
Hi Sukchan, in Osmocom (for 2G/3G) we heavily use Docker, but with static IP addresses, user-defined networks and without docker-compose. Docker simply only cares about TCP and web-services, they seem to have no clue about other protocols or other configurations. you can find our Dockerfiles in http://git.osmocom.org/docker-playground/…
-- - Harald Welte <firstname.lastname@example.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
added a commit
Feb 20, 2018
We are really sorry that Docker does not support "36412:36412/sctp". There were a lot of plans, but now it does not seem to be suitable for use in a runtime environment.
So how could we use this? We first decided to use this for testing automation for various Linux distributions. It also supports several development environments for developers.
Let us explain an initial proposal below.
This script runs internally as follows:
The development environment we use in Docker is as follows.
An example of creating a CentOS development environment is shown above.
Sometimes we will need MongoDB and WebUI. This is also true when running NextEPC in a Host environment. So far we had to install MongoDB and WebUI on the Host. Now, in the Docker environment, you can simply create as below.
Note that if you have MongoDB and WebUI running on the host, you should stop it.
Do you want to create MongoDB and WebUI as a Docker service? Or do you want to install it on the host and run it on your host? Both Host and Docker can access MongoDB and WebUI service if they were created as Docker. However, when MongoDB and WebUI is running on the Host, only the NextEPC daemon running on the Host can use them.
As mentioned, docker does not support SCTP. For TCP/UDP, docker uses DNAT internally. SCTP will do that too. But this is not fancy way. So, we select network mode as a host for sharing network between Docker and Host.
Note that if you launch this runtime environment, TUN device(pgwtun) is created on the host, not inside the Docker. And also, docker says that
If you want to update the configuration of runtime environment,
It's just an early work. Ideas to improve are good for us.
As we mentioned earlier, sctp does not work properly on Mac/Windows.
Today, we tried to load the sctp kernel module into the docker environment using MacOSX as the Host. The results are not very good, but we would share the way we did below.
First, we need to figure out the version of linux kernel used by the docker.
Linux Kernel Version is
Now, let's make the docker image to build kernel module based on alpine. Do not forget that the KERNELVER environment variable must match the Docker Linux Kernel Version found above.
If an error occurs, try again. We sometimes saw such an error.
Get the NextEPC source code from github.
Everything is ready. Now compile and run NextEPC as shown below.
However, the problem occurs next. When you exit the container that loaded the sctp module, the Docker server is killed. I cannot run
Docker for MAC(Edge version) now supports the SCTP kernel module.
This is a really great news for us.
You can find the SCTP kernel module in the following ways.
In addition, the NextEPC development in MAC OS X environment is easy to use as shown below.