-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-nsp=$1\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83247\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83249\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-# delete NORMAL, if present\r
-nsphex=`printf "%x\n" $nsp`\r
-sudo ovs-ofctl --strict del-flows $sw priority=0\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+nsp=$1
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83247
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83249
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+# delete NORMAL, if present
+nsphex=`printf "%x\n" $nsp`
+sudo ovs-ofctl --strict del-flows $sw priority=0
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13
-#!/usr/bin/python\r
-import argparse\r
-import requests,json\r
-from requests.auth import HTTPBasicAuth\r
-from subprocess import call\r
-import time\r
-import sys\r
-import os\r
-\r
-\r
-DEFAULT_PORT='8181'\r
-\r
-\r
-USERNAME='admin'\r
-PASSWORD='admin'\r
-\r
-\r
-CONF_TENANT='/restconf/config/policy:tenants'\r
-\r
-def get(host, port, uri):\r
- url='http://'+host+":"+port+uri\r
- r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- return r\r
-\r
-def put(host, port, uri, data, debug=False):\r
- '''Perform a PUT rest operation, using the URL and data provided'''\r
-\r
- url='http://'+host+":"+port+uri\r
-\r
- headers = {'Content-type': 'application/yang.data+json',\r
- 'Accept': 'application/yang.data+json'}\r
- if debug == True:\r
- print "PUT %s" % url\r
- print json.dumps(data, indent=4, sort_keys=True)\r
- r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- if debug == True:\r
- print r.text\r
- r.raise_for_status()\r
-\r
-def post(host, port, uri, data, debug=False):\r
- '''Perform a POST rest operation, using the URL and data provided'''\r
-\r
- url='http://'+host+":"+port+uri\r
- headers = {'Content-type': 'application/yang.data+json',\r
- 'Accept': 'application/yang.data+json'}\r
- if debug == True:\r
- print "POST %s" % url\r
- print json.dumps(data, indent=4, sort_keys=True)\r
- r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- if debug == True:\r
- print r.text\r
- r.raise_for_status()\r
-\r
-def wait_for_sff_in_datastore(url):\r
- for i in xrange(30):\r
- resp=get(controller, DEFAULT_PORT, url)\r
- if ('192.168.50.70' in resp.text) and ('192.168.50.71' in resp.text):\r
- break\r
- time.sleep(3)\r
- if ('192.168.50.70' not in resp.text):\r
- print "ERROR: SFF1 has not been initialized!"\r
- sys.exit(1)\r
- if ('192.168.50.71' not in resp.text):\r
- print "ERROR: SFF2 has not been initialized!"\r
- sys.exit(1)\r
-\r
-\r
-\r
-def get_service_functions_uri():\r
- return "/restconf/config/service-function:service-functions"\r
-\r
-def get_service_functions_data():\r
- return {\r
- "service-functions": {\r
- "service-function": [\r
- {\r
- "name": "firewall-72",\r
- "ip-mgmt-address": "192.168.50.72",\r
- "type": "service-function-type:firewall",\r
- "nsh-aware": "true",\r
- "sf-data-plane-locator": [\r
- {\r
- "name": "2",\r
- "port": 6633,\r
- "ip": "192.168.50.72",\r
- "transport": "service-locator:vxlan-gpe",\r
- "service-function-forwarder": "SFF1"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "dpi-74",\r
- "ip-mgmt-address": "192.168.50.74",\r
- "type": "service-function-type:dpi",\r
- "nsh-aware": "true",\r
- "sf-data-plane-locator": [\r
- {\r
- "name": "3",\r
- "port": 6633,\r
- "ip": "192.168.50.74",\r
- "transport": "service-locator:vxlan-gpe",\r
- "service-function-forwarder": "SFF2"\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_forwarders_uri():\r
- return "/restconf/config/service-function-forwarder:service-function-forwarders"\r
-\r
-def get_service_function_forwarders_data():\r
- return {\r
- "service-function-forwarders": {\r
- "service-function-forwarder": [\r
- {\r
- "name": "SFF1",\r
- "service-node": "OVSDB2",\r
- "service-function-forwarder-ovs:ovs-bridge": {\r
- "bridge-name": "sw1"\r
- },\r
- "service-function-dictionary": [\r
- {\r
- "name": "firewall-72",\r
- "sff-sf-data-plane-locator": {\r
- "sf-dpl-name": "2",\r
- "sff-dpl-name": "sfc-tun2"\r
- }\r
- }\r
- ],\r
- "sff-data-plane-locator": [\r
- {\r
- "name": "sfc-tun2",\r
- "data-plane-locator": {\r
- "transport": "service-locator:vxlan-gpe",\r
- "port": 6633,\r
- "ip": "192.168.50.70"\r
- },\r
- "service-function-forwarder-ovs:ovs-options": {\r
- "remote-ip": "flow",\r
- "dst-port": "6633",\r
- "key": "flow",\r
- "nsp": "flow",\r
- "nsi": "flow",\r
- "nshc1": "flow",\r
- "nshc2": "flow",\r
- "nshc3": "flow",\r
- "nshc4": "flow"\r
- }\r
- }\r
- ]\r
- },\r
- {\r
- "name": "SFF2",\r
- "service-node": "OVSDB2",\r
- "service-function-forwarder-ovs:ovs-bridge": {\r
- "bridge-name": "sw2"\r
- },\r
- "service-function-dictionary": [\r
- {\r
- "name": "dpi-74",\r
- "sff-sf-data-plane-locator": {\r
- "sf-dpl-name": "3",\r
- "sff-dpl-name": "sfc-tun4"\r
- }\r
- }\r
- ],\r
- "sff-data-plane-locator": [\r
- {\r
- "name": "sfc-tun4",\r
- "data-plane-locator": {\r
- "transport": "service-locator:vxlan-gpe",\r
- "port": 6633,\r
- "ip": "192.168.50.71"\r
- },\r
- "service-function-forwarder-ovs:ovs-options": {\r
- "remote-ip": "flow",\r
- "dst-port": "6633",\r
- "key": "flow",\r
- "nsp": "flow",\r
- "nsi": "flow",\r
- "nshc1": "flow",\r
- "nshc2": "flow",\r
- "nshc3": "flow",\r
- "nshc4": "flow"\r
- }\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_chains_uri():\r
- return "/restconf/config/service-function-chain:service-function-chains/"\r
-\r
-def get_service_function_chains_data():\r
- return {\r
- "service-function-chains": {\r
- "service-function-chain": [\r
- {\r
- "name": "SFCGBP",\r
- "symmetric": "false",\r
- "sfc-service-function": [\r
- {\r
- "name": "firewall-abstract1",\r
- "type": "service-function-type:firewall"\r
- },\r
- {\r
- "name": "dpi-abstract1",\r
- "type": "service-function-type:dpi"\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_paths_uri():\r
- return "/restconf/config/service-function-path:service-function-paths/"\r
-\r
-def get_service_function_paths_data():\r
- return {\r
- "service-function-paths": {\r
- "service-function-path": [\r
- {\r
- "name": "SFCGBP-Path",\r
- "service-chain-name": "SFCGBP",\r
- "starting-index": 255,\r
- "symmetric": "false"\r
-\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_tenant_data():\r
- return {\r
- "tenant": [\r
- {\r
- "id": "tenant-red",\r
- "name": "DockerTenant",\r
- "forwarding-context": {\r
- "l2-flood-domain": [\r
- {\r
- "id": "flood-domain-1",\r
- "parent": "bridge-domain1"\r
- },\r
- {\r
- "id": "flood-domain-2",\r
- "parent": "bridge-domain1"\r
- }\r
- ],\r
- "l3-context": [\r
- {\r
- "id": "l3-context-vrf-red"\r
- }\r
- ],\r
- "l2-bridge-domain": [\r
- {\r
- "id": "bridge-domain1",\r
- "parent": "l3-context-vrf-red"\r
- }\r
- ],\r
- "subnet": [\r
- {\r
- "id": "subnet-10.0.36.0/24",\r
- "virtual-router-ip": "10.0.36.1",\r
- "parent": "flood-domain-2",\r
- "ip-prefix": "10.0.36.1/24"\r
- },\r
- {\r
- "id": "subnet-10.0.35.0/24",\r
- "virtual-router-ip": "10.0.35.1",\r
- "parent": "flood-domain-1",\r
- "ip-prefix": "10.0.35.1/24"\r
- }\r
- ]\r
- },\r
- "policy": {\r
- "endpoint-group": [\r
- {\r
- "id": "webservers",\r
- "name": "webservers",\r
- "provider-named-selector": [\r
- {\r
- "name": "webservers-clients-icmp-http-contract",\r
- "contract": [\r
- "icmp-http-contract"\r
- ]\r
- }\r
- ]\r
- },\r
- {\r
- "id": "clients",\r
- "name": "clients",\r
- "consumer-named-selector": [\r
- {\r
- "name": "webservers-clients-icmp-http-contract",\r
- "contract": [\r
- "icmp-http-contract"\r
- ]\r
- }\r
- ]\r
- }\r
- ],\r
- "subject-feature-instances": {\r
- "classifier-instance": [\r
- {\r
- "name": "icmp",\r
- "classifier-definition-id": "Classifier-IP-Protocol",\r
- "parameter-value": [\r
- {\r
- "name": "proto",\r
- "int-value": 1\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-dest",\r
- "classifier-definition-id": "Classifier-L4",\r
- "parameter-value": [\r
- {\r
- "int-value": "6",\r
- "name": "proto"\r
- },\r
- {\r
- "int-value": "80",\r
- "name": "destport"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-src",\r
- "classifier-definition-id": "Classifier-L4",\r
- "parameter-value": [\r
- {\r
- "int-value": "6",\r
- "name": "proto"\r
- },\r
- {\r
- "int-value": "80",\r
- "name": "sourceport"\r
- }\r
- ]\r
- }\r
- ],\r
- "action-instance": [\r
- {\r
- "name": "chain1",\r
- "action-definition-id": "Action-Chain",\r
- "parameter-value": [\r
- {\r
- "name": "sfc-chain-name",\r
- "string-value": "SFCGBP"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "allow1",\r
- "action-definition-id": "Action-Allow"\r
- }\r
- ]\r
- },\r
- "contract": [\r
- {\r
- "id": "icmp-http-contract",\r
- "subject": [\r
- {\r
- "name": "icmp-subject",\r
- "rule": [\r
- {\r
- "name": "allow-icmp-rule",\r
- "order": 0,\r
- "classifier-ref": [\r
- {\r
- "name": "icmp",\r
- "instance-name": "icmp"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "allow1",\r
- "order": 0\r
- }\r
- ]\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-subject",\r
- "rule": [\r
- {\r
- "name": "http-chain-rule",\r
- "classifier-ref": [\r
- {\r
- "name": "http-dest",\r
- "instance-name": "http-dest",\r
- "direction": "in"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "chain1",\r
- "order": 0\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-out-rule",\r
- "classifier-ref": [\r
- {\r
- "name": "http-src",\r
- "instance-name": "http-src",\r
- "direction": "out"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "allow1",\r
- "order": 0\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
- ],\r
- "clause": [\r
- {\r
- "name": "icmp-http-clause",\r
- "subject-refs": [\r
- "icmp-subject",\r
- "http-subject"\r
- ]\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
- }\r
- ]\r
- }\r
-\r
-# Main definition - constants\r
-\r
-# =======================\r
-# MENUS FUNCTIONS\r
-# =======================\r
-\r
-# Main menu\r
-\r
-# =======================\r
-# MAIN PROGRAM\r
-# =======================\r
-\r
-# Main Program\r
-\r
-def get_tenant_uri():\r
- return "/restconf/config/policy:tenants/policy:tenant/tenant-red"\r
-\r
-def get_tunnel_data_1():\r
- return {\r
- "node": [\r
- {\r
- "id": "openflow:1",\r
- "ofoverlay:tunnel": [\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan-gpe",\r
- "node-connector-id": "openflow:1:1",\r
- "ip": "192.168.50.70",\r
- "port": 6633\r
- },\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan",\r
- "node-connector-id": "openflow:1:2",\r
- "ip": "192.168.50.70",\r
- "port": 4789\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-\r
-def get_tunnel_uri_1():\r
- return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"\r
-\r
-def get_tunnel_data_6():\r
- return {\r
- "node": [\r
- {\r
- "id": "openflow:6",\r
- "ofoverlay:tunnel": [\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan-gpe",\r
- "node-connector-id": "openflow:6:1",\r
- "ip": "192.168.50.75",\r
- "port": 6633\r
- },\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan",\r
- "node-connector-id": "openflow:6:2",\r
- "ip": "192.168.50.75",\r
- "port": 4789\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-\r
-def get_tunnel_uri_6():\r
- return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"\r
-\r
-def get_endpoint_data():\r
- return [\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:02",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.2",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_2",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
- "endpoint-group": "clients",\r
-"network-containment" : "subnet-10.0.35.0/24",\r
-"l2-context": "bridge-domain1",\r
-"mac-address": "00:00:00:00:35:02",\r
-"l3-address": [\r
- {\r
- "ip-address": "10.0.35.2",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
-],\r
-"port-name": "vethl-h35_2",\r
-"tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:03",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.3",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_3",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:03",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.3",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_3",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:04",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.4",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_4",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:04",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.4",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_4",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:05",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.5",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_5",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:05",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.5",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_5",\r
- "tenant": "tenant-red"\r
-}\r
-}]\r
-\r
-\r
-def get_endpoint_uri():\r
- return "/restconf/operations/endpoint:register-endpoint"\r
-\r
-def get_tunnel_oper_uri():\r
- return "/restconf/operational/opendaylight-inventory:nodes/"\r
-\r
-def get_topology_oper_uri():\r
- return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"\r
-\r
-if __name__ == "__main__":\r
- # Launch main menu\r
-\r
-\r
- # Some sensible defaults\r
- controller=os.environ.get('ODL')\r
- if controller == None:\r
- sys.exit("No controller set.")\r
-\r
- print "Contacting controller at %s" % controller\r
- print "waiting for manager on SFFs..."\r
- wait_for_sff_in_datastore(get_topology_oper_uri())\r
- print "sending service functions"\r
- put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)\r
- print "sending service function forwarders"\r
- put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)\r
- print "waiting for switches on SFFs..."\r
- wait_for_sff_in_datastore(get_tunnel_oper_uri())\r
- print "sending service function chains"\r
- put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)\r
- print "sending service function paths"\r
- put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)\r
- print "sending tunnel"\r
- put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)\r
- print "sending tenant"\r
- put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)\r
- print "sending tenant"\r
- put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)\r
- print "registering endpoints"\r
- for endpoint in get_endpoint_data():\r
- post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)\r
+#!/usr/bin/python
+import argparse
+import requests,json
+from requests.auth import HTTPBasicAuth
+from subprocess import call
+import time
+import sys
+import os
+
+
+DEFAULT_PORT='8181'
+
+
+USERNAME='admin'
+PASSWORD='admin'
+
+
+CONF_TENANT='/restconf/config/policy:tenants'
+
+def get(host, port, uri):
+ url='http://'+host+":"+port+uri
+ r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ return r
+
+def put(host, port, uri, data, debug=False):
+ '''Perform a PUT rest operation, using the URL and data provided'''
+
+ url='http://'+host+":"+port+uri
+
+ headers = {'Content-type': 'application/yang.data+json',
+ 'Accept': 'application/yang.data+json'}
+ if debug == True:
+ print "PUT %s" % url
+ print json.dumps(data, indent=4, sort_keys=True)
+ r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ if debug == True:
+ print r.text
+ r.raise_for_status()
+
+def post(host, port, uri, data, debug=False):
+ '''Perform a POST rest operation, using the URL and data provided'''
+
+ url='http://'+host+":"+port+uri
+ headers = {'Content-type': 'application/yang.data+json',
+ 'Accept': 'application/yang.data+json'}
+ if debug == True:
+ print "POST %s" % url
+ print json.dumps(data, indent=4, sort_keys=True)
+ r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ if debug == True:
+ print r.text
+ r.raise_for_status()
+
+def wait_for_sff_in_datastore(url):
+ for i in xrange(30):
+ resp=get(controller, DEFAULT_PORT, url)
+ if ('192.168.50.70' in resp.text) and ('192.168.50.71' in resp.text):
+ break
+ time.sleep(3)
+ if ('192.168.50.70' not in resp.text):
+ print "ERROR: SFF1 has not been initialized!"
+ sys.exit(1)
+ if ('192.168.50.71' not in resp.text):
+ print "ERROR: SFF2 has not been initialized!"
+ sys.exit(1)
+
+
+
+def get_service_functions_uri():
+ return "/restconf/config/service-function:service-functions"
+
+def get_service_functions_data():
+ return {
+ "service-functions": {
+ "service-function": [
+ {
+ "name": "firewall-72",
+ "ip-mgmt-address": "192.168.50.72",
+ "type": "service-function-type:firewall",
+ "nsh-aware": "true",
+ "sf-data-plane-locator": [
+ {
+ "name": "2",
+ "port": 6633,
+ "ip": "192.168.50.72",
+ "transport": "service-locator:vxlan-gpe",
+ "service-function-forwarder": "SFF1"
+ }
+ ]
+ },
+ {
+ "name": "dpi-74",
+ "ip-mgmt-address": "192.168.50.74",
+ "type": "service-function-type:dpi",
+ "nsh-aware": "true",
+ "sf-data-plane-locator": [
+ {
+ "name": "3",
+ "port": 6633,
+ "ip": "192.168.50.74",
+ "transport": "service-locator:vxlan-gpe",
+ "service-function-forwarder": "SFF2"
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_forwarders_uri():
+ return "/restconf/config/service-function-forwarder:service-function-forwarders"
+
+def get_service_function_forwarders_data():
+ return {
+ "service-function-forwarders": {
+ "service-function-forwarder": [
+ {
+ "name": "SFF1",
+ "service-node": "OVSDB2",
+ "service-function-forwarder-ovs:ovs-bridge": {
+ "bridge-name": "sw1"
+ },
+ "service-function-dictionary": [
+ {
+ "name": "firewall-72",
+ "sff-sf-data-plane-locator": {
+ "sf-dpl-name": "2",
+ "sff-dpl-name": "sfc-tun2"
+ }
+ }
+ ],
+ "sff-data-plane-locator": [
+ {
+ "name": "sfc-tun2",
+ "data-plane-locator": {
+ "transport": "service-locator:vxlan-gpe",
+ "port": 6633,
+ "ip": "192.168.50.70"
+ },
+ "service-function-forwarder-ovs:ovs-options": {
+ "remote-ip": "flow",
+ "dst-port": "6633",
+ "key": "flow",
+ "nsp": "flow",
+ "nsi": "flow",
+ "nshc1": "flow",
+ "nshc2": "flow",
+ "nshc3": "flow",
+ "nshc4": "flow"
+ }
+ }
+ ]
+ },
+ {
+ "name": "SFF2",
+ "service-node": "OVSDB2",
+ "service-function-forwarder-ovs:ovs-bridge": {
+ "bridge-name": "sw2"
+ },
+ "service-function-dictionary": [
+ {
+ "name": "dpi-74",
+ "sff-sf-data-plane-locator": {
+ "sf-dpl-name": "3",
+ "sff-dpl-name": "sfc-tun4"
+ }
+ }
+ ],
+ "sff-data-plane-locator": [
+ {
+ "name": "sfc-tun4",
+ "data-plane-locator": {
+ "transport": "service-locator:vxlan-gpe",
+ "port": 6633,
+ "ip": "192.168.50.71"
+ },
+ "service-function-forwarder-ovs:ovs-options": {
+ "remote-ip": "flow",
+ "dst-port": "6633",
+ "key": "flow",
+ "nsp": "flow",
+ "nsi": "flow",
+ "nshc1": "flow",
+ "nshc2": "flow",
+ "nshc3": "flow",
+ "nshc4": "flow"
+ }
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_chains_uri():
+ return "/restconf/config/service-function-chain:service-function-chains/"
+
+def get_service_function_chains_data():
+ return {
+ "service-function-chains": {
+ "service-function-chain": [
+ {
+ "name": "SFCGBP",
+ "symmetric": "false",
+ "sfc-service-function": [
+ {
+ "name": "firewall-abstract1",
+ "type": "service-function-type:firewall"
+ },
+ {
+ "name": "dpi-abstract1",
+ "type": "service-function-type:dpi"
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_paths_uri():
+ return "/restconf/config/service-function-path:service-function-paths/"
+
+def get_service_function_paths_data():
+ return {
+ "service-function-paths": {
+ "service-function-path": [
+ {
+ "name": "SFCGBP-Path",
+ "service-chain-name": "SFCGBP",
+ "starting-index": 255,
+ "symmetric": "false"
+
+ }
+ ]
+ }
+}
+
+def get_tenant_data():
+ return {
+ "tenant": [
+ {
+ "id": "tenant-red",
+ "name": "DockerTenant",
+ "forwarding-context": {
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain-2",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "subnet": [
+ {
+ "id": "subnet-10.0.36.0/24",
+ "virtual-router-ip": "10.0.36.1",
+ "parent": "flood-domain-2",
+ "ip-prefix": "10.0.36.1/24"
+ },
+ {
+ "id": "subnet-10.0.35.0/24",
+ "virtual-router-ip": "10.0.35.1",
+ "parent": "flood-domain-1",
+ "ip-prefix": "10.0.35.1/24"
+ }
+ ]
+ },
+ "policy": {
+ "endpoint-group": [
+ {
+ "id": "webservers",
+ "name": "webservers",
+ "provider-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ },
+ {
+ "id": "clients",
+ "name": "clients",
+ "consumer-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ }
+ ],
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "name": "icmp",
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "parameter-value": [
+ {
+ "name": "proto",
+ "int-value": 1
+ }
+ ]
+ },
+ {
+ "name": "http-dest",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "name": "http-src",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "chain1",
+ "action-definition-id": "Action-Chain",
+ "parameter-value": [
+ {
+ "name": "sfc-chain-name",
+ "string-value": "SFCGBP"
+ }
+ ]
+ },
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "contract": [
+ {
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "icmp-subject",
+ "rule": [
+ {
+ "name": "allow-icmp-rule",
+ "order": 0,
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "http-subject",
+ "rule": [
+ {
+ "name": "http-chain-rule",
+ "classifier-ref": [
+ {
+ "name": "http-dest",
+ "instance-name": "http-dest",
+ "direction": "in"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "chain1",
+ "order": 0
+ }
+ ]
+ },
+ {
+ "name": "http-out-rule",
+ "classifier-ref": [
+ {
+ "name": "http-src",
+ "instance-name": "http-src",
+ "direction": "out"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "clause": [
+ {
+ "name": "icmp-http-clause",
+ "subject-refs": [
+ "icmp-subject",
+ "http-subject"
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+
+# Main definition - constants
+
+# =======================
+# MENUS FUNCTIONS
+# =======================
+
+# Main menu
+
+# =======================
+# MAIN PROGRAM
+# =======================
+
+# Main Program
+
+def get_tenant_uri():
+ return "/restconf/config/policy:tenants/policy:tenant/tenant-red"
+
+def get_tunnel_data_1():
+ return {
+ "node": [
+ {
+ "id": "openflow:1",
+ "ofoverlay:tunnel": [
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
+ "node-connector-id": "openflow:1:1",
+ "ip": "192.168.50.70",
+ "port": 6633
+ },
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan",
+ "node-connector-id": "openflow:1:2",
+ "ip": "192.168.50.70",
+ "port": 4789
+ }
+ ]
+ }
+ ]
+ }
+
+def get_tunnel_uri_1():
+ return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"
+
+def get_tunnel_data_6():
+ return {
+ "node": [
+ {
+ "id": "openflow:6",
+ "ofoverlay:tunnel": [
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
+ "node-connector-id": "openflow:6:1",
+ "ip": "192.168.50.75",
+ "port": 6633
+ },
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan",
+ "node-connector-id": "openflow:6:2",
+ "ip": "192.168.50.75",
+ "port": 4789
+ }
+ ]
+ }
+ ]
+ }
+
+def get_tunnel_uri_6():
+ return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"
+
+def get_endpoint_data():
+ return [
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+ "endpoint-group": "clients",
+"network-containment" : "subnet-10.0.35.0/24",
+"l2-context": "bridge-domain1",
+"mac-address": "00:00:00:00:35:02",
+"l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+],
+"port-name": "vethl-h35_2",
+"tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+}
+}]
+
+
+def get_endpoint_uri():
+ return "/restconf/operations/endpoint:register-endpoint"
+
+def get_tunnel_oper_uri():
+ return "/restconf/operational/opendaylight-inventory:nodes/"
+
+def get_topology_oper_uri():
+ return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"
+
+if __name__ == "__main__":
+ # Launch main menu
+
+
+ # Some sensible defaults
+ controller=os.environ.get('ODL')
+ if controller == None:
+ sys.exit("No controller set.")
+
+ print "Contacting controller at %s" % controller
+ print "waiting for manager on SFFs..."
+ wait_for_sff_in_datastore(get_topology_oper_uri())
+ print "sending service functions"
+ put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)
+ print "sending service function forwarders"
+ put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)
+ print "waiting for switches on SFFs..."
+ wait_for_sff_in_datastore(get_tunnel_oper_uri())
+ print "sending service function chains"
+ put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)
+ print "sending service function paths"
+ put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)
+ print "sending tunnel"
+ put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)
+ print "sending tenant"
+ put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)
+ print "sending tenant"
+ put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)
+ print "registering endpoints"
+ for endpoint in get_endpoint_data():
+ post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)
-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83247\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83249\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-\r
-sudo ovs-vsctl add-br $sw\r
-sudo ovs-vsctl add-port $sw $sw-vxlangpe-0 -- set interface $sw-vxlangpe-0 type=vxlan options:remote_ip=flow options:dst_port=6633 options:nshc1=flow options:nshc2=flow options:nshc3=flow options:nshc4=flow options:nsp=flow options:nsi=flow options:key=flow\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83247
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83249
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+
+sudo ovs-vsctl add-br $sw
+sudo ovs-vsctl add-port $sw $sw-vxlangpe-0 -- set interface $sw-vxlangpe-0 type=vxlan options:remote_ip=flow options:dst_port=6633 options:nshc1=flow options:nshc2=flow options:nshc3=flow options:nshc4=flow options:nsp=flow options:nsi=flow options:key=flow
-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-nsp=$1\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83246\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83247\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-# delete NORMAL, if present\r
-nsphex=`printf "%x\n" $nsp`\r
-sudo ovs-ofctl --strict del-flows $sw priority=0\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+nsp=$1
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83246
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83247
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+# delete NORMAL, if present
+nsphex=`printf "%x\n" $nsp`
+sudo ovs-ofctl --strict del-flows $sw priority=0
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13
-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-nsp=$1\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83247\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83249\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-# delete NORMAL, if present\r
-nsphex=`printf "%x\n" $nsp`\r
-sudo ovs-ofctl --strict del-flows $sw priority=0\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+nsp=$1
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83247
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83249
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+# delete NORMAL, if present
+nsphex=`printf "%x\n" $nsp`
+sudo ovs-ofctl --strict del-flows $sw priority=0
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13
-#!/usr/bin/python\r
-import argparse\r
-import requests,json\r
-from requests.auth import HTTPBasicAuth\r
-from subprocess import call\r
-import time\r
-import sys\r
-import os\r
-\r
-\r
-DEFAULT_PORT='8181'\r
-\r
-\r
-USERNAME='admin'\r
-PASSWORD='admin'\r
-\r
-\r
-CONF_TENANT='/restconf/config/policy:tenants'\r
-\r
-def get(host, port, uri):\r
- url='http://'+host+":"+port+uri\r
- r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- return r\r
-\r
-def put(host, port, uri, data, debug=False):\r
- '''Perform a PUT rest operation, using the URL and data provided'''\r
-\r
- url='http://'+host+":"+port+uri\r
-\r
- headers = {'Content-type': 'application/yang.data+json',\r
- 'Accept': 'application/yang.data+json'}\r
- if debug == True:\r
- print "PUT %s" % url\r
- print json.dumps(data, indent=4, sort_keys=True)\r
- r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- if debug == True:\r
- print r.text\r
- r.raise_for_status()\r
-\r
-def post(host, port, uri, data, debug=False):\r
- '''Perform a POST rest operation, using the URL and data provided'''\r
-\r
- url='http://'+host+":"+port+uri\r
- headers = {'Content-type': 'application/yang.data+json',\r
- 'Accept': 'application/yang.data+json'}\r
- if debug == True:\r
- print "POST %s" % url\r
- print json.dumps(data, indent=4, sort_keys=True)\r
- r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))\r
- if debug == True:\r
- print r.text\r
- r.raise_for_status()\r
-\r
-def wait_for_sff_in_datastore(url):\r
- for i in xrange(30):\r
- resp=get(controller, DEFAULT_PORT, url)\r
- if ('192.168.50.70' in resp.text) and ('192.168.50.71' in resp.text):\r
- break\r
- time.sleep(3)\r
- if ('192.168.50.70' not in resp.text):\r
- print "ERROR: SFF1 has not been initialized!"\r
- sys.exit(1)\r
- if ('192.168.50.71' not in resp.text):\r
- print "ERROR: SFF2 has not been initialized!"\r
- sys.exit(1)\r
-\r
-\r
-\r
-def get_service_functions_uri():\r
- return "/restconf/config/service-function:service-functions"\r
-\r
-def get_service_functions_data():\r
- return {\r
- "service-functions": {\r
- "service-function": [\r
- {\r
- "name": "firewall-72",\r
- "ip-mgmt-address": "192.168.50.72",\r
- "type": "service-function-type:firewall",\r
- "nsh-aware": "true",\r
- "sf-data-plane-locator": [\r
- {\r
- "name": "2",\r
- "port": 6633,\r
- "ip": "192.168.50.72",\r
- "transport": "service-locator:vxlan-gpe",\r
- "service-function-forwarder": "SFF1"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "dpi-74",\r
- "ip-mgmt-address": "192.168.50.74",\r
- "type": "service-function-type:dpi",\r
- "nsh-aware": "true",\r
- "sf-data-plane-locator": [\r
- {\r
- "name": "3",\r
- "port": 6633,\r
- "ip": "192.168.50.74",\r
- "transport": "service-locator:vxlan-gpe",\r
- "service-function-forwarder": "SFF2"\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_forwarders_uri():\r
- return "/restconf/config/service-function-forwarder:service-function-forwarders"\r
-\r
-def get_service_function_forwarders_data():\r
- return {\r
- "service-function-forwarders": {\r
- "service-function-forwarder": [\r
- {\r
- "name": "SFF1",\r
- "service-node": "OVSDB2",\r
- "service-function-forwarder-ovs:ovs-bridge": {\r
- "bridge-name": "sw1"\r
- },\r
- "service-function-dictionary": [\r
- {\r
- "name": "firewall-72",\r
- "sff-sf-data-plane-locator": {\r
- "sf-dpl-name": "2",\r
- "sff-dpl-name": "sfc-tun2"\r
- }\r
- }\r
- ],\r
- "sff-data-plane-locator": [\r
- {\r
- "name": "sfc-tun2",\r
- "data-plane-locator": {\r
- "transport": "service-locator:vxlan-gpe",\r
- "port": 6633,\r
- "ip": "192.168.50.70"\r
- },\r
- "service-function-forwarder-ovs:ovs-options": {\r
- "remote-ip": "flow",\r
- "dst-port": "6633",\r
- "key": "flow",\r
- "nsp": "flow",\r
- "nsi": "flow",\r
- "nshc1": "flow",\r
- "nshc2": "flow",\r
- "nshc3": "flow",\r
- "nshc4": "flow"\r
- }\r
- }\r
- ]\r
- },\r
- {\r
- "name": "SFF2",\r
- "service-node": "OVSDB2",\r
- "service-function-forwarder-ovs:ovs-bridge": {\r
- "bridge-name": "sw2"\r
- },\r
- "service-function-dictionary": [\r
- {\r
- "name": "dpi-74",\r
- "sff-sf-data-plane-locator": {\r
- "sf-dpl-name": "3",\r
- "sff-dpl-name": "sfc-tun4"\r
- }\r
- }\r
- ],\r
- "sff-data-plane-locator": [\r
- {\r
- "name": "sfc-tun4",\r
- "data-plane-locator": {\r
- "transport": "service-locator:vxlan-gpe",\r
- "port": 6633,\r
- "ip": "192.168.50.71"\r
- },\r
- "service-function-forwarder-ovs:ovs-options": {\r
- "remote-ip": "flow",\r
- "dst-port": "6633",\r
- "key": "flow",\r
- "nsp": "flow",\r
- "nsi": "flow",\r
- "nshc1": "flow",\r
- "nshc2": "flow",\r
- "nshc3": "flow",\r
- "nshc4": "flow"\r
- }\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_chains_uri():\r
- return "/restconf/config/service-function-chain:service-function-chains/"\r
-\r
-def get_service_function_chains_data():\r
- return {\r
- "service-function-chains": {\r
- "service-function-chain": [\r
- {\r
- "name": "SFCGBP",\r
- "symmetric": "true",\r
- "sfc-service-function": [\r
- {\r
- "name": "firewall-abstract1",\r
- "type": "service-function-type:firewall"\r
- },\r
- {\r
- "name": "dpi-abstract1",\r
- "type": "service-function-type:dpi"\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_service_function_paths_uri():\r
- return "/restconf/config/service-function-path:service-function-paths/"\r
-\r
-def get_service_function_paths_data():\r
- return {\r
- "service-function-paths": {\r
- "service-function-path": [\r
- {\r
- "name": "SFCGBP-Path",\r
- "service-chain-name": "SFCGBP",\r
- "starting-index": 255,\r
- "symmetric": "true"\r
-\r
- }\r
- ]\r
- }\r
-}\r
-\r
-def get_tenant_data():\r
- return {\r
- "tenant": [\r
- {\r
- "id": "tenant-red",\r
- "name": "DockerTenant",\r
- "forwarding-context": {\r
- "l2-flood-domain": [\r
- {\r
- "id": "flood-domain-1",\r
- "parent": "bridge-domain1"\r
- },\r
- {\r
- "id": "flood-domain-2",\r
- "parent": "bridge-domain1"\r
- }\r
- ],\r
- "l3-context": [\r
- {\r
- "id": "l3-context-vrf-red"\r
- }\r
- ],\r
- "l2-bridge-domain": [\r
- {\r
- "id": "bridge-domain1",\r
- "parent": "l3-context-vrf-red"\r
- }\r
- ],\r
- "subnet": [\r
- {\r
- "id": "subnet-10.0.36.0/24",\r
- "virtual-router-ip": "10.0.36.1",\r
- "parent": "flood-domain-2",\r
- "ip-prefix": "10.0.36.1/24"\r
- },\r
- {\r
- "id": "subnet-10.0.35.0/24",\r
- "virtual-router-ip": "10.0.35.1",\r
- "parent": "flood-domain-1",\r
- "ip-prefix": "10.0.35.1/24"\r
- }\r
- ]\r
- },\r
- "policy": {\r
- "endpoint-group": [\r
- {\r
- "id": "webservers",\r
- "name": "webservers",\r
- "provider-named-selector": [\r
- {\r
- "name": "webservers-clients-icmp-http-contract",\r
- "contract": [\r
- "icmp-http-contract"\r
- ]\r
- }\r
- ]\r
- },\r
- {\r
- "id": "clients",\r
- "name": "clients",\r
- "consumer-named-selector": [\r
- {\r
- "name": "webservers-clients-icmp-http-contract",\r
- "contract": [\r
- "icmp-http-contract"\r
- ]\r
- }\r
- ]\r
- }\r
- ],\r
- "subject-feature-instances": {\r
- "classifier-instance": [\r
- {\r
- "name": "icmp",\r
- "classifier-definition-id": "Classifier-IP-Protocol",\r
- "parameter-value": [\r
- {\r
- "name": "proto",\r
- "int-value": 1\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-dest",\r
- "classifier-definition-id": "Classifier-L4",\r
- "parameter-value": [\r
- {\r
- "int-value": "6",\r
- "name": "proto"\r
- },\r
- {\r
- "int-value": "80",\r
- "name": "destport"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-src",\r
- "classifier-definition-id": "Classifier-L4",\r
- "parameter-value": [\r
- {\r
- "int-value": "6",\r
- "name": "proto"\r
- },\r
- {\r
- "int-value": "80",\r
- "name": "sourceport"\r
- }\r
- ]\r
- }\r
- ],\r
- "action-instance": [\r
- {\r
- "name": "chain1",\r
- "action-definition-id": "Action-Chain",\r
- "parameter-value": [\r
- {\r
- "name": "sfc-chain-name",\r
- "string-value": "SFCGBP"\r
- }\r
- ]\r
- },\r
- {\r
- "name": "allow1",\r
- "action-definition-id": "Action-Allow"\r
- }\r
- ]\r
- },\r
- "contract": [\r
- {\r
- "id": "icmp-http-contract",\r
- "subject": [\r
- {\r
- "name": "icmp-subject",\r
- "rule": [\r
- {\r
- "name": "allow-icmp-rule",\r
- "order": 0,\r
- "classifier-ref": [\r
- {\r
- "name": "icmp",\r
- "instance-name": "icmp"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "allow1",\r
- "order": 0\r
- }\r
- ]\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-subject",\r
- "rule": [\r
- {\r
- "name": "http-chain-rule",\r
- "classifier-ref": [\r
- {\r
- "name": "http-dest",\r
- "instance-name": "http-dest",\r
- "direction": "in"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "chain1",\r
- "order": 0\r
- }\r
- ]\r
- },\r
- {\r
- "name": "http-out-rule",\r
- "classifier-ref": [\r
- {\r
- "name": "http-src",\r
- "instance-name": "http-src",\r
- "direction": "out"\r
- }\r
- ],\r
- "action-ref": [\r
- {\r
- "name": "allow1",\r
- "order": 0\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
- ],\r
- "clause": [\r
- {\r
- "name": "icmp-http-clause",\r
- "subject-refs": [\r
- "icmp-subject",\r
- "http-subject"\r
- ]\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
- }\r
- ]\r
- }\r
-\r
-# Main definition - constants\r
-\r
-# =======================\r
-# MENUS FUNCTIONS\r
-# =======================\r
-\r
-# Main menu\r
-\r
-# =======================\r
-# MAIN PROGRAM\r
-# =======================\r
-\r
-# Main Program\r
-\r
-def get_tenant_uri():\r
- return "/restconf/config/policy:tenants/policy:tenant/tenant-red"\r
-\r
-def get_tunnel_data_1():\r
- return {\r
- "node": [\r
- {\r
- "id": "openflow:1",\r
- "ofoverlay:tunnel": [\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan-gpe",\r
- "node-connector-id": "openflow:1:1",\r
- "ip": "192.168.50.70",\r
- "port": 6633\r
- },\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan",\r
- "node-connector-id": "openflow:1:2",\r
- "ip": "192.168.50.70",\r
- "port": 4789\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-\r
-def get_tunnel_uri_1():\r
- return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"\r
-\r
-def get_tunnel_data_6():\r
- return {\r
- "node": [\r
- {\r
- "id": "openflow:6",\r
- "ofoverlay:tunnel": [\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan-gpe",\r
- "node-connector-id": "openflow:6:1",\r
- "ip": "192.168.50.75",\r
- "port": 6633\r
- },\r
- {\r
- "tunnel-type": "overlay:tunnel-type-vxlan",\r
- "node-connector-id": "openflow:6:2",\r
- "ip": "192.168.50.75",\r
- "port": 4789\r
- }\r
- ]\r
- }\r
- ]\r
- }\r
-\r
-def get_tunnel_uri_6():\r
- return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"\r
-\r
-def get_endpoint_data():\r
- return [\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:02",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.2",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_2",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
- "endpoint-group": "clients",\r
-"network-containment" : "subnet-10.0.35.0/24",\r
-"l2-context": "bridge-domain1",\r
-"mac-address": "00:00:00:00:35:02",\r
-"l3-address": [\r
- {\r
- "ip-address": "10.0.35.2",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
-],\r
-"port-name": "vethl-h35_2",\r
-"tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:03",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.3",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_3",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:03",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.3",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_3",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:04",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.4",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_4",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:04",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.4",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_4",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "clients",\r
-\r
- "network-containment" : "subnet-10.0.35.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:35:05",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.35.5",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h35_5",\r
- "tenant": "tenant-red"\r
-}\r
-},\r
-{\r
-"input": {\r
-\r
- "endpoint-group": "webservers",\r
-\r
- "network-containment" : "subnet-10.0.36.0/24",\r
-\r
- "l2-context": "bridge-domain1",\r
- "mac-address": "00:00:00:00:36:05",\r
-\r
- "l3-address": [\r
- {\r
- "ip-address": "10.0.36.5",\r
- "l3-context": "l3-context-vrf-red"\r
- }\r
- ],\r
- "port-name": "vethl-h36_5",\r
- "tenant": "tenant-red"\r
-}\r
-}]\r
-\r
-\r
-def get_endpoint_uri():\r
- return "/restconf/operations/endpoint:register-endpoint"\r
-\r
-def get_tunnel_oper_uri():\r
- return "/restconf/operational/opendaylight-inventory:nodes/"\r
-\r
-def get_topology_oper_uri():\r
- return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"\r
-\r
-if __name__ == "__main__":\r
- # Launch main menu\r
-\r
-\r
- # Some sensible defaults\r
- controller=os.environ.get('ODL')\r
- if controller == None:\r
- sys.exit("No controller set.")\r
-\r
- print "Contacting controller at %s" % controller\r
- print "waiting for manager on SFFs..."\r
- wait_for_sff_in_datastore(get_topology_oper_uri())\r
- print "sending service functions"\r
- put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)\r
- print "sending service function forwarders"\r
- put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)\r
- print "waiting for switches on SFFs..."\r
- wait_for_sff_in_datastore(get_tunnel_oper_uri())\r
- print "sending service function chains"\r
- put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)\r
- print "sending service function paths"\r
- put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)\r
- print "sending tunnel"\r
- put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)\r
- print "sending tenant"\r
- put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)\r
- print "sending tenant"\r
- put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)\r
- print "registering endpoints"\r
- for endpoint in get_endpoint_data():\r
- post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)\r
+#!/usr/bin/python
+import argparse
+import requests,json
+from requests.auth import HTTPBasicAuth
+from subprocess import call
+import time
+import sys
+import os
+
+
+DEFAULT_PORT='8181'
+
+
+USERNAME='admin'
+PASSWORD='admin'
+
+
+CONF_TENANT='/restconf/config/policy:tenants'
+
+def get(host, port, uri):
+ url='http://'+host+":"+port+uri
+ r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ return r
+
+def put(host, port, uri, data, debug=False):
+ '''Perform a PUT rest operation, using the URL and data provided'''
+
+ url='http://'+host+":"+port+uri
+
+ headers = {'Content-type': 'application/yang.data+json',
+ 'Accept': 'application/yang.data+json'}
+ if debug == True:
+ print "PUT %s" % url
+ print json.dumps(data, indent=4, sort_keys=True)
+ r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ if debug == True:
+ print r.text
+ r.raise_for_status()
+
+def post(host, port, uri, data, debug=False):
+ '''Perform a POST rest operation, using the URL and data provided'''
+
+ url='http://'+host+":"+port+uri
+ headers = {'Content-type': 'application/yang.data+json',
+ 'Accept': 'application/yang.data+json'}
+ if debug == True:
+ print "POST %s" % url
+ print json.dumps(data, indent=4, sort_keys=True)
+ r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
+ if debug == True:
+ print r.text
+ r.raise_for_status()
+
+def wait_for_sff_in_datastore(url):
+ for i in xrange(30):
+ resp=get(controller, DEFAULT_PORT, url)
+ if ('192.168.50.70' in resp.text) and ('192.168.50.71' in resp.text):
+ break
+ time.sleep(3)
+ if ('192.168.50.70' not in resp.text):
+ print "ERROR: SFF1 has not been initialized!"
+ sys.exit(1)
+ if ('192.168.50.71' not in resp.text):
+ print "ERROR: SFF2 has not been initialized!"
+ sys.exit(1)
+
+
+
+def get_service_functions_uri():
+ return "/restconf/config/service-function:service-functions"
+
+def get_service_functions_data():
+ return {
+ "service-functions": {
+ "service-function": [
+ {
+ "name": "firewall-72",
+ "ip-mgmt-address": "192.168.50.72",
+ "type": "service-function-type:firewall",
+ "nsh-aware": "true",
+ "sf-data-plane-locator": [
+ {
+ "name": "2",
+ "port": 6633,
+ "ip": "192.168.50.72",
+ "transport": "service-locator:vxlan-gpe",
+ "service-function-forwarder": "SFF1"
+ }
+ ]
+ },
+ {
+ "name": "dpi-74",
+ "ip-mgmt-address": "192.168.50.74",
+ "type": "service-function-type:dpi",
+ "nsh-aware": "true",
+ "sf-data-plane-locator": [
+ {
+ "name": "3",
+ "port": 6633,
+ "ip": "192.168.50.74",
+ "transport": "service-locator:vxlan-gpe",
+ "service-function-forwarder": "SFF2"
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_forwarders_uri():
+ return "/restconf/config/service-function-forwarder:service-function-forwarders"
+
+def get_service_function_forwarders_data():
+ return {
+ "service-function-forwarders": {
+ "service-function-forwarder": [
+ {
+ "name": "SFF1",
+ "service-node": "OVSDB2",
+ "service-function-forwarder-ovs:ovs-bridge": {
+ "bridge-name": "sw1"
+ },
+ "service-function-dictionary": [
+ {
+ "name": "firewall-72",
+ "sff-sf-data-plane-locator": {
+ "sf-dpl-name": "2",
+ "sff-dpl-name": "sfc-tun2"
+ }
+ }
+ ],
+ "sff-data-plane-locator": [
+ {
+ "name": "sfc-tun2",
+ "data-plane-locator": {
+ "transport": "service-locator:vxlan-gpe",
+ "port": 6633,
+ "ip": "192.168.50.70"
+ },
+ "service-function-forwarder-ovs:ovs-options": {
+ "remote-ip": "flow",
+ "dst-port": "6633",
+ "key": "flow",
+ "nsp": "flow",
+ "nsi": "flow",
+ "nshc1": "flow",
+ "nshc2": "flow",
+ "nshc3": "flow",
+ "nshc4": "flow"
+ }
+ }
+ ]
+ },
+ {
+ "name": "SFF2",
+ "service-node": "OVSDB2",
+ "service-function-forwarder-ovs:ovs-bridge": {
+ "bridge-name": "sw2"
+ },
+ "service-function-dictionary": [
+ {
+ "name": "dpi-74",
+ "sff-sf-data-plane-locator": {
+ "sf-dpl-name": "3",
+ "sff-dpl-name": "sfc-tun4"
+ }
+ }
+ ],
+ "sff-data-plane-locator": [
+ {
+ "name": "sfc-tun4",
+ "data-plane-locator": {
+ "transport": "service-locator:vxlan-gpe",
+ "port": 6633,
+ "ip": "192.168.50.71"
+ },
+ "service-function-forwarder-ovs:ovs-options": {
+ "remote-ip": "flow",
+ "dst-port": "6633",
+ "key": "flow",
+ "nsp": "flow",
+ "nsi": "flow",
+ "nshc1": "flow",
+ "nshc2": "flow",
+ "nshc3": "flow",
+ "nshc4": "flow"
+ }
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_chains_uri():
+ return "/restconf/config/service-function-chain:service-function-chains/"
+
+def get_service_function_chains_data():
+ return {
+ "service-function-chains": {
+ "service-function-chain": [
+ {
+ "name": "SFCGBP",
+ "symmetric": "true",
+ "sfc-service-function": [
+ {
+ "name": "firewall-abstract1",
+ "type": "service-function-type:firewall"
+ },
+ {
+ "name": "dpi-abstract1",
+ "type": "service-function-type:dpi"
+ }
+ ]
+ }
+ ]
+ }
+}
+
+def get_service_function_paths_uri():
+ return "/restconf/config/service-function-path:service-function-paths/"
+
+def get_service_function_paths_data():
+ return {
+ "service-function-paths": {
+ "service-function-path": [
+ {
+ "name": "SFCGBP-Path",
+ "service-chain-name": "SFCGBP",
+ "starting-index": 255,
+ "symmetric": "true"
+
+ }
+ ]
+ }
+}
+
+def get_tenant_data():
+ return {
+ "tenant": [
+ {
+ "id": "tenant-red",
+ "name": "DockerTenant",
+ "forwarding-context": {
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain-2",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "subnet": [
+ {
+ "id": "subnet-10.0.36.0/24",
+ "virtual-router-ip": "10.0.36.1",
+ "parent": "flood-domain-2",
+ "ip-prefix": "10.0.36.1/24"
+ },
+ {
+ "id": "subnet-10.0.35.0/24",
+ "virtual-router-ip": "10.0.35.1",
+ "parent": "flood-domain-1",
+ "ip-prefix": "10.0.35.1/24"
+ }
+ ]
+ },
+ "policy": {
+ "endpoint-group": [
+ {
+ "id": "webservers",
+ "name": "webservers",
+ "provider-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ },
+ {
+ "id": "clients",
+ "name": "clients",
+ "consumer-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ }
+ ],
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "name": "icmp",
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "parameter-value": [
+ {
+ "name": "proto",
+ "int-value": 1
+ }
+ ]
+ },
+ {
+ "name": "http-dest",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "name": "http-src",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "chain1",
+ "action-definition-id": "Action-Chain",
+ "parameter-value": [
+ {
+ "name": "sfc-chain-name",
+ "string-value": "SFCGBP"
+ }
+ ]
+ },
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "contract": [
+ {
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "icmp-subject",
+ "rule": [
+ {
+ "name": "allow-icmp-rule",
+ "order": 0,
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "http-subject",
+ "rule": [
+ {
+ "name": "http-chain-rule",
+ "classifier-ref": [
+ {
+ "name": "http-dest",
+ "instance-name": "http-dest",
+ "direction": "in"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "chain1",
+ "order": 0
+ }
+ ]
+ },
+ {
+ "name": "http-out-rule",
+ "classifier-ref": [
+ {
+ "name": "http-src",
+ "instance-name": "http-src",
+ "direction": "out"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "clause": [
+ {
+ "name": "icmp-http-clause",
+ "subject-refs": [
+ "icmp-subject",
+ "http-subject"
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ]
+ }
+
+# Main definition - constants
+
+# =======================
+# MENUS FUNCTIONS
+# =======================
+
+# Main menu
+
+# =======================
+# MAIN PROGRAM
+# =======================
+
+# Main Program
+
+def get_tenant_uri():
+ return "/restconf/config/policy:tenants/policy:tenant/tenant-red"
+
+def get_tunnel_data_1():
+ return {
+ "node": [
+ {
+ "id": "openflow:1",
+ "ofoverlay:tunnel": [
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
+ "node-connector-id": "openflow:1:1",
+ "ip": "192.168.50.70",
+ "port": 6633
+ },
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan",
+ "node-connector-id": "openflow:1:2",
+ "ip": "192.168.50.70",
+ "port": 4789
+ }
+ ]
+ }
+ ]
+ }
+
+def get_tunnel_uri_1():
+ return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"
+
+def get_tunnel_data_6():
+ return {
+ "node": [
+ {
+ "id": "openflow:6",
+ "ofoverlay:tunnel": [
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
+ "node-connector-id": "openflow:6:1",
+ "ip": "192.168.50.75",
+ "port": 6633
+ },
+ {
+ "tunnel-type": "overlay:tunnel-type-vxlan",
+ "node-connector-id": "openflow:6:2",
+ "ip": "192.168.50.75",
+ "port": 4789
+ }
+ ]
+ }
+ ]
+ }
+
+def get_tunnel_uri_6():
+ return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"
+
+def get_endpoint_data():
+ return [
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+ "endpoint-group": "clients",
+"network-containment" : "subnet-10.0.35.0/24",
+"l2-context": "bridge-domain1",
+"mac-address": "00:00:00:00:35:02",
+"l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+],
+"port-name": "vethl-h35_2",
+"tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "clients",
+
+ "network-containment" : "subnet-10.0.35.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+}
+},
+{
+"input": {
+
+ "endpoint-group": "webservers",
+
+ "network-containment" : "subnet-10.0.36.0/24",
+
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+}
+}]
+
+
+def get_endpoint_uri():
+ return "/restconf/operations/endpoint:register-endpoint"
+
+def get_tunnel_oper_uri():
+ return "/restconf/operational/opendaylight-inventory:nodes/"
+
+def get_topology_oper_uri():
+ return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"
+
+if __name__ == "__main__":
+ # Launch main menu
+
+
+ # Some sensible defaults
+ controller=os.environ.get('ODL')
+ if controller == None:
+ sys.exit("No controller set.")
+
+ print "Contacting controller at %s" % controller
+ print "waiting for manager on SFFs..."
+ wait_for_sff_in_datastore(get_topology_oper_uri())
+ print "sending service functions"
+ put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)
+ print "sending service function forwarders"
+ put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)
+ print "waiting for switches on SFFs..."
+ wait_for_sff_in_datastore(get_tunnel_oper_uri())
+ print "sending service function chains"
+ put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)
+ print "sending service function paths"
+ put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)
+ print "sending tunnel"
+ put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)
+ print "sending tenant"
+ put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)
+ print "sending tenant"
+ put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)
+ print "registering endpoints"
+ for endpoint in get_endpoint_data():
+ post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)
-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83247\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83249\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-\r
-sudo ovs-vsctl add-br $sw\r
-sudo ovs-vsctl add-port $sw $sw-vxlangpe-0 -- set interface $sw-vxlangpe-0 type=vxlan options:remote_ip=flow options:dst_port=6633 options:nshc1=flow options:nshc2=flow options:nshc3=flow options:nshc4=flow options:nsp=flow options:nsi=flow options:key=flow\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83247
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83249
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+
+sudo ovs-vsctl add-br $sw
+sudo ovs-vsctl add-port $sw $sw-vxlangpe-0 -- set interface $sw-vxlangpe-0 type=vxlan options:remote_ip=flow options:dst_port=6633 options:nshc1=flow options:nshc2=flow options:nshc3=flow options:nshc4=flow options:nsp=flow options:nsi=flow options:key=flow
-#!/usr/bin/env bash\r
-\r
-set -e\r
-hostnum=${HOSTNAME#"gbpsfc"}\r
-sw="sw$hostnum"\r
-nsp=$1\r
-\r
-if [ "$hostnum" -eq "3" ]; then\r
- TUNNEL=0xC0A83246\r
-elif [ "$hostnum" -eq "5" ]; then\r
- TUNNEL=0xC0A83247\r
-else\r
- echo "Invalid SF for this demo";\r
- exit\r
-fi\r
-# delete NORMAL, if present\r
-nsphex=`printf "%x\n" $nsp`\r
-sudo ovs-ofctl --strict del-flows $sw priority=0\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13\r
-sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13\r
+#!/usr/bin/env bash
+
+set -e
+hostnum=${HOSTNAME#"gbpsfc"}
+sw="sw$hostnum"
+nsp=$1
+
+if [ "$hostnum" -eq "3" ]; then
+ TUNNEL=0xC0A83246
+elif [ "$hostnum" -eq "5" ]; then
+ TUNNEL=0xC0A83247
+else
+ echo "Invalid SF for this demo";
+ exit
+fi
+# delete NORMAL, if present
+nsphex=`printf "%x\n" $nsp`
+sudo ovs-ofctl --strict del-flows $sw priority=0
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=255 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:254,IN_PORT" -OOpenFlow13
+sudo ovs-ofctl add-flow $sw "priority=1000,nsi=254 actions=move:NXM_NX_NSH_C1[]->NXM_NX_NSH_C1[],move:NXM_NX_NSH_C2[]->NXM_NX_NSH_C2[],move:NXM_NX_TUN_ID[0..31]->NXM_NX_TUN_ID[0..31],load:$TUNNEL->NXM_NX_TUN_IPV4_DST[],set_nsi:253,IN_PORT" -OOpenFlow13
Code Review / groupbasedpolicy.git / commitdiff