Comments (11)
@lorenzo93 if I'm not mistaken, lstart options are indirectly mapped to vstart parameters. For this reason I'd suggest a single word with no symbols.
If an option is the only way to achieve this result.
from kathara.
Hi @ejeandel,
You can add sysctl parameters in a single machine even without modifications in the Kathara source.
If you put them in the <machine_name>.startup
file they will be executed inside the machine. To make this work you need to start your lab with the --privileged
parameter that starts the container in privileged mode (allowing you to change the kernel parameters).
The only drawback in doing so is that with the privileged flag it is easy to exploit privilege excalation attacks on Docker so it is required to run lstart --privileged
as root, to ensure you are an administrator so that you'll not do damage to the host machine.
In addiction, if you need to change a parameter in all the machines in a lab (or more generally if you need to run a command in all the lab machines) you can create a shared.startup
file in your lab folder. That file will be executed like the <machine_name>.startup
but on all lab machines, instead on just the machine_name machine.
If you have further questions don't hesitate, we are very happy that other universities are using our tool! :)
from kathara.
Hi,
We were using Netkit for some time at our university too and are enthousiast to use much leaner Kathara. However, when trying to set ipv6 forwarding I get the same error as described above.
I've put the sysctl command in startup file.
However, running kathara lstart in privileged mode doesn't help as when I do it the xterms in my lab are not opening anymore.
I've got the following warning on my screen:
WARNING - Running devices with privileged capabilities, terminals won't open!
I didn't have the problem in the "previous" kathara, the one in which I just could use plain Netkit commands.
Do you have any tips how to solve this?
Thanks a lot in advance.
from kathara.
Hi,
we've disabled the terminal opening on privilege mode due to a problem with Wayland (an X.org alternative).
The devices went correctly up and running, that warning is just to remember this behaviour.
You can still access the devices with the kathara connect
command (man page.
Let me know if you still have problems :)
from kathara.
I'm not a big fan of using the privileged mode, tbh, especially when it is not technically necessary. I'm of the opinion that opening a subset of the sysctl to the public (notably the whole .net subspace should be safe) seems a better solution, especially as docker makes it possible.
from kathara.
Hi,
I do agree with @ejeandel concerning opening a subset of sysctl. If you want to experiment with networks, you should be able to change .net subspace easily. Also, we'd like to use Kathara for teaching (as we used Netkit) and here is ease of use also very important. If I have a lab with 6 nodes and then I have first start all of them in privileged mode and then connect to the one that I need to interact with Kathara connect, it's not going to be really easy in use... It's pity, as I really liked Kathara for its performance but also for the fact that it was pretty easy to extend image with the necessary functionality via docker (as opposed to netkit).
from kathara.
Hi @ejeandel and @rfrenken,
and thanks for the issue.
For me, it is not clear what is the right idea to solve this problem.
There are three solutions:
- Put a setting into the
kathara.json
file. As example:
{
"sysctls": {
"net.ipv4.tcp_sack": 0,
// other `net.` stuff here
}
}
Of course, the setting is applied on each Kathara device started.
2. Put an option for the machine in the lab.conf
file. As example:
pc1[0]="A"
pc1[sysctl]="net.ipv4.tcp_sack=0"
This gives the flexibility to choose on which device the sysctl is applied. This can be "boring" if you need to set a sysctl to all devices.
3. Leave it as it is and put the sysctls command in the .startup
file and start the lab with --privileged
flag. However, terminals don't open with this flag and this can be tricky when you want to interact with all of them.
Of course, solutions 1 and 2 require to check if the sysctl command starts with net.
. In number 2 it is also required that an =
sign is in the string.
Please tell me which option you prefer and why, so we can decide what's best for everyone :)
Thanks!
from kathara.
I much prefer something that can be done per machine (or per lab) rather than for all labs, ie solution 2.
from kathara.
I like the second solution (via configuration file) more, as it gives more flexibility.
from kathara.
Okay then.
@ejeandel can you open a pull request to implement the support for sysctl
in the lab.conf
file?
Thanks!
from kathara.
Hi,
As a friendly reminder, this feature has been included in the latest Kathara release (v2.2.2).
from kathara.
Related Issues (20)
- Fix `get_images` method in `DockerHubApi` to handle new Docker Hub API format
- Add support to Debian 12 HOT 2
- Can't start frr.service HOT 5
- Warning: Pox supports only versions of Python: 3.6, 3.7, 3.8, 3.9 HOT 2
- lconfig command not checking if machine exists
- Add `lab` parameter to all `Manager` methods
- Wait `.shutdown` commands
- Add lab hash to Docker networks names
- Add `copy_directory_from_path` method to FilesystemMixin
- Kubernetes startup watch may never terminate if there is a Pod error
- Allow space in `sysctl` and `env` metas
- Add the possibility to specify a custom name for network scenario configuration file from the Python API
- Add `gnome-terminal` as terminal emulator
- "RTNETLINK answers: Operation not supported" when running traffic-control labs in MacOS HOT 4
- `tc` does not work on Windows hosts (WSL 2) HOT 1
- Use `rich` to render progress bars and add UI progress for Docker image pull
- Enable using `amd64` images on macOS using Rosetta
- UI Improvements using `rich`
- Multipath support not enabled in WSL
- API Improvements
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kathara.