ONOS-7932: Create ONOS Dockerfile with ssh service
Rename Dockerfile-onos as Dockerfile-sshd.
Change-Id: I01fae6fcdc092a4a4264639a7e8c27d80c3fad52
diff --git a/tools/dev/docker/Dockerfile-sshd b/tools/dev/docker/Dockerfile-sshd
new file mode 100644
index 0000000..0a9703d
--- /dev/null
+++ b/tools/dev/docker/Dockerfile-sshd
@@ -0,0 +1,89 @@
+FROM ubuntu:18.04
+LABEL maintainer="Eric Tang <qcorba at gmail.com>"
+
+ARG ATOMIX_VERSION
+ENV ENV_ATOMIX_VERSION=${ATOMIX_VERSION:-3.1.5}
+
+RUN apt-get update
+RUN DEBIAN_FRONTEND=noninteractive apt-get -y install \
+ --no-install-recommends \
+ openjdk-11-jre \
+ python-setuptools \
+ python-pip \
+ openssh-server \
+ supervisor \
+ vim-tiny \
+ net-tools \
+ iputils-ping \
+ curl \
+ sudo
+
+RUN set -eux; \
+ groupadd -r sdn; \
+ useradd -m -r -s /bin/bash -g sdn sdn; \
+ echo sdn:sdn | chpasswd; \
+ echo 'sdn ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/sdn
+
+USER sdn
+RUN mkdir /home/sdn/.ssh
+RUN ssh-keygen -t rsa -N "" -f /home/sdn/.ssh/id_rsa
+
+USER root
+COPY --chown=sdn:sdn id_rsa.pub /home/sdn/.ssh/authorized_keys
+RUN chmod 600 /home/sdn/.ssh/authorized_keys
+
+# Configure supervisor
+RUN set -eux; \
+ mv /etc/supervisor/supervisord.conf /etc/supervisor/supervisord-orig.conf; \
+ mkdir -p /var/log/supervisor; \
+ mkdir -p /var/run/sshd; \
+ chmod 700 /var/run/sshd
+COPY supervisord.conf /etc/supervisor/
+COPY supervisord-sshd.conf /etc/supervisor/conf.d/sshd.conf
+COPY supervisord-onos.conf /etc/supervisor/conf.d/onos.conf
+COPY supervisord-atomix.conf /etc/supervisor/conf.d/atomix.conf
+
+# Install ONOS
+COPY onos.tar.gz /tmp/
+RUN set -eux; \
+ mkdir /opt/onos; \
+ tar zxmf /tmp/onos.tar.gz -C /opt/onos --strip-components=1; \
+ ln -s /opt/onos/apache-karaf-* /opt/onos/karaf; \
+ ln -s /opt/onos/karaf/data/log /opt/onos/log; \
+ mkdir /opt/onos/var; \
+ mkdir /opt/onos/config; \
+ # Install the configuration file(s)
+ #cp /opt/onos/init/onos.conf /etc/init/onos.conf; \
+ cp /opt/onos/init/onos.initd /etc/init.d/onos; \
+ cp /opt/onos/init/onos.service /etc/systemd/system/onos.service; \
+ # Set up options for debugging
+ echo 'export ONOS_OPTS=debug' > /opt/onos/options; \
+ # Set up correct user to run onos-service
+ echo 'export ONOS_USER=sdn' >> /opt/onos/options; \
+ # Configure ONOS to log to stdout
+ sed -ibak '/log4j.rootLogger=/s/$/, stdout/' $(ls -d /opt/onos/apache-karaf-*)/etc/org.ops4j.pax.logging.cfg; \
+ chown -R sdn:sdn /opt/onos
+
+# Install Atomix
+RUN set -eux; \
+# curl -o /tmp/atomix.tar.gz -XGET https://oss.sonatype.org/content/repositories/releases/io/atomix/atomix-dist/3.1.5/atomix-dist-3.1.5.tar.gz; \
+ curl -o /tmp/atomix.tar.gz https://repo1.maven.org/maven2/io/atomix/atomix-dist/$ENV_ATOMIX_VERSION/atomix-dist-$ENV_ATOMIX_VERSION.tar.gz; \
+ mkdir /opt/atomix; \
+ tar zxmf /tmp/atomix.tar.gz -C /opt/atomix; \
+ chown -R sdn:sdn /opt/atomix
+
+# Ports
+# 22 - sshd
+# 80 - supervisord
+# 5678 - Atomix REST API
+# 5679 - Atomix intra-cluster communication
+# 6633 - OpenFlow legacy
+# 6640 - OVSDB
+# 6653 - OpenFlow IANA assigned
+# 8101 - ONOS CLI
+# 8181 - ONOS GUI
+# 9876 - ONOS intra-cluster communication
+EXPOSE 22 5678 5679 6633 6640 6653 8101 8181 9876
+#EXPOSE 80
+
+CMD ["/usr/bin/supervisord", "-n"]
diff --git a/tools/dev/docker/README.md b/tools/dev/docker/README.md
new file mode 100644
index 0000000..54fbbc5
--- /dev/null
+++ b/tools/dev/docker/README.md
@@ -0,0 +1,56 @@
+Docker container which works with ONOS Scenario Test Coordinator (STC)
+
+Before building docker image:
+1. Check out the master branch and go to: $ONOS_ROOT/tools/dev/docker.
+2. Copy $ONOS_ROOT/bazel-bin/onos.tar.gz here, assuming you have successfully built one.
+3. Copy your public key ~/.ssh/id_rsa.pub here.
+
+
+Build docker image as follows. You may tag your image as you like.
+```
+$ sudo docker build -t onos-sshd . -f Dockerfile-sshd
+```
+
+If you want to choose the version of Atomix, pleae build as follows:
+```
+$ ATOMIX_VERSION=3.1.4 sudo docker build --build-arg ATOMIX_VERSION -t onos-sshd . -f Dockerfile-sshd
+```
+
+Run 3 docker containers:
+```
+$ sudo docker run -t -d --name onos1 onos-sshd
+$ sudo docker run -t -d --name onos2 onos-sshd
+$ sudo docker run -t -d --name onos3 onos-sshd
+```
+
+Check ip of docker containers created:
+```
+$ sudo docker inspect --format '{{ .NetworkSettings.IPAddress }}' onos1
+```
+
+If not found, create cell definition file e.g. $ONOS_ROOT/tools/test/cells/3docker. Make sure ip's match your settings.
+```
+export ONOS_NIC="172.17.0.*"
+export OCI="172.17.0.2"
+export OC1="172.17.0.2"
+export OC2="172.17.0.3"
+export OC3="172.17.0.4"
+export ONOS_APPS="drivers,openflow,fwd"
+export ONOS_USER="sdn"
+```
+
+Set up cell definition:
+```
+$ cell 3docker
+```
+
+Execute STC setup:
+```
+$ stc setup
+```
+
+Check status using ONOS CLI:
+```
+$ ssh -p 8101 karaf@$OC1 # password is karaf
+```
+
diff --git a/tools/dev/docker/supervisord-atomix.conf b/tools/dev/docker/supervisord-atomix.conf
new file mode 100644
index 0000000..caff008
--- /dev/null
+++ b/tools/dev/docker/supervisord-atomix.conf
@@ -0,0 +1,9 @@
+[program:atomix]
+command=/opt/atomix/bin/atomix-agent -c /opt/atomix/atomix.json
+autostart=true
+autorestart=true
+startsecs=0
+startretries=3
+user=sdn
+environment=ONOS_USER="sdn"
+redirect_stderr=true
diff --git a/tools/dev/docker/supervisord-onos.conf b/tools/dev/docker/supervisord-onos.conf
new file mode 100644
index 0000000..04917aa
--- /dev/null
+++ b/tools/dev/docker/supervisord-onos.conf
@@ -0,0 +1,9 @@
+[program:onos]
+command=/opt/onos/bin/onos-service
+autostart=true
+autorestart=true
+startsecs=0
+startretries=3
+user=sdn
+environment=ONOS_USER="sdn"
+redirect_stderr=true
diff --git a/tools/dev/docker/supervisord-sshd.conf b/tools/dev/docker/supervisord-sshd.conf
new file mode 100644
index 0000000..e9fd4a9
--- /dev/null
+++ b/tools/dev/docker/supervisord-sshd.conf
@@ -0,0 +1,7 @@
+[program:sshd]
+command=/usr/sbin/sshd -D
+autostart=true
+autorestart=true
+startsecs=0
+startretries=3
+redirect_stderr=true
diff --git a/tools/dev/docker/supervisord.conf b/tools/dev/docker/supervisord.conf
new file mode 100644
index 0000000..180e8ec
--- /dev/null
+++ b/tools/dev/docker/supervisord.conf
@@ -0,0 +1,29 @@
+; supervisor config file
+
+[unix_http_server]
+file=/var/run/supervisor.sock ; (the path to the socket file)
+chmod=0700 ; sockef file mode (default 0700)
+
+[supervisord]
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
+pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
+childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
+
+; the below section must remain in the config file for RPC
+; (supervisorctl/web interface) to work, additional interfaces may be
+; added by defining them in separate rpcinterface: sections
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket
+
+; The [include] section can just contain the "files" setting. This
+; setting can list multiple files (separated by whitespace or
+; newlines). It can also contain wildcards. The filenames are
+; interpreted as relative to this file. Included files *cannot*
+; include files themselves.
+
+[include]
+files = /etc/supervisor/conf.d/*.conf
diff --git a/tools/test/cells/3docker b/tools/test/cells/3docker
new file mode 100755
index 0000000..d58b333
--- /dev/null
+++ b/tools/test/cells/3docker
@@ -0,0 +1,7 @@
+export ONOS_NIC="172.17.0.*"
+export OCI="172.17.0.2"
+export OC1="172.17.0.2"
+export OC2="172.17.0.3"
+export OC3="172.17.0.4"
+export ONOS_APPS="drivers,openflow,fwd"
+export ONOS_USER="sdn"