Merge "Added overview of Controller to developers guide."

[docs.git] / manuals / user-guide / src / main / asciidoc / vtn / VTN_OpenStack_Support-user.adoc

=== VTN OpenStack Configuration

This guide describes how to set up OpenStack for integration with OpenDaylight Controller.

While OpenDaylight Controller provides several ways to integrate with OpenStack, this guide focus on the way which uses VTN features available on OpenDaylight controller.In the integration, VTN Manager work as network service provider for OpenStack.

VTN Manager features, enable OpenStack to work in pure OpenFlow environment in which all switches in data plane are OpenFlow switch.

==== Requirements
To use OpenDaylight Controller (ODL) as Network Service Provider for Openstack.

==== Components
* OpenDaylight Controller.
* OpenStack Control Node.
* OpenStack Compute Node.
* OpenFlow Switch like mininet(Not Mandatory).

The VTN features support multiple OpenStack nodes. You can deploy multiple OpenStack Compute Nodes.
In management plane, OpenDaylight Controller, OpenStack nodes and OpenFlow switches should communicate with each other.
In data plane, Open vSwitches running in OpenStack nodes should communicate with each other through a physical or logical OpenFlow switches. The core OpenFlow switches are not mandatory. Therefore, you can directly connect to the Open vSwitch's.

.LAB Setup
image::vtn/vtn_devstack_setup.png["LAB Setup" ,width= 500]
NOTE: Ubuntu 14.04 was used in both the nodes and Vsphere was used for this howto.

==== Configuration

*Server Preparation*
[horizontal]
- Install Ubuntu 14.04 LTS in two servers (OpenStack Control node and Compute node respectively)
- While installing, Ubuntu mandates creation of a User, we created the user "stack"(We will use the same user for running devstack)
NOTE: You can also have multiple Compute nodes.
TIP: Please do minimal Install to avoid any issues in devstack bringup

*User Settings*
- Login to both servers
- Disable Ubuntu Firewall


  sudo ufw disable

- Optionally install these packages


  sudo apt-get install net-tools

- Edit sudo vim /etc/sudoers and add an entry as follows


  stack ALL=(ALL) NOPASSWD: ALL

*Network Settings*
- Checked the output of ifconfig -a, two interfaces were listed eth0 and eth1 as indicated in the image above.
- We had connected eth0 interface to the Network where ODL Controller is reachable.
- eth1 interface in both servers were connected to a different network to act as data plane for the VM's created using the OpenStack.
- Manually edited the file : sudo vim /etc/network/interfaces and made entries as follows


   stack@ubuntu-devstack:~/devstack$ cat /etc/network/interfaces
   # This file describes the network interfaces available on your system
   # and how to activate them. For more information, see interfaces(5).
   # The loop-back network interface
   auto lo
   iface lo inet loopback
   # The primary network interface
   auto eth0
   iface eth0 inet static
        address <IP_ADDRESS_TO_REACH_ODL>
        netmask <NET_MASK>
        broadcast <BROADCAST_IP_ADDRESS>
        gateway <GATEWAY_IP_ADDRESS>
  auto eth1
  iface eth1 inet static
       address <IP_ADDRESS_UNIQ>
       netmask <NETMASK>

NOTE: Please ensure that the eth0 interface is the default route and it is able to reach the ODL_IP_ADDRESS
NOTE: The entries for eth1 are not mandatory, If not set, we may have to manually do "ifup eth1" after the stacking is complete to activate the interface

*Finalize*
- reboot both nodes after the user and network settings to have the network settings applied to the network
- Login again and check the output of ifconfig to ensure that both interfaces are listed

====  ODL Settings and Execution
=====  vtn.ini
 * VTN uses the configuration parameters from  'vtn.ini' file for the OpenStack integration.
 * These values will be set for the OpenvSwitch, in all the participating OpenStack nodes.
 * A configuration file 'vtn.ini'''' needs to be created manually in the 'configuration' directory.
 * The contents of 'vtn.ini' should be as follows:


bridgename=br-int
portname=eth1
protocols=OpenFlow13
failmode=secure

 * The values of the configuration parameters must be changed based on the user environment.
 * Especially, "portname" should be carefully configured, because if the value is wrong, OpenDaylight controller fails to forward packets.
 * Other parameters works fine as is for general use cases.
 ** bridgename
 *** The name of the bridge in Open vSwitch, that will be created by OpenDaylight Controller.
 *** It must be "br-int".
 ** portname
 *** The name of the port that will be created in the vbridge in Open vSwitch.
 *** This must be the same name of the interface of OpenStack Nodes which is used for interconnecting OpenStack Nodes in data plane.(in our case:eth1)
 *** By default, if vtn.ini is not created, VTN uses ens33 as portname.
 ** protocols
 *** OpenFlow protocol through which OpenFlow Switch and Controller communicate.
 *** The values can be OpenFlow13 or OpenFlow10.
 ** failmode
 *** The value can be "standalone" or "secure".
 *** Please use "secure" for general use cases.

====  Start ODL Controller

 * Please install the feature *odl-vtn-manager-neutron* that provides the integration with Neutron interface.

  install odl-vtn-manager-neutron

TIP: After running ODL Controller, please ensure ODL Controller listens to the ports:6633,6653, 6640 and 8080

TIP: Please allow the ports in firewall for the devstack to be able to communicate with ODL Controller.

NOTE: 6633/6653 - OpenFlow Ports

NOTE: 6640 - OVS Manager Port

NOTE: 8282 - Port for REST API

====  Devstack Setup

===== VTN Devstack Script
* The local.conf is a user-maintained settings file. This allows all custom settings for DevStack to be contained in a single file. This file is processed strictly in sequence.
The following datas are needed to be set in the local.conf file:
* Set the Host_IP as the detection is unreliable.
* Set FLOATING_RANGE to a range not used on the local network, i.e. 192.168.1.224/27. This configures IP addresses ending in 225-254 to be used as floating IPs.
* Set FLAT_INTERFACE to the Ethernet interface that connects the host to your local network. This is the interface that should be configured with the static IP address mentioned above.
* If the *_PASSWORD variables are not set, we will be prompted to enter values during the execution of stack.sh.
* Set ADMIN_PASSWORD . This password is used for the admin and demo accounts set up as OpenStack users. We can login to the OpenStack GUI with this credentials only.
* Set the MYSQL_PASSWORD. The default here is a random hex string which is inconvenient if you need to look at the database directly for anything.
* Set the RABBIT_PASSWORD. This is used by messaging services used by both the nodes.
* Set the service password. This is used by the OpenStack services (Nova, Glance, etc) to authenticate with Keystone.

====== DevStack Control
local.conf(control)
[source]
#IP Details
HOST_IP=<CONTROL_NODE_MANAGEMENT_IF_IP_ADDRESS>#Please Add The Control Node IP Address in this line
FLAT_INTERFACE=<FLAT_INTERFACE_NAME>
SERVICE_HOST=$HOST_IP
#Instance Details
MULTI_HOST=1
#config Details
RECLONE=yes #Make it "no" after stacking successfully the first time
VERBOSE=True
LOG_COLOR=True
LOGFILE=/opt/stack/logs/stack.sh.log
SCREEN_LOGDIR=/opt/stack/logs
#OFFLINE=True #Uncomment this after stacking successfully the first time
#Passwords
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
ENABLE_TENANT_TUNNELS=false
#Services
disable_service rabbit
enable_service qpid
enable_service quantum
enable_service n-cpu
enable_service n-cond
disable_service n-net
enable_service q-svc
enable_service q-dhcp
enable_service q-meta
enable_service horizon
enable_service quantum
enable_service tempest
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch,n-novnc,n-cauth,n-cauth,nova
ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch,c-bak
#ML2 Details
Q_PLUGIN=ml2
Q_ML2_PLUGIN_MECHANISM_DRIVERS=opendaylight
Q_ML2_TENANT_NETWORK_TYPE=local
Q_ML2_PLUGIN_TYPE_DRIVERS=local
disable_service n-net
enable_service q-svc
enable_service q-dhcp
enable_service q-meta
enable_service neutron
enable_service odl-compute
ODL_MGR_IP=<ODL_IP_ADDRESS> #Please Add the ODL IP Address in this line
OVS_PHYSICAL_BRIDGE=br-int
Q_OVS_USE_VETH=True
url=http://<ODL_IP_ADDRESS>:8080/controller/nb/v2/neutron #Please Add the ODL IP Address in this line
username=admin
password=admin

====== DevStack Compute
local.conf(compute)
[source]
#IP Details
HOST_IP=<COMPUTE_NODE_MANAGEMENT_IP_ADDRESS> #Add the Compute node Management IP Address
SERVICE_HOST=<CONTROLLEr_NODE_MANAGEMENT_IP_ADDRESS> #Add the cotnrol Node Management IP Address here
#Instance Details
MULTI_HOST=1
#config Details
RECLONE=yes #Make thgis "no" after stacking successfully once
#OFFLINE=True #Uncomment this line after stacking successfuly first time.
VERBOSE=True
LOG_COLOR=True
LOGFILE=/opt/stack/logs/stack.sh.log
SCREEN_LOGDIR=/opt/stack/logs
#Passwords
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
#Services
ENABLED_SERVICES=n-cpu,rabbit,neutron
#ML2 Details
Q_PLUGIN=ml2
Q_ML2_PLUGIN_MECHANISM_DRIVERS=opendaylight
Q_ML2_TENANT_NETWORK_TYPE=local
Q_ML2_PLUGIN_TYPE_DRIVERS=local
enable_service odl-compute
ODL_MGR_IP=<ODL_IP_ADDRESS> #ADD ODL IP address here
OVS_PHYSICAL_BRIDGE=br-int
ENABLE_TENANT_TUNNELS=false
Q_OVS_USE_VETH=True
#Details of the Control node for various services
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
Q_HOST=$SERVICE_HOST
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
NOVA_VNC_ENABLED=True
NOVNCPROXY_URL="http://<CONTROLLER_NODE_IP_ADDRESS>:6080/vnc_auto.html" #Add Controller Node IP address
VNCSERVER_LISTEN=$HOST_IP
VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN

NOTE:
   We have to comment OFFLINE=TRUE in local.conf files, this will make all the installations to happen automatically.
   RECLONE=yes only when we set up the DevStack environment from scratch.

=====  Get Devstack (All nodes)
Install git application using


sudo apt-get install git
get devstack
git clone https://git.openstack.org/openstack-dev/devstack;

Switch to stable/Juno Version branch


cd devstack
git checkout stable/juno

===== Stack Control Node

.local.conf: <<_devstack_control,DevStack Control>>

  cd devstack in the controller node

* Copy the contents of local.conf (devstack control node)  and save it as "local.conf" in the devstack.
* Please modify the IP Address values as required.
* Stack the node

  ./stack.sh

====== Verify Control Node stacking
* stack.sh prints out Horizon is now available at http://<CONTROL_NODE_IP_ADDRESS>:8080/
* Execute the command 'sudo ovs-vsctl show' in the control node terminal and verify if the bridge 'br-int'  is created.

===== Stack Compute Node

.local.conf: <<_devstack_compute,DevStack Compute>>

  cd devstack in the controller node

* Copy the contents of local.conf (devstack compute node)  and save it as local.conf in the 'devstack'''.
* Please modify the IP Address values as required.
* Stack the node


  ./stack.sh

====== Verify Compute Node Stacking
* stack.sh prints out This is your host ip: <COMPUTE_NODE_IP_ADDRESS>
* Execute the command 'sudo ovs-vsctl show' in the control node terminal and verify if the bridge 'br-int'  is created.
* The output of the ovs-vsctl show will be similar to the one seen in control node.
===== Additional Verifications
* Please visit the ODL DLUX GUI after stacking all the nodes, http://<ODL_IP_ADDRESS>:8181/dlux/index.html. The switches, topology and the ports that are currently read can be validated.

TIP: If the interconnected between the OVS is not seen, Please bring up the interface for the dataplane manually using the below comamnd


  ifup <interface_name>

TIP: Some versions of OVS, drop packets when there is a table-miss, So please add the below flow to all the nodes with OVS version (>=2.1)


  ovs-ofctl --protocols=OpenFlow13 add-flow br-int priority=0,actions=output:CONTROLLER

TIP: Please Accept Promiscuous mode in the networks involving the interconnect.

===== Create VM from Devstack Horizon GUI
* Login to http://<CONTROL_NODE_IP>:8080/ to check the horizon GUI.

.Horizon GUI
image::vtn/OpenStackGui.png["Horizon",width= 600]

Enter the value for User Name as admin and enter the value for Password as labstack.

* We should first ensure both the hypervisors(control node and compute node) are mapped under hypervisors by clicking on Hpervisors tab.

.Hypervisors
image::vtn/Hypervisors.png["Hypervisors",width=512]

* Create a new Network from Horizon GUI.
* Click on Networks Tab.
* click on the Create Network button.

.Create Network
image::vtn/Create_Network.png["Create Network" ,width=600]

*  A popup screen will appear.
*  Enter network name and click Next button.

.Step 1
image::vtn/Creare_Network_Step_1.png["Step 1" ,width=600]
* Create a sub network by giving Network Address and click Next button .

.Step 2
image::vtn/Create_Network_Step_2.png[Step 2,width=600]

* Specify the additional details for subnetwork (please refer the image for your reference).

.Step 3
image::vtn/Create_Network_Step_3.png[Step 3,width=600]

* Click Create button
* Create VM Instance
* Navigate to Instances tab in the GUI.

.Instance Creation
image::vtn/Instance_Creation.png["Instance Creation",width=512]

* Click on Launch Instances button.

.Launch Instance
image::vtn/Launch_Instance.png[Launch Instance,width=600]

* Click on Details tab to enter the VM details.For this demo we are creating Ten VM's(instances).

* In the Networking tab, we must select the network,for this we need to drag and drop the Available networks to Selected Networks (i.e.,) Drag vtn1 we created from Available networks to Selected Networks and click Launch to create the instances.

.Launch Network
image::vtn/Launch_Instance_network.png[Launch Network,width=600]

* Ten VM's will be created.

.Load All Instances
image::vtn/Load_All_Instances.png[Load All Instances,width=600]

* Click on any VM displayed in the Instances tab and click the Console tab.

.Instance Console
image::vtn/Instance_Console.png[Instance Console,width=600]

* Login to the VM console and verify with a ping command.

.Ping
image::vtn/Instance_ping.png[Ping,width=600]


===== Verification of Control and Compute Node after VM creation
The output of sudo ovs-vsctl command after VM creation
[source]
  [stack@icehouse-compute-odl devstack]$ sudo ovs-vsctl show  Manager "tcp:192.168.64.73:6640"
  is_connected: true
  Bridge br-int
  Controller "tcp:192.168.64.73:6633"
  is_connected: true
  fail_mode: secure
  Port "tapa2e1ef67-79"
  Interface "tapa2e1ef67-79"
  Port "tap5f34d39d-5e"
  Interface "tap5f34d39d-5e"
  Port "tapc2858395-f9"
  Interface "tapc2858395-f9"
  Port "tapa9ea900a-4b"
  Interface "tapa9ea900a-4b"
  Port "tapc63ef3de-53"
  Interface "tapc63ef3de-53"
  Port "tap01d51478-8b"
  Interface "tap01d51478-8b"
  Port "tapa0b085ab-ce"
  Interface "tapa0b085ab-ce"
   Port "tapeab380de-8f"
  Interface "tapeab380de-8f"
  Port "tape404538c-0a"
  Interface "tape404538c-0a"
  Port "tap2940658d-15"
  Interface "tap2940658d-15"
  Port "ens224"
  Interface "ens224"
  ovs_version: "2.3.0"
  <code>[stack@icehouse-controller-odl devstack]$ sudo ovs-vsctl show
  Manager "tcp:192.168.64.73:6640"
  is_connected: true
  Bridge br-int
  Controller "tcp:192.168.64.73:6633"
  is_connected: true
  fail_mode: secure
  Port "tap71790d18-65"
  Interface "tap71790d18-65"
  Port "ens224"
  Interface "ens224"
  ovs_version: "2.3.0"

NOTE:In the above scenario more nodes have been created in the compute node

===== References
* http://devstack.org/guides/multinode-lab.html
* https://wiki.opendaylight.org/view/File:Vtn_demo_hackfest_2014_march.pdf