Skip to content

Commit

Permalink
Merge pull request #1352 from Exhar/vsrx
Browse files Browse the repository at this point in the history 
Add support for vr-vsrx (Juniper vSRX)
  • Loading branch information
@hellt
hellt committed May 1, 2023
2 parents 8c9b54f + afdd6a1 commit 26b2ee4
Show file tree
Hide file tree
Showing 12 changed files with 207 additions and 22 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/cicd.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ on:
env:
GOVER: 1.20.2
CGO_ENABLED: 0
MKDOCS_INS_VER: 9.0.13-insiders-4.32.0-hellt
MKDOCS_INS_VER: 9.1.4-insiders-4.32.4-hellt
GORELEASER_VER: v1.11.4
PODMAN_VER: v4.4.2

Expand Down
4 changes: 2 additions & 2 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
BIN_DIR = $(CURDIR)/bin
BINARY = $(CURDIR)/bin/containerlab
MKDOCS_VER = 9.0.13
MKDOCS_VER = 9.1.4
# insiders version/tag https://github.com/srl-labs/mkdocs-material-insiders/pkgs/container/mkdocs-material-insiders
# make sure to also change the mkdocs version in actions' cicd.yml and force-build.yml files
MKDOCS_INS_VER = 9.0.13-insiders-4.32.0-hellt
MKDOCS_INS_VER = 9.1.4-insiders-4.32.4-hellt

DATE := $(shell date)
COMMIT_HASH := $(shell git rev-parse --short HEAD)
Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ In addition to native containerized NOSes, containerlab can launch traditional v
* [Nokia virtual SR OS (vSim/VSR)](https://containerlab.dev/manual/kinds/vr-sros/)
* [Juniper vMX](https://containerlab.dev/manual/kinds/vr-vmx/)
* [Juniper vQFX](https://containerlab.dev/manual/kinds/vr-vqfx/)
* [Juniper vSRX](https://containerlab.dev/manual/kinds/vr-vsrx/)
* [Cisco IOS XRv9k](https://containerlab.dev/manual/kinds/vr-xrv9k/)
* [Cisco Nexus 9000v](https://containerlab.dev/manual/kinds/vr-n9kv)
* [Cisco CSR 1000v](https://containerlab.dev/manual/kinds/vr-csr)
Expand Down
2 changes: 2 additions & 0 deletions clab/register.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
vr_veos "github.com/srl-labs/containerlab/nodes/vr_veos"
vr_vmx "github.com/srl-labs/containerlab/nodes/vr_vmx"
vr_vqfx "github.com/srl-labs/containerlab/nodes/vr_vqfx"
vr_vsrx "github.com/srl-labs/containerlab/nodes/vr_vsrx"
vr_xrv "github.com/srl-labs/containerlab/nodes/vr_xrv"
vr_xrv9k "github.com/srl-labs/containerlab/nodes/vr_xrv9k"
xrd "github.com/srl-labs/containerlab/nodes/xrd"
Expand Down Expand Up @@ -60,6 +61,7 @@ func (c *CLab) RegisterNodes() {
vr_sros.Register(c.Reg)
vr_veos.Register(c.Reg)
vr_vmx.Register(c.Reg)
vr_vsrx.Register(c.Reg)
vr_vqfx.Register(c.Reg)
vr_xrv.Register(c.Reg)
vr_xrv9k.Register(c.Reg)
Expand Down
3 changes: 2 additions & 1 deletion cmd/generate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ var interfaceFormat = map[string]string{
"bridge": "veth%d",
"vr-sros": "eth%d",
"vr-vmx": "eth%d",
"vr-vsrx": "eth%d",
"vr-vqfx": "eth%d",
"vr-xrv9k": "eth%d",
"vr-veos": "eth%d",
Expand All @@ -37,7 +38,7 @@ var interfaceFormat = map[string]string{

var supportedKinds = []string{
"srl", "ceos", "linux", "bridge", "sonic-vs", "crpd", "vr-sros",
"vr-vmx", "vr-vqfx", "vr-xrv9k", "vr-veos", "xrd", "rare",
"vr-vmx", "vr-vsrx", "vr-vqfx", "vr-xrv9k", "vr-veos", "xrd", "rare",
}

const (
Expand Down
1 change: 1 addition & 0 deletions docs/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ In addition to native containerized NOSes, containerlab can launch traditional v
* [Nokia virtual SR OS (vSim/VSR)](manual/kinds/vr-sros.md)
* [Juniper vMX](manual/kinds/vr-vmx.md)
* [Juniper vQFX](manual/kinds/vr-vqfx.md)
* [Juniper vSRX](manual/kinds/vr-vsrx.md)
* [Cisco IOS XRv9k](manual/kinds/vr-xrv9k.md)
* [Cisco Nexus 9000v](manual/kinds/vr-n9kv.md)
* [Dell FTOS10v](manual/kinds/vr-ftosv.md)
Expand Down
1 change: 1 addition & 0 deletions docs/manual/kinds/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ Within each predefined kind, we store the necessary information that is used to
| **Juniper cRPD** | [`crpd/juniper_crpd`](crpd.md) | supported | container |
| **Juniper vMX** | [`vr-vmx/vr-juniper_vmx`](vr-vmx.md) | supported | VM |
| **Juniper vQFX** | [`vr-vqfx/vr-juniper_vqfx`](vr-vqfx.md) | supported | VM |
| **Juniper vSRX** | [`vr-vsrx/vr-juniper_vsrx`](vr-vsrx.md) | supported | VM |
| **Cisco XRv9k** | [`vr-xrv9k/vr-cisco_xrv9k`](vr-xrv9k.md) | supported | VM |
| **Cisco XRv** | [`vr-xrv/vr-cisco_xrv`](vr-xrv.md) | supported | VM |
| **Cisco Nexus 9000v** | [`vr-n9kv/vr-cisco_n9kv`](vr-n9kv.md) | supported | VM |
Expand Down
66 changes: 66 additions & 0 deletions docs/manual/kinds/vr-vsrx.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
---
search:
boost: 4
---
# Juniper vSRX

[Juniper vSRX](https://www.juniper.net/us/en/dm/download-next-gen-vsrx-firewall-trial.html) virtualized firewall is identified with `vr-vsrx` or `vr-juniper_vsrx` kind in the [topology file](../topo-def-file.md). It is built using [vrnetlab](../vrnetlab.md) project and essentially is a Qemu VM packaged in a docker container format.

## Managing vr-vsrx nodes

!!!note
Containers with vSRX inside will take ~7min to fully boot.
You can monitor the progress with `docker logs -f <container-name>`.

Juniper vSRX node launched with containerlab can be managed via the following interfaces:

=== "bash"
to connect to a `bash` shell of a running vr-vsrx container:
```bash
docker exec -it <container-name/id> bash
```
=== "CLI via SSH"
to connect to the vSRX CLI (password `admin@123`)
```bash
ssh admin@<container-name/id>
```
=== "NETCONF"
Coming soon

!!!info
Default user credentials: `admin:admin@123`

## Interfaces mapping

* `eth0` - management interface (fxp0) connected to the containerlab management network
* `eth1+` - second and subsequent data interface

When containerlab launches vr-vsrx node, it will assign IPv4/6 address to the `eth0` interface. These addresses are used to reach the management plane of the router.

Data interfaces `eth1+` need to be configured with IP addressing manually using CLI/management protocols.

## Features and options

### Node configuration

`vr-vsrx` nodes come up with a basic configuration where only the control plane and line cards are provisioned and the `admin` user with the provided password.

#### Startup configuration

It is possible to make vSRX nodes boot up with a user-defined startup-config instead of a built-in one. With a [`startup-config`](../nodes.md#startup-config) property of the node/kind user sets the path to the config file that will be mounted to a container and used as a startup-config:

```yaml
topology:
nodes:
node:
kind: vr-vsrx
startup-config: myconfig.txt
```

With this knob, containerlab is instructed to take a file `myconfig.txt` from the directory that hosts the topology file and copy it to the lab directory for that specific node under the `/config/startup-config.cfg` name. Then the directory that hosts the startup-config dir is mounted to the container. This will result in this config being applied at startup by the node.

Configuration is applied after the node is started. Thus it can contain partial configuration snippets that you desire to add on top of the default config that a node boots up with.

## Lab examples

Coming soon.
36 changes: 19 additions & 17 deletions docs/manual/vrnetlab.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,23 +29,24 @@ Containerlab depends on `hellt/vrnetlab` project, and sometimes features added i

The following table provides a link between the version combinations:

| containerlab[^3] | vrnetlab[^4] | Notes |
| ---------------- | ---------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `0.10.4` | [`0.1.0-cl`](https://github.com/hellt/vrnetlab/tree/v0.1.0-cl) | Initial release. Images: sros, vmx, xrv, xrv9k |
| `0.11.0` | [`0.2.0`](https://github.com/hellt/vrnetlab/tree/v0.2.0) | added [vr-veos](kinds/vr-veos.md), support for [boot-delay](#boot-delay), SR OS will have a static route to docker network, improved XRv startup chances |
| -- | [`0.2.1`](https://github.com/hellt/vrnetlab/tree/v0.2.1) | added timeout for SR OS images to allow eth interfaces to appear in the container namespace. Other images are not touched. |
| -- | [`0.2.2`](https://github.com/hellt/vrnetlab/tree/v0.2.2) | fixed serial (telnet) access to SR OS nodes |
| -- | [`0.2.3`](https://github.com/hellt/vrnetlab/tree/v0.2.3) | set default cpu/ram for SR OS images |
| `0.13.0` | [`0.3.0`](https://github.com/hellt/vrnetlab/tree/v0.3.0) | added support for Cisco CSR1000v via [`vr-csr`](kinds/vr-csr.md) and MikroTik routeros via [`vr-ros`](kinds/vr-ros.md) kind |
| -- | [`0.3.1`](https://github.com/hellt/vrnetlab/tree/v0.3.1) | enhanced SR OS boot sequence |
| -- | [`0.4.0`](https://github.com/hellt/vrnetlab/tree/v0.4.0) | fixed SR OS CPU allocation and added Palo Alto PAN support [`vr-pan`](kinds/vr-pan.md) |
| `0.16.0` | [`0.5.0`](https://github.com/hellt/vrnetlab/tree/v0.5.0) | added support for Cisco Nexus 9000v via [`vr-n9kv`](kinds/vr-n9kv.md) kind, added support for non-continuous interfaces provisioning |
| `0.19.0` | [`0.6.0`](https://github.com/hellt/vrnetlab/tree/v0.6.0) | added experimental support for Juniper vQFX via [`vr-vqfx`](kinds/vr-vqfx.md) kind, added support Dell FTOS via [`vr-ftosv`](kinds/vr-ftosv.md) |
| | [`0.6.2`](https://github.com/hellt/vrnetlab/tree/v0.6.2) | support for IPv6 management for SR OS; support for RouterOS v7+ |
| | [`0.7.0`](https://github.com/hellt/vrnetlab/tree/v0.7.0) | startup-config support for vqfx and vmx |
| `0.32.2` | [`0.8.0`](https://github.com/hellt/vrnetlab/releases/tag/v0.8.0) | startup-config support for the rest of the kinds, support for multi line card SR OS |
| `0.34.0` | [`0.8.2`](https://github.com/hellt/vrnetlab/releases/tag/v0.8.2) | startup-config support for PANOS, ISA support for Nokia VSR-I and MGMT VRF for VMX |
| | [`0.9.0`](https://github.com/hellt/vrnetlab/releases/tag/v0.9.0) | Support for IPInfusion OcNOS with vrnetlab |
| containerlab[^3] | vrnetlab[^4] | Notes |
| ---------------- | ------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `0.10.4` | [`0.1.0-cl`](https://github.com/hellt/vrnetlab/tree/v0.1.0-cl) | Initial release. Images: sros, vmx, xrv, xrv9k |
| `0.11.0` | [`0.2.0`](https://github.com/hellt/vrnetlab/tree/v0.2.0) | added [vr-veos](kinds/vr-veos.md), support for [boot-delay](#boot-delay), SR OS will have a static route to docker network, improved XRv startup chances |
| -- | [`0.2.1`](https://github.com/hellt/vrnetlab/tree/v0.2.1) | added timeout for SR OS images to allow eth interfaces to appear in the container namespace. Other images are not touched. |
| -- | [`0.2.2`](https://github.com/hellt/vrnetlab/tree/v0.2.2) | fixed serial (telnet) access to SR OS nodes |
| -- | [`0.2.3`](https://github.com/hellt/vrnetlab/tree/v0.2.3) | set default cpu/ram for SR OS images |
| `0.13.0` | [`0.3.0`](https://github.com/hellt/vrnetlab/tree/v0.3.0) | added support for Cisco CSR1000v via [`vr-csr`](kinds/vr-csr.md) and MikroTik routeros via [`vr-ros`](kinds/vr-ros.md) kind |
| -- | [`0.3.1`](https://github.com/hellt/vrnetlab/tree/v0.3.1) | enhanced SR OS boot sequence |
| -- | [`0.4.0`](https://github.com/hellt/vrnetlab/tree/v0.4.0) | fixed SR OS CPU allocation and added Palo Alto PAN support [`vr-pan`](kinds/vr-pan.md) |
| `0.16.0` | [`0.5.0`](https://github.com/hellt/vrnetlab/tree/v0.5.0) | added support for Cisco Nexus 9000v via [`vr-n9kv`](kinds/vr-n9kv.md) kind, added support for non-continuous interfaces provisioning |
| `0.19.0` | [`0.6.0`](https://github.com/hellt/vrnetlab/tree/v0.6.0) | added experimental support for Juniper vQFX via [`vr-vqfx`](kinds/vr-vqfx.md) kind, added support Dell FTOS via [`vr-ftosv`](kinds/vr-ftosv.md) |
| | [`0.6.2`](https://github.com/hellt/vrnetlab/tree/v0.6.2) | support for IPv6 management for SR OS; support for RouterOS v7+ |
| | [`0.7.0`](https://github.com/hellt/vrnetlab/tree/v0.7.0) | startup-config support for vqfx and vmx |
| `0.32.2` | [`0.8.0`](https://github.com/hellt/vrnetlab/releases/tag/v0.8.0) | startup-config support for the rest of the kinds, support for multi line card SR OS |
| `0.34.0` | [`0.8.2`](https://github.com/hellt/vrnetlab/releases/tag/v0.8.2) | startup-config support for PANOS, ISA support for Nokia VSR-I and MGMT VRF for VMX |
| | [`0.9.0`](https://github.com/hellt/vrnetlab/releases/tag/v0.9.0) | Support for IPInfusion OcNOS with vrnetlab |
| `0.41.0` | [`0.11.0`](https://github.com/hellt/vrnetlab/releases/tag/v0.11.0) | Added support for Juniper vSRX3.0 via [`vr-vsrx`](kinds/vr-vsrx.md) kind |

### Building vrnetlab images

Expand Down Expand Up @@ -79,6 +80,7 @@ The images that work with containerlab will appear in the supported list as we i
| Nokia SR OS | [vr-sros](kinds/vr-sros.md) | [SRL & SR OS](../lab-examples/vr-sros.md) | When building SR OS vrnetlab image for use with containerlab, **do not** provide the license during the image build process. The license shall be provided in the containerlab topology definition file[^1]. |
| Juniper vMX | [vr-vmx](kinds/vr-vmx.md) | [SRL & vMX](../lab-examples/vr-vmx.md) | |
| Juniper vQFX | [vr-vqfx](kinds/vr-vqfx.md) | Coming soon | |
| Juniper vSRX | [vr-vsrx](kinds/vr-vsrx.md) | Coming soon | |
| Cisco XRv | [vr-xrv](kinds/vr-xrv.md) | [SRL & XRv](../lab-examples/vr-xrv.md) | |
| Cisco XRv9k | [vr-xrv9k](kinds/vr-xrv9k.md) | [SRL & XRv9k](../lab-examples/vr-xrv9k.md) | |
| Cisco CSR1000v | [vr-csr](kinds/vr-csr.md) | | |
Expand Down
1 change: 1 addition & 0 deletions mkdocs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ nav:
- Juniper cRPD: manual/kinds/crpd.md
- Juniper vMX: manual/kinds/vr-vmx.md
- Juniper vQFX: manual/kinds/vr-vqfx.md
- Juniper vSRX: manual/kinds/vr-vsrx.md
- Cisco XRd: manual/kinds/xrd.md
- Cisco XRv9k: manual/kinds/vr-xrv9k.md
- Cisco XRv: manual/kinds/vr-xrv.md
Expand Down

0 comments on commit 26b2ee4

Please sign in to comment.