added support for user-defined backing bridge for mgmt

docs/manual/network.md

@@ -170,6 +170,18 @@ mgmt:
 
 Since `bridge` network is created by default by docker, using its name in the configuration will make nodes to connect to this network.
 
+#### bridge name
+By default, containerlab will create a linux bridge backing the management docker network with the following name `br-<netword-id>`. The network-id part is coming from the docker network ID that docker manages.
+
+We allow our users to change the bridge name that the management network will use. This can be used to connect containers to an already existing bridge with other workloads connected:
+
+```yaml
+mgmt:
+  # a bridge with a name mybridge will be created or reused
+  # as a backing bridge for the management network
+  bridge: mybridge
+```
+
 ### connection details
 When containerlab needs to create the management network it asks the docker daemon to do this. Docker will fullfil the request and will create a network with the underlying linux bridge interface backing it. The bridge interface name is generated by the docker daemon, but it is easy to find it:
 

runtime/containerd/containerd.go

@@ -362,7 +362,7 @@ func cniInit(cId, ifName string, mgmtNet *types.MgmtNet) (*libcni.CNIConfig, *li
 	cnirc := &libcni.RuntimeConf{
 		ContainerID: cId,
 		IfName:      ifName,
-		//// NetNS must be set later, can just be determined after cotnainer start
+		//// NetNS must be set later, can just be determined after container start
 		//NetNS:          node.NSPath,
 		CapabilityArgs: make(map[string]interface{}),
 	}

runtime/docker/docker.go

@@ -82,7 +82,7 @@ func (c *DockerRuntime) CreateNet(ctx context.Context) (err error) {
 	defer cancel()
 
 	// linux bridge name that is used by docker network
-	var bridgeName string
+	bridgeName := c.Mgmt.Bridge
 
 	log.Debugf("Checking if docker network '%s' exists", c.Mgmt.Network)
 	netResource, err := c.Client.NetworkInspect(nctx, c.Mgmt.Network, dockerTypes.NetworkInspectOptions{})
@@ -122,7 +122,8 @@ func (c *DockerRuntime) CreateNet(ctx context.Context) (err error) {
 				"containerlab": "",
 			},
 			Options: map[string]string{
-				"com.docker.network.driver.mtu": c.Mgmt.MTU,
+				"com.docker.network.driver.mtu":  c.Mgmt.MTU,
+				"com.docker.network.bridge.name": bridgeName,
 			},
 		}
 
@@ -134,7 +135,11 @@ func (c *DockerRuntime) CreateNet(ctx context.Context) (err error) {
 		if len(netCreateResponse.ID) < 12 {
 			return fmt.Errorf("could not get bridge ID")
 		}
-		bridgeName = "br-" + netCreateResponse.ID[:12]
+		// when bridge is not set by a user explicitly
+		// we use the 12 chars of docker net as its name
+		if bridgeName == "" {
+			bridgeName = "br-" + netCreateResponse.ID[:12]
+		}
 
 	case err == nil:
 		log.Debugf("network '%s' was found. Reusing it...", c.Mgmt.Network)
@@ -145,13 +150,20 @@ func (c *DockerRuntime) CreateNet(ctx context.Context) (err error) {
 		case "bridge":
 			bridgeName = "docker0"
 		default:
-			bridgeName = "br-" + netResource.ID[:12]
+			if _, ok := netResource.Options["com.docker.network.bridge.name"]; ok {
+				bridgeName = netResource.Options["com.docker.network.bridge.name"]
+			} else {
+				bridgeName = "br-" + netResource.ID[:12]
+			}
 		}
 
 	default:
 		return err
 	}
-	c.Mgmt.Bridge = bridgeName
+
+	if c.Mgmt.Bridge == "" {
+		c.Mgmt.Bridge = bridgeName
+	}
 
 	log.Debugf("Docker network '%s', bridge name '%s'", c.Mgmt.Network, bridgeName)
 

tests/01-smoke/03-bridges-and-host.robot

@@ -2,9 +2,11 @@
 This test suite verifies
 - connectivity of nodes to the linux bridge
 - connectivity of nodes to the host netns
+- user-specified bridge is honored as a mgmt net bridge
 
 *** Settings ***
 Library           OperatingSystem
+Library           Process
 Suite Setup       Setup
 Suite Teardown    Cleanup
 
@@ -16,6 +18,7 @@ ${br-link1-name}    l1-eth1
 ${br-link2-name}    l1-eth2
 ${host-link-name}    l1-01-03-eth3
 ${runtime}        docker
+${mgmt-br-name}    01-03-mgmt
 
 *** Test Cases ***
 Create linux bridge
@@ -46,6 +49,20 @@ Verify links in host ns
     Log    ${output}
     Should Contain    ${output}    state UP
 
+Verify management network is using user-specified bridge
+    # containerd has an issue with filtering at this moment, so skip it
+    Skip If    '${runtime} != docker'
+    # show management interface info and cut the information about the ifindex of the remote veth
+    # note that exec returns the info in the stderr stream, thus we use stderr to parse the ifindex
+    ${rc}    ${iface} =    OperatingSystem.Run And Return Rc And Output
+    ...    sudo containerlab --runtime ${runtime} exec -t ${CURDIR}/${lab-file} --label clab-node-name\=l1 ip l show eth0 2>&1 | cut -d ' ' -f5 | cut -d '@' -f2 | cut -c3-
+    Log    ${iface}
+    Should Be Equal As Integers    ${rc}    0
+    ${rc}    ${res} =    OperatingSystem.Run And Return Rc And Output
+    ...    sudo ip l | grep ${iface}
+    Log    ${res}
+    Should Contain    ${res}    master ${mgmt-br-name} state UP
+
 *** Keywords ***
 Setup
     # ensure the bridge we about to create is deleted first

tests/01-smoke/03-linux-nodes-to-bridge-and-host.clab.yml

@@ -3,6 +3,8 @@
 # SPDX-License-Identifier: BSD-3-Clause
 
 name: 03-bridge-and-host
+mgmt:
+  bridge: 01-03-mgmt
 
 topology:
   nodes:

types/types.go

@@ -38,7 +38,7 @@ type Endpoint struct {
 // it is provided via docker network object
 type MgmtNet struct {
 	Network    string `yaml:"network,omitempty"` // docker network name
-	Bridge     string // linux bridge backing the docker network
+	Bridge     string `yaml:"bridge,omitempty"`  // linux bridge backing the docker network (or containerd bridge net)
 	IPv4Subnet string `yaml:"ipv4_subnet,omitempty"`
 	IPv6Subnet string `yaml:"ipv6_subnet,omitempty"`
 	MTU        string `yaml:"mtu,omitempty"`