conlink 2.0.0

package/inspect.json

@@ -0,0 +1,210 @@
+[
+    {
+        "Id": "43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357",
+        "Created": "2023-10-11T15:55:04.428835024Z",
+        "Path": "sh",
+        "Args": [
+            "-c",
+            "while ! ip link show eth0 up; do sleep 1; done; sleep 864000"
+        ],
+        "State": {
+            "Status": "running",
+            "Running": true,
+            "Paused": false,
+            "Restarting": false,
+            "OOMKilled": false,
+            "Dead": false,
+            "Pid": 10216,
+            "ExitCode": 0,
+            "Error": "",
+            "StartedAt": "2023-10-11T15:55:04.576997181Z",
+            "FinishedAt": "0001-01-01T00:00:00Z"
+        },
+        "Image": "sha256:8ca4688f4f356596b5ae539337c9941abc78eda10021d35cbc52659c74d9b443",
+        "ResolvConfPath": "/var/lib/docker/containers/43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357/resolv.conf",
+        "HostnamePath": "/var/lib/docker/containers/43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357/hostname",
+        "HostsPath": "/var/lib/docker/containers/43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357/hosts",
+        "LogPath": "/var/lib/docker/containers/43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357/43e63a3c948443f55198f4de29fd96805fdb306398ff64d89f1103c355e28357-json.log",
+        "Name": "/examples_node2_1",
+        "RestartCount": 0,
+        "Driver": "overlay2",
+        "Platform": "linux",
+        "MountLabel": "",
+        "ProcessLabel": "",
+        "AppArmorProfile": "docker-default",
+        "ExecIDs": null,
+        "HostConfig": {
+            "Binds": [],
+            "ContainerIDFile": "",
+            "LogConfig": {
+                "Type": "json-file",
+                "Config": {}
+            },
+            "NetworkMode": "none",
+            "PortBindings": {},
+            "RestartPolicy": {
+                "Name": "",
+                "MaximumRetryCount": 0
+            },
+            "AutoRemove": false,
+            "VolumeDriver": "",
+            "VolumesFrom": [],
+            "ConsoleSize": [
+                0,
+                0
+            ],
+            "CapAdd": [
+                "NET_ADMIN"
+            ],
+            "CapDrop": null,
+            "CgroupnsMode": "host",
+            "Dns": null,
+            "DnsOptions": null,
+            "DnsSearch": null,
+            "ExtraHosts": null,
+            "GroupAdd": null,
+            "IpcMode": "private",
+            "Cgroup": "",
+            "Links": null,
+            "OomScoreAdj": 0,
+            "PidMode": "",
+            "Privileged": false,
+            "PublishAllPorts": false,
+            "ReadonlyRootfs": false,
+            "SecurityOpt": null,
+            "UTSMode": "",
+            "UsernsMode": "",
+            "ShmSize": 67108864,
+            "Runtime": "runc",
+            "Isolation": "",
+            "CpuShares": 0,
+            "Memory": 0,
+            "NanoCpus": 0,
+            "CgroupParent": "",
+            "BlkioWeight": 0,
+            "BlkioWeightDevice": null,
+            "BlkioDeviceReadBps": null,
+            "BlkioDeviceWriteBps": null,
+            "BlkioDeviceReadIOps": null,
+            "BlkioDeviceWriteIOps": null,
+            "CpuPeriod": 0,
+            "CpuQuota": 0,
+            "CpuRealtimePeriod": 0,
+            "CpuRealtimeRuntime": 0,
+            "CpusetCpus": "",
+            "CpusetMems": "",
+            "Devices": null,
+            "DeviceCgroupRules": null,
+            "DeviceRequests": null,
+            "MemoryReservation": 0,
+            "MemorySwap": 0,
+            "MemorySwappiness": null,
+            "OomKillDisable": false,
+            "PidsLimit": null,
+            "Ulimits": null,
+            "CpuCount": 0,
+            "CpuPercent": 0,
+            "IOMaximumIOps": 0,
+            "IOMaximumBandwidth": 0,
+            "MaskedPaths": [
+                "/proc/asound",
+                "/proc/acpi",
+                "/proc/kcore",
+                "/proc/keys",
+                "/proc/latency_stats",
+                "/proc/timer_list",
+                "/proc/timer_stats",
+                "/proc/sched_debug",
+                "/proc/scsi",
+                "/sys/firmware"
+            ],
+            "ReadonlyPaths": [
+                "/proc/bus",
+                "/proc/fs",
+                "/proc/irq",
+                "/proc/sys",
+                "/proc/sysrq-trigger"
+            ]
+        },
+        "GraphDriver": {
+            "Data": {
+                "LowerDir": "/var/lib/docker/overlay2/f45757baf87c92f0934409fa9617bd4027e1e4472711312b1d8145ca59cdf0f3-init/diff:/var/lib/docker/overlay2/0ee1adfcd9b69bb9354db86819da1c06904d5c664f8d9e0aded8c158a24654df/diff",
+                "MergedDir": "/var/lib/docker/overlay2/f45757baf87c92f0934409fa9617bd4027e1e4472711312b1d8145ca59cdf0f3/merged",
+                "UpperDir": "/var/lib/docker/overlay2/f45757baf87c92f0934409fa9617bd4027e1e4472711312b1d8145ca59cdf0f3/diff",
+                "WorkDir": "/var/lib/docker/overlay2/f45757baf87c92f0934409fa9617bd4027e1e4472711312b1d8145ca59cdf0f3/work"
+            },
+            "Name": "overlay2"
+        },
+        "Mounts": [],
+        "Config": {
+            "Hostname": "43e63a3c9484",
+            "Domainname": "",
+            "User": "",
+            "AttachStdin": false,
+            "AttachStdout": false,
+            "AttachStderr": false,
+            "Tty": false,
+            "OpenStdin": false,
+            "StdinOnce": false,
+            "Env": [
+                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+            ],
+            "Cmd": [
+                "sh",
+                "-c",
+                "while ! ip link show eth0 up; do sleep 1; done; sleep 864000"
+            ],
+            "Image": "alpine",
+            "Volumes": null,
+            "WorkingDir": "",
+            "Entrypoint": null,
+            "OnBuild": null,
+            "Labels": {
+                "com.docker.compose.config-hash": "be458eaf2e2aba67235023be9f8342d88ce0e0f7979749d6496423229a954bd3",
+                "com.docker.compose.container-number": "1",
+                "com.docker.compose.oneoff": "False",
+                "com.docker.compose.project": "examples",
+                "com.docker.compose.project.config_files": "examples/test2-compose.yaml",
+                "com.docker.compose.project.working_dir": "/home/jmartin/work/viasat/repos/conlink.cljs/examples",
+                "com.docker.compose.service": "node2",
+                "com.docker.compose.version": "1.29.2"
+            }
+        },
+        "NetworkSettings": {
+            "Bridge": "",
+            "SandboxID": "963251cd8230a51e9c658653a3fdeedfe10e9f16c03aed802b69d5a6c86f6d19",
+            "HairpinMode": false,
+            "LinkLocalIPv6Address": "",
+            "LinkLocalIPv6PrefixLen": 0,
+            "Ports": {},
+            "SandboxKey": "/var/run/docker/netns/963251cd8230",
+            "SecondaryIPAddresses": null,
+            "SecondaryIPv6Addresses": null,
+            "EndpointID": "",
+            "Gateway": "",
+            "GlobalIPv6Address": "",
+            "GlobalIPv6PrefixLen": 0,
+            "IPAddress": "",
+            "IPPrefixLen": 0,
+            "IPv6Gateway": "",
+            "MacAddress": "",
+            "Networks": {
+                "none": {
+                    "IPAMConfig": null,
+                    "Links": null,
+                    "Aliases": null,
+                    "NetworkID": "c7b50bdae4d8c2baa2dfbfcf81a783cddcfd66df84c6ce3f3506985434a161c8",
+                    "EndpointID": "376d2c90a9e33a6e0fd62dc3f67c6f784d717594b54ebbb7e9d4d372ee0cf115",
+                    "Gateway": "",
+                    "IPAddress": "",
+                    "IPPrefixLen": 0,
+                    "IPv6Gateway": "",
+                    "GlobalIPv6Address": "",
+                    "GlobalIPv6PrefixLen": 0,
+                    "MacAddress": "",
+                    "DriverOpts": null
+                }
+            }
+        }
+    }
+]

package/link-add.sh

@@ -0,0 +1,197 @@
+#!/bin/bash
+
+# Copyright (c) 2023, Viasat, Inc
+# Licensed under MPL 2.0
+
+set -e
+
+usage () {
+  echo >&2 "${0} [OPTIONS] TYPE PID0 INTF0"
+  echo >&2 ""
+  echo >&2 "Create link TYPE interface INTF0 in netns PID0."
+  echo >&2 ""
+  echo >&2 "Positional arguments:"
+  echo >&2 "  TYPE is the link/interface type"
+  echo >&2 "  INTF0 is the primary interface name"
+  echo >&2 "  PID0 is the primary netns process ID"
+  echo >&2 ""
+  echo >&2 "The INTF1/PID1 parameters have type specific meaning:"
+  echo >&2 "  - veth: the peer interface in PID1 netns"
+  echo >&2 "  - *vlan/*vtap: the parent interface in PID1 netns"
+  echo >&2 "  - geneve/vxlan: not applicable"
+  echo >&2 ""
+  echo >&2 "OPTIONS:"
+  echo >&2 "  --verbose                - Verbose output (set -x)"
+  echo >&2 "  --pid1 PID1              - Secondary netns process ID"
+  echo >&2 "                             (default: <SELF>)"
+  echo >&2 "  --intf1 INTF1            - Secondary interface name"
+  echo >&2 "                             (default: eth0)"
+  echo >&2 "  --ip  IP0                - IP (CIDR) address for INTF0"
+  echo >&2 "  --ip0 IP0                - IP (CIDR) address for INTF0"
+  echo >&2 "  --ip1 IP1                - IP (CIDR) address for INTF1"
+  echo >&2 "  --mac  MAC0              - MAC address for INTF0"
+  echo >&2 "  --mac0 MAC0              - MAC address for INTF0"
+  echo >&2 "  --mac1 MAC1              - MAC address for INTF1"
+  echo >&2 "  --route  'ROUTE'         - route to add to INTF0"
+  echo >&2 "  --route|--route0 'ROUTE' - route to add to INTF0"
+  echo >&2 "  --route1 'ROUTE'         - route to add to INTF1"
+  echo >&2 "  --mtu MTU                - MTU for both interfaces"
+  echo >&2 ""
+  echo >&2 "  --mode MODE              - Mode settings for *vlan TYPEs"
+  echo >&2 "  --vlanid VLANID          - VLAN ID for vlan TYPE"
+  echo >&2 ""
+  echo >&2 "  --remote REMOTE          - Remote address for geneve/vxlan types"
+  echo >&2 "  --vni VNI                - Virtual Network Identifier for geneve/vxlan types"
+  echo >&2 ""
+  echo >&2 "  --netem NETEM            - tc qdisc netem OPTIONS (man 8 netem)"
+  echo >&2 "  --nat TARGET             - Stateless NAT traffic to/from TARGET"
+  exit 2
+}
+
+info() { echo "link-add [${LOG_ID}] ${*}"; }
+warn() { >&2 echo "link-add [${LOG_ID}] ${*}"; }
+die()  { warn "ERROR: ${*}"; exit 1; }
+
+# Set MAC, IP, ROUTE, MTU, and up state for interface in netns
+setup_if() {
+  local IF=$1 NS=$2 MAC=$3 IP=$4 ROUTE=$5 MTU=$6
+
+  info "Setting ${IP:+IP ${IP}, }${MAC:+MAC ${MAC}, }${MTU:+MTU ${MTU}, }${ROUTE:+ROUTE '${ROUTE}', }up state"
+  ip -netns ${NS} --force -b - <<EOF
+      ${IP:+addr add ${IP} dev ${IF}}
+      ${MAC:+link set dev ${IF} address ${MAC}}
+      ${MTU:+link set dev ${IF} mtu ${MTU}}
+      link set dev ${IF} up
+      ${ROUTE:+route add ${ROUTE} dev ${IF}}
+EOF
+}
+
+IPTABLES() {
+  local ns=${1}; shift
+  ip netns exec ${ns} iptables -D "${@}" 2>/dev/null || true
+  ip netns exec ${ns} iptables -I "${@}"
+}
+
+
+# Parse arguments
+VERBOSE=${VERBOSE:-}
+PID1=${PID1:-<SELF>} IF1=${IF1:-eth0}
+IP0= IP1= MAC0= MAC1= ROUTE0= ROUTE1= MTU=
+MODE= VLANID= REMOTE= VNI= NETEM= NAT=
+positional=
+while [ "${*}" ]; do
+  param=$1; OPTARG=$2
+  case ${param} in
+  --verbose)        VERBOSE=1 ;;
+  --pid1)           PID1="${OPTARG}"; shift ;;
+  --intf1)          IF1="${OPTARG}"; shift ;;
+  --ip|--ip0)       IP0="${OPTARG}"; shift ;;
+  --ip1)            IP1="${OPTARG}"; shift ;;
+  --mac|--mac0)     MAC0="${OPTARG}"; shift ;;
+  --mac1)           MAC1="${OPTARG}"; shift ;;
+  --route|--route0) ROUTE0="${OPTARG}"; shift ;;
+  --route1)         ROUTE1="${OPTARG}"; shift ;;
+  --mtu)            MTU="${OPTARG}"; shift ;;
+
+  --mode)           MODE="${OPTARG}"; shift ;;
+  --vlanid)         VLANID="${OPTARG}"; shift ;;
+
+  --remote)         REMOTE="${OPTARG}"; shift ;;
+  --vni)            VNI="${OPTARG}"; shift ;;
+
+  --netem)          NETEM="${OPTARG}"; shift ;;
+  --nat)            NAT="${OPTARG}"; shift ;;
+  -h|--help)        usage ;;
+  *)                positional="${positional} $1" ;;
+  esac
+  shift
+done
+set -- ${positional}
+TYPE=$1 PID0=$2 IF0=$3
+
+[ "${VERBOSE}" ] && set -x || true
+
+# Sanity check arguments
+[ "${TYPE}" -a "${PID0}" -a "${IF0}" ] || usage
+[ "${NAT}" -a -z "${IP0}" ] && die "--nat requires --ip0"
+
+LOG_ID="${TYPE} ${PID0}:${IF0}"
+case "${TYPE}" in
+veth)
+  LOG_ID="${LOG_ID} <-> ${PID1}:${IF1}"
+  ;;
+*vlan|*vtap)
+  LOG_ID="${LOG_ID} <<< ${PID1}:${IF1}"
+  [ "${IF1}" ] || die "--intf1 required for ${TYPE} link"
+  [ "${REMOTE}" -o "${VNI}" ] && die "--remote/--vlanid incompatible with ${TYPE} link"
+  ;;
+geneve|vxlan)
+  LOG_ID="${LOG_ID} <<->> ${REMOTE}(${VNI})"
+  [ "${REMOTE}" -a "${VNI}" ] || die "--remote and --vni required for ${TYPE} link"
+  [ "${MODE}" -o "${VLANID}" ] && die "--mode/--vlanid incompatible with ${TYPE} link"
+  ;;
+*)
+  [ "${PID1}" != "<SELF>" ] && die "--pid1 not supported for ${TYPE} link"
+  ;;
+esac
+
+[ "${PID1}" = "<SELF>" ] && PID1=$$
+NS0=ns${PID0} NS1=ns${PID1}
+
+# Sanity checks
+[ ! -d /proc/$PID0 ] && die "PID0 $PID0 is no longer running!"
+[ ! -d /proc/$PID1 ] && die "PID1 $PID1 is no longer running!"
+
+### Do the work
+
+info "Creating ${TYPE} link"
+
+info "Creating ip netns to pid mappings"
+export PATH=$PATH:/usr/sbin  # to find iptables
+mkdir -p /var/run/netns
+ln -sf /proc/${PID0}/ns/net /var/run/netns/${NS0}
+ln -sf /proc/${PID1}/ns/net /var/run/netns/${NS1}
+
+case "${TYPE}" in
+veth)
+  info "Creating ${TYPE} pair interfaces"
+  echo ip link add ${IF0} netns ${NS0} type veth peer ${IF1} netns ${NS1}
+  ip link add ${IF0} netns ${NS0} type veth peer ${IF1} netns ${NS1}
+  ;;
+*vlan|*vtap)
+  info "Creating ${TYPE} interface"
+  SIF0=if0-${RANDOM}
+  ip -netns ${NS1} link add name ${SIF0} link ${IF1} type ${TYPE} \
+    ${MODE:+mode ${MODE}} ${VLANID:+id ${VLANID}}
+  info "Moving ${TYPE} interface"
+  ip -netns ${NS1} link set ${SIF0} netns ${NS0}
+  info "Renaming ${TYPE} interface"
+  ip -netns ${NS0} link set ${SIF0} name ${IF0}
+  ;;
+geneve|vxlan)
+  info "Creating ${TYPE} tunnel interface"
+  ip -netns ${NS1} link add name ${IF0} type ${TYPE} \
+    remote ${REMOTE} id ${VNI}
+  ;;
+*)
+  info "Creating ${TYPE} interface"
+  ip -netns ${NS0} link add ${IF0} type ${TYPE}
+  ;;
+esac
+
+setup_if ${IF0} ${NS0} "${MAC0}" "${IP0}" "${ROUTE0}" "${MTU}"
+[ "${TYPE}" = "veth" ] && \
+  setup_if ${IF1} ${NS1} "${MAC1}" "${IP1}" "${ROUTE1}" "${MTU}"
+
+if [ "${NETEM}" ]; then
+  info "Setting tc qdisc netem: ${NETEM}"
+  tc -netns ${NS0} qdisc add dev ${IF0} root netem ${NETEM}
+fi
+
+if [ "${NAT}" ]; then
+  info "Adding NAT rule to ${NAT}"
+  IPTABLES ${NS0} PREROUTING  -t nat -i ${IF0} -j DNAT --to-destination ${NAT}
+  IPTABLES ${NS0} POSTROUTING -t nat -o ${IF0} -j SNAT --to-source ${IP0%/*}
+fi
+
+info "Created ${TYPE} link"

package/link-del.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+
+# Copyright (c) 2023, Viasat, Inc
+# Licensed under MPL 2.0
+
+set -e
+
+usage () {
+    echo >&2 "${0} [OPTIONS] PID INTF"
+    echo >&2 ""
+    echo >&2 "  INTF is the name of the interface in PID netns"
+    echo >&2 "  PID is the process ID of the container"
+    echo >&2 ""
+    echo >&2 "  Where OPTIONS are:"
+    echo >&2 "     --verbose    - Verbose output (set -x)"
+    exit 2
+}
+
+VERBOSE=${VERBOSE:-}
+
+info() { echo "del-link [${PID}:${IF}] ${*}"; }
+warn() { >&2 echo "del-link [${PID}:${IF}] ${*}"; }
+die()  { warn "ERROR: ${*}"; exit 1; }
+
+# Parse arguments
+positional=
+while [ "${*}" ]; do
+  param=$1; OPTARG=$2
+  case ${param} in
+  --verbose) VERBOSE=1 ;;
+  -h|--help) usage ;;
+  *) positional="${positional} $1" ;;
+  esac
+  shift
+done
+set -- ${positional}
+PID=$1 IF=$2
+
+NS=ns${PID}
+
+[ "${VERBOSE}" ] && set -x || true
+
+# Check arguments
+[ "${IF}" -a "${PID}" ] || usage
+
+# Sanity checks
+[ ! -d /proc/$PID ] && die "PID $PID is no longer running!"
+
+### Do the work
+
+info "Deleting link"
+
+info "Creating ip netns to pid mapping"
+mkdir -p /var/run/netns
+ln -sf /proc/${PID}/ns/net /var/run/netns/ns${PID}
+
+info "Deleting interface"
+ip -netns ${NS} link del ${IF}
+
+info "Deleted link"

package/net2dot

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+TOP_DIR=$(dirname $(readlink -f "${0}"))
+SCRIPT_NAME=$(basename "${0}")
+NBB=${TOP_DIR}/node_modules/.bin/nbb
+
+die() { echo >&2 "${*}"; exit 1; }
+
+[ -e "${NBB}" ] || die "Missing ${NBB}. Maybe run 'npm install' in ${TOP_DIR}?"
+
+exec ${NBB} -cp "${TOP_DIR}/src" -m conlink.net2dot/main "${@}"

package/notes.txt

@@ -0,0 +1,82 @@
+- Also see schema-ish.yaml
+links:
+  - type: TYPE         # Default: 'veth'
+                       # Others: '*vlan/*vtap', 'dummy', 'tunnel', etc
+
+    container: FOO     # full container name
+      # OR
+    service: FOO       # compose service name
+
+    bridge: BRIDGE     # name of OVS or linux bridge
+
+    base: BASE         # 'conlink', 'host', or 'local'
+                       # 'conlink' is default for 'type: veth'
+                       # 'host' is default for 'type: *vlan/*vtap'
+
+    dev: DEV           # internal container device/interface name
+    outer-dev: DEV     # conlink or host (*vlan) device/interface name
+
+    # --- optional general ---
+
+    ip(s): IP          # starting address, can include net slash to limit max
+    mac: MAC
+    mtu: MTU
+    route(s): ROUTE    # `ip route add ROUTE`, maybe add "dev INTF" automatically
+    tc(s): TC          # tc/qdisc commands/settings
+    flow(s): FLOW      # `ovs-ofctl add-flow DOMAIN FLOW`. With var templating.
+    command(s): CMD    # arbitrary shell cmd. After all links setup for this container
+
+    # --- optional for 'type: *vlan/*vtap' ---
+
+    mode: MODE         # 'bridge', etc
+    vlanid: VLANID     # VLAN #
+    nat: NAT           # nat target
+
+
+- type maps to 'ip link' type with default of 'veth'
+- when type is 'veth', then base default is 'conlink'
+- when type is 'veth' and base is 'conlink', then bridge is required.
+
+- conlink veth link: {type: veth [DEFAULT], base: conlink [DEFAULT], bridge: BRIDGE, dev: DEV}
+
+
+
+Dependencies in python version:
+- argparse
+- shlex (parsing commands)
+- compose_interpolation import TemplateWithDefaults
+- cerberus import Validator
+    - options: joi, ajv, json-schema, and z-schema.
+- docker
+- psutil (pid_exists)
+- json
+- yaml
+- mininet
+
+
+- [deprecated idea] conlink sub-commands:
+    conlink spit
+        - output override docker-compose file with conlink service
+        - figure out volume mounts to get to other compose file(s)
+    conlink dc up ...
+        - generate override docker-compose file with conlink service
+        - run the compose command with override file
+    conlink start 
+        - start inside compose
+    conlink run
+        - start outside compose
+
+
+tc:
+  tc-htb:
+    - replace cbq, control outbound bandwidth
+    tc qdisc ... dev dev ( parent classid | root) [ handle major: ] htb [ default minor-id ]
+    tc class ... dev dev parent major:[minor] [ classid major:minor ] htb rate rate [ ceil rate ] burst bytes [ cburst bytes ] [ prio priority ]
+
+  tc-cbq:
+    tc  qdisc ... dev dev ( parent classid | root) [ handle major: ] cbq [ allot bytes ] avpkt bytes bandwidth rate [ cell bytes ] [ ewma log ] [ mpu bytes ]
+    tc class ... dev dev parent major:[minor] [ classid major:minor ] cbq allot bytes [ bandwidth rate ] [ rate rate ] prio pri‐ority  [  weight  weight ] [ minburst packets ] [ maxburst packets ] [ ewma log ] [ cell bytes ] avpkt bytes [ mpu bytes ] [ bounded isolated ] [ split handle & defmap defmap ] [ estimator interval timeconstant ]
+
+  tc-netem:
+    tc qdisc ... dev DEVICE ] add netem OPTIONS
+

package/old/Dockerfile.bak

@@ -0,0 +1,26 @@
+FROM node:16 as base
+
+RUN apt-get -y update #1
+
+
+#############################################################
+FROM node:16-slim as conlink
+
+RUN apt-get -y update #1
+
+# network/debug
+RUN apt-get -y install util-linux iproute2 bridge-utils tzdata \
+    iptables ethtool tcpdump socat iputils-ping strace socat \
+    curl wget iperf3 dnsmasq jq psutils telnet
+
+# runtime deps
+RUN apt-get -y install net-tools cgroup-tools \
+    openvswitch-switch openvswitch-testcontroller kmod
+
+ADD package.json /app/
+RUN cd /app && npm install
+
+ADD conlink conlink.cljs /app/
+ADD src/ /app/src/
+RUN ln -sf /app/conlink /sbin/
+

package/old/add-link.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+
+# Copyright (c) 2023, Viasat, Inc
+# Licensed under MPL 2.0
+
+set -e
+
+usage () {
+  echo >&2 "${0} [OPTIONS] TYPE INTF PID [-- SET ARGS]"
+  echo >&2 ""
+  echo >&2 "  TYPE:  interface type"
+  echo >&2 "  INTF:  the interface name to create in PID"
+  echo >&2 "  PID:   the process ID of the first namespace"
+  echo >&2 ""
+  echo >&2 "  OPTIONS are:"
+  echo >&2 "     --verbose        - Verbose output (set -x)"
+  echo >&2 "     --ip IP          - IP address for INTF"
+  echo >&2 "     --mac MAC        - MAC address for INTF"
+  echo >&2 "     --route 'ROUTE'  - route to add to INTF"
+  echo >&2 "     --mtu MTU        - MTU for INTF"
+  echo >&2 ""
+  echo >&2 "The interface is created in PID ns, then the IP, MAC,"
+  echo >&2 "and MTU are set, and finally the following command"
+  echo >&2 "is executed:"
+  echo >&2 "    ip link set INTF up SET_ARGS"
+  exit 2
+}
+
+VERBOSE=${VERBOSE:-}
+IP= MAC= ROUTE= MTU= SET_ARGS=
+
+info() { echo "add-link [${TYPE} - ${PID}/${IF}] ${*}"; }
+warn() { >&2 echo "add-link [${TYPE} - ${PID}/${IF}] ${*}"; }
+die()  { warn "ERROR: ${*}"; exit 1; }
+
+# Parse arguments
+positional=
+while [ "${*}" ]; do
+  param=$1; OPTARG=$2
+  case ${param} in
+  --verbose) VERBOSE=1 ;;
+  --ip) IP="${OPTARG}"; shift ;;
+  --mac) MAC="${OPTARG}"; shift ;;
+  --route) ROUTE="${OPTARG}"; shift ;;
+  --mtu) MTU="${OPTARG}"; shift ;;
+  -h|--help) usage ;;
+  --) SET_ARGS="$*"; break ;;
+  *) positional="${positional} $1" ;;
+  esac
+  shift
+done
+set -- ${positional}
+
+TYPE=$1 IF=$2 PID=$3 NS=ns${PID}
+
+[ "${VERBOSE}" ] && set -x || true
+
+# Check arguments
+[ "${TYPE}" -a "${IF}" -a "${PID}" ] || usage
+
+# Sanity checks
+[ ! -d /proc/$PID ] && die "PID $PID is no longer running!"
+
+export PATH=$PATH:/usr/sbin
+mkdir -p /var/run/netns
+ln -sf /proc/${PID}/ns/net /var/run/netns/${NS}
+
+info "Creating ${TYPE} link ${IF} in ${NS}"
+ip link add ${IF} netns ns${PID} type ${TYPE}
+
+ip -netns ${NS} --force -b - <<EOF
+  ${IP:+addr add ${IP} dev ${IF}}
+  ${MAC:+link set dev ${IF} address ${MAC}}
+  ${MTU:+link set dev ${IF} mtu ${MTU}}
+  link set dev ${IF} up
+  ${ROUTE:+route add ${ROUTE} dev ${IF}}
+  ${SET_ARGS:+link set dev ${IF} ${SET_ARGS}}
+EOF
+
+info "Created ${TYPE} link ${IF} in ${NS}"
+
+# /test/add-link.sh --verbose dummy if0 2500144 --ip 192.168.88.32/24 -- arp on

package/old/conlink

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+TOP_DIR=$(dirname $(readlink -f "${0}"))
+SCRIPT_NAME=$(basename "${0}")
+NBB=${TOP_DIR}/node_modules/.bin/nbb
+
+die() { echo >&2 "${*}"; exit 1; }
+
+[ -e "${NBB}" ] || die "Missing ${NBB}. Maybe run 'npm install' in ${TOP_DIR}?"
+
+exec ${NBB} -cp "${TOP_DIR}/src" "${TOP_DIR}"/${SCRIPT_NAME}.cljs "${@}"
+