tenus - Go package for Linux networking DevOps Exchange London, #DOXLON 26th June, 2014 

About me… • Ex-Rackspace, couple of startups in and outside of UK • Currently freelancing • Twitter: @milosgajdos • Linkedin: http://uk.linkedin.com/in/milosgajdos • Professional (technology) ranter or just another Ops guy • Programming language tourist, currently loving Go 

How and why docknet • Started as a personal interest in Linux container networking
 (http://containerops.org/2013/11/19/lxc-networking/) • At the moment, Docker does not offer advanced networking functionality available in LXC/OpenVZ • There does not seem to exist any properly functional Go library which would allow you to configure Linux networking programatically without shelling out 

Application delivery DOCKERIZE ALL THE THINGS! 

Infrastructure delivery • Network is an essential part of IT infrastructure • Well designed network offers better scalability, security, easier management etc. • Legacy network setups and various esoteric or financial requirements leave us deal with …. 

Insane network infrastructures o_O 

Netlink & RTNetlink • Netlink is a datagram-oriented messaging system in Linux for user-space applications to communicate with Linux kernel • mostly used by networking tools (iproute2), but there is some use of it in other non-networking kernel subsystems • RtNetlink is a library used for configuring and managing networking devices, routing, neighbouring etc. 

Go netlink • Found 2 Go implementations: 1. github.com/abneptis/GoNetlink • does not seem to be actively developed any more - last commit about 4 years ago • couldn’t compile it with latest Go compiler 2. github.com/docker/libcontainer/ (netlink package) • used by Docker \o/ • more idiomatic, still work in progress • seems broken - NEEDS FIXING 

Fixing Docker netlink package 

tenus (https://github.com/milosgajdos83/tenus) • general network managing and configuration library for Linux OS - not just containers! • uses properly functioning netlink package which offers more functionality than libcontainer’s one (VLANs, MAC VLANs etc.) • no syscalls in netlink package any more - syscalls are NOT netlink ! • allows for advanced networking configuration of your containers (not necessarily Docker based): VLANs, MAC VLANs, multiple network interfaces etc. • Still MASSIVELY WORK IN PROGRESS • Read more about it here: http://containerops.org/2014/07/30/tenus-golang-powered-linux-networking/ 

tenus examples • Add an extra veth interface into Docker from the host machine: https://gist.github.com/milosgajdos83/7cc9028a962fb5635ada • Add a MAC VLAN interfaces into Docker from the host machine: https://gist.github.com/milosgajdos83/296fb90d076f259a5b0a • Add a VLAN interfaces into Docker from the host machine: https://gist.github.com/milosgajdos83/9f68b1818dca886e9ae8 

TIME FOR LIVE DEMO! 

I AM HIRING …… 

Links • http://www.ietf.org/rfc/rfc3549.txt • http://www.linuxjournal.com/article/8498 • http://man7.org/linux/man-pages/man7/netlink.7.html • http://man7.org/linux/man-pages/man3/netlink.3.html • https://github.com/torvalds/linux/blob/master/net/core/rtnetlink.c • https://github.com/torvalds/linux/blob/master/include/linux/rtnetlink.h • https://github.com/docker/libcontainer/blob/master/netlink/ netlink_linux.go