Tests - ACL End-to-end integration test:

# Copyright 2022-2025 ETSI SDG TeraFlowSDN (TFS) (https://tfs.etsi.org/)

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#      http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

clab-*/

images/

*.clab.yml.bak

*.tar

*.tar.gz

# Copyright 2022-2025 ETSI SDG TeraFlowSDN (TFS) (https://tfs.etsi.org/)

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#      http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

# Build, tag, and push the Docker image to the GitLab Docker registry

build acl_end2end:

  variables:

    TEST_NAME: 'acl_end2end'

  stage: build

  before_script:

    - docker image prune --force

    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY

  script:

    - docker buildx build -t "${TEST_NAME}:latest" -f ./src/tests/${TEST_NAME}/Dockerfile .

    - docker tag "${TEST_NAME}:latest" "$CI_REGISTRY_IMAGE/${TEST_NAME}:latest"

    - docker push "$CI_REGISTRY_IMAGE/${TEST_NAME}:latest"

  after_script:

    - docker image prune --force

  rules:

    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH)'

    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "develop"'

    - changes:

      - src/common/**/*.py

      - proto/*.proto

      - src/tests/${TEST_NAME}/**/*.{py,in,sh,yml}

      - src/tests/${TEST_NAME}/Dockerfile

      - .gitlab-ci.yml

# Deploy TeraFlowSDN and Execute end-2-end test

end2end_test acl_end2end:

  timeout: 45m

  variables:

    TEST_NAME: 'acl_end2end'

  stage: end2end_test

  # Disable to force running it after all other tasks

  #needs:

  #  - build acl_end2end

  before_script:

    # Cleanup old ContainerLab scenarios

    - containerlab destroy --all --cleanup || true

    # Do Docker cleanup

    - docker ps --all --quiet | xargs --no-run-if-empty docker stop

    - docker container prune --force

    - docker ps --all --quiet | xargs --no-run-if-empty docker rm --force

    - docker image prune --force

    - docker network prune --force

    - docker volume prune --all --force

    - docker buildx prune --force

    # Check MicroK8s is ready

    - microk8s status --wait-ready

    - LOOP_MAX_ATTEMPTS=10

    - LOOP_COUNTER=0

    - >

      while ! kubectl get pods --all-namespaces &> /dev/null; do

        printf "%c" "."

        sleep 1

        LOOP_COUNTER=$((LOOP_COUNTER + 1))

        if [ "$LOOP_COUNTER" -ge "$LOOP_MAX_ATTEMPTS" ]; then

          echo "Max attempts reached, exiting the loop."

          exit 1

        fi

      done

    - kubectl get pods --all-namespaces

    # Always delete Kubernetes namespaces

    - export K8S_NAMESPACES=$(kubectl get namespace -o jsonpath='{.items[*].metadata.name}')

    - echo "K8S_NAMESPACES=${K8S_NAMESPACES}"

    - export OLD_NATS_NAMESPACES=$(echo "${K8S_NAMESPACES}" | tr ' ' '\n' | grep -E '^nats')

    - echo "OLD_NATS_NAMESPACES=${OLD_NATS_NAMESPACES}"

    - >

      for ns in ${OLD_NATS_NAMESPACES}; do

        if [[ "$ns" == nats* ]]; then

          if helm3 status "$ns" &>/dev/null; then

            helm3 uninstall "$ns" -n "$ns"

          else

            echo "Release '$ns' not found, skipping..."

          fi

        fi

      done

    - export OLD_NAMESPACES=$(echo "${K8S_NAMESPACES}" | tr ' ' '\n' | grep -E '^(tfs|crdb|qdb|kafka|nats)')

    - echo "OLD_NAMESPACES=${OLD_NAMESPACES}"

    - kubectl delete namespace ${OLD_NAMESPACES} || true

    # Clean-up Kubernetes Failed pods

    - >

      kubectl get pods --all-namespaces --no-headers --field-selector=status.phase=Failed

      -o custom-columns=NAMESPACE:.metadata.namespace,NAME:.metadata.name |

      xargs --no-run-if-empty --max-args=2 kubectl delete pod --namespace

    # Login Docker repository

    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY

  script:

    # Download Docker image to run the test

    - docker pull "${CI_REGISTRY_IMAGE}/${TEST_NAME}:latest"

    # Check MicroK8s is ready

    - microk8s status --wait-ready

    - LOOP_MAX_ATTEMPTS=10

    - LOOP_COUNTER=0

    - >

      while ! kubectl get pods --all-namespaces &> /dev/null; do

        printf "%c" "."

        sleep 1

        LOOP_COUNTER=$((LOOP_COUNTER + 1))

        if [ "$LOOP_COUNTER" -ge "$LOOP_MAX_ATTEMPTS" ]; then

          echo "Max attempts reached, exiting the loop."

          exit 1

        fi

      done

    - kubectl get pods --all-namespaces

    # Deploy ContainerLab Scenario

    - RUNNER_PATH=`pwd`

    #- cd $PWD/src/tests/${TEST_NAME}

    - mkdir -p /tmp/clab/${TEST_NAME}

    - cp -R src/tests/${TEST_NAME}/clab/* /tmp/clab/${TEST_NAME}

    - tree -la /tmp/clab/${TEST_NAME}

    - cd /tmp/clab/${TEST_NAME}

    - containerlab deploy --reconfigure --topo acl_end2end.clab.yml

    - cd $RUNNER_PATH

    # Wait for initialization of Device NOSes

    - sleep 3

    - docker ps -a

    # Dump configuration of the routers (before any configuration)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Configure TeraFlowSDN deployment

    # Uncomment if DEBUG log level is needed for the components

    #- yq -i '((select(.kind=="Deployment").spec.template.spec.containers.[] | select(.name=="server").env.[]) | select(.name=="LOG_LEVEL").value) |= "DEBUG"' manifests/contextservice.yaml

    #- yq -i '((select(.kind=="Deployment").spec.template.spec.containers.[] | select(.name=="server").env.[]) | select(.name=="LOG_LEVEL").value) |= "DEBUG"' manifests/deviceservice.yaml

    #- yq -i '((select(.kind=="Deployment").spec.template.spec.containers.[] | select(.name=="frontend").env.[]) | select(.name=="LOG_LEVEL").value) |= "DEBUG"' manifests/pathcompservice.yaml

    #- yq -i '((select(.kind=="Deployment").spec.template.spec.containers.[] | select(.name=="server").env.[]) | select(.name=="LOG_LEVEL").value) |= "DEBUG"' manifests/serviceservice.yaml

    #- yq -i '((select(.kind=="Deployment").spec.template.spec.containers.[] | select(.name=="server").env.[]) | select(.name=="LOG_LEVEL").value) |= "DEBUG"' manifests/nbiservice.yaml

    - source src/tests/${TEST_NAME}/deploy_specs.sh

    #- export TFS_REGISTRY_IMAGES="${CI_REGISTRY_IMAGE}"

    #- export TFS_SKIP_BUILD="YES"

    #- export TFS_IMAGE_TAG="latest"

    #- echo "TFS_REGISTRY_IMAGES=${CI_REGISTRY_IMAGE}"

    # Deploy TeraFlowSDN

    - ./deploy/crdb.sh

    - ./deploy/nats.sh

    - ./deploy/kafka.sh

    #- ./deploy/qdb.sh

    - ./deploy/tfs.sh

    - ./deploy/show.sh

    ## Wait for Context to be subscribed to NATS

    ## WARNING: this loop is infinite if there is no subscriber (such as monitoring).

    ##          Investigate if we can use a counter to limit the number of iterations.

    ##          For now, keep it commented out.

    #- LOOP_MAX_ATTEMPTS=180

    #- LOOP_COUNTER=0

    #- >

    #  while ! kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/contextservice -c server 2>&1 | grep -q 'Subscriber is Ready? True'; do

    #    echo "Attempt: $LOOP_COUNTER"

    #    kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/contextservice -c server 2>&1;

    #    sleep 1;

    #    LOOP_COUNTER=$((LOOP_COUNTER + 1))

    #    if [ "$LOOP_COUNTER" -ge "$LOOP_MAX_ATTEMPTS" ]; then

    #      echo "Max attempts reached, exiting the loop."

    #      break

    #    fi

    #  done

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/contextservice -c server

    # Run end-to-end test: onboard scenario

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host 

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-onboarding.sh

    # Run end-to-end test: configure service TFS

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host 

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-service-tfs-create.sh

    # Dump configuration of the routers (after configure TFS service)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Run end-to-end test: test connectivity with ping

    - export TEST1_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.1.10' --format json)

    - echo $TEST1_10

    - echo $TEST1_10 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST1_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.1.1' --format json)

    - echo $TEST1_1

    - echo $TEST1_1 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST2_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.2.1' --format json)

    - echo $TEST2_1

    - echo $TEST2_1 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST2_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.2.10' --format json)

    - echo $TEST2_10

    - echo $TEST2_10 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST3_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.3.1' --format json)

    - echo $TEST3_1

    - echo $TEST3_1 | grep -E '3 packets transmitted, 0 received, 100\% packet loss'

    - export TEST3_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.3.10' --format json)

    - echo $TEST3_10

    - echo $TEST3_10 | grep -E '3 packets transmitted, 0 received, 100\% packet loss'

    # Run end-to-end test: deconfigure service TFS

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host 

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-service-tfs-remove.sh

    # Dump configuration of the routers (after deconfigure TFS service)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Run end-to-end test: configure service IETF

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-service-ietf-create.sh

    # Dump configuration of the routers (after configure IETF service)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Run end-to-end test: test connectivity with ping

    - export TEST1_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.1.10' --format json)

    - echo $TEST1_10

    - echo $TEST1_10 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST1_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.1.1' --format json)

    - echo $TEST1_1

    - echo $TEST1_1 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST2_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.2.1' --format json)

    - echo $TEST2_1

    - echo $TEST2_1 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST2_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.2.10' --format json)

    - echo $TEST2_10

    - echo $TEST2_10 | grep -E '3 packets transmitted, 3 received, 0\% packet loss'

    - export TEST3_1=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.3.1' --format json)

    - echo $TEST3_1

    - echo $TEST3_1 | grep -E '3 packets transmitted, 0 received, 100\% packet loss'

    - export TEST3_10=$(containerlab exec --name acl_end2end --label clab-node-name=dc1 --cmd 'ping -n -c3 172.16.3.10' --format json)

    - echo $TEST3_10

    - echo $TEST3_10 | grep -E '3 packets transmitted, 0 received, 100\% packet loss'

    # Run end-to-end test: deconfigure service IETF

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host 

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-service-ietf-remove.sh

    # Dump configuration of the routers (after deconfigure IETF service)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Run end-to-end test: cleanup scenario

    - >

      docker run -t --rm --name ${TEST_NAME} --network=host 

      --volume "$PWD/tfs_runtime_env_vars.sh:/var/teraflow/tfs_runtime_env_vars.sh"

      --volume "$PWD/src/tests/${TEST_NAME}:/opt/results"

      $CI_REGISTRY_IMAGE/${TEST_NAME}:latest /var/teraflow/run-cleanup.sh

  after_script:

    # Dump configuration of the routers (on after_script)

    - containerlab exec --name acl_end2end --label clab-node-name=r1 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r2 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    - containerlab exec --name acl_end2end --label clab-node-name=r3 --cmd "Cli --command \"enable"$'\n'$"show running-config\""

    # Dump TeraFlowSDN component logs

    - source src/tests/${TEST_NAME}/deploy_specs.sh

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/contextservice -c server

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/deviceservice -c server

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/pathcompservice -c frontend

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/serviceservice -c server

    - kubectl --namespace $TFS_K8S_NAMESPACE logs deployment/nbiservice -c server

    # Clean up

    - RUNNER_PATH=`pwd`

    #- cd $PWD/src/tests/${TEST_NAME}

    - cd /tmp/clab/${TEST_NAME}

    - containerlab destroy --topo acl_end2end.clab.yml --cleanup || true

    - sudo rm -rf clab-acl_end2end/ .acl_end2end.clab.yml.bak || true

    - cd $RUNNER_PATH

    - kubectl delete namespaces tfs || true

    - docker ps --all --quiet | xargs --no-run-if-empty docker stop

    - docker container prune --force

    - docker ps --all --quiet | xargs --no-run-if-empty docker rm --force

    - docker network prune --force

    - docker volume prune --all --force

    - docker image prune --force

  #coverage: '/TOTAL\s+\d+\s+\d+\s+(\d+%)/'

  rules:

    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH)'

    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "develop"'

  artifacts:

      when: always

      reports:

        junit: ./src/tests/${TEST_NAME}/report_*.xml

# Copyright 2022-2025 ETSI SDG TeraFlowSDN (TFS) (https://tfs.etsi.org/)

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#      http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

FROM python:3.9-slim

# Install dependencies

RUN apt-get --yes --quiet --quiet update && \

    apt-get --yes --quiet --quiet install wget g++ git && \

    rm -rf /var/lib/apt/lists/*

# Set Python to show logs as they occur

ENV PYTHONUNBUFFERED=0

# Get generic Python packages

RUN python3 -m pip install --upgrade 'pip==25.2'

RUN python3 -m pip install --upgrade 'setuptools==79.0.0' 'wheel==0.45.1'

RUN python3 -m pip install --upgrade 'pip-tools==7.3.0'

# Get common Python packages

# Note: this step enables sharing the previous Docker build steps among all the Python components

WORKDIR /var/teraflow

COPY common_requirements.in common_requirements.in

RUN pip-compile --quiet --output-file=common_requirements.txt common_requirements.in

RUN python3 -m pip install -r common_requirements.txt

# Add common files into working directory

WORKDIR /var/teraflow/common

COPY src/common/. ./

RUN rm -rf proto

# Create proto sub-folder, copy .proto files, and generate Python code

RUN mkdir -p /var/teraflow/common/proto

WORKDIR /var/teraflow/common/proto

RUN touch __init__.py

COPY proto/*.proto ./

RUN python3 -m grpc_tools.protoc -I=. --python_out=. --grpc_python_out=. *.proto

RUN rm *.proto

RUN find . -type f -exec sed -i -E 's/^(import\ .*)_pb2/from . \1_pb2/g' {} \;

# Create component sub-folders, get specific Python packages

RUN mkdir -p /var/teraflow/tests/acl_end2end

WORKDIR /var/teraflow/tests/acl_end2end

COPY src/tests/acl_end2end/requirements.in requirements.in

RUN pip-compile --quiet --output-file=requirements.txt requirements.in

RUN python3 -m pip install -r requirements.txt

# Add component files into working directory

WORKDIR /var/teraflow

COPY src/__init__.py ./__init__.py

COPY src/common/*.py ./common/

COPY src/common/tests/. ./common/tests/

COPY src/common/tools/. ./common/tools/

COPY src/context/__init__.py context/__init__.py

COPY src/context/client/. context/client/

COPY src/device/__init__.py device/__init__.py

COPY src/device/client/. device/client/

COPY src/monitoring/__init__.py monitoring/__init__.py

COPY src/monitoring/client/. monitoring/client/

COPY src/service/__init__.py service/__init__.py

COPY src/service/client/. service/client/

COPY src/slice/__init__.py slice/__init__.py

COPY src/slice/client/. slice/client/

COPY src/vnt_manager/__init__.py vnt_manager/__init__.py

COPY src/vnt_manager/client/. vnt_manager/client/

COPY src/tests/*.py ./tests/

COPY src/tests/acl_end2end/__init__.py ./tests/acl_end2end/__init__.py

COPY src/tests/acl_end2end/data/. ./tests/acl_end2end/data/

COPY src/tests/acl_end2end/tests/. ./tests/acl_end2end/tests/

COPY src/tests/acl_end2end/scripts/. ./

RUN apt-get --yes --quiet --quiet update && \

    apt-get --yes --quiet --quiet install tree && \

    rm -rf /var/lib/apt/lists/*

RUN tree -la /var/teraflow

# DataPlane-in-a-Box - Control an Emulated DataPlane through TeraFlowSDN

## Emulated DataPlane Deployment

- ContainerLab

- Scenario

- Descriptor

## TeraFlowSDN Deployment

```bash

cd ~/tfs-ctrl

source ~/tfs-ctrl/src/tests/acl_end2end/deploy_specs.sh

./deploy/all.sh

```

# ContainerLab - Arista cEOS - Commands

## Download and install ContainerLab

```bash

sudo bash -c "$(curl -sL https://get.containerlab.dev)" -- -v 0.59.0

```

## Download Arista cEOS image and create Docker image

```bash

cd ~/tfs-ctrl/src/tests/acl_end2end/

docker import arista/cEOS64-lab-4.32.2F.tar ceos:4.32.2F

```

## Deploy scenario

```bash

cd ~/tfs-ctrl/src/tests/acl_end2end/

sudo containerlab deploy --topo acl_end2end.clab.yml

```

## Inspect scenario

```bash

cd ~/tfs-ctrl/src/tests/acl_end2end/

sudo containerlab inspect --topo acl_end2end.clab.yml

```

## Destroy scenario

```bash

cd ~/tfs-ctrl/src/tests/acl_end2end/

sudo containerlab destroy --topo acl_end2end.clab.yml

sudo rm -rf clab-acl_end2end/ .acl_end2end.clab.yml.bak

```

## Access cEOS Bash/CLI

```bash

docker exec -it clab-acl_end2end-r1 bash

docker exec -it clab-acl_end2end-r2 bash

docker exec -it clab-acl_end2end-r3 bash

docker exec -it clab-acl_end2end-r1 Cli

docker exec -it clab-acl_end2end-r2 Cli

docker exec -it clab-acl_end2end-r3 Cli

```

## Configure ContainerLab clients

```bash

docker exec -it clab-acl_end2end-dc1 bash

    ip address add 172.16.1.10/24 dev eth1

    ip route add 172.16.2.0/24 via 172.16.1.1

    ping 172.16.2.10

docker exec -it clab-acl_end2end-dc2 bash

    ip address add 172.16.2.10/24 dev eth1

    ip route add 172.16.1.0/24 via 172.16.2.1

    ping 172.16.1.10

```

## Install gNMIc

```bash

sudo bash -c "$(curl -sL https://get-gnmic.kmrd.dev)"

```

## gNMI Capabilities request

```bash

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure capabilities

```

## gNMI Get request

```bash

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf get --path / > r1.json

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf get --path /interfaces/interface > r1-ifaces.json

```

## gNMI Set request

```bash

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf set --update-path /system/config/hostname --update-value srl11

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf get --path /system/config/hostname

```

## Subscribe request

```bash

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf subscribe --path /interfaces/interface[name=Management0]/state/

# In another terminal, you can generate traffic opening SSH connection

ssh admin@clab-acl_end2end-r1

```

# Check configurations done:

```bash

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf get --path '/network-instances' > r1-nis.json

gnmic --address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf get --path '/interfaces' > r1-ifs.json

```

# Delete elements:

```bash

--address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf set --delete '/network-instances/network-instance[name=b19229e8]'

--address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf set --delete '/interfaces/interface[name=ethernet-1/1]/subinterfaces/subinterface[index=0]'

--address clab-acl_end2end-r1 --port 6030 --username admin --password admin --insecure --encoding json_ietf set --delete '/interfaces/interface[name=ethernet-1/2]/subinterfaces/subinterface[index=0]'

```