docker-topo crash when running bridge driver

[mkurjanski]

Hi, I've been experimenting with this topology builder and it's working well using veth connections.
Now I'd like to expose port 22 so I could ssh into the ma1 ceos interfaces. I've read that for this I need to use bridge interfaces. After creating those it looks like the docker-topo is crushing. Could you please have a look? Thank you, Mat

`[mkurjanski@netopslab1 ceos-lab]$ cat topo2
VERSION: 2
CONF_DIR: './config'
PUBLISH_BASE:
22/tcp: 2000
#driver: veth
links:

• endpoints: ["ceos1:eth11", "ceos2:eth11"]
• endpoints: ["ceos1:ma1", "ceos2:ma1"]

[mkurjanski@netopslab1 ceos-lab]$ sudo docker-topo topo2
Traceback (most recent call last):
File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 222, in _raise_for_status
response.raise_for_status()
File "/usr/lib/python3.4/site-packages/requests/models.py", line 893, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localunixsocket/v1.30/networks/create

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/bin/docker-topo", line 703, in
main()
File "/bin/docker-topo", line 602, in main
devices, links = parse_v2(t_yml)
File "/bin/docker-topo", line 216, in parse_v2
link = Link(link_type, 'net-{}'.format(idx), link_driver, driver_opts)
File "/bin/docker-topo", line 511, in init
self.get_or_create()
File "/bin/docker-topo", line 517, in get_or_create
self.network = self._create()
File "/bin/docker-topo", line 526, in _create
options=self.opts
File "/usr/lib/python3.4/site-packages/docker/models/networks.py", line 153, in create
resp = self.client.api.create_network(name, *args, **kwargs)
File "/usr/lib/python3.4/site-packages/docker/utils/decorators.py", line 34, in wrapper
return f(self, *args, **kwargs)
File "/usr/lib/python3.4/site-packages/docker/api/network.py", line 154, in create_network
return self._result(res, json=True)
File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 228, in _result
self._raise_for_status(response)
File "/usr/lib/python3.4/site-packages/docker/api/client.py", line 224, in _raise_for_status
raise create_api_error_from_http_exception(e)
File "/usr/lib/python3.4/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception
raise cls(e, response=response, explanation=explanation)
docker.errors.APIError: 500 Server Error: Internal Server Error ("Failed to Setup IP tables: Unable to enable SKIP DNAT rule: (iptables failed: iptables --wait -t nat -I DOCKER -i br-c744d61204ff -j RETURN: iptables: No chain/target/match by that name.
(exit status 1))")
`

[networkop]

Hi Mat,
here's the preferred way of exposing ports. You don't need to configure all ports as docker bridge interfaces. most of the times it's enough to have the first port configured a "docker bridge" port and the rest can be standard veth. Try this and see if it works for you:

VERSION: 2
CEOS_IMAGE: ceosimage:latest
PUBLISH_BASE: 
  22/tcp: 2000
driver: veth
links:
  - endpoints: ["cEOS-1:eth0", "cEOS-2:eth0"]
    driver: bridge
  - endpoints: ["cEOS-1:eth1", "cEOS-2:eth2"]

In here the first link is of type "bridge" which allows it to publish ports outside of container and the next one is normal veth.