ipng/vpp-snmp-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor README.md

Browse Source
This commit is contained in:
Pim van Pelt
2021-09-12 16:31:13 +00:00
parent 5051ab32ce
commit 610d03a14b
2 changed files with 65 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
README.md
View File

@ -3,25 +3,22 @@
This is an SNMP agent that implements the [Agentx](https://datatracker.ietf.org/doc/html/rfc2257) This is an SNMP agent that implements the [Agentx](https://datatracker.ietf.org/doc/html/rfc2257)
protocol. It connects to VPP's `statseg` (statistics memory segment) by MMAPing protocol. It connects to VPP's `statseg` (statistics memory segment) by MMAPing
it, so the user running the agent must have read access to `/run/vpp/stats.sock`. it, so the user running the agent must have read access to `/run/vpp/stats.sock`.
It then connects to SNMP's `agentx` socket, which can be either a TCP socket It also connects to VPP's API endpoint, so the user running the agent must
(by default localhost:705), or a unix domain socket (by default /var/agentx/master) have read/write access to `/run/vpp/api.sock`. Both of these are typically accomplished
the latter being readable only by root. It's preferable to run as unprivileged user by running the agent as group `vpp`.
The agent incorporates [pyagentx](https://github.com/hosthvo/pyagentx) with a few The agent connects to SNMP's `agentx` socket, which can be either a TCP socket
changes, and is released with the BSD 2-clause license. (by default `localhost:705`), or a unix domain socket (by default `/var/agentx/master`)
the latter being readable only by root. It's preferable to run as unprivileged user,
so a TCP socket is preferred (and the default).
## Running The agent incorporates a refactored/modified [pyagentx](https://github.com/hosthvo/pyagentx).
The upstream pyagentx code uses a threadpool and message queue, but it was not very stable.
Often, due to lack of proper locking, updaters would overwrite parts of the MIB and as a
result, any reads that were ongoing would abruptly be truncated. I refactored the code to
be single-threaded, greatly simplifying the design (and eliminating the need for locking).
First, configure the snmpd to accept agentx connections by adding the following To respect the original authors, this code is released with the same BSD 2-clause license.
to `snmpd.conf`:
```
master agentx
agentXSocket tcp:localhost:705,unix:/var/agentx-dataplane/master
```
and restart snmpd to pick up the changes. Simply run `./vpp-snmp-agent.py` and it
will connect to the snmpd on localhost:705, and expose the IFMib by periodically
polling VPP. Observe the console output.
## Building ## Building
@ -45,14 +42,34 @@ optional arguments:
sudo cp dist/vpp-snmp-agent /usr/sbin/ sudo cp dist/vpp-snmp-agent /usr/sbin/
``` ```
## SNMPd config
First, configure the snmpd to accept agentx connections by adding (at least) the following
to `snmpd.conf`:
```
master agentx
agentXSocket tcp:localhost:705,unix:/var/agentx-dataplane/master
```
and restart snmpd to pick up the changes. Simply run `./vpp-snmp-agent.py` and it
will connect to the snmpd on localhost:705, and expose the IFMib by periodically
polling VPP. Observe the console output.
## Running in production ## Running in production
Meant to be run on Ubuntu, copy `vpp-snmp-agent.service`, enable and start: Meant to be run on Ubuntu, copy `*.service`, disable the main snmpd, enable
the one that runs in the dataplane network namespace and start it all up:
``` ```
sudo cp netns-dataplane.service /usr/lib/systemd/system/
sudo cp snmpd-dataplane.service /usr/lib/systemd/system/ sudo cp snmpd-dataplane.service /usr/lib/systemd/system/
sudo cp vpp-snmp-agent.service /usr/lib/systemd/system/ sudo cp vpp-snmp-agent.service /usr/lib/systemd/system/
sudo systemctl daemon-reload sudo systemctl daemon-reload
sudo systemctl stop snmpd
sudo systemctl disable snmpd
sudo systemctl enable netns-dataplane
sudo systemctl start netns-dataplane
sudo systemctl enable snmpd-dataplane sudo systemctl enable snmpd-dataplane
sudo systemctl start snmpd-dataplane sudo systemctl start snmpd-dataplane
sudo systemctl enable vpp-snmp-agent sudo systemctl enable vpp-snmp-agent

31
netns-dataplane.service Normal file
View File

@ -0,0 +1,31 @@
[Unit]
Description=Dataplane network namespace
After=systemd-sysctl.service network-pre.target
Before=network.target network-online.target
[Service]
Type=oneshot
RemainAfterExit=yes
# PrivateNetwork will create network namespace which can be
# used in JoinsNamespaceOf=.
PrivateNetwork=yes
# To set `ip netns` name for this namespace, we create a second namespace
# with required name, unmount it, and then bind our PrivateNetwork
# namespace to it. After this we can use our PrivateNetwork as a named
# namespace in `ip netns` commands.
ExecStartPre=-/usr/bin/echo "Creating dataplane network namespace"
ExecStart=-/usr/sbin/ip netns delete dataplane
ExecStart=-/usr/bin/mkdir -p /etc/netns/dataplane
ExecStart=-/usr/bin/touch /etc/netns/dataplane/resolv.conf
ExecStart=-/usr/sbin/ip netns add dataplane
ExecStart=-/usr/bin/umount /var/run/netns/dataplane
ExecStart=-/usr/bin/mount --bind /proc/self/ns/net /var/run/netns/dataplane
# Apply default sysctl for dataplane namespace
ExecStart=-/usr/sbin/ip netns exec dataplane /usr/lib/systemd/systemd-sysctl
ExecStop=-/usr/sbin/ip netns delete dataplane
[Install]
WantedBy=multi-user.target
WantedBy=network-online.target