How-to Deploy Docker Container with DHCP service over Mellanox ONYX on Mellanox Spectrum switches

Version 14

    This post demonstrates how to deploy Docker container with DHCP service over Mellanox ONYX.

    This feature is available starting with Mellanox ONYX version 3.6.4006.

     

    In example below we'll create docker container with DHCP service for VLAN 111.

     

     

    References

     

    Overview

    Docker is a container that is invoked on top of Mellanox ONYX. Applications installed over docker can egress from the management port or the traffic ports (unlike VMs that can egress only from the management ports).

     

     

     

    Configuration

    1. Make sure you run Mellanox ONYX version 3.6.4006 or later.

    switch (config) > show version

    Product name:      Onyx

    Product release:   3.6.8138

    Build ID:          #1-dev

    Build date:        2018-09-25 19:02:28

    Target arch:       x86_64

    Target hw:         x86_64

    Built by:          jenkins@250e834b2e8f

    Version summary:   X86_64 3.6.8138 2018-09-25 19:02:28 x86_64

     

    Product model:     x86onie

    Host ID:           248A078A82BE

    System serial num: MT1646X04069

    System UUID:       f496bfe0-ac26-11e6-8000-248a077db900

     

    Uptime:            1d 18h 24m 19.376s

    CPU load averages: 2.40 / 2.21 / 2.22

    Number of CPUs:    2

    System memory:     2937 MB used / 4859 MB free / 7796 MB total

    Swap:              0 MB used / 0 MB free / 0 MB total

     

    2. Make sure that the switch clock is up-to-date (e.g. using NTP).

    switch (config) # show clock

    Time:       06:29:34

    Date:       2018/10/10

    Time zone:  UTC (Etc/UTC)

    UTC offset: same as UTC

     

    switch (config) # show ntp

    NTP is administratively            : enabled

    NTP Authentication administratively: disabled

     

    Clock is synchronized:

      Reference: 192.114.62.250

      Offset   : -1.829 ms

     

    Active servers and peers:

      10.7.136.5:

        Conf Type          : serv

        Status             : sys.peer(*)

        Stratum            : 4 

        Offset(msec)       : -1.829

        Ref clock          : 192.114.62.250   

        Poll Interval (sec): 1024

        Last Response (sec): 112

        Auth state         : none 

     

    Docker image pull command will not work if the switch's clock is not up-to-date.

    3. Enable docker on the switch

    switch (config) # docker

    switch (config) # docker no shutdown

     

    4. Pull docker image - mellanox/dnsmasq from docker repository

     

    switch  (config) # docker pull mellanox/dnsmasq

     

    Using default tag: latest

    latest: Pulling from mellanox/dnsmasq

    a0e0ef996968: Already exists

    4ff934ab626c: Already exists

    Digest: sha256:8b6795651bc628f95a5baa73592196b3da991b7a7781df45f246dd98678d7425

    Status: Downloaded newer image for mellanox/dnsmasq:latest

     

     

    switch  (config) # show docker images

    -----------------------------------------------------------------------

    Image                        Version      Created            Size     

    -----------------------------------------------------------------------

    mellanox/dnsmasq             latest       9 hours ago        8.6MB

     

    5. Create persistent storage (shared volume) to save DHCP service configuration.

    switch (config) # docker label dhcp

    switch (config) # show docker label

    dhcp:

        configured containers list: none

        active containers list: none

     

    6. Create DHCP service configuration file.

    Here is an example of dnsmasq.conf file as shown below.

    This example configures DHCP service to switch vlan interface 111.

    Also you can specify additional dhcp-options:

    • 3 -  default gateway
    • 6 - dns server

    interface=swid0_eth.111
    dhcp-range=vlan111,10.215.222.1,10.215.222.127,255.255.255.0,60m
    #dhcp-option=vlan111,3,10.215.222.254
    #dhcp-option=vlan111,6,8.8.8.8

    log-queries
    log-dhcp
    dhcp-sequential-ip

    For more configuration options please refer to dnsmasq manpage.

    swid0_eth.111 is the switch VLAN interface for VLAN 111.

    This is the name convention interfaces where swid0_eth.N is a VLAN interface for VLAN N.

     

    7. Copy dnsmasq.conf file to label dhcp (shared volume on switch).

    Please use WinSCP  or similar tools in order to copy dnsmasq.conf to "switch-IP:/var/container_storage/dhcp/" (shared volume on switch which created above).

     

    8. Create vlan 111 with interface IP

    Create a VLAN and specify the switchport as "hybrid" (or trunk) mode:

    switch (config) # vlan 111

    switch (config vlan 111) # exit

    switch (config) # interface ethernet 1/1-1/3 switchport mode hybrid

    switch (config) # interface ethernet 1/1 switchport hybrid allowed-vlan all

    switch (config) # interface ethernet 1/2 switchport hybrid allowed-vlan all

    switch (config) # interface ethernet 1/3 switchport hybrid allowed-vlan all

    switch (config) # interface vlan 111 ip address 10.215.222.254/24

     

    9. Run container on switch with following command:

    docker start mellanox/dnsmasq latest dns-dhcp now-and-data-path-ready label dhcp privileged network

    Docker parameters:

    dns-dhcp - docker name

    now-and-data-path-ready - start the container now and after boot, when data-path is ready to be configured

    label dhcp - label name of shared storage

    privileged network - add network privileges to the container

     

    10. Host connectivity

    Please connect hosts to corresponding ports on switch.

    Setup on hosts interface with vlan 111 in dhcp mode and ENJOY!