Okay, i'll try to make this clear as possible. I've set up several open service containers successfully, now i'm trying to convert some of it to IOx if possible. I know my VirtualPortGroup 0, 1 and 2 connections route properly out of my router since my open service containers function without issue. Keep that in mind.
Relevant hardware information:
Cisco 4451-X running Amsterdam 17.2.1
NIM-HDD (20g partition)
Packaging Methods:
ioxclient on Linux 18.04 Server
Deploy Methods:
Currently through CLI - tried WebUI with same results
Platform information as I understand it:
From the Devnet platform information page it states that after 16.10 the supported application types are as follows:
VM, LXC, Docker
To make my explanation somewhat easier, I have attempted to deploy a ubuntu container using the instructions from this github page: https://github.com/etychon/ubuntu-IOx-x86
I followed the instructions with the exception of the package.yaml file.
descriptor-schema-version: "2.5"
info:
name: ubuntu-with-sshd-x86
description: "Ubuntu Linux with SSHd. Login: root/root"
version: "1.0"
author-link: "http://www.cisco.com"
author-name: "Cisco Systems"
app:
cpuarch: "x86_64"
type: docker
resources:
profile: custom
cpu: "10000"
disk: "10240"
memory: "2048"
network:
-
interface-name: eth0
ports:
tcp:
- 22
# Specify runtime and startup
startup:
rootfs: rootfs.tar
target: ["/usr/sbin/sshd", "-D"]
I package all that up using ioxclient (same way as the instructions on the github page) and move it to the harddisk: and install, activate and start.
That all works.
The problem I run into is, I cannot SSH to it like i should be able to.
If i run the app-hosting session appid <name> I can drop in to the container. SSH is listening on 0.0.0.0 port 22
I originally had it set up on Virtualportgroup2 - on that port group i could ping out to the internet, use apt-get to pull in different packages to verify openssh was working.
When i try to ssh into the container i get a "Connection Reset"
I've tried from various machines and the 4451 itself.
I poked around on the devnet site for a while and found a reference saying that only VirtualPortGroup0 is allowed.
VirtualPortGroup0 currently hosts a linux vm with plex.
sh run | beg virtual-service
virtual-service
signing level unsigned
!
!
virtual-service PLEX
vnic gateway VirtualPortGroup0
activate
!
Current configuration : 145 bytes
!
interface VirtualPortGroup0
ip address 172.16.230.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
end
app-hosting appid UbuntIOx
app-vnic gateway1 virtualportgroup 0 guest-interface 0
app-default-gateway 172.16.230.1 guest-interface 0
end
sh app-hosting detail appid UbuntIOx
App id : UbuntIOx
Owner : iox
State : RUNNING
Application
Type : docker
Name : ubuntu-with-sshd-x86
Version : 1.0
Description : Ubuntu Linux with SSHd. Login: root/root
Path : harddisk:ubuntu20.tar
Activated profile name : custom
Resource reservation
Memory : 2048 MB
Disk : 10240 MB
CPU : 10000 units
VCPU : 1
Attached devices
Type Name Alias
---------------------------------------------
serial/shell iox_console_shell serial0
serial/aux iox_console_aux serial1
serial/syslog iox_syslog serial2
serial/trace iox_trace serial3
Network interfaces
---------------------------------------
eth0:
MAC address : 52:54:dd:2e:19:59
IPv4 address : 172.16.230.3
Network name : VPG0
Here's an example of what happens when I drop into the docker session and try various commands:
app-hosting connect appid UbuntIOx session
# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.230.3 netmask 255.255.255.248 broadcast 172.16.230.7
inet6 fe80::5054:ddff:fe2e:1959 prefixlen 64 scopeid 0x20<link>
ether 52:54:dd:2e:19:59 txqueuelen 1000 (Ethernet)
RX packets 159359 bytes 12627875 (12.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 130 bytes 11056 (11.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# ping 172.16.230.1
PING 172.16.230.1 (172.16.230.1) 56(84) bytes of data.
64 bytes from 172.16.230.1: icmp_seq=1 ttl=255 time=0.300 ms
64 bytes from 172.16.230.1: icmp_seq=2 ttl=255 time=0.303 ms
64 bytes from 172.16.230.1: icmp_seq=3 ttl=255 time=0.274 ms
64 bytes from 172.16.230.1: icmp_seq=4 ttl=255 time=0.283 ms
^C
--- 172.16.230.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3094ms
rtt min/avg/max/mdev = 0.274/0.290/0.303/0.012 ms
# ping 172.16.230.2
PING 172.16.230.2 (172.16.230.2) 56(84) bytes of data.
64 bytes from 172.16.230.2: icmp_seq=1 ttl=64 time=0.458 ms
64 bytes from 172.16.230.2: icmp_seq=2 ttl=64 time=0.376 ms
64 bytes from 172.16.230.2: icmp_seq=3 ttl=64 time=0.386 ms
64 bytes from 172.16.230.2: icmp_seq=4 ttl=64 time=0.408 ms
^C
--- 172.16.230.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3053ms
rtt min/avg/max/mdev = 0.376/0.407/0.458/0.031 ms
# ping 8.8.8.8
ping: connect: Network is unreachable
# ping 67.2.217.255
ping: connect: Network is unreachable172.16.230.2 is the plex server - i have dhcp set up and as I stated above the plex server works just fine.
outside interface: Dialer2 67.2.217.255 YES IPCP up up
I'm perplexed to what the issue is here.
I've also set up guestshell to VPG0 and that also works fine, but that's not a docker type, so i wonder if there's some sort of incompatibility or I have to set up some extra route statement to communicate with CAF. I don't know at this point.
Any assistance that could be given would be greatly appreciated!
