Versions Compared

Old Version 116

changes.mady.by.user Sangho Shin

Saved on

compared with

New Version 117

changes.mady.by.user Sangho Shin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
set "$@" --remote=ptcp:6640

 


Now you should be able to see port "6640" is in listening state.

...

Code Block
languagebash
$ git clone https://github.com/openstack/networking-onos.git
$ pip install ./networking-onos

...

Note

If you found any run time problem in Neutron server and networking-onos module, please refer to networking-onos install guides per each OpenStack version.


2. Edit ml2_conf_onos.ini uner networking-onos/etc/neutron/plugins/ml2 for ONOS endpoint and credential. You may want to copy the config file under /etc/neutron/plugins/ml2/ where other Neutron configuration files are.

...

Note

URL path is changed from "onos/openstackswitching" to "onos/openstacknetworking" since 1.8.0.

...


3. Next step is installing and running OpenStack services. For DevStack users, use the following sample DevStack local.conf to build OpenStack controller node. Make sure your DevStack branch is consistent with the OpenStack branch, "stable/mitaka"  for example.

...

Code Block
titlelocal.conf of Controller Node
[[local|localrc]]
HOST_IP=10.134.231.28
SERVICE_HOST=10.134.231.28
RABBIT_HOST=10.134.231.28
DATABASE_HOST=10.134.231.28
Q_HOST=10.134.231.28

ADMIN_PASSWORD=nova
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
SERVICE_TOKEN=$ADMIN_PASSWORD

DATABASE_TYPE=mysql

# Log
SCREEN_LOGDIR=/opt/stack/logs/screen

# Images
FORCE_CONFIG_DRIVE=True

# Networks
Q_ML2_TENANT_NETWORK_TYPE=vxlan
Q_ML2_PLUGIN_MECHANISM_DRIVERS=onos_ml2
Q_PLUGIN_EXTRA_CONF_PATH=/opt/stack/networking-onos/etc/neutron/plugins/ml2
Q_PLUGIN_EXTRA_CONF_FILES=(ml2_conf_onos.ini)
ML2_L3_PLUGIN=onos_router
NEUTRON_CREATE_INITIAL_NETWORKS=False

# Services
enable_service q-svc
disable_service n-net
disable_service n-cpu
disable_service tempest
disable_service c-sch
disable_service c-api
disable_service c-vol
 
# Branches
GLANCE_BRANCH=stable/mitaka
HORIZON_BRANCH=stable/mitaka
KEYSTONE_BRANCH=stable/mitaka
NEUTRON_BRANCH=stable/mitaka
NOVA_BRANCH=stable/mitaka

 


If you use other deployment tool or build OpenStack manually, refer to the following Nova and Neutron configurations.

...

Code Block
title/etc/nova/nova.conf
[DEFAULT]
force_config_drive = True
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
 
[neutron]
url = http://10.134.231.28:9696
auth_strategy = keystone
admin_auth_url = http://10.134.231.28:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = [admin passwd]

 


Don't forget to set ml2_conf_onos.ini when you start Neutron service.

...

Note

If your compute node is a VM, try http://docs.openstack.org/developer/devstack/guides/devstack-with-nested-kvm.html this first or set LIBVIRT_TYPE=qemu. Nested KVM is much faster than qemu, if possible.

...


For manual set up, set Neutron as a network API in the Nova configuration.

...

Code Block
onos$ buck build onos
onos$ cp ~/network-cfg.json ~/onos/tools/package/config/
onos$ onos-package
onos$ stc setup
onos$ onos-buck-publish-local
onos$ onos-buck publish --to-local-repo //protocols/ovsdb/api:onos-protocols-ovsdb-api
onos$ onos-buck publish --to-local-repo //protocols/ovsdb/rfc:onos-protocols-ovsdb-rfc
onos$ onos-buck publish --to-local-repo //apps/openstacknode/api:onos-apps-openstacknode-api
onos$ cd apps/openstacknetworking; mci;
onos$ onos-app $OC1 reinstall! target/onos-app-openstacknetworking-1.10.0-SNAPSHOT.oar

 


2. Check all applications are activated successfully.

Code Block
onos> apps -a -s
*   9 org.onosproject.ovsdb-base           1.10.0.SNAPSHOT OVSDB Provider
*  13 org.onosproject.optical-model        1.10.0.SNAPSHOT Optical information model
*  20 org.onosproject.drivers              1.10.0.SNAPSHOT Default device drivers
*  39 org.onosproject.drivers.ovsdb        1.10.0.SNAPSHOT OVSDB Device Drivers
*  47 org.onosproject.openflow-base        1.10.0.SNAPSHOT OpenFlow Provider
*  56 org.onosproject.openstacknode        1.10.0.SNAPSHOT OpenStack Node Bootstrap App
*  57 org.onosproject.openstacknetworking  1.10.0.SNAPSHOT OpenStack Networking App

...


3. Check all nodes are registered and all COMPUTE type node's states are COMPLETE with openstack-nodes command. Use openstack-node-check command for more detailed states if the state is INCOMPLETE. If you want to reinitialize only a particular compute node, use openstack-node-init command with hostname. For GATEWAY type node, leave it in DEVICE_CREATED state. You'll need additional configurations explained later for gateway nodes.
...
 Code Block
languagebash
$ wget -qO- https://get.docker.com/ | sudo sh
$ sudo apt-get install python-pip -y
$ sudo pip install oslo.config
$ sudo pip install ipaddress
...

2. Download sona-setup scripts as well.
 Code Block
languagebash
$ git clone https://github.com/sonaproject/sona-setup.git
$ cd sona-setup
...

3. Write vRouterConfig.ini and place it under sona-setup directory.
...
  • line 2, routerBridge: Router bridge device ID configured in the network configuration. It should be unique across the system.
  • line 3, floatingCidr: Floating IP address ranges. It can be comma separated list.
  • line 4, localPeerMac: Local MAC address used for peering. It should be unique across the system.
  • line 5, localPeerIp: Local IP address used for peering. It should be unique across the system.
  • line 6, vRouterName: Hostname to be configured in Quagga.
  • line 7, bgpNeighborIp: Remote peer's IP address.
  • line 8, localAsNum: Local AS number.
  • line 9, remoteAsNum: Remote peer's AS number.
  • line 10, uplinkPortNum: Port number of uplink interface on br-router bridge.
...

4. Run createJsonAndvRouter.sh. It will create configurations for vRouter, vrouter.json, and then brings up ONOS container with vRouter application activated.
 Code Block
sona-setup$ ./createJsonAndvRouter.sh
sona-setup$ sudo docker ps
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS                                    NAMES
e5ac67e62bbb        onosproject/onos:1.6   "./bin/onos-service"     9 days ago          Up 9 days           6653/tcp, 8101/tcp, 8181/tcp, 9876/tcp   onos-vrouter
 

5. Next, run createQuagga.sh. It will create Quagga configurations, zebra.conf and bgpd.conf with floating IP ranges, and then brings up Quagga container. It also re-generates vrouter.json with Quagga container's port number and restart ONOS container.
...
 Code Block
titlevolumes/router/zebra.conf
!
hostname router-01
password zebra
!
 

If you check the result of ovs-ofctl show, there should be a new port named quagga-router on br-router bridge.
 Code Block
titlevolumes/router/zebra.conf
sona-setup$ sudo ovs-ofctl show br-routerOFPT_FEATURES_REPLY (xid=0x2): dpid:00000000000000b1
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
 1(patch-rout): addr:1a:46:69:5a:8e:f6
 config: 0
 state: 0
 speed: 0 Mbps now, 0 Mbps max
 2(quagga): addr:7a:9b:05:57:2c:ff
 config: 0
 state: 0
 current: 10GB-FD COPPER
 speed: 10000 Mbps now, 0 Mbps max
 3(quagga-router): addr:c6:f5:68:d6:ff:56
 config: 0
 state: 0
 current: 10GB-FD COPPER
 speed: 10000 Mbps now, 0 Mbps max
 LOCAL(br-router): addr:1a:13:72:57:4a:4d
 config: PORT_DOWN
 state: LINK_DOWN
 speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
 

7. Now, check hosts, fpm-connections, next-hops, and routes from ONOS-vRouter. You should be able to see default route (0.0.0.0/0) with next hop of the external router.
...
 Code Block
titlevRouterConfig.ini
[DEFAULT]
routerBridge = "of:00000000000000b2"
floatingCidr = "172.27.0.0/24"
floatingGateway = "172.27.0.1"
localPeerMac = "fe:00:00:00:00:03"
localPeerIp = "172.18.0.250/30"
vRouterName = "gateway-02"
bgpNeighborIp = "172.18.0.249/30"
localAsNum = 65101
remoteAsNum = 65100
uplinkPortNum = "3"
...

You'll have to enable multipath in your external router as well. 
...
Basically, ONOS itself provides HA by default when there are multiple instances in the cluster. This section describes how to add a proxy server beyond the ONOS cluster, and make use of it in Neutron as a single access point of the cluster. For the proxy server, we used the HA proxy server (http://www.haproxy.org) here.
 

1. Install HA proxy.
 Code Block
languagebash
$ sudo add-apt-repository -y ppa:vbernat/haproxy-1.5
$ sudo add-apt-repository -y ppa:vbernat/haproxy-1.5
$ sudo apt-get update
$ sudo apt-get install -y haproxy
...

2. Configure HA proxy.
 Code Block
title/etc/haproxy/haproxy.cfg
global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon
 
    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private
 
    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3
 
defaults
    log global
    mode    http
    option  httplog
    option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
 
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http
 
frontend localnodes
        bind *:8181
        mode http
        default_backend nodes
 
backend nodes
        mode http
        balance roundrobin
        option forwardfor
        http-request set-header X-Forwarded-Port %[dst_port]
        http-request add-header X-Forwarded-Proto https if { ssl_fc }
        option httpchk GET /onos/ui/login.html 
        server web01 [onos-01 IP address]:8181 check
        server web02 [onos-02 IP address]:8181 check
        server web03 [onos-03 IP address]:8181 check
 
listen stats *:1936
    stats enable
    stats uri /
    stats hide-version
    stats auth someuser:password
...

3. Set url_path to point to the proxy server in Neutron ML2 ONOS mechanism driver configuration and restart Neutron.
 Code Block
titlenetworking-onos/etc/conf_onos.ini
# Configuration options for ONOS ML2 Mechanism driver
[onos]
# (StrOpt) ONOS ReST interface URL. This is a mandatory field.
url_path = http://[proxy-server IP]:8181/onos/openstackswitching
# (StrOpt) Username for authentication. This is a mandatory field.
username = onos
# (StrOpt) Password for authentication. This is a mandatory field.
password = rocks
...

4. Stop one of the ONOS instance and check everything works fine.
...