Merge "Outline for OVSDB Beryllium documents."

[docs.git] / manuals / user-guide / src / main / asciidoc / vtn / VTN_OpenStack_Support-user.adoc

=== VTN OpenStack Configuration

This guide describes how to set up OpenStack for integration with OpenDaylight Controller.

While OpenDaylight Controller provides several ways to integrate with OpenStack, this guide focus on the way which uses VTN features available on OpenDaylight controller.In the integration, VTN Manager work as network service provider for OpenStack.

VTN Manager features, enable OpenStack to work in pure OpenFlow environment in which all switches in data plane are OpenFlow switch.

==== Requirements
To use OpenDaylight as Network Service Provider for OpenStack.

==== Components
* OpenDaylight Controller.
* OpenStack Control Node.
* OpenStack Compute Node.
* OpenFlow Switch like mininet(Not Mandatory).

The VTN features support multiple OpenStack nodes. You can deploy multiple OpenStack Compute Nodes.
In management plane, OpenDaylight Controller, OpenStack nodes and OpenFlow switches should communicate with each other.
In data plane, Open vSwitches running in OpenStack nodes should communicate with each other through a physical or logical OpenFlow switches. The core OpenFlow switches are not mandatory. Therefore, you can directly connect to the Open vSwitch's.

.LAB Setup
image::vtn/vtn_devstack_setup.png["LAB Setup" ,width= 500]
NOTE: Ubuntu 14.04 was used in both the nodes and Vsphere was used for this howto.

==== Configuration

*Server Preparation*
[horizontal]
- Install Ubuntu 14.04 LTS in two servers (OpenStack Control node and Compute node respectively)
- While installing, Ubuntu mandates creation of a User, we created the user "stack"(We will use the same user for running devstack)
NOTE: You can also have multiple Compute nodes.
TIP: Please do minimal Install to avoid any issues in devstack bringup

*User Settings*
- Login to both servers
- Disable Ubuntu Firewall


  sudo ufw disable

- Optionally install these packages


  sudo apt-get install net-tools

- Edit sudo vim /etc/sudoers and add an entry as follows


  stack ALL=(ALL) NOPASSWD: ALL

*Network Settings*
- Checked the output of ifconfig -a, two interfaces were listed eth0 and eth1 as indicated in the image above.
- We had connected eth0 interface to the Network where OpenDaylight is reachable.
- eth1 interface in both servers were connected to a different network to act as data plane for the VM's created using the OpenStack.
- Manually edited the file : sudo vim /etc/network/interfaces and made entries as follows


   stack@ubuntu-devstack:~/devstack$ cat /etc/network/interfaces
   # This file describes the network interfaces available on your system
   # and how to activate them. For more information, see interfaces(5).
   # The loop-back network interface
   auto lo
   iface lo inet loopback
   # The primary network interface
   auto eth0
   iface eth0 inet static
        address <IP_ADDRESS_TO_REACH_ODL>
        netmask <NET_MASK>
        broadcast <BROADCAST_IP_ADDRESS>
        gateway <GATEWAY_IP_ADDRESS>
  auto eth1
  iface eth1 inet static
       address <IP_ADDRESS_UNIQ>
       netmask <NETMASK>

NOTE: Please ensure that the eth0 interface is the default route and it is able to reach the ODL_IP_ADDRESS
NOTE: The entries for eth1 are not mandatory, If not set, we may have to manually do "ifup eth1" after the stacking is complete to activate the interface

*Finalize*
- reboot both nodes after the user and network settings to have the network settings applied to the network
- Login again and check the output of ifconfig to ensure that both interfaces are listed

====  OpenDaylight Settings and Execution
=====  vtn.ini
 * VTN uses the configuration parameters from  'vtn.ini' file for the OpenStack integration.
 * These values will be set for the OpenvSwitch, in all the participating OpenStack nodes.
 * A configuration file 'vtn.ini'''' needs to be created manually in the 'configuration' directory.
 * The contents of 'vtn.ini' should be as follows:


bridgename=br-int
portname=eth1
protocols=OpenFlow13
failmode=secure

 * The values of the configuration parameters must be changed based on the user environment.
 * Especially, "portname" should be carefully configured, because if the value is wrong, OpenDaylight controller fails to forward packets.
 * Other parameters works fine as is for general use cases.
 ** bridgename
 *** The name of the bridge in Open vSwitch, that will be created by OpenDaylight Controller.
 *** It must be "br-int".
 ** portname
 *** The name of the port that will be created in the vbridge in Open vSwitch.
 *** This must be the same name of the interface of OpenStack Nodes which is used for interconnecting OpenStack Nodes in data plane.(in our case:eth1)
 *** By default, if vtn.ini is not created, VTN uses ens33 as portname.
 ** protocols
 *** OpenFlow protocol through which OpenFlow Switch and Controller communicate.
 *** The values can be OpenFlow13 or OpenFlow10.
 ** failmode
 *** The value can be "standalone" or "secure".
 *** Please use "secure" for general use cases.

====  Start OpenDaylight

 * Please install the feature *odl-vtn-manager-neutron* that provides the integration with Neutron interface.

feature:install odl-vtn-manager-neutron

TIP: After running OpenDaylight, please ensure OpenDaylight listens to the ports:6633,6653, 6640 and 8080

TIP: Please allow the ports in firewall for the devstack to be able to communicate with OpenDaylight.

NOTE:
* 6633/6653 - OpenFlow Ports
* 6640 - Open vSwitch Manager Port
* 8282 - Port for REST API

====  Devstack Setup

===== VTN Devstack Script
* The local.conf is a user-maintained settings file. This allows all custom settings for DevStack to be contained in a single file. This file is processed strictly in sequence.
The following datas are needed to be set in the local.conf file:
* Set the Host_IP as the detection is unreliable.
* Set FLOATING_RANGE to a range not used on the local network, i.e. 192.168.1.224/27. This configures IP addresses ending in 225-254 to be used as floating IPs.
* Set FLAT_INTERFACE to the Ethernet interface that connects the host to your local network. This is the interface that should be configured with the static IP address mentioned above.
* If the *_PASSWORD variables are not set, we will be prompted to enter values during the execution of stack.sh.
* Set ADMIN_PASSWORD . This password is used for the admin and demo accounts set up as OpenStack users. We can login to the OpenStack GUI with this credentials only.
* Set the MYSQL_PASSWORD. The default here is a random hex string which is inconvenient if you need to look at the database directly for anything.
* Set the RABBIT_PASSWORD. This is used by messaging services used by both the nodes.
* Set the service password. This is used by the OpenStack services (Nova, Glance, etc) to authenticate with Keystone.

====== DevStack Control
local.conf(control)
[source]
#IP Details
HOST_IP=<CONTROL_NODE_MANAGEMENT_IF_IP_ADDRESS>#Please Add The Control Node IP Address in this line
FLAT_INTERFACE=<FLAT_INTERFACE_NAME>
SERVICE_HOST=$HOST_IP
#Instance Details
MULTI_HOST=1
#config Details
RECLONE=yes #Make it "no" after stacking successfully the first time
VERBOSE=True
LOG_COLOR=True
LOGFILE=/opt/stack/logs/stack.sh.log
SCREEN_LOGDIR=/opt/stack/logs
#OFFLINE=True #Uncomment this after stacking successfully the first time
#Passwords
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
ENABLE_TENANT_TUNNELS=false
#Services
disable_service rabbit
enable_service qpid
enable_service quantum
enable_service n-cpu
enable_service n-cond
disable_service n-net
enable_service q-svc
enable_service q-dhcp
enable_service q-meta
enable_service horizon
enable_service quantum
enable_service tempest
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch,n-novnc,n-cauth,n-cauth,nova
ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch,c-bak
#ML2 Details
Q_PLUGIN=ml2
Q_ML2_PLUGIN_MECHANISM_DRIVERS=opendaylight
Q_ML2_TENANT_NETWORK_TYPE=local
Q_ML2_PLUGIN_TYPE_DRIVERS=local
disable_service n-net
enable_service q-svc
enable_service q-dhcp
enable_service q-meta
enable_service neutron
enable_service odl-compute
ODL_MGR_IP=<ODL_IP_ADDRESS> #Please Add the ODL IP Address in this line
OVS_PHYSICAL_BRIDGE=br-int
Q_OVS_USE_VETH=True
url=http://<ODL_IP_ADDRESS>:8080/controller/nb/v2/neutron #Please Add the ODL IP Address in this line
username=admin
password=admin

====== DevStack Compute
local.conf(compute)
[source]
#IP Details
HOST_IP=<COMPUTE_NODE_MANAGEMENT_IP_ADDRESS> #Add the Compute node Management IP Address
SERVICE_HOST=<CONTROLLEr_NODE_MANAGEMENT_IP_ADDRESS> #Add the cotnrol Node Management IP Address here
#Instance Details
MULTI_HOST=1
#config Details
RECLONE=yes #Make thgis "no" after stacking successfully once
#OFFLINE=True #Uncomment this line after stacking successfuly first time.
VERBOSE=True
LOG_COLOR=True
LOGFILE=/opt/stack/logs/stack.sh.log
SCREEN_LOGDIR=/opt/stack/logs
#Passwords
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
#Services
ENABLED_SERVICES=n-cpu,rabbit,neutron
#ML2 Details
Q_PLUGIN=ml2
Q_ML2_PLUGIN_MECHANISM_DRIVERS=opendaylight
Q_ML2_TENANT_NETWORK_TYPE=local
Q_ML2_PLUGIN_TYPE_DRIVERS=local
enable_service odl-compute
ODL_MGR_IP=<ODL_IP_ADDRESS> #ADD ODL IP address here
OVS_PHYSICAL_BRIDGE=br-int
ENABLE_TENANT_TUNNELS=false
Q_OVS_USE_VETH=True
#Details of the Control node for various services
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
Q_HOST=$SERVICE_HOST
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
NOVA_VNC_ENABLED=True
NOVNCPROXY_URL="http://<CONTROLLER_NODE_IP_ADDRESS>:6080/vnc_auto.html" #Add Controller Node IP address
VNCSERVER_LISTEN=$HOST_IP
VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN

====== Devstack Kilo_Liberty Control Node
[source]
#IP Details
HOST_IP=<CONTROL_NODE_MANAGEMENT_IF_IP_ADDRESS> #Please Add The Control Node IP Address in this line
SERVICE_HOST=$HOST_IP
LOGFILE=stack.sh.log
SCREEN_LOGDIR=/opt/stack/data/log
LOG_COLOR=False
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-meta
disable_service q-l3
enable_service n-cpu
enable_service q-dhcp
enable_service n-cauth
enable_service neutron
enable_service tempest
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
ENABLE_TENANT_TUNNELS=True
NEUTRON_CREATE_INITIAL_NETWORKS=False
#enable_plugin networking-odl http://git.openstack.org/openstack/networking-odl stable/kilo # Please uncomment this line if you
want to use stable/kilo branch
#enable_plugin networking-odl http://git.openstack.org/openstack/networking-odl stable/liberty # Please uncomment this line if you
want to use stable/liberty branch
ODL_MODE=externalodl
ODL_MGR_IP=<ODL_IP_ADDRESS> # Please Add the ODL IP Address in this line
ODL_PORT=8080
ODL_USERNAME=admin
ODL_PASSWORD=admin
OVS_PHYSICAL_BRIDGE=br-int
Q_OVS_USE_VETH=True
Q_ML2_TENANT_NETWORK_TYPE=local
VNCSERVER_PROXYCLIENT_ADDRESS=$SERVICE_HOST
VNCSERVER_LISTEN=0.0.0.0
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[agent]
minimize_polling=True

====== Devstack Kilo_Liberty Compute Node
[source]
#IP Details
HOST_IP=<COMPUTE_NODE_IP_ADDRESS>
SERVICE_HOST=<CONTROL_NODE_IP_ADDRESS>
LOGFILE=stack.sh.log
SCREEN_LOGDIR=/opt/stack/data/log
LOG_COLOR=False
RECLONE=yes # Make it "no" after stacking successfully the first time
#OFFLINE=True # Uncomment this after stacking successfully the first time
disable_all_services
enable_service n-cpu
NOVA_VNC_ENABLED=True
ADMIN_PASSWORD=labstack
MYSQL_PASSWORD=supersecret
RABBIT_PASSWORD=supersecret
SERVICE_PASSWORD=supersecret
SERVICE_TOKEN=supersecrettoken
ENABLE_TENANT_TUNNELS=True
NEUTRON_CREATE_INITIAL_NETWORKS=False
#enable_plugin networking-odl http://git.openstack.org/openstack/networking-odl stable/kilo # Please uncomment this line if you
want to use stable/kilo branch
#enable_plugin networking-odl http://git.openstack.org/openstack/networking-odl stable/liberty # Please uncomment this line if you
want to use stable/liberty branch
ODL_MODE=compute
ODL_MGR_IP=<ODL_IP_ADDRESS> # Please Add the ODL IP Address in this line
ODL_PORT=8080
ODL_USERNAME=admin
ODL_PASSWORD=admin
OVS_PHYSICAL_BRIDGE=br-int
VNCSERVER_PROXYCLIENT_ADDRESS=$HOST_IP
VNCSERVER_LISTEN=0.0.0.0
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[agent]
minimize_polling=True

NOTE:
   We have to comment OFFLINE=TRUE in local.conf files, this will make all the installations to happen automatically.
   RECLONE=yes only when we set up the DevStack environment from scratch.

=====  Get Devstack (All nodes)
* Install git application using
** sudo apt-get install git
* Get devstack
** git clone https://git.openstack.org/openstack-dev/devstack;
* Switch to stable/Juno Version branch
** cd devstack
** git checkout stable/juno

NOTE:
   If you want to use stable/kilo Version branch, Please execute the below command in devstack folder
   
   
   git checkout stable/kilo

NOTE:
   If you want to use stable/liberty Version branch, Please execute the below command in devstack folder
   
   
   git checkout stable/liberty

===== Stack Control Node

.local.conf: <<_devstack_control,DevStack Control>>

  cd devstack in the controller node

* Copy the contents of local.conf for juno (devstack control node) from <<_devstack_control,DevStack Control>>  and save it as "local.conf" in the "devstack".
* Copy the contents of local.conf for kilo and liberty (devstack control node) from <<_devstack_kilo_liberty_control_node,Devstack Kilo_Liberty Control Node>> and save it as "local.conf" in the "devstack".
* Please modify the IP Address values as required.
* Stack the node

  ./stack.sh

====== Verify Control Node stacking
* stack.sh prints out Horizon is now available at http://<CONTROL_NODE_IP_ADDRESS>:8080/
* Execute the command 'sudo ovs-vsctl show' in the control node terminal and verify if the bridge 'br-int'  is created.

===== Stack Compute Node

.local.conf: <<_devstack_compute,DevStack Compute>>

  cd devstack in the controller node

* Copy the contents of local.conf for juno (devstack compute node) from <<_devstack_compute,DevStack Compute>> and save it as "local.conf" in the "devstack".
* Copy the contents of local.conf file for kilo and liberty (devstack compute node) from <<_devstack_kilo_liberty_compute_node,Devstack Kilo_Liberty Compute Node>> and save it as "local.conf" in the "devstack".
* Please modify the IP Address values as required.
* Stack the node


  ./stack.sh

====== Verify Compute Node Stacking
* stack.sh prints out This is your host ip: <COMPUTE_NODE_IP_ADDRESS>
* Execute the command 'sudo ovs-vsctl show' in the control node terminal and verify if the bridge 'br-int'  is created.
* The output of the ovs-vsctl show will be similar to the one seen in control node.

===== Additional Verifications
* Please visit the OpenDaylight DLUX GUI after stacking all the nodes, http://<ODL_IP_ADDRESS>:8181/dlux/index.html. The switches, topology and the ports that are currently read can be validated.

TIP: If the interconnected between the Open vSwitch is not seen, Please bring up the interface for the dataplane manually using the below comamnd


  ifup <interface_name>

TIP: Some versions of Open vSwitch, drop packets when there is a table-miss, So please add the below flow to all the nodes with Open vSwitch version (>=2.1)


  ovs-ofctl --protocols=OpenFlow13 add-flow br-int priority=0,actions=output:CONTROLLER

TIP: Please Accept Promiscuous mode in the networks involving the interconnect.

===== Create VM from Devstack Horizon GUI
* Login to http://<CONTROL_NODE_IP>:8080/ to check the horizon GUI.

.Horizon GUI
image::vtn/OpenStackGui.png["Horizon",width= 600]

Enter the value for User Name as admin and enter the value for Password as labstack.

* We should first ensure both the hypervisors(control node and compute node) are mapped under hypervisors by clicking on Hpervisors tab.

.Hypervisors
image::vtn/Hypervisors.png["Hypervisors",width=512]

* Create a new Network from Horizon GUI.
* Click on Networks Tab.
* click on the Create Network button.

.Create Network
image::vtn/Create_Network.png["Create Network" ,width=600]

*  A popup screen will appear.
*  Enter network name and click Next button.

.Step 1
image::vtn/Creare_Network_Step_1.png["Step 1" ,width=600]
* Create a sub network by giving Network Address and click Next button .

.Step 2
image::vtn/Create_Network_Step_2.png[Step 2,width=600]

* Specify the additional details for subnetwork (please refer the image for your reference).

.Step 3
image::vtn/Create_Network_Step_3.png[Step 3,width=600]

* Click Create button
* Create VM Instance
* Navigate to Instances tab in the GUI.

.Instance Creation
image::vtn/Instance_Creation.png["Instance Creation",width=512]

* Click on Launch Instances button.

.Launch Instance
image::vtn/Launch_Instance.png[Launch Instance,width=600]

* Click on Details tab to enter the VM details.For this demo we are creating Ten VM's(instances).

* In the Networking tab, we must select the network,for this we need to drag and drop the Available networks to Selected Networks (i.e.,) Drag vtn1 we created from Available networks to Selected Networks and click Launch to create the instances.

.Launch Network
image::vtn/Launch_Instance_network.png[Launch Network,width=600]

* Ten VM's will be created.

.Load All Instances
image::vtn/Load_All_Instances.png[Load All Instances,width=600]

* Click on any VM displayed in the Instances tab and click the Console tab.

.Instance Console
image::vtn/Instance_Console.png[Instance Console,width=600]

* Login to the VM console and verify with a ping command.

.Ping
image::vtn/Instance_ping.png[Ping,width=600]

===== Verification of Control and Compute Node after VM creation
* Every time a new VM is created, more interfaces are added to the br-int bridge in Open vSwitch.
* Use *sudo ovs-vsctl show* to list the number of interfaces added.
* Please visit the DLUX GUI to list the new nodes in every switch.

==== Using the DLUX GUI
For more information see <<_using_the_opendaylight_user_interface_dlux,the chapter on DLUX>> above.

===== References
* http://devstack.org/guides/multinode-lab.html
* https://wiki.opendaylight.org/view/File:Vtn_demo_hackfest_2014_march.pdf