6 This document describes how to use the Unified Secure Channel (USC)
7 feature in OpenDaylight. This document contains configuration,
8 administration, and management sections for the feature.
13 In enterprise networks, more and more controller and network management
14 systems are being deployed remotely, such as in the cloud. Additionally,
15 enterprise networks are becoming more heterogeneous - branch, IoT,
16 wireless (including cloud access control). Enterprise customers want a
17 converged network controller and management system solution. This
18 feature is intended for device and network administrators looking to use
19 unified secure channels for their systems.
21 USC Channel Architecture
22 ------------------------
26 - The USC Agent provides proxy and agent functionality on top of all
27 standard protocols supported by the device. It initiates call-home
28 with the controller, maintains live connections with with the
29 controller, acts as a demuxer/muxer for packets with the USC
30 header, and authenticates the controller.
34 - The USC Plugin is responsible for communication between the
35 controller and the USC agent . It responds to call-home with the
36 controller, maintains live connections with the devices, acts as a
37 muxer/demuxer for packets with the USC header, and provides
42 - The USC Manager handles configurations, high availability,
43 security, monitoring, and clustering support for USC.
45 Installing USC Channel
46 ----------------------
48 To install USC, download OpenDaylight and use the Karaf console to
49 install the following feature:
53 Configuring USC Channel
54 -----------------------
56 This section gives details about the configuration settings for various
59 The USC configuration files for the Karaf distribution are located in
60 distribution/karaf/target/assembly/etc/usc
64 - The certificates folder contains the client key, pem, and rootca
65 files as is necessary for security.
69 - This file contains configuration related to clustering. Potential
70 configuration properties can be found on the akka website at
75 - This file contains configuration related to USC. Use this file to
76 set the location of certificates, define the source of additional
77 akka configurations, and assign default settings to the USC
80 Administering or Managing USC Channel
81 -------------------------------------
83 After installing the odl-usc-channel-ui feature from the Karaf console,
84 users can administer and manage USC channels from the UI or APIDOCS
88 `http://${ipaddress}:8181/index.html <http://${ipaddress}:8181/index.html>`__,
89 sign in, and click on the USC side menu tab. From there, users can view
90 the state of USC channels.
93 `http://${ipaddress}:8181/apidoc/explorer/index.html <http://${ipaddress}:8181/apidoc/explorer/index.html>`__,
94 sign in, and expand the usc-channel panel. From there, users can execute
95 various API calls to test their USC deployment such as add-channel,
96 delete-channel, and view-channel.
101 Below are tutorials for USC Channel
106 The purpose of this tutorial is to view USC Channel
111 This tutorial walks users through the process of viewing the USC Channel
112 environment topology including established channels connecting the
113 controllers and devices in the USC topology.
118 For this tutorial, we assume that a device running a USC agent is
124 - Run the OpenDaylight distribution and install odl-usc-channel-ui from
128 `http://${ipaddress}:8181/apidoc/explorer/index.html <http://${ipaddress}:8181/apidoc/explorer/index.html>`__
130 - Execute add-channel with the following json data:
132 - {"input":{"channel":{"hostname":"127.0.0.1","port":1068,"remote":false}}}
135 `http://${ipaddress}:8181/index.html <http://${ipaddress}:8181/index.html>`__
137 - Click on the USC side menu tab.
139 - The UI should display a table including the added channel from step