Skip to content

Latest commit

 

History

History
180 lines (157 loc) · 5.71 KB

README.md

File metadata and controls

180 lines (157 loc) · 5.71 KB
Raw

NextMN Docker Images

Warning

The following images are NOT official builds of NextMN, in the future they may include beta-functionalities.

Tip

By default, configuration file from templating is used if no --config or -c is passed as argument. To start without argument, use:

command: [" "]

Configuration

NextMN-UPF

Note

Please note that even if this software is not yet properly packaged using .deb, the generated binary file /usr/local/bin/upf is provided to you under MIT License. A copy of the source code is available at in the repository nextmn/upf.

Environment variable used to select templating system:

environment:
  ROUTING_SCRIPT: "docker-setup"
  TEMPLATE_SCRIPT: "template-script.sh"
  TEMPLATE_SCRIPT_ARGS: ""
  CONFIG_FILE: "/etc/nextmn/upf.yaml"
  CONFIG_TEMPLATE: "/usr/local/share/nextmn/template-upf.yaml"

Environment variables for templating:

environment:
  N4: "203.0.113.2"
  DNN_LIST: |-
    - dnn: "sliceA"
      cidr: "10.0.111.0./24"
  GTPU_ENTITIES_LIST: |-
    - "10.0.201.5"
    - "10.0.215.4"
  LOG_LEVEL: "info"

Routing

Tip

If you choose to configure the container using docker-setup (default), please refer to docker-setup's documentation. The environment variable ONESHOT is set to "true".

Container deployment

Important

  • The container requires the NET_ADMIN capability;
  • The container requires the forwarding to be enabled (not enabled by the container itself);
  • The tun interface (/dev/net/tun) must be available in the container.

This can be done in docker-compose.yaml by defining the following for the service:

cap_add:
    - NET_ADMIN
devices:
    - "/dev/net/tun"
sysctls:
    - net.ipv4.ip_forward=1

NextMN-SRv6-ctrl

Note

Please note that even if this software is not yet properly packaged using .deb, the generated binary file /usr/local/bin/srv6-ctrl is provided to you under MIT License. A copy of the source code is available at in the repository nextmn/srv6-ctrl.

Environment variable used to select templating system:

environment:
  ROUTING_SCRIPT: "docker-setup"
  TEMPLATE_SCRIPT: "template-script.sh"
  TEMPLATE_SCRIPT_ARGS: ""
  CONFIG_FILE: "/etc/nextmn/srv6-ctrl.yaml"
  CONFIG_TEMPLATE: "/usr/local/share/nextmn/template-srv6-ctrl.yaml"

Environment variables for templating:

environment:
  N4: "203.0.113.2"
  HTTP_ADDRESS: "192.0.2.2"
  HTTP_PORT: "8080"
  LOG_LEVEL: "info"

Routing

Tip

If you choose to configure the container using docker-setup (default), please refer to docker-setup's documentation. The environment variable ONESHOT is set to "true". By default, it does nothing, but if you intend to use it, don't forget to add the capability NET_ADMIN.

NextMN-SRv6

Note

Please note that even if this software is not yet properly packaged using .deb, the generated binary file /usr/local/bin/srv6 is provided to you under MIT License. A copy of the source code is available at in the repository nextmn/srv6.

Environment variable used to select templating system:

environment:
  TEMPLATE_SCRIPT: "template-script.sh"
  TEMPLATE_SCRIPT_ARGS: ""
  CONFIG_FILE: "/etc/nextmn/srv6.yaml"
  CONFIG_TEMPLATE: "/usr/local/share/nextmn/template-srv6.yaml"

Environment variables for templating:

environment:
  CONTROLLER_URI: "http://192.0.2.2:8080"
  HTTP_ADDRESS: "192.0.2.1"
  HTTP_PORT: "8080"
  BACKBONE_IP: "fd00::1"
  HOOKS: |-
    pre-init-hook: pre-init-hook.sh
    post-init-hook: post-init-hook.sh
    pre-exit-hook: pre-exit-hook.sh
    post-exit-hook: post-exit-hook.sh
  LOCATOR: "fd00:51D5:0000:1::/64"
  HEADENDS: |-
    - name: "gtp4 to sr"
      to: "10.0.200.3/32"
      provider: "NextMN"
      behavior: "H.M.GTP4.D"
      policy:
        - match:
            teid: 0x0001
          bsid:
            bsid-prefix: "fd00:51D5:000:2::/80"
            segments-list:
              - "fd00:51D5:0000:3::"
              - "fd00:51D5:0000:4::"
      source-address-prefix: "fd00:51D5:000:1:9999::/80"
    - name: "linux test"
      to: "10.0.100.0/24"
      provider: "Linux"
      behavior: "H.Encaps"
      policy:
        - bsid:
            segments-list:
              - "fd00:51D5:0000:2::"
              - "fd00:51D5:0000:3::"
  ENDPOINTS: |-
    - prefix: "fd00:51D5:0000:1:11::/80"
      behavior: "End.DX4"
      provider: "Linux"
    - prefix: "fd00:51D5:0000:1:1::/80"
      behavior: "End"
      provider: "Linux"
  LINUX_HEADEND_SET_SOURCE_ADDRESS: fd00:51D5:0000::
  GTP4_HEADEND_PREFIX: 10.0.200.3/32
  LOG_LEVEL: "info"

Container deployment

Important

  • The container requires the NET_ADMIN capability;
  • The container should enable IPv6, and Segment Routing
  • The container requires the forwarding to be enabled (not enabled by the container itself);
  • The tun interface (/dev/net/tun) must be available in the container.

This can be done in docker-compose.yaml by defining the following for the service:

cap_add:
    - NET_ADMIN
devices:
    - "/dev/net/tun"
sysctls:
    - net.ipv6.conf.all.disable_ipv6=0
    - net.ipv4.ip_forward=1
    - net.ipv6.conf.all.forwarding=1
    - net.ipv6.conf.all.seg6_enabled=1
    - net.ipv6.conf.default.seg6_enabled=1