-
Notifications
You must be signed in to change notification settings - Fork 4
/
anysec.yml
executable file
·150 lines (132 loc) · 5.25 KB
/
anysec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: anysec
prefix: ""
mgmt:
network: anysec
ipv4-subnet: 172.10.10.0/24
topology:
kinds:
vr-sros:
image: registry.srlinux.dev/pub/vr-sros:24.3.R1
license: /opt/nokia/sros/r24_license.key
linux:
image: ghcr.io/hellt/network-multitool
nodes:
### CORE ###
r1:
kind: vr-sros
mgmt-ipv4: 172.10.10.11
type: >-
cp: cpu=2 ram=4 chassis=sr-1x-92s slot=A card=cpm-1x/i80-200g-sfpdd+12-800g-qsfpdd-1x ___
lc: cpu=2 ram=4 max_nics=10 chassis=sr-1x-92s slot=1 card=i80-200g-sfpdd+12-800g-qsfpdd-1x mda/1=m80-200g-sfpdd+12-800g-qsfpdd-1x
startup-config: configs/core/r1.partial.cfg
r2:
kind: vr-sros
mgmt-ipv4: 172.10.10.12
type: >-
cp: cpu=4 ram=6 chassis=SR-1se slot=A card=cpm-1se ___
lc: cpu=4 ram=6 max_nics=10 chassis=SR-1se slot=1 card=imm36-800g-qsfpdd mda/1=ms36-800g-qsfpdd
startup-config: configs/core/r2.partial.cfg
r3:
kind: vr-sros
mgmt-ipv4: 172.10.10.13
type: >-
cp: cpu=2 min_ram=4 chassis=sr-2se slot=A sfm=sfm-2se card=cpm-2se ___
lc: cpu=4 min_ram=8 max_nics=10 chassis=sr-2se slot=1 sfm=sfm-2se card=xcm-2se mda/1=x2-s36-800g-qsfpdd-18.0t
startup-config: configs/core/r3.partial.cfg
r4:
kind: vr-sros
mgmt-ipv4: 172.10.10.14
type: >-
cp: cpu=4 ram=6 chassis=sr-7s slot=A sfm=sfm2-s card=cpm2-s ___
lc: cpu=4 ram=8 max_nics=10 chassis=sr-7s slot=1 sfm=sfm2-s card=xcm2-7s mda/1=x2-s36-800g-qsfpdd-18.0t
startup-config: configs/core/r4.partial.cfg
### CLIENTS ###
client1:
kind: linux
mgmt-ipv4: 172.10.10.31
binds:
- configs/clients/client1:/config
exec:
- bash /config/eth1.sh
- ip address add 172.17.0.1/24 dev eth1
- ip -6 address add 2002::172:17:0:1/96 dev eth1
group: server
client2:
kind: linux
mgmt-ipv4: 172.10.10.32
binds:
- configs/clients/client2:/config
exec:
- bash /config/eth1.sh
- ip address add 172.17.0.2/24 dev eth1
- ip -6 address add 2002::172:17:0:2/96 dev eth1
group: server
### TELEMETRY STACK ###
gnmic:
kind: linux
mgmt-ipv4: 172.10.10.21
image: ghcr.io/openconfig/gnmic:0.29.0
binds:
- configs/gnmic/gnmic-config.yml:/gnmic-config.yml:ro
cmd: --config /gnmic-config.yml --log subscribe
group: "10" # group 10 is assigned to the nodes of a telemetry stack
prometheus:
kind: linux
mgmt-ipv4: 172.10.10.22
image: prom/prometheus:v2.35.0
binds:
- configs/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
cmd: --config.file=/etc/prometheus/prometheus.yml
ports:
- 9090:9090
group: "10"
grafana:
kind: linux
mgmt-ipv4: 172.10.10.23
image: grafana/grafana:9.5.2
binds:
- configs/grafana/datasource.yml:/etc/grafana/provisioning/datasources/datasource.yaml:ro
- configs/grafana/dashboards.yml:/etc/grafana/provisioning/dashboards/dashboards.yaml:ro
- configs/grafana/dashboards:/var/lib/grafana/dashboards
ports:
- 3000:3000
env:
GF_INSTALL_PLUGINS: https://algenty.github.io/flowcharting-repository/archives/agenty-flowcharting-panel-1.0.0d.220606199-SNAPSHOT.zip;agenty-flowcharting-panel,https://github.com/cloudspout/cloudspout-button-panel/releases/download/7.0.23/cloudspout-button-panel.zip;cloudspout-button-panel
GF_ORG_ROLE: "Editor"
GF_ORG_NAME: "Main Org."
GF_AUTH_ANONYMOUS_ENABLED: "true"
GF_AUTH_ANONYMOUS: "true"
group: "10"
### Automation STACK ###
xampp:
kind: linux
mgmt-ipv4: 172.10.10.24
image: tomsik68/xampp:latest
binds:
- scripts/disable_anysec.php:/opt/lampp/htdocs/disable_anysec.php:rw
- scripts/disable_port.php:/opt/lampp/htdocs/disable_port.php:rw
- scripts/enable_anysec.php:/opt/lampp/htdocs/enable_anysec.php:rw
- scripts/enable_port.php:/opt/lampp/htdocs/enable_port.php:rw
- scripts/test2_disable_anysec_peer.gnmic:/opt/lampp/htdocs/test2_disable_anysec_peer.gnmic:rw
- scripts/test1_disable_port.gnmic:/opt/lampp/htdocs/test1_disable_port.gnmic:rw
- scripts/test2_enable_anysec_peer.gnmic:/opt/lampp/htdocs/test2_enable_anysec_peer.gnmic:rw
- scripts/test1_enable_port.gnmic:/opt/lampp/htdocs/test1_enable_port.gnmic:rw
#- scripts/:/opt/lampp/htdocs/:rw
- configs/xampp/install_gnmic.sh:/tmp/install_gnmic.sh:rw
- configs/xampp/anysec/:/opt/lampp/htdocs/:rw
exec:
- echo "NGINX gnmpic install"
- /bin/bash /tmp/install_gnmic.sh &
ports:
- 9080:80
links:
- endpoints: ["r1:eth1", "r2:eth1"]
- endpoints: ["r2:eth2", "r3:eth2"]
- endpoints: ["r3:eth3", "r4:eth3"]
- endpoints: ["r1:eth4", "r4:eth4"]
- endpoints: ["r1:eth8", "r1:eth9"]
- endpoints: ["r2:eth8", "r2:eth9"]
- endpoints: ["r3:eth8", "r3:eth9"]
- endpoints: ["r4:eth8", "r4:eth9"]
- endpoints: ["client1:eth1", "r1:eth3"]
- endpoints: ["client2:eth1", "r2:eth3"]