updating sdn assist documentation (888fd20e) · Commits · osm-doc / OSM User Guide

04-vim-setup.md

+71 −208

Original line number	Diff line number	Diff line
		@@ -65,7 +65,7 @@ A number of configuration options are supported:
		- `region_name`: The region where the VM must be deployed.
		- `insecure`: (By default false). When true it allows authorization over a non trusted certificate over https
		- `ca_cert`: (incompatible with insecure). root certificate file to use for validating the OpenStack certificate
		- `use_existing_flavors`: (By default, `False`). Set to `True` to use the closer flavor with enough resources instead of creating a new flavor with the exact requirements. This option does not work for EPA (cpu pinning, huge pages, ...) where openmano still tries to create a flavor with the needed extra expects. Use this options when you do not have admin credentials (Available from future v2.0.2 version)
		- `use_existing_flavors`: (By default, `False`). Set to `True` to use the closer flavor with enough resources instead of creating a new flavor with the exact requirements. This option does not work for EPA (cpu pinning, huge pages, ...) where RO still tries to create a flavor with the needed extra expects. Use this options when you do not have admin credentials (Available from future v2.0.2 version)
		- `vim_type`: Set to "VIO" to use VMware Integrated OpenStack as VIM
		- `use_internal_endpoint`: Set to True to force using internal endpoints

		@@ -922,241 +922,104 @@ You can find a thorough [configuration guide for OpenStack VIMs with EPA](#confi

		This is done through CLI.

		FIXME: The following commands in RO container, although functional, are no longer the recommended method. Please use the equivalent commans in the OSM Client (use the `--help` option for details as most up-to-date reference until this section is updated).

		Enter in the RO container (lxc exec RO bash) and type:

		```bash
		#export OPENMANO_TENANT=osm ## Indicate the RO tenant to use
		```

		In order to set the information of an existing SDN controller, use the following sintax:

		```bash
		root@RO:~# openmano sdn-controller-create -h
		usage: openmano sdn-controller-create [-h] [--verbose] [--debug]
		[--description DESCRIPTION] [--ip IP]
		[--port PORT] [--dpid DPID]
		[--type TYPE] [--user USER]
		[--passwd PASSWORD]
		name

		positional arguments:
		name name of the SDN controller

		optional arguments:
		-h, --help show this help message and exit
		--verbose, -v increase verbosity level. Use several times
		--debug, -d show debug information
		--description DESCRIPTION
		description of the SDN controller
		--ip IP IP of the SDN controller
		--port PORT Port of the SDN controller
		--dpid DPID DPID of the dataplane switch controlled by this SDN
		controller
		--type TYPE Specify the SDN controller type. Valid types are
		'opendaylight' and 'floodlight'
		--user USER user credentials for the SDN controller
		--passwd PASSWORD password credentials for the SDN controller
		```

		For example:

		```bash
		root@RO:~# openmano sdn-controller-create mySDN --ip=192.168.15.2 --port=8080 --dpid=56:55:12:12:12:12:12:12 --user sdnuser --passwd sdnpasswd --type onos
		98113d4a-51b7-11e7-8f07-00163e1229e4 mySDN ACTIVE
		```

		You can list the defined SDN controllers like this:
		Add to OSM the SDN controller, provide credentials.

		```bash
		root@RO:~# openmano sdn-controller-list
		{
		"sdn_controllers": [
		{
		"status": "ACTIVE",
		"password": "sdnpasswd",
		"uuid": "98113d4a-51b7-11e7-8f07-00163e1229e4",
		"last_error": null,
		"dpid": "56:55:12:12:12:12:12:12",
		"version": null,
		"user": "sdnuser",
		"ip": "192.168.15.2",
		"nets_with_same_vlan": "false",
		"type": "onos",
		"port": 8080,
		"name": "mySDN"
		}
		]
		}
		osm sdnc-create --name sdn-name --type arista \
		--url https://10.95.134.225:443 --user osm --password osm4u \
		--config '{mapping_not_needed: True, switch_id: ID}'
		# The config section is optional.

		# list sdn controllers with:
		osm sdnc-list
		# get details with:
		osm sdnc-show sdn-name
		# delete with
		osm sdnc-delete sdn-name
		```

		You can manage SDN controllers with sdn-controller-create/list/edit/delete

		Note that at SDN creation, connectivity and credentials are not checked.

		#### Enabling SDN Assist in a VIM target (associating a SDN controller to a VIM target)

		If we check the information of the datacenter we can see that this is disabled by default. No information about SDN can be seen in the config section:

		```bash
		root@RO:~# openmano datacenter-list mydc -vvv
		datacenter:
		config: null
		created_at: '2017-06-02T07:55:41'
		description: mydc
		name: mydc
		type: openstack
		uuid: dfcd6ca2-4768-11e7-8f07-00163e1229e4
		vim_tenants:
		- config:
		dataplane_physical_net: physnet_sriov
		use_floating_ip: true
		passwd: '******'
		user: osm
		vim_tenant_id: null
		vim_tenant_name: osm
		vim_url: http://10.0.0.12:5000/v2.0
		vim_url_admin: null
		```

		In order to add the sdn controller to the datacenter:

		```bash
		root@RO:~# openmano datacenter-edit mydc --sdn-controller mySDN
		Edit datacenter mydc (y/N)? y
		dfcd6ca2-4768-11e7-8f07-00163e1229e4 mydc 2017-06-02T07:55:41
		```
		Available SDN controller plugins (`--type` option) are `onos_vpls`, `onosof`, `floodlightof`, , `dynpac`; and comming `odlof`, `arista`, `ietfl2vpn`.

		And now we can see this information in the datacenter:
		Depending on the pluging, the SDN controller needs to be fed with the mapping between the VIM compute node interfaces and the switch ports. In case this is not needed use the `--config '{mapping_not_needed: True}'`.

		```bash
		root@RO:~# openmano datacenter-list mydc -vvv
		datacenter:
		config:
		sdn-controller: 98113d4a-51b7-11e7-8f07-00163e1229e4
		created_at: '2017-06-02T07:55:41'
		description: mydc
		name: mydc
		type: openstack
		uuid: dfcd6ca2-4768-11e7-8f07-00163e1229e4
		vim_tenants:
		- config:
		dataplane_physical_net: physnet_sriov
		use_floating_ip: true
		passwd: '******'
		user: osm
		vim_tenant_id: null
		vim_tenant_name: osm
		vim_url: http://10.0.0.12:5000/v2.0
		vim_url_admin: null
		```
		#### Associate the SDN controller to a VIM

		In order to remove the sdn controller:
		To associate the SDN controller to a concrete VIM, the VIM must be updated. In this step the compute-node/swith-port mapping is provided:

		```bash
		root@RO:~# openmano datacenter-edit mydc --sdn-controller null
		Edit datacenter mydc (y/N)? y
		dfcd6ca2-4768-11e7-8f07-00163e1229e4 mydc 2017-06-02T07:55:41
		osm vim-update vim-name --sdn_controller sdn-name --sdn_port_mapping port-mapping-file.yaml
		```

		#### Adding a port mapping
		This is an example of the `port-mapping-file.yaml` content:

		A sample of sdn port mapping can be found in `RO/sdn/sdn_port_mapping.yaml`

		```bash
		root@RO:~# tail -n 24 RO/sdn/sdn_port_mapping.yaml
		---
		#The mapping is composed of a list of compute nodes. Each compute nodes has two elements:
		#"compute_node": name to identify the compute node within the datacenter
		#"ports": list of ports mapped to a switch for that compute node.
		#The information to identify the SDN controller and the dataplane switch is obtained from the datacenter information
		- compute_node: "compute node 1"
		ports:
		#Each mapped port contains the following information:
		#"pci": pci address of the port in the compute node. This is a mandatory parameter
		#"switch_mac": MAC address of the corresponding port in the dataplane switch.
		#"switch_port": Openflow name of the port in the dataplane switch.
		#"switch_mac" or "switch_port" must be specified. Both of them could be specified
		- pci: "0000:81:00.0"
		switch_port: "port-2/1"
		- pci: "0000:81:00.1"
		switch_mac: "52:54:00:94:21:22"
		- compute_node: "compute node 2"
		```yaml
		- compute_node: nfv54
		ports:
		- pci: "0000:81:00.0"
		switch_port: "port-2/3"
		switch_mac: "52:54:00:94:22:21"
		- pci: "0000:81:00.1"
		switch_port: "port-2/4"
		switch_mac: "52:54:00:94:22:22"
		```

		In order to populate the port-mapping:

		```bash
		root@RO:~# openmano datacenter-sdn-port-mapping-set mydc RO/sdn/sdn_port_mapping.yaml
		sdn_port_mapping:
		- {compute_node: compute node 1, ofc_id: 963b5616-4769-11e7-8f07-00163e1229e4, pci: '0000:81:00.0',
		region: dfcd6ca2-4768-11e7-8f07-00163e1229e4, switch_dpid: '00:01:64:00:6a:e6:b3:14',
		switch_mac: null, switch_port: port-2/1, uuid: 977b50f8-51b9-11e7-8f07-00163e1229e4}
		- {compute_node: compute node 1, ofc_id: 963b5616-4769-11e7-8f07-00163e1229e4, pci: '0000:81:00.1',
		region: dfcd6ca2-4768-11e7-8f07-00163e1229e4, switch_dpid: '00:01:64:00:6a:e6:b3:14',
		switch_mac: '52:54:00:94:21:22', switch_port: null, uuid: 977b50f9-51b9-11e7-8f07-00163e1229e4}
		- {compute_node: compute node 2, ofc_id: 963b5616-4769-11e7-8f07-00163e1229e4, pci: '0000:81:00.0',
		region: dfcd6ca2-4768-11e7-8f07-00163e1229e4, switch_dpid: '00:01:64:00:6a:e6:b3:14',
		switch_mac: '52:54:00:94:22:21', switch_port: port-2/3, uuid: 977b50fa-51b9-11e7-8f07-00163e1229e4}
		- {compute_node: compute node 2, ofc_id: 963b5616-4769-11e7-8f07-00163e1229e4, pci: '0000:81:00.1',
		region: dfcd6ca2-4768-11e7-8f07-00163e1229e4, switch_dpid: '00:01:64:00:6a:e6:b3:14',
		switch_mac: '52:54:00:94:22:22', switch_port: port-2/4, uuid: 977b50fb-51b9-11e7-8f07-00163e1229e4}
		```

		To overwrite the port mapping the same instruction can be used.

		To clear the port mapping:

		```bash
		root@RO:~# openmano datacenter-sdn-port-mapping-clear mydc
		Clean SDN port mapping for datacenter dfcd6ca2-4768-11e7-8f07-00163e1229e4 (y/N)? y
		{result: 4 deleted from of_port_mapping}
		- pci: "0000:5d:00.1"
		switch_id: Leaf1
		switch_port: "Ethernet13/1"
		- pci: "0000:5d:0a.0"
		switch_id: Leaf1
		switch_port: "Ethernet13/1"
		- pci: "0000:5d:0a.1"
		switch_id: Leaf1
		switch_port: "Ethernet13/1"
		- pci: "0000:5d:00.0"
		switch_id: Leaf2
		switch_port: "Ethernet13/2"
		- pci: "0000:5d:02.0"
		switch_id: Leaf2
		switch_port: "Ethernet13/2"
		- pci: "0000:5d:02.1"
		switch_id: Leaf2
		switch_port: "Ethernet13/2"
		- compute_node: nfv55
		# ...
		```

		#### Managing dataplane networks with external connectivity
		NOTE: several PCI addresses can be connected to the same swith port. This is because a physical interface has several SR-IOV virtual interfaces, each one with different PCI address.

		Create a new network in the VIM and an associated network for the SDN Assist
		NOTE: The optional `switch_id` provided at `--config` is taken as a default if missing in the port-mapping file. This is useful if there is only one switch.

		```bash
		root@RO:~# openmano vim-net-create --name mydc_net --type data --datacenter mydc
		d30315d5-4ed7-442b-94e4-cf81d058ae00 mydc_net ACTIVE
		```
		To overwrite the port mapping the same instruction can be used after modifying the port-mapping file.

		Now you can include in the network a port (and a vlan as optional parameter) of the dataplane switch that will provide access to an external element. As an additional parameter, the mac address of the external element can also be specified in this command using --mac
		You can check the associated SDN controller by:

		```bash
		root@RO:~# openmano vim-net-sdn-attach mydc_net Te1/1 --vlan 300 --datacenter mydc
		Success 062a50b4-51bd-11e7-9496-00163eb5e904
		osm vim-show vim-name
		+-----------------+-----------------------------------------------------------------+
		\| key \| attribute \|
		+-----------------+-----------------------------------------------------------------+
		\| _id \| "bf900941-a6d3-4eba-9017-0cec657b9490" \|
		\| name \| "sdn-name" \|
		\| vim_type \| "openstack" \|
		\| description \| "some description" \|
		\| vim_url \| "https://192.168.1.1:5000/v3" \|
		\| vim_user \| "osm" \|
		\| vim_password \| "********" \|
		\| vim_tenant_name \| "osm" \|
		\| config \| { \|
		\| \| "insecure": true, \|
		\| \| "sdn-controller": "82b067c8-cb9a-481d-b311-59f68b75acae", \|
		\| \| "sdn-port-mapping": [ \|
		\| \| { \|
		\| \| "compute_node": "compute-66e153a8-c45", \|
		\| \| "ports": [ \|
		\| \| { \|
		\| \| "pci": "002f-0000:83:00.0-000", \|
		\| \| "switch_id": "Leaf1", \|
		\| \| "switch_port": "Ethernet52/1" \|
		```

		Now when listing the network we can see this port belongs to vim network and if we deploy a NS using dataplane interfaces connected to this network all of them will be able to communicate with the external element/network through the attached port.
		You can disassociatede SDN controller from a VIM by:

		```bash
		root@RO:~# openmano vim-net-list --datacenter mydc mydc_net
		d30315d5-4ed7-442b-94e4-cf81d058ae00 mydc_net ACTIVE 2017-06-15T11:23:08Z
		sdn_attached_ports:
		- switch_port: Te1/1
		uuid: 062a50b4-51bd-11e7-9496-00163eb5e904
		vlan: 300
		osm vim-update vim-name --sdn_controller '' # attach an empty string
		```

		In order to remove a port from a network you can use the --id option to remove a specific port from the network or --all to remove all of them:

		```bash
		root@RO:~# openmano vim-net-sdn-detach mydc_net --all --datacenter mydc
		Confirm action' (y/N)? y
		Success
		#root@RO:~## openmano vim-net-list --datacenter mydc mydc_net
		d30315d5-4ed7-442b-94e4-cf81d058ae00 mydc_net ACTIVE 2017-06-15T11:23:08Z
		```
		Note: detaching a SDN controller from the VIM is mandatory before deleting the SDN controller

		### Configure Openstack for full EPA support in OSM