Introduction

Environment

This OpenNSA development is done on an Ubuntu desktop machine. While it is possible to run most components from a MacOS or a Windows machine, this is not supported, and not described in this document. At the time this document was written, the version is the Ubuntu desktop is 17.10 (artful).

This Ubuntu environment should be able to forward IP packets. You can enable this in your Ubuntu Desktop as follows:

sudo vi /etc/sysctl.conf
    net.ipv4.ip_forward = 1
sudo sysctl -p /etc/sysctl.conf

You will be using two GIT repositories, the JRA2 OpenNSA  repository and the JRA2 OpenNSA Test repository. Our scripts  and Docker containers need to be able to find these repositories, so two environment variables need to always exist in any runtime environment. Put them in /etc/environment thusly:

sudo vi /etc/environment
    ...
    OPENNSA=/data/dev/opennsa
    TESTOPENNSA=/data/dev/testopennsa
    OPENNSAMNGMT=/data/dev/opennsamngmt

Now clone these repositories in the correct place and switch to valid branches:

cd /data/dev
git clone ssh://git@code.geant.net:7999/ccs/opennsa.git opennsa
git clone ssh://git@code.geant.net:7999/ccs/onsa-tests.git testopennsa
git clone ssh://git@code.geant.net:7999/ccs/onsa-mngmt.git opennsamngmt
cd opennsa
git checkout domainaggregate
cd ../testopennsa
git checkout develop
Next, we need to provide PostgreSQL some credentials (passwords). You do not want to have to enter the password every time you start the database! So create a file ~/.pgpass, and give it the following content:
# ~/.pgpass
# hostname:port:database:username:password
10.50.0.100:5432:*:opennsa:secretpassword
localhost:5432:*:opennsa:secretpassword

This means we will be using user 'opennsa', who has a very secret password.

Running the OpenNSA cli (Command-Line-Interface) onsa can be touch since it requires so many input parameters. Fortunately you can set reasonable defaults in the file ~/.opennsa-cli:

# ~/.opennsa-cli
bandwidth=5000
host=10.50.0.1
port=7080
starttime=+6000
endtime=+16000
timeout=6000
httptimeout=6000

nsa=main,gts.nsi.geant.net:nsa,http://10.50.0.7:9443/NSI/services/CS2
nsa=domain1,nsi1.domain1:nsa,http://10.50.0.2:9445/NSI/services/CS2

Lastly, to avoid having to store credentials for the supported (test-) routers and switches in the  OpenNSA JRA2 repository a patch was made so OpenNSA support a credentials file ~/.opennsa-credentials.conf:
[service]
dbuser=opennsa
dbpassword=secretpassword

[junosspace]
space_user=super
space_password=secretpassword

So now we are done configuring our environment, it's time to install Docker.

Installing Docker

We install docker from the source, not from the ubuntu repositories which can be outdated. Although the documentation at docker.com are more complete, the following commands will get your going

sudo apt-get update
sudo apt-get install \
 linux-image-extra-$(uname -r) \
 linux-image-extra-virtual
sudo apt-get install \
 apt-transport-https \
 ca-certificates \
 curl \
 software-properties-common
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
 "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
 $(lsb_release -cs) \
 stable"
sudo apt-get update
sudo apt-get install docker-ce
sudo docker run hello-world

The last command will verify if your docker installation is up-and-running. It will download  the 'hello-world' image from the central Docker image repository, create a container using that image and start that container.

Runing docker witout sudoing

In order to be able to run docker and docker-compose commands without sudo it is needed to add current user do docker group (the first step is optional, the docker group should already exists at this step):

sudo groupadd docker
sudo gpasswd -a $USER docker

This step may be necessary if we want to use setup scripts (with sudo it is need to set e.g. environment variables for root also)

Creating an OpenNSA image from a Dockerfile

Now we have OpenNSA running, we need to create a Docker image that contains our OpenNSA software. We will later use this image in such a way that any changes in the OpenNSA repository (pointed to by  $OPENNSA) will be reflected in any Docker container that uses this image. The Docker image you create now will be stored on your local machine. Our setup also uses a Docker image containing the Postgresql DBMS, but this is downloaded from some central location.

Now lets create the OpenNSA Docker image :

cd $TESTOPENNSA
docker build -t opennsa_img -f docker/Dockerfile .

Note that this creates an image which contains the correct Python prerequisites, but the source code ($OPENNSA in /opennsa and $TESTOPENNSA in /testopennsa) will be mounted by the docker-compose command that starts the container as well as the correct command (CMD) which will be executed by this container.

Run openNSA Docker containers

We start OpenNSA containers by running the 'setup' script of one of the pre-fabricated openNSA simulation setups. In this document we use the Intra-domain setup which can be found in $TESTOPENNSA/docker/intradomain.

The intra-domain setup is started as follows

$TESTOPENNSA/docker/intradomain/setup init

The setup script will create a virtual bridge connected to the 10.50.x.y network, start a Postgresql docker container in IP address 10.50.0.100 and three openNSA containers. The setup script can be used for multiple purposes:

  • setup init  – initialise and start the complete setup (bridge, dbms, opennsa nodes)
  • setup exit – stops and destroys the setup (removes bridge, dbms and opennsa nodes)
  • setup start – starts an already created (but stopped) setup
  • setup stop – stops a created setup
  • setup prepare – -reinitialise the databases

At the time this document was written, the following setups were available in $TESTOPENNSA:

  • docker/intradomain – three openNSA nodes in one domain using DUD backends
  • docker/interdomain – the domains each containing three openNSA nodes all using DUD backends
  • docker/ciena6500 – environemnt used during the development of the Ciena 6500 backend (OTN)
  • docker/junosspace – environment used during the development of the JunOS-space backend

Testing the Intra-domain Setup

This Docker setup simulates a simple three nodes, one aggregator setup.

Sample usage

Suppose we want to create a connection between node11 and node12, and we are a user in domain1 with access to nsi1.
We are going to use onsa tool to reserve and provision this connection.

The complete command sequence will be:

$ $TESTOPENNSA/docker/intradomain/setup init

$ $OPENNSA/onsa reserve \
    -p domain1:nsa \
    -u http://10.50.0.2:9445/NSI/services/CS2 \
    --source node11.domain1:topology:port1?vlan=123 \
    --dest node12.domain1:topology:port2?vlan=123
    
$ $OPENNSA/onsa provision \
    -p domain1:nsa \
    -u http://10.50.0.2:9445/NSI/services/CS2 \
    -c DO-015774acaa

$ $OPENNSA/onsa queryrec \
    -p domain1:nsa \
    -u http://10.50.0.2:9445/NSI/services/CS2 \
    -c DO-e0b4f25a66

$ $OPENNSA/onsa terminate \
    -p domain1:nsa \
    -u http://10.50.0.2:9445/NSI/services/CS2 \
    -c DO-e0b4f25a66

$ $TESTOPENNSA/docker/intradomain/setup exit


  • No labels