mininet: init at 2.3.0d4 #41261

teto · 2018-05-30T15:05:30Z

Mininet (https://github.com/mininet/mininet) is a popular network emulator that
glues several components such as network namespaces, traffic control
commands into a set of python bindings. It is then "easy" to describe a
topology and run experiments on it.

To test it, you should rebuild with programs.mininet.enable = true;
Then you can run
nix-shell -p 'python.withPackages(ps: [ps.mininet-python])' --verbose and launch your own scripts or just sudo mn

Motivation for this change

I use it for experimentation

Things done

The current Makefile is very limiting so I submitted this PR mininet/mininet#803 but there is only one maintainer so it might take time for the patch to get in so I embedded it in nixpkgs.

Mininet can work with several openflow controllers. I have written nix packages for https://github.com/CPqD/ofsoftswitch13 (and its netbee dependency) but it didn't work so I fell back on openvswitch.

Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
Built on platform(s)
- NixOS
- macOS
- other Linux distributions
Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
Tested execution of all binary files (usually in ./result/bin/)
Fits CONTRIBUTING.md.

GrahamcOfBorg · 2018-05-30T15:18:21Z

Success on x86_64-linux (full log)

Attempted: mininet

Partial log (click to expand)

gzipping man pages under /nix/store/l8bgjpic0alb6v514ahq37wa07ywacdd-mininet-2.2.2/share/man/
strip is /nix/store/92d2ifxcni4n3zx9s8wnkcjlvnx5ajlc-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/l8bgjpic0alb6v514ahq37wa07ywacdd-mininet-2.2.2/bin
patching script interpreter paths in /nix/store/l8bgjpic0alb6v514ahq37wa07ywacdd-mininet-2.2.2
checking for references to /build in /nix/store/l8bgjpic0alb6v514ahq37wa07ywacdd-mininet-2.2.2...
shrinking RPATHs of ELF executables and libraries in /nix/store/1id8gxz8rjhn9gglbl16b2z9xw7y5axm-mininet-2.2.2-py
strip is /nix/store/92d2ifxcni4n3zx9s8wnkcjlvnx5ajlc-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/1id8gxz8rjhn9gglbl16b2z9xw7y5axm-mininet-2.2.2-py/lib  /nix/store/1id8gxz8rjhn9gglbl16b2z9xw7y5axm-mininet-2.2.2-py/bin
patching script interpreter paths in /nix/store/1id8gxz8rjhn9gglbl16b2z9xw7y5axm-mininet-2.2.2-py
checking for references to /build in /nix/store/1id8gxz8rjhn9gglbl16b2z9xw7y5axm-mininet-2.2.2-py...

GrahamcOfBorg · 2018-05-30T15:19:45Z

Success on aarch64-linux (full log)

Attempted: mininet

Partial log (click to expand)

strip is /nix/store/8yfik687kfccisxnad42j19lfb7ij9b4-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/4h7irshnf59mlaakk5bqn6966zcq84q8-mininet-2.2.2/bin
patching script interpreter paths in /nix/store/4h7irshnf59mlaakk5bqn6966zcq84q8-mininet-2.2.2
checking for references to /build in /nix/store/4h7irshnf59mlaakk5bqn6966zcq84q8-mininet-2.2.2...
shrinking RPATHs of ELF executables and libraries in /nix/store/ajv98qg1hn2sdil2isllqlaaj8c5iin3-mininet-2.2.2-py
strip is /nix/store/8yfik687kfccisxnad42j19lfb7ij9b4-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/ajv98qg1hn2sdil2isllqlaaj8c5iin3-mininet-2.2.2-py/lib  /nix/store/ajv98qg1hn2sdil2isllqlaaj8c5iin3-mininet-2.2.2-py/bin
patching script interpreter paths in /nix/store/ajv98qg1hn2sdil2isllqlaaj8c5iin3-mininet-2.2.2-py
checking for references to /build in /nix/store/ajv98qg1hn2sdil2isllqlaaj8c5iin3-mininet-2.2.2-py...
/nix/store/4h7irshnf59mlaakk5bqn6966zcq84q8-mininet-2.2.2

nlewo · 2018-05-31T05:15:06Z

nixos/modules/programs/mininet.nix

+
+    virtualisation.vswitch.enable = true;
+
+    environment.systemPackages = with pkgs; [


Would it be possible to add them in the PATH of a wrapper script instead?

I wonder. I could write a wrapper for the official "mn" script but what about user scripts ? users would need to add these tools (iperf & co) themselves to PATH. People using mininet are likely to either use it in a VM or playing with iperf either way.

Didn't they first attach to network namespaces with a certain command, then the PATH would be inherited in this environment, no? It has been a while since I used it.

Here is where they mount the network namespace https://github.com/teto/mininet/blob/9a069563e1f4fb5b544249a05fe5557416183827/mnexec.c#L129, I am not sure how PATH behave wit namespaces. Commands are run by this same mnexec binary so I believe wrapping it should work. Will try this evening.

nlewo · 2018-05-31T05:15:50Z

pkgs/tools/virtualization/mininet/default.nix

+    sha256 = "18w9vfszhnx4j3b8dd1rvrg8xnfk6rgh066hfpzspzqngd5qzakg";
+  };
+
+  patches = [ ./test.patch ];


Why the patch is called test?

It mostly changes the makefile so makefile.patch ?

pkgs/tools/virtualization/mininet/default.nix

nlewo · 2018-05-31T05:24:00Z

nixos/modules/programs/mininet.nix

+    security.wrappers = {
+      mnexec.source = "${pkgs.mininet}/bin/mnexec";
+      # I still have to run it with sudo
+      # mn.source = "${pyEnv}/bin/mn";


Would it be pertinent to create a systemd unit to run mn?

mn is called by the python bindings when necessary so it is not necessary.

teto · 2018-05-31T09:52:14Z

I use mininet only within a nix-shell but I guess people would expect the mn python binary in path so I've added this to all-packages.nix

  mn = let
      mnApp = with pythonPackages; toPythonApplication mininet-python;
    in  pkgs.runCommand "mnexec-wrapper"
    { buildInputs = [ pkgs.makeWrapper ]; }
    ''
      # This wrapper prevents from polluting PATH
      makeWrapper ${mnApp}/bin/mn \
        $out/bin/mn \
        --prefix PATH : "${pkgs.telnet}/bin/telnet"

    '';

which fails with
Cannot wrap '/nix/store/1n59kgfdc0x8w6xjpr58ymccaflkkz7i-mininet-2.2.2/bin/mn' because it is not an executable file
Shouldn't toPythonApplication chmod +x python scripts in bin or do I misinterpret the error ? I pushed my changes.

GrahamcOfBorg · 2018-05-31T10:03:28Z

Success on x86_64-linux (full log)

Attempted: mininet

Partial log (click to expand)

gzipping man pages under /nix/store/yg781159ia6f3fgaq5m05qm2wklm3jx7-mininet-2.2.2/share/man/
strip is /nix/store/92d2ifxcni4n3zx9s8wnkcjlvnx5ajlc-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/yg781159ia6f3fgaq5m05qm2wklm3jx7-mininet-2.2.2/bin
patching script interpreter paths in /nix/store/yg781159ia6f3fgaq5m05qm2wklm3jx7-mininet-2.2.2
checking for references to /build in /nix/store/yg781159ia6f3fgaq5m05qm2wklm3jx7-mininet-2.2.2...
shrinking RPATHs of ELF executables and libraries in /nix/store/il4s4wm6r13avaxbpdiifjm922gx0nba-mininet-2.2.2-py
strip is /nix/store/92d2ifxcni4n3zx9s8wnkcjlvnx5ajlc-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/il4s4wm6r13avaxbpdiifjm922gx0nba-mininet-2.2.2-py/lib  /nix/store/il4s4wm6r13avaxbpdiifjm922gx0nba-mininet-2.2.2-py/bin
patching script interpreter paths in /nix/store/il4s4wm6r13avaxbpdiifjm922gx0nba-mininet-2.2.2-py
checking for references to /build in /nix/store/il4s4wm6r13avaxbpdiifjm922gx0nba-mininet-2.2.2-py...

GrahamcOfBorg · 2018-05-31T10:03:29Z

Success on aarch64-linux (full log)

Attempted: mininet

Partial log (click to expand)

strip is /nix/store/8yfik687kfccisxnad42j19lfb7ij9b4-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/7mdh28mna9hzx19436bb5x61an7arbjj-mininet-2.2.2/bin
patching script interpreter paths in /nix/store/7mdh28mna9hzx19436bb5x61an7arbjj-mininet-2.2.2
checking for references to /build in /nix/store/7mdh28mna9hzx19436bb5x61an7arbjj-mininet-2.2.2...
shrinking RPATHs of ELF executables and libraries in /nix/store/rcs254080wxzx7x3w9888i8sdzpcpxrp-mininet-2.2.2-py
strip is /nix/store/8yfik687kfccisxnad42j19lfb7ij9b4-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/rcs254080wxzx7x3w9888i8sdzpcpxrp-mininet-2.2.2-py/lib  /nix/store/rcs254080wxzx7x3w9888i8sdzpcpxrp-mininet-2.2.2-py/bin
patching script interpreter paths in /nix/store/rcs254080wxzx7x3w9888i8sdzpcpxrp-mininet-2.2.2-py
checking for references to /build in /nix/store/rcs254080wxzx7x3w9888i8sdzpcpxrp-mininet-2.2.2-py...
/nix/store/7mdh28mna9hzx19436bb5x61an7arbjj-mininet-2.2.2

pkgs/top-level/all-packages.nix

teto · 2018-06-01T05:49:54Z

Cannot wrap '/nix/store/1n59kgfdc0x8w6xjpr58ymccaflkkz7i-mininet-2.2.2/bin/mn' because it is not an executable file was because the file didn't exist. I fixed it.

Nevertheless I found a behavior that doesn't seem normal anymore, like I would expect toPythonApplication to work on a pythonPackage @FRidh :
If you try to build
toto= pythonPackages.toPythonApplication (pythonPackages.libxml2));
it will give out the store path of the original libxml2 package /nix/store/2smihv5941z5wvyiblqs026snkj2wb32-libxml2-2.9.7-bin instead of the path of the pythonPackage /nix/store/lqqg9npvk4w4x89af71gvnb7bazr6xvq-libxml2-2.9.7-py.

nlewo · 2018-06-05T16:53:42Z

@teto Maybe you could find some ideas in this commit nlewo@dbbf532.

I've tryied to use it ( sudo ./result/bin/mn --test pingall) on my laptop but it failed (note i never used it and don't know too much about this).
It would be really nice to provide a test vm. I think this would not be so hard once we have a working mininet package. I could help you on this.

teto · 2018-06-06T02:18:09Z

Thanks for trying, I think I will revert the changes aiming at providing mn as a python application since the toPythonApplication seems buggy in that specific case and I would like this to be merged. mn application can be added afterwards. I will pickup your wrapping of mn.
I don't know much about the tests vms, I use mininet via nixops.

nixos/modules/programs/mininet.nix

Mic92 · 2018-06-06T03:19:08Z

pkgs/top-level/all-packages.nix

+  #     makeWrapper ${mnApp}/bin/mn \
+  #       $out/bin/mn \
+  #       --prefix PATH : "${pkgs.telnet}/bin/telnet"
+  #   '';


Those lines should be removed from all-packages.nix. mn can be wrapped in the package.

Mic92 · 2018-06-06T03:23:05Z

nixos/modules/programs/mininet.nix

+    virtualisation.vswitch.enable = true;
+
+    security.wrappers = {
+      mnexec.source = mnexecWrapped + "/bin/mnexec";


I assume this allows every user to become root on the system.
Is this setuid wrapper really needed? At least it should be limited to a specific group.

teto · 2018-06-14T14:27:03Z

I like to keep the python output separate from the mnexec output but made it mandatory (mininet is useless without it).
The module now also provides the "mn" binary (contrary to previous where you had to nix-shell into mininet-packge).
@nlewo what kind of error did you have ? when the kernel doesn't have the required CONFIG_, errors are difficult to spot. The PR doesn't work here either because of that I think (I will try on my other computer, which has the required kernel). This is one of my motivations for #41393

teto · 2018-07-05T05:37:09Z

while trying on my host, I keep getting this kind of error:

$ sudo mn -vdebug
Starting shell [mnexec -cd env PS1= bash --norc --noediting -is mininet:s1]
shell wth pid [2220]*** s1 : ('unset HISTFILE; stty -echo; set +m',)
sendCmd: unset HISTFILE; stty -echo; set +m
unset HISTFILE; stty -echo; set +m

added intf lo (0) to node s1
*** s1 : ('ifconfig', 'lo', 'up')
sendCmd: ifconfig lo up
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Bcast:0.0.0.0  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:131 errors:0 dropped:0 overruns:0 frame:0
          TX packets:131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9780  TX bytes:9780

In this case mininet command is said to fail because ifconfig lo up returns some output.
If I type in my term "ifconfig lo up" then I don't have any output. I wonder if it can be due to some nixos oddity (like the security wrapper).

EDIT: and also mininet works within a VM, it's just on my host that for some reason it can't run ifconfig lo up successfully

teto · 2018-07-13T05:36:55Z

I finally solved all problems, just waiting for mininet/mininet#815 to be merged before pushing a final branch.

teto · 2018-11-08T09:50:29Z

I bumped the package that is now compatible with python3 ! While the patch was recgonized as useful it hasn't been merged yet so I say let's merge this and I will keep pushing for it to be merged (basically mininet assumes debian's which behavior which is different from gnu which's behavior).

flokli · 2018-11-08T18:42:35Z

@teto did I miss something, or should the mn binary not be part of the packages $out?

/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/bin
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/bin/mnexec
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/share
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/share/man
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/share/man/man1
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/share/man/man1/mn.1.gz
/nix/store/jnb6wc05acxwlacv8fbc92mb8pdgdnil-mininet-2.3.0d4/share/man/man1/mnexec.1.gz

teto · 2018-11-16T08:24:47Z

@flokli you should look into the python output.

nix-build -A pythonPackages.mininet-python ~/nixpkgs


fd . /nix/store/mw4dijv66zmwcg2q634k195pz09l2ldg-mininet-2.3.0d4-py                                                                                                                                                                           
/nix/store/mw4dijv66zmwcg2q634k195pz09l2ldg-mininet-2.3.0d4-py/bin
/nix/store/mw4dijv66zmwcg2q634k195pz09l2ldg-mininet-2.3.0d4-py/bin/mn
/nix/store/mw4dijv66zmwcg2q634k195pz09l2ldg-mininet-2.3.0d4-py/lib

nixos/modules/programs/mininet.nix

Mininet (https://github.com/mininet/mininet) is a popular network emulator that glues several components such as network namespaces, traffic control commands into a set of python bindings. It is then "easy" to describe a topology and run experiments on it.

teto · 2018-11-16T08:41:46Z

Right, I pushed a change removing this description.

Mic92 · 2018-11-16T08:41:00Z

pkgs/tools/virtualization/mininet/default.nix

+
+  doCheck = false;
+
+  buildInputs = [ python.pkgs.wrapPython which help2man pyEnv ];


If you add setuptools as pythonPath, wrapPython should pick it up.
See also https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/rust/fetchcargo.nix#L8

But is setuptools really needed at runtime?
If it is only used at build time, then adding setuptools to buildInputs is all it takes.

the makefile overrides PYTHONPATH which generates an error. In principle it should be needed only during install. I will try to send a patch upstream.

ok, then for the time beeing.

nevermind, the problem was something else. Is it ok now ?

nixos/modules/programs/mininet.nix

Mic92 · 2018-11-16T08:46:20Z

nixos/modules/programs/mininet.nix

+      # mn errors out without a telnet binary
+      # pkgs.telnet brings an undesired ifconfig into PATH see #43105
+      # so we wrap it here instead
+      makeWrapper ${pkgs.telnet}/bin/telnet $out/bin/telnet


ln -s ${pkgs.telnet}/bin/telnet $out/bin/telnet

Why was this marked as resolved?

Did you get a notification on resolution ? I marked it resolved (maybe too soon) because I fixed it locally.

teto · 2018-11-21T08:50:45Z

@Mic92 does the latest commit address your concern ?

Mic92 · 2018-11-21T23:33:13Z

Thanks!

teto · 2018-11-22T02:45:27Z

wow really good news. thanks for all the comments.

teto requested a review from FRidh as a code owner May 30, 2018 15:05

GrahamcOfBorg added 6.topic: nixos 6.topic: python 8.has: module (update) 8.has: package (new) 10.rebuild-darwin: 0 10.rebuild-linux: 1-10 labels May 30, 2018

nlewo reviewed May 31, 2018

View reviewed changes

FRidh reviewed May 31, 2018

View reviewed changes

pkgs/top-level/all-packages.nix Outdated Show resolved Hide resolved

Mic92 reviewed Jun 6, 2018

View reviewed changes

nixos/modules/programs/mininet.nix Show resolved Hide resolved

Mic92 reviewed Jun 6, 2018

View reviewed changes

xeji added the 2.status: work-in-progress label Jun 13, 2018

teto force-pushed the mininet branch from c8b84f6 to 16148ed Compare June 14, 2018 14:22

teto force-pushed the mininet branch from 16148ed to 4fec2d3 Compare June 28, 2018 07:41

teto force-pushed the mininet branch 2 times, most recently from 0804ed5 to 72a6a8c Compare July 6, 2018 10:46

teto force-pushed the mininet branch from 72a6a8c to 52a3269 Compare September 13, 2018 05:31

teto mentioned this pull request Oct 18, 2018

package: mininet #39846

Closed

teto force-pushed the mininet branch 2 times, most recently from 9077594 to 44184e7 Compare November 8, 2018 09:33

teto force-pushed the mininet branch from 44184e7 to 4a38f21 Compare November 8, 2018 09:52

Mic92 reviewed Nov 16, 2018

View reviewed changes

nixos/modules/programs/mininet.nix Outdated Show resolved Hide resolved

mininet: init at 2.3.0d4

cbddb07

Mininet (https://github.com/mininet/mininet) is a popular network emulator that glues several components such as network namespaces, traffic control commands into a set of python bindings. It is then "easy" to describe a topology and run experiments on it.

teto force-pushed the mininet branch from 4a38f21 to cbddb07 Compare November 16, 2018 08:40

teto requested a review from infinisil as a code owner November 16, 2018 08:40

Mic92 reviewed Nov 16, 2018

View reviewed changes

nixos/modules/programs/mininet.nix Outdated Show resolved Hide resolved

Mic92 reviewed Nov 16, 2018

View reviewed changes

teto changed the title ~~mininet: init at 2.2.2~~ mininet: init at 2.3.0d4 Nov 16, 2018

addressing reviews

612551e

Mic92 merged commit 35f74c3 into NixOS:master Nov 21, 2018

teto deleted the mininet branch November 22, 2018 02:45


		virtualisation.vswitch.enable = true;

		environment.systemPackages = with pkgs; [


		doCheck = false;

		buildInputs = [ python.pkgs.wrapPython which help2man pyEnv ];

mininet: init at 2.3.0d4 #41261

mininet: init at 2.3.0d4 #41261

Conversation

teto commented May 30, 2018

Motivation for this change

Things done

GrahamcOfBorg commented May 30, 2018

GrahamcOfBorg commented May 30, 2018

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Mic92 May 31, 2018 • edited

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

teto commented May 31, 2018

GrahamcOfBorg commented May 31, 2018

GrahamcOfBorg commented May 31, 2018

teto commented Jun 1, 2018

nlewo commented Jun 5, 2018

teto commented Jun 6, 2018

Choose a reason for hiding this comment

Choose a reason for hiding this comment

teto commented Jun 14, 2018

teto commented Jul 5, 2018 • edited

teto commented Jul 13, 2018

teto commented Nov 8, 2018

flokli commented Nov 8, 2018

teto commented Nov 16, 2018 • edited

teto commented Nov 16, 2018 via email

Choose a reason for hiding this comment

Choose a reason for hiding this comment

teto Nov 16, 2018 • edited

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

teto commented Nov 21, 2018

Mic92 commented Nov 21, 2018

teto commented Nov 22, 2018

Mic92 May 31, 2018 •

edited

teto commented Jul 5, 2018 •

edited

teto commented Nov 16, 2018 •

edited

teto Nov 16, 2018 •

edited