Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Update and upgrade:

    Code Block
    languagebash
    apt-get update && apt-get -y dist-upgrade


  2. (Optional - Only when you want to clone the source code from the git repo) Install the following packages/applications:

    Code Block
    languagebash
    apt-get install -y git


  3. Install PostgreSQL Server and its development dependencies: (You can experience error regarding availability of versions of packages. Newer packages should work as well.)

    Code Block
    languagebash
    apt-get install -y postgresql postgresql-plpython-9.3 postgresql-server-dev-9.3


  4. Install Python 2.7:

    Code Block
    languagebash
     apt-get install -y python python-minimal python-pip python-dev python-openssl libffi-dev libssl-dev openssl libffi6


  5. Get sources
    Using GIT:

    Code Block
    languagebash
    cd /usr/src
    git clone https://code.geant.net/stash/scm/ccs/opennsa.git
    cd opennsa
    git checkout developmentstable

    Or download sources from here and copy it in there manually.
    TODO: ADD THE PACKAGE

     

  6. Use pip to install deps:
    FIXME: There is problem with ssh comunication towards latest ssh servers. Version in "requirements-for-pip.txt" are old. Workarround is the following: After installing everything as in the code bloc bellow, use pip again and install versions in the file "requirements.txt" located in the opennsa top dir. (29.1.2018: Not there now, will be added soon.) It is possible that pip will have to be updated to and older ubuntu like 16.04 cannot do it from repos. It has to be done by getting pip manually. We are now working and testing the install procedure with newer LTS versions.     

    Code Block
    languagetext
    ##from the directory as shown in prompt 
    ...:/usr/src/opennsa# pip install -r docs/requirements-for-pip.txt


  7. Initialize and Start the PostgreSQL:

    Code Block
    languagebash
    /etc/init.d/postgresql restart


  8. Prepare the environment for Opennsa:

    Code Block
    languagebash
    useradd -m opennsa
    chown opennsa:opennsa /usr/src/opennsa    ### Should this be chown -R ?


  9. Install OpenNSA: 

     

    From the directory as shown in prompt. 
    Code Block
    languagetext
    :/usr/src/opennsa#python setup.py install


  10. Create the database:

    NOTE that LOC in db name means specification of process (aka the individual OpenNSA instance, which means a single uPA , or the aggregator. This depends on the deployment scenario.). Further used in step 13. Note that the 'opennsa' user need only be created once.

    Code Block
    languagebash
    firstline1
    linenumberstrue
    cd /usr/src/opennsa
    cp datafiles/schema.sql /tmp/
    su - postgres -c "
    createdb opennsa-LOC
    createuser -RSD opennsa
    "
    su - opennsa -c "
    psql opennsa-LOC -c '\i /tmp/schema.sql'
    "

    Create DB for each process (all uPAs + aggregator when used).  # eg: opennsa-MAIN, opennsa-FOO, opennsa-BAR, where FOO stands for the location and could be, e.g. mx1.ams.nl, BAR could be mx2.zag.hr, etc.

  11. It's important to keep the server time accurate (feel free to specify your servers and don't forget to add iburst directive):

    Code Block
    apt-get -y install ntp
    /etc/init.d/ntp start


  12. Generate your SSH keys:

    Code Block
    su - opennsa -c"
    ssh-keygen -t rsa -N '' -f ~/.ssh/opennsa_mcrsa.key
    "


  13. Now create init scripts for each instance (one per dataplane MX router + one as main process-the aggregator)

    Info

    Note that this step is for Ubuntu 14.04 which is NOT using systemd. This step should work with systemd as well, but it is not right way how to do it and right systemd way will be introduced soon. 
    TODO: Introduce the proper way for systemd.

    Default init script is: /etc/init.d/opennsa
    Just make copies of it with proper names, and then chmod -x the default script as we won't be running it.

    Code Block
    languagebash
    cp /etc/init.d/opennsa /etc/init.d/opennsa-LOC  # Where LOC = some string eg: "mx1.ams.nl" or "AMS".

     

    Common practice is to create one init script for each router in your dataplane (uPAs) + one where LOC=“main” to be the aggregator.
    Edit like in following template…

    Code Block
    languagebash
    linenumberstrue
    #! /bin/sh
    # /etc/init.d/opennsa: Start the OpenNSA service
    ### BEGIN INIT INFO
    # Provides:             opennsa
    # Required-Start:       $network
    # Required-Stop:        $network
    # Should-Start:         $time
    # Should-Stop:          $time
    # Default-Start:        2 3 4 5
    # Default-Stop:         0 1 6
    # Short-Description:    OpenNSA Service
    ### END INIT INFO
    
    . /lib/lsb/init-functions
    
    CONFIG_FILE=/etc/opennsa/opennsa-LOC.conf
    
    PIDFILE=/var/run/opennsa-LOC.pid
    
    DEFAULT_USER=root
    
    APP_START="from opennsa import setup ; application = setup.createApplication('$CONFIG_FILE', payload=False, debug=False)"
    
    ...............

    Interesting lines to edit are: CONFIG_FILE and PIDFILE and APP_START(need to fill arguments to setup.createApplication() )

     

  14. Create and edit conf files:

    Code Block
    languagebash
    cd /etc
    mkdir opennsa
    cp opennsa.conf opennsa/opennsa-LOC.conf


    Edit config as follows (Configuration is different for uPAs and for aggregator. Read commented config template carefully.):

    To more details about domain aggregate follow this link.
    FIXME: ADD example of TLS enabled config.

    Code Block
    languagebash
    linenumberstrue
    [service]
    # Just suggested format of network name, eg: DOMAIN = "LOC.nsi.geant.net" and LOC = "mx1.ams.nl" or "ams" as per previous convention
    # NOTE: When configuring aggregator, the domain should look like the following: DOMAIN = "nsi.geant.net".
    network=DOMAIN
    user=opennsa
    logfile=/home/opennsa/logs/opennsa-LOC.log
    
    ## Host can often be detected.
    ## Default port is 9080/9443 depending on tls
    
    host=OPENNSA_HOST_IP
    port=9444 # Good practise is to use 9443 for main/aggregator process 
    
    database=opennsa-LOC
    dbuser=opennsa
    dbpassword=
    tls=false
    
    # Uncomment the following for enabling the domain aggregation role. (become the aggregator)
    #policy=domainaggregate
    
    # Location of topology description file
    # NOTE: When configuring aggregator, NO NRM FILE should be configured. Just comment out/delete the nrmmap line.  
    nrmmap=/home/opennsa/topology/opennsa-LOC-top.nrm
    
    # Peering: with domainaggregate feature uPAs should not have any peers defined!
    # peers=http://ANY_OPENNSA_HOST_IP_OF_PEER:PORT_OF_PEER/NSI/discovery.xml
    #        http://ANY_OPENNSA_HOST_IP_OF_PEER:PORT_OF_PEER/NSI/discovery.xml
    
    
    # Backend configuration here is for the gts Junos MX platform with ssh channel against router ...
    # Always uncomment/use just one backend at the time. More description can be found on OpenNSA wiki.
    # NOTE: When configuring aggregator, NO BACKEND should be configured. Just comment out/delete the backend section. 
    
    # use this dummy backend without any further configs. Useful for testing.   
    #[dud]  
    
    # JunosMX is the backend for Juniper MX platform supporting VLAN,MPLS and port based STPs. 
    [junosmx]
    host=MANAGEMET_IP
    user=opennsa
    fingerprint=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
    publickey=/home/opennsa/.ssh/opennsa_rsa.key.pub
    privatekey=/home/opennsa/.ssh/opennsa_rsa.key
    # LOOPBACK_IP for beeing used as LSP target from different PE routers
    # All routers in dataplane needs to be listed here.
    routers=ROUTER_LOC1:LOOPBACK_IP # LOOPBACK_IP for beeing used as LSP target from different PE routers
      ROUTER_LOC2:LOOPBACK_IP        
    
    #JunosEX is the backend for Juniper EX 4550 platform supporting VLAN based STPs only. 
    #It supports label swapping using CCC feature.  
    [junosex]
    host=MANAGEMET_IP
    user=opennsa
    fingerprint=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
    publickey=/home/opennsa/.ssh/opennsa_rsa.key.pub
    privatekey=/home/opennsa/.ssh/opennsa_rsa.key
    
    #Section for JUNOS SPACE backend configuration. Uncomment just one backend config for the configured instance
    [junosspace]
    space_user=USERNAME
    space_password=PASSWORD
    space_api_url=https://IPADDR/api/space
    configlet_activate_local=CONFIGLET_ID_IN_JUNOSSPACE
    configlet_activate_remote=CONFIGLET_ID_IN_JUNOSSPACE
    configlet_deactivate_local=CONFIGLET_ID_IN_JUNOSSPACE
    configlet_deactivate_remote=CONFIGLET_ID_IN_JUNOSSPACE
    # LOOPBACK_IP for beeing used as LSP target from different PE routers
    # All routers in dataplane needs to be listed here.
    routers=gtstest2:589838:IPADDR2 # FORMAT OF THE 3 tuple: network_name:router_id_in_junosspace:loopback_ip
     gtstest1:589834:IPADDR1


  15. Create and edit topology files. Up there in conf files is specified their location in the field “nrmmap”.
    More info here.

    Example of London instance topology configuration: 
    Code Block
    languagetext
    ethernet mx0-3-2 - vlan:3000-3099 1000 ge-0/3/2 -
    ethernet xe11-0-1 - port:1 10000 xe-11/0/1 -
    ethernet geant_fra geant_fra:topology#geant_lon-(in|out) mpls:1-4000 10000 xe-0/0/1 -
    ethernet geant_ams geant_ams:topology#geant_lon-(in|out) mpls:1-4000 10000 xe-0/0/2 - 
    



  16. Create restart script for further use:

    Code Block
    languagebash
    linenumberstrue
    #!/bin/bash
    for l in LOC LOC LOC main; do	# Where 'main' is the name of your main/aggregator instance, and "LOC" as per previous convention (add as many as you have)
      /etc/init.d/opennsa-$l restart
      sleep 5
    done
    
    for l in LOC LOC LOC main; do	# Where 'main' is the name of your main/aggregator instance, and "LOC" as per previous convention (add as many as you have)
      /etc/init.d/opennsa-$l restart
      sleep 5
    done 


    Info

    The restart is done twice because of proper sync of topology information between instances. With domain aggregate feature it should be enough to run it once when "main" process - the aggregator will be the last one (re)started.


  17. Run opennsa by calling the script you just created, or call each process individually:

    Code Block
    /etc/init.d/opennsa-LOC start
    /etc/init.d/opennsa-LOC2 start
    <...>
    /etc/init.d/opennsa-LOCn start
    /etc/init.d/opennsa-main start


DONE