Use Google's servers to power your GNS3 environment

[Seittit]

This post came straight from Binary Nature, please give Marc Weisel all the credit at https://plus.google.com/114205639868807921657

Original post and pictures at:  http://binarynature.blogspot.com/?m=1

This post provides a guide of how to leverage the Google Cloud platform with the current release of GNS3. One of the best features of the new GNS3 is the flexibility of where you choose to run its supporting components. Why would you decouple GNS3 instead of running everything locally? Think of the client-server model and the increasing popularity of portable computing devices.

Have a Windows tablet with limited RAM and x86 CPU power, but you need to create a CCIE-esque topology with GNS3? Installed Linux on a low spec Chromebook, but you encounter the same constraint as the former. Wouldn't it be awesome to plug those devices into a remote GNS3 powerhouse via the Internet?

Another use case could be for training purposes. A cloud-based GNS3 VM instance could be cloned for each student with only the GNS3 GUI and project files located on their local computer. Accessibility, snapshots, and centralized backup/recovery of virtual device configurations also come into play.

Or maybe you simply have an overbearing urge to create the "SimCity of virtual network topologies" for which the n1-highmem-16 machine type can help fulfill. This is where the elasticity aspect of cloud computing comes in handy. Need a large machine type for only a week? After the week is over, either entirely delete the VM instance (and virtual hard disk) or attach the virtual hard disk to a smaller (and monetarily cheaper) machine type.
Google Compute Engine

In a nutshell, Compute Engine is Google's cloud solution for the Infrastructure as a service (IaaS) model. The GCE documentation is a great resource if you need more information.

1. Create a new project.
After Google Compute Engine is enabled, any resources you create or use in Google Compute Engine belong to a specific project.
Log in to Google Developers Console.
Click the Create Project button.
Give it a name (ex. GNS3 Cloud) and let the PROJECT ID be automatically generated.
Click the Create button to complete the task.

2. Create and start a new VM instance.
An instance is a virtual machine hosted on Google's infrastructure. A project holds one or more instances but an instance can be a member of one and only one project.
Click Compute on the left menu to expand the tree.
Click Compute Engine to expand further.
Click VM instances.
Click the Create an instance button.
Enter a name (ex. gns3server) for the instance.

Select the closest geographical ZONE to place your instance. Latency will be a factor when you console to the GNS3 virtual network objects.
I have also selected n1-standard-1 for the MACHINE TYPE as it fits the requirement for my specific GNS3 topologies and corresponding labs.

We will be using Google's default Debian image as the platform for the GNS3 components, so select backports-debian-7-wheezy.
Important: Uncheck the Delete boot disk when instance is deleted option. This gives us the flexibility to detach the virtual hard disk from this specific VM instance and attach it to another.

I have selected Ephemeral for the EXTERNAL IP property. You may want to create a new static IP address depending on your specific requirements.

Finally, click the Create button to complete the task.
3. Create firewall rules.
The VM instance should now be starting at this point. By default, the GCE project permits only remote access management (SSH, RDP) to the VM instance from the Internet. We need to add some additional firewall rules to allow connectivity from the local GNS3 application to the components on this remote VM instance.
Click Compute on the left menu to expand the tree.
Click Compute Engine to expand further.
Click Networks.
Under All networks, click the default link.
In the Firewall rules section, click the Create new link.
GNS3 Server
NAME: allow-gns3server
SOURCE IP RANGES: 0.0.0.0/0
PROTOCOLS & PORTS: tcp:8000
VPCS
NAME: allow-vpcs
SOURCE IP RANGES: 0.0.0.0/0
PROTOCOLS & PORTS: tcp:4501-5000
Dynamips
NAME: allow-dynamips
SOURCE IP RANGES: 0.0.0.0/0
PROTOCOLS & PORTS: tcp:2001-3000
IOU
NAME: allow-iou
SOURCE IP RANGES: 0.0.0.0/0
PROTOCOLS & PORTS: tcp:4001-4500

Security: Ideally, you want to set a specific host IP address or subnet range for the SOURCE IP RANGES property to limit the scope of access from the Internet.

4. Connect to VM instance with SSH from the Browser.
SSH from the Browser allows you to use SSH to connect to a Google Compute Engine virtual machine instance from within the Google Developers Console.
Click Compute on the left menu to expand the tree.
Click Compute Engine to expand further.
Click VM instances.
Click the SSH button for your instance.

GNS3 User and Updates

5. Open a superuser (root) login shell.
$ sudo -i

6. Create the 'gns3user' user account.
# adduser gns3user
Adding user `gns3user' ...
Adding new group `gns3user' (1001) ...
Adding new user `gns3user' (1001) with group `gns3user' ...
Creating home directory `/home/gns3user' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: Pa$$worD1
Retype new UNIX password: Pa$$worD1
passwd: password updated successfully
Changing the user information for gns3user
Enter the new value, or press ENTER for the default
        Full Name []: gns3user
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n] Y
7. Add the user account to the 'sudo' group and verify.
# usermod -aG sudo gns3user
# grep sudo /etc/group
sudo:x:27:marc,gns3user

8. Exit out of the superuser shell and switch to a 'gns3user' shell.
# exit
$ su - gns3user

9. Update the Debian OS.
$ sudo apt-get update && sudo apt-get upgrade
Dynamips

10. Get and install the dependencies for Dynamips.
$ sudo apt-get install libelf-dev libpcap0.8-dev uuid-dev build-essential cmake

11. Get and install Dynamips.
I will download and install the latest stable release (at the date of this post) for my example. Refer to the GNS3 dynamips repository for specific versions.
$ cd /tmp
$ curl -L https://github.com/GNS3/dynamips/archive/v0.2.14.tar.gz | tar -xz
$ cd dynamips*
$ mkdir build && cd $_
$ cmake ..
$ sudo make install

12. Verify the location and version for Dynamips.
$ cd $HOME
$ type dynamips
dynamips is /usr/local/bin/dynamips
$ dynamips 2> /dev/null | grep version
Cisco Router Simulation Platform (version 0.2.14-amd64/Linux stable)

13. Get and install VPCS.
I will perform a Subversion (SVN) checkout from the main trunk for my example. Refer to the Virtual PC Simulator project site for more information.
$ sudo apt-get install subversion
$ cd /tmp
$ svn checkout svn://svn.code.sf.net/p/vpcs/code/trunk vpcs-code
$ cd vpcs-code/src
$ make -f Makefile.linux
$ sudo mv vpcs /usr/local/bin

14. Verify the location and version for VPCS.
$ cd $HOME
$ type vpcs
vpcs is /usr/local/bin/vpcs
$ vpcs -v | grep version
Welcome to Virtual PC Simulator, version 0.6
IOUYAP

15. Get and install the dependencies for IOUYAP.
$ sudo apt-get install flex bison libcap2-bin

# 15.a. Get and install iniparser.
I will download from the master branch for my example. Refer to the iniparser repository for more information.
$ cd /tmp
$ curl -L https://github.com/ndevilla/iniparser/archive/master.tar.gz | tar -xz
$ cd iniparser*
$ make

16. Get and install IOUYAP.
I will download from the master branch for my example. Refer to the GNS3 iouyap repository for more information.
$ cd /tmp
$ curl -L https://github.com/GNS3/iouyap/archive/master.tar.gz | tar -xz
$ cd iouyap*
$ bison -ydv netmap_parse.y
$ flex netmap_scan.l
$ gcc -Wall *.c -I /tmp/iniparser*/src -L /tmp/iniparser* -o iouyap -liniparser -lpthread
$ strip --strip-unneeded iouyap
$ sudo mv iouyap /usr/local/bin

17. Set capabilities for IOUYAP.
$ cd $HOME
$ sudo setcap 'cap_net_raw+eip' $(which iouyap)

18. Verify the location and capabilities for IOUYAP.
$ /sbin/getcap $(which iouyap)
/usr/local/bin/iouyap = cap_net_raw+eip
Python 3

GNS3 requires Python 3.3 or later. The Debian "wheezy" release provides Python 3.2, as the latest version, so we will need to grab the required dependencies and perform a source-based install with the latest Python 3.4 release. (Source: Extellisys)

19. Get and install the dependencies for Python 3.4.
$ sudo apt-get install libncurses5-dev libncursesw5-dev libreadline6-dev
$ sudo apt-get install libdb5.1-dev libgdbm-dev libsqlite3-dev libssl-dev
$ sudo apt-get install libbz2-dev libexpat1-dev liblzma-dev zlib1g-dev

20. Get and install Python 3.4.
$ cd /tmp
$ curl -L https://www.python.org/ftp/python/3.4.2/Python-3.4.2.tgz | tar -xz
$ cd Python*
$ ./configure --prefix=/opt/python3.4
$ make
$ sudo make install
IOU/IOL

Disclaimer: The inclusion of references to IOU/IOL is intended for educational and/or informational purposes only.

21. Get and install IOL dependency.
$ sudo dpkg --add-architecture i386 && sudo apt-get update
$ sudo apt-get install libssl1.0.0:i386
$ sudo ln -s /usr/lib/i386-linux-gnu/libcrypto.so.1.0.0 /usr/lib/libcrypto.so.4

22. Prevent EXCESSCOLL IOL error.
Get the current value for the datagram queue length for Unix domain sockets.
$ /sbin/sysctl net.unix.max_dgram_qlen
net.unix.max_dgram_qlen = 10

Increase the value to 10000.
$ sudo sysctl net.unix.max_dgram_qlen=10000

We also need to make the modification persistent, so let's append the sysctl.conf file.
$ sudo tee -a /etc/sysctl.conf > /dev/null << EOL
> # Prevent EXCESSCOLL error for IOL
> net.unix.max_dgram_qlen=10000
> EOL

Verify the new configuration by running the following commands from the terminal and note the output:
$ /sbin/sysctl net.unix.max_dgram_qlen
net.unix.max_dgram_qlen = 10000
$ tail -2 /etc/sysctl.conf
# Prevent EXCESSCOLL error for IOL
net.unix.max_dgram_qlen=10000

23. E.T. No Phone Home.
Add an entry to the hosts file.
$ sudo sed -i '3i127.0.0.84\txml.cisco.com' /etc/hosts

24. Create a sample IOU/IOL license file.
$ cd $HOME
$ curl -Lo iou4u.py http://goo.gl/V9PmUt
$ chmod u+x iou4u.py
$ ./iou4u.py
$ cat .iourc
GNS3 Server

25. Get and install GNS3 Server (with optional netifaces package).
$ cd $HOME
$ sudo /opt/python3.4/bin/pip3 install gns3-server
$ sudo /opt/python3.4/bin/pip3 install netifaces

26. Show GNS3 Server version.
$ /opt/python3.4/bin/gns3server --version
1.2.1

Note: Version numbers need to match for the local GNS3 GUI and the remote GNS3 Server.

27. Get and install Upstart.
Upstart is technically deprecated at this point with most distributions migrating to systemd, but it's a mature solution that will allow us to daemonize the gns3server process with minimal fuss.
$ sudo apt-get install upstart
...
You are about to do something potentially harmful.
To continue type in the phrase 'Yes, do as I say!'
?] Yes, do as I say!

28. Create Upstart job for GNS3 Server.
Create the Upstart job configuration file with a text editor.
$ sudo nano /etc/init/upstart-gns3server.conf

Add the following to the file:
description "GNS3 Server"

start on runlevel [2345]
stop on runlevel [!2345]
respawn

setuid gns3user
exec /opt/python3.4/bin/gns3server

control + o (Save) the file, press the enter or return key to confirm, and then control + x (exit) the nano text editor.

29. Fix 'google-accounts-manager-service' issue.
The Google accounts manager service respawns too quickly, hitting a threshold, and eventually errors out under Upstart. The following command remedies that:
$ sudo sed -i '/respawn/a post-stop exec sleep 5' /etc/init/google-accounts-manager-service.conf

30. Reboot to set Upstart as the new init system.
$ sudo reboot

31. Verify GNS3 Server.
After re-establishing a SSH connection, let's verify gns3server is running and available for remote connections.

What is the current status?
$ sudo initctl status upstart-gns3server
upstart-gns3server start/running, process 696

Are the processes owned by (and run as) gns3user?
$ pgrep -lfu gns3user
696 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server
884 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server
885 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server
888 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server
891 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server
892 /opt/python3.4/bin/python3.4 /opt/python3.4/bin/gns3server

Is it listening on the default TCP/8000 port?
$ sudo ss -nlp | grep 8000
LISTEN    0    128    *:8000    *:*    users:(("gns3server",696,20))

What is the external IPv4 address accessible from the Internet?
$ curl ifconfig.me
130.211.169.26

Note: The external IPv4 address is also shown in the Console next to your VM instance.
GNS3 (local)

Everything should be set on the remote VM instance, so we will now focus on the local GNS3 configuration. The following configuration represents what I refer to as the sandbox model; the local GNS3 application is essentially a thin client with a tunnel connection to the remote VM instance that performs all the heavy lifting. This model works great for pure "route and switch" labs.

32. Test connectivity from local computer to GNS3 Server on remote instance.
Before we upload the images, let's first test connectivity. Remember to substitute the external IPv4 address value for your specific VM instance.

For Mac and Linux, run the following netcat command from the terminal:
$ nc -nvz 130.211.169.26 8000
found 0 associations
found 1 connections:
     1: flags=82<CONNECTED,PREFERRED>
outif en0
src 10.10.1.10 port 58053
dst 130.211.169.26 port 8000
rank info not available
TCP aux info available

Connection to 130.211.169.26 port 8000 [tcp/*] succeeded!

Run the following commands from a PowerShell console for Windows:
PS> $tc = New-Object System.Net.Sockets.TcpClient
PS> $tc.Connect("130.211.169.26", 8000); if ($?) { "Connection successful!" }
Connection successful!
PS> Remove-Variable tc

33. Upload images for Dynamips and IOL.
Open a web browser.
Input http://130.211.169.26:8000/upload in the address field and press the enter or return key.
On the Select & Upload page, click the Choose File button to select an image for Dynamips or IOL.
Click the upload button to upload the image from your local computer to the remote VM instance.
Don't close the web browser window because we'll use it as a reference in upcoming steps.

34. Set GNS3 Server preferences.
Open GNS3 Preferences.
Select the GNS3 server node on the left.
Click the Local server tab.
Host binding: From the drop-down list, select the IPv4 address of the network interface that connects to the Internet.
Port: 8000 TCP
Click the Apply button.

Click the Remote servers tab.
Host: Input the external IPv4 address of your specific remote VM instance in the field.
Port: 8000 TCP
Click the Add button.
Click the Apply button.

35. Set VPCS preferences.
Select the VPCS node on the left.
Select the General settings tab.
Path to VPCS: Input /usr/local/bin/vpcs in the field.
Click the Apply button.
Select the Server settings tab.
Uncheck the Always use the local server checkbox to instruct your local GNS3 application to use the VPCS binary on the remote VM instance.
Click the Apply button.
36. Set Dynamips preferences.
Select the Dynamips node on the left.
Select the General settings tab.
Path to Dynamips: Input /usr/local/bin/dynamips in the field.
Click the Apply button.
Select the Server settings tab.
Uncheck the Always use the local server checkbox to instruct your local GNS3 application to use the Dynamips binary on the remote VM instance.
Click the Apply button.

37. Create Dynamips device template.
Select the IOS routers subnode on the left.
Click the New button.
Server type: Select the Remote button.
Remote servers: Uncheck the Load balance across all available remote servers checkbox and select the remote network socket from the Run on server drop-down list.
Click the Next button.
IOS image: Input /home/gns3user/GNS3/images/C3725.image in the field.
Tip: Copy and paste the file path from the Select & Upload page.
Click the Next button.
Name: Input GCloud-C3725.
Platform: Select c3725 from the drop-down list.
Chassis: Select item from the drop-down list if required.
Click the Next button.
Default RAM: Adjust the RAM size if required.
Click the Next button.
Add/Remove network modules if required.
Click the Next button.
Add/Remove WIC modules if required.
Click the Next button.
Skip the Idle-PC process for now. It can be performed from the Dynamips device context-menu after added to the workspace.
Click the Finish button to finish the wizard.
Click the Apply button.

38. Set IOS on UNIX preferences.
Select the IOS on Unix node on the left.
Select the General settings tab.
Path to IOURC: Input the fully-qualified file path to the local iourc license file.
Click the Apply button.
39. Create IOU device templates.
Select the IOU devices subnode on the left.
Click the New button.
Server type: Select the Remote button.
Remote servers: Uncheck the Load balance across all available remote servers checkbox and select the remote network socket from the Run on server drop-down list.
Click the Next button.
Click the OK button to acknowledge the remote server information.
Name: Input GCloud-L2-IOL in the field.
IOU image: Input /home/gns3user/GNS3/images/L2-IOL.bin in the field.
Tip: Copy and paste the file path from the Select & Upload page.
Type: Select L2 image from the drop-down list.
Click the Finish button to finish the wizard.
Click the Apply button.

Click the New button.
Server type: Select the Remote button.
Remote servers: Uncheck the Load balance across all available remote servers checkbox and select the remote network socket from the Run on server drop-down list.
Click the Next button.
Click the OK button to acknowledge the remote server information.
Name: Input GCloud-L3-IOL in the field.
IOU image: Input /home/gns3user/GNS3/images/L3-IOL.bin in the field.
Tip: Copy and paste the file path from the Select & Upload page.
Type: Select L3 image from the drop-down list.
Click the Finish button to finish the wizard.
Click the Apply button.
Click the OK button to close the GNS3 Preferences window.
40. Build your topologies and conquer your labs!

Again, this post came straight from Binary Nature, please give Marc Weisel all the credit at https://plus.google.com/114205639868807921657

Original post:  http://binarynature.blogspot.com/?m=1


Sent from my iPhone using Tapatalk

[Seittit]

I have validated that this guide works 100%. Be sure that you keep an eye on that IOU process


Sent from my iPhone using Tapatalk

[wintermute000]

Not to be snarky, but is this any different from building your own GNS3 host in any cloud IaaS provider? Amazon etc.

[Seittit]

cost eval? Google has two free months on the table, so you could create new gmail accounts and keep the party rolling

[wintermute000]

Cheers for that, just spun up my own VM @ home using Debian Jessie. Strongly suggest using Jessie instead of Wheezy as python3.4 works out of the box so all that's required is to install pip3 via apt-get. Hey its Debian, debian testing is usually more stable than say most distro's release....

Note adding upstart broke everything. Systemd is probably even more embedded in Jessie than Wheezy. I rolled back to snapshot then created a systemd service script instead which is the 'correct' way (not getting into the systemd holy war... lol). I also strongly suggest installing vmware-tools, makes life easier in general.

A fair few minor tweaks required in the guide - no issues for experienced linux users but may trouble newbies (e.g. need to manually install sudo first, re-login after adding user to sudo group etc.).

Seittit I've run into one major annoyance: Using GNS3 1.2.3 it appears that although the topology file is saved with the project folder, the configurations are NOT - they are kept on the VM in the GNS3 user home directory.

I plan on running my VM locally (on my laptop and/or my home workstation) to eliminate any dependency on network/cloud (also no chance of getting ports XYZ opened on the corporate firewall - CBF going down the openVPN route etc.) obviously this is going to screw with config sync. In the past I saved everything to a dropbox folder but now that won't work as only the topology is synced - any ideas?

In GNS 0.8.7 you could drill down under a device and manually put the config file path there, but now the option appears to have been removed.

Kinda regret buying VIRL now lol but oh well at least that meant that I can drop in a pre-made set of INE topologies instead of manually setting up each lab. After claiming tax its only around a hundred bucks anyway and at least I get some NX-OS/IOS-XE action.

---------

In case anyone is interested, this is the 'correct' way to make gns3 into a service using the standard Debian service manager systemd. Put below in /usr/lib/systemd/system as gns3.service
then run


sudo system enable gns3.service,
sudo systemd start gns3.service





[Unit]
Description=GNS3 server
After=syslog.target
After=network.target


[Service]
Type=simple
User=(YOUR USER)
Group=(YOUR USERGROUP)
ExecStart=/usr/local/bin/gns3server --console_bind_to_any


# Give a reasonable amount of time for the server to start up/shut down
TimeoutSec=300


[Install]
WantedBy=multi-user.target

[Seittit]

Appreciate the feedback, I'll make sure to send it back to Marc.

I'm still on GNS 1.2.1 (waiting for VMware integration in 1.3.x), but they way I save my configs is to run

Code Select Expand

copy run unix:initial-config.cfg

then download the configs locally by GNS3 --> File --> Import/Export Device Configs, point to project's file directory. Tweak each device to pull it's initial config from this directory and you're golden.

Again, not sure if any changes with 1.2.3 have invalidated this process.

[wintermute000]

Btw if you find an accurate ine topology let me know

[Seittit]

I've got a couple, but they differ a bit (no sub interfaces for one thing).  I'll upload them when I get back

[wintermute000]

cheers


more so for foundation labs than anything, but a full advanced technology topology would be nice as well, despite all the bugs.
The discussions I've found all concentrate on either webIOU or build a router only topology or still the old school breakout approach. I can't seem to find configs for the switches without breakout, using L2-IOU only. As you know there's nothing worse than starting a complex INE lab with a inherently broken / mistaken config, and then not knowing whether you are making a mistake or there's a mistake in the starting topology.

I have more than enough rack tokens for the advanced technology L2 labs, and VIRL takes care of L3. I do have webIOU but I just prefer GNS3/dynamips.


How do you do this? I can't find the option
'Tweak each device to pull it's initial config from this directory and you're golden."

[Seittit]

http://youtu.be/Alec_DDfypk

[Seittit]

apologies, my INE topologies are all IOU based (i misread the request).

I have a thousand tokens laying around, but I can still see some use case to having a GNS3 copy; I hope to have a working topology finished this week.