Openstack with LISP-enabled OpenVSwitch

From DocWiki

(Difference between revisions)
Jump to: navigation, search
m (Installing the LISP-enabled OVS bridge)
(47 intermediate revisions not shown)
Line 1: Line 1:
-
This wiki describes all the steps necessary to setup a testbed of [http://www.openstack.org/software/folsom/ Openstack Folsom] nodes (All-in-one node and Compute nodes), which rely on a [http://lisp.cisco.com/ LISP-enabled] [http://openvswitch.org/ OpenVSwitch (OVS)] bridge.  
+
<p>This wiki describes all the steps necessary to setup a testbed of [http://www.openstack.org/software/folsom/ Openstack Folsom] nodes (All-in-one node and Compute nodes), which rely on a [http://lisp.cisco.com/ LISP-enabled] [http://openvswitch.org/ OpenVSwitch (OVS)] bridge.  
 +
</p>
-
<pre>
 
-
                  cisco ("public") Network
 
-
          ----+----------------------+-----
 
-
              |                      |
 
-
      +--------+--------+    +-------+--------+
 
-
      | All-In-One Node |    | Compute Node  |
 
-
      |                |    |                |
 
-
      |                |    |                |
 
-
      |  Nova          |    |  Nova -agent  |
 
-
      |  Keystone      |    |  Nova-compute  |
 
-
      |  Glance        |    |  Nova-Network  |
 
-
      |  Nova-Network  |    +----------------+
 
-
      |  Cinder        |
 
-
      |  Horizon        |
 
-
      +-----------------+
 
-
</pre>
 
-
 
-
__TOC__
 
-
 
-
 
-
= Testbed Setup =
 
-
The Openstack nodes are considered hereafter to be [http://releases.ubuntu.com/precise/ Ubuntu 12.04.1 LTS (Precise Pangolin)] machines (running the 3.2.0-29 kernel version).  
+
<p>__TOC__
 +
</p><p><br />
 +
</p>
 +
<h1> Testbed Setup </h1>
 +
<h2> Dependencies </h2>
 +
<p>The Openstack nodes are considered hereafter to be <a href="http://releases.ubuntu.com/precise/">Ubuntu 12.04.1 LTS (Precise Pangolin)</a> machines (running the 3.2.0-29 kernel version).  
The following dependencies need to be met.
The following dependencies need to be met.
-
 
+
</p>
<pre>
<pre>
sudo apt-get update
sudo apt-get update
Line 38: Line 23:
sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils virt-manager virtinst
sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils virt-manager virtinst
</pre>
</pre>
-
 
+
<p>In case you wish to also use Wireshark (with LISP dissector included):
-
In case you wish to also use Wireshark (with LISP dissector included):
+
</p>
-
 
+
<pre>
<pre>
$ sudo apt-get build-dep wireshark
$ sudo apt-get build-dep wireshark
Line 53: Line 37:
$ sudo make install
$ sudo make install
$ sudo ldconfig
$ sudo ldconfig
-
$ wireshark &
+
$ wireshark &amp;
</pre>
</pre>
-
 
+
<p>Although this is simply a recommendation, the testbed has been successfully run with the following memory settings:
-
 
+
</p>
-
Network-wise:
+
<ul><li> 1.8GB for the All-In-One Node
 +
</li><li> 1.2GB for the Compute Node
 +
</li></ul>
 +
<p><br />
 +
</p>
 +
<h2> Network </h2>
<pre>
<pre>
         Public + Management Network
         Public + Management Network
Line 63: Line 52:
       |                          |
       |                          |
       |                          |
       |                          |
-
  10.10.10.10                10.10.11.10
 
       |                          |
       |                          |
+------|-------------+  +--------|-------+
+------|-------------+  +--------|-------+
|    (eth0)          |  |      (eth0)    |
|    (eth0)          |  |      (eth0)    |
|      |            |  |        |      |
|      |            |  |        |      |
 +
|      |            |  |        |      |
 +
|  10.10.10.10      |  |  10.10.11.10  |
|      |            |  |        |      |
|      |            |  |        |      |
|  [ br-lisp ]      |  |    [br-lisp]  |
|  [ br-lisp ]      |  |    [br-lisp]  |
Line 83: Line 73:
() Network interface
() Network interface
</pre>
</pre>
 +
 +
or
 +
 +
[[Image:OpenstackandLISP_Testbed.png|630px|middle]]
 +
-
= Installing the LISP-enabled OVS bridge =
 
-
On both machines do the following.
 
-
First download the corresponding code:
 
 +
<p>If instead of physical machines you plan on setting this testbed up with <b>VMware Fusion</b>, make sure the network is configured as <i>Bridged (Ethernet).</i>
 +
</p><p><br />
 +
</p>
 +
<h2> Map Server (MS) </h2>
 +
<p>Just to get an idea of how the EID addresses are supposed to be associated with their corresponding RLOCs, you can have a look at the following MS configuration, which makes static assignments.
 +
</p><p>Under regular LISP operation you will not have to impose the following configuration. Rather, it is formed automatically and dynamically.
 +
</p>
<pre>
<pre>
-
cd /home/user/
+
&lt;?xml version=&quot;1.0&quot; encoding=&quot;ISO-8859-1&quot;?&gt;
 +
 
 +
&lt;db&gt;
 +
 
 +
  &lt;eid prefix=&quot;0.0.0.0/3&quot; act=&quot;2&quot; ttl=&quot;5&quot; /&gt;
 +
  &lt;eid prefix=&quot;128.0.0.0/8&quot; act=&quot;2&quot; ttl=&quot;5&quot; /&gt;
 +
  &lt;eid prefix=&quot;171.0.0.0/8&quot; act=&quot;2&quot; ttl=&quot;5&quot; /&gt;
 +
  &lt;eid prefix=&quot;224.0.0.0/4&quot; act=&quot;2&quot; ttl=&quot;5&quot; /&gt;
 +
 
 +
  &lt;eid prefix=&quot;192.168.127.3/32&quot; ttl=&quot;1440&quot; A=&quot;true&quot;&gt;
 +
    &lt;rloc&gt;
 +
      &lt;address&gt;10.10.10.10&lt;/address&gt;
 +
      &lt;priority&gt;1&lt;/priority&gt;
 +
      &lt;weight&gt;100&lt;/weight&gt;
 +
      &lt;m_priority&gt;255&lt;/m_priority&gt;
 +
      &lt;m_weight&gt;0&lt;/m_weight&gt;
 +
      &lt;reachable&gt;true&lt;/reachable&gt;
 +
    &lt;/rloc&gt;
 +
  &lt;/eid&gt;
 +
 
 +
  &lt;eid prefix=&quot;192.168.127.4/32&quot; ttl=&quot;1440&quot; A=&quot;true&quot;&gt;
 +
    &lt;rloc&gt;
 +
      &lt;address&gt;10.10.11.10&lt;/address&gt;
 +
      &lt;priority&gt;1&lt;/priority&gt;
 +
      &lt;weight&gt;100&lt;/weight&gt;
 +
      &lt;m_priority&gt;255&lt;/m_priority&gt;
 +
      &lt;m_weight&gt;0&lt;/m_weight&gt;
 +
      &lt;reachable&gt;true&lt;/reachable&gt;
 +
    &lt;/rloc&gt;
 +
  &lt;/eid&gt;
 +
 
 +
&lt;/db&gt;
 +
</pre>
 +
<h1> Installing the LISP-enabled OVS bridge </h1>
 +
<p>On both machines do the following.
 +
First download the corresponding code:
 +
</p>
 +
<pre>
 +
cd root/src/
git clone https://
git clone https://
</pre>
</pre>
-
 
+
<p>First install lispmob:
-
First install lispmob:
+
</p>
<pre>
<pre>
-
cd /home/user/lispmob-ovs/
+
cd root/src/lispmob-ovs/
make
make
sudo make install
sudo make install
sudo depmod -a
sudo depmod -a
</pre>
</pre>
-
 
+
<p>Afterward install the modified LISP-enabled OpenVswitch:
-
Afterward install the modified LISP-enabled OpenVswitch:
+
</p>
<pre>
<pre>
-
cd /home/user/ovs-lisp/
+
cd root/src/ovs-lisp/
./boot.sh
./boot.sh
./configure --with-linux=/lib/modules/`uname -r`/build
./configure --with-linux=/lib/modules/`uname -r`/build
make
make
</pre>
</pre>
-
 
<pre>
<pre>
-
cp /home/user/lispmob-ovs/lisp_mod/Module.symvers /home/user/ovs-lisp/datapath/linux/
+
cp root/src/lispmob-ovs/lisp_mod/Module.symvers root/src/ovs-lisp/datapath/linux/
-
sudo vi /home/user/ovs-lisp/datapath/linux/Makefile.main.in
+
sudo vi root/src/ovs-lisp/datapath/linux/Makefile.main.in
</pre>
</pre>
-
...and remove 'Module.symvers' from the 'clean' target (on line 33)
+
<p>...and remove 'Module.symvers' from the 'clean' target (on line 33)
-
 
+
</p>
<pre>
<pre>
sudo reboot
sudo reboot
</pre>
</pre>
-
 
+
<p>Then, you will need to REMAKE and REINSTALL lisp and reboot!
-
Then, you will need to REMAKE and REINSTALL lisp
+
</p>
-
 
+
<pre>
<pre>
-
cd /home/lakafosi/lispmob-ovs
+
cd root/src/lispmob-ovs
make
make
sudo make install
sudo make install
sudo depmod -a
sudo depmod -a
-
cd /home/lakafosi/ovs-lisp/
+
cd root/src/ovs-lisp/
make
make
sudo make install
sudo make install
sudo depmod -a
sudo depmod -a
-
sudo dmesg -c
+
sudo reboot
</pre>
</pre>
-
In order to bring up the OVS bridge:
+
Please retry the above in case you get the following message:
 +
"WARNING: "eid_locator4" [/root/src/ovs-lisp/datapath/linux/openvswitch.ko] undefined!"
 +
 
 +
 
 +
<p>In order to bring up the OVS bridge:
 +
</p>
<pre>
<pre>
-
sudo /home/user/ovs-scripts/ovs-start
+
sudo root/src/ovs-scripts/ovs-start
</pre>
</pre>
-
which includes:
+
<p>which includes:
-
 
+
</p>
<pre>
<pre>
#!/bin/bash
#!/bin/bash
-
BUILD_DIR=/home/lakafosi/ovs-lisp
+
BUILD_DIR=root/src/ovs-lisp
OVS_PATH=/usr/local
OVS_PATH=/usr/local
Line 153: Line 193:
mkdir -p ${OVS_PATH}/etc/openvswitch
mkdir -p ${OVS_PATH}/etc/openvswitch
rm ${OVS_PATH}/etc/openvswitch/conf.db
rm ${OVS_PATH}/etc/openvswitch/conf.db
-
ovsdb-tool create /usr/local/etc/openvswitch/conf.db /home/lakafosi/ovs-lisp/vswitchd/vswitch.ovsschema
+
ovsdb-tool create /usr/local/etc/openvswitch/conf.db root/src/ovs-lisp/vswitchd/vswitch.ovsschema
${OVS_PATH}/sbin/ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
${OVS_PATH}/sbin/ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
                     --remote=db:Open_vSwitch,manager_options \
                     --remote=db:Open_vSwitch,manager_options \
Line 164: Line 204:
ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs
ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs
</pre>
</pre>
-
 
+
<p>You can verify everything is setup correctly by issuing:
-
You can verify everything is setup correctly by issuing:
+
</p>
<pre>
<pre>
ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs
ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs
</pre>
</pre>
-
which should yield an output similar to the following:
+
<p>which should yield an output similar to the following:
 +
</p>
<pre>
<pre>
-
  1404 ?        00:00:00 ovs_workq 1406 ?        00:00:00 ovsdb-server
+
  1404&nbsp;?        00:00:00 ovs_workq  
-
  1409 ?        00:00:00 ovs-vswitchd
+
1406&nbsp;?        00:00:00 ovsdb-server
-
  1410 ?        00:00:00 ovs-vswitchd
+
  1409&nbsp;?        00:00:00 ovs-vswitchd
 +
  1410&nbsp;?        00:00:00 ovs-vswitchd
lisp                  41286  1 openvswitch
lisp                  41286  1 openvswitch
</pre>
</pre>
 +
<h1>  Openstack </h1>
 +
<p>First create the stack user in order to install and run Openstack without any passwords requested.
 +
</p>
 +
<pre>
 +
su -
 +
useradd -U -G sudo -s /bin/bash -m stack; echo &quot;stack ALL=(ALL) NOPASSWD: ALL&quot; &gt;&gt; /etc/sudoers
 +
su stack
 +
cd
 +
</pre>
 +
<p>This Openstack installation is based on <a href="http://devstack.org/">Devstack</a>.
 +
</p><p>It is important you stick with the stable Folsom version:
 +
</p>
 +
<pre>
 +
git clone -b stable/folsom https://github.com/openstack-dev/devstack.git
 +
</pre>
 +
<p>Alternatively,
 +
</p>
 +
<pre>
 +
git clone -b stable/folsom git://git.cisco.com/lakafosi/devstack.git
 +
</pre>
 +
<p>Additionally, you will have to download one more script for setting up the OVS-bridge and attaching the vnetX ports of the instantiated VMs, the lispd.conf control plane configuration file of LISP and a few cloud qcow2 (Ubuntu and Fedora) images (to use in addition to the preloaded tiny <a href="https://launchpad.net/cirros/+download">CirrOS cloud guest</a>).
 +
</p>
 +
<pre>
 +
mkdir /home/stack/Downloads
 +
mv /* /home/stack/devstack/Downloads/* /home/stack/Downloads
 +
</pre>
 +
<p><br />
 +
</p>
 +
<h2> All-In-One Openstack Node </h2>
 +
<h3> localrc </h3>
 +
<p>Located in /home/stack/devstack/
 +
</p>
 +
<pre>
 +
#HOST_NAME=$(hostname)
 +
#SERVICE_HOST_NAME=lakafosi-server-1
 +
SERVICE_HOST=10.10.10.10
 +
HOST_IP=10.10.10.10
-
= Openstack =
+
FIXED_RANGE=192.168.127.0/24
-
== All-In-One Openstack Node ==
+
MULTI_HOST=True
 +
SCHEDULER=nova.scheduler.simple.SimpleScheduler
 +
Q_HOST=$SERVICE_HOST
 +
MYSQL_HOST=$SERVICE_HOST
 +
RABBIT_HOST=$SERVICE_HOST
 +
GLANCE_HOSTPORT=$SERVICE_HOST:9292
 +
KEYSTONE_AUTH_HOST=$SERVICE_HOST
 +
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
 +
 +
CINDER_BRANCH=stable/folsom
 +
NOVA_BRANCH=stable/folsom
 +
SWIFT_BRANCH=stable/folsom
 +
GLANCE_BRANCH=stable/folsom
 +
KEYSTONE_BRANCH=stable/folsom
 +
HORIZON_BRANCH=stable/folsom
 +
#QUANTUM_BRANCH=stable/folsom
 +
 +
# password
 +
MYSQL_PASSWORD=mysql
 +
RABBIT_PASSWORD=rabbit
 +
SERVICE_TOKEN=service
 +
SERVICE_PASSWORD=admin
 +
ADMIN_PASSWORD=admin
 +
 +
# Uncomment the following line to save time by skipping checking of packages that need to be installed
 +
#OFFLINE=True
 +
</pre>
 +
<p><br />
 +
</p>
 +
<h3> local.sh </h3>
 +
<p>This is the script run right after <i>stack.sh</i>, i.e. the Openstack installation. It is located in /home/stack/devstack/ .
 +
</p>
 +
<pre>
 +
#!/usr/bin/env bash
 +
 +
# Sample ``local.sh`` for user-configurable tasks to run automatically
 +
# at the sucessful conclusion of ``stack.sh``.
 +
 +
# Keep track of the devstack directory
 +
TOP_DIR=$(cd $(dirname &quot;$0&quot;) &amp;&amp; pwd)
 +
# Import common functions
 +
source $TOP_DIR/functions
 +
# Use openrc + stackrc + localrc for settings
 +
source $TOP_DIR/stackrc
 +
# Destination path for installation ``DEST``
 +
DEST=${DEST:-/opt/stack}
 +
 +
# lakafosi
 +
for i in `seq 2 5`; do /opt/stack/nova/bin/nova-manage fixed reserve 192.168.127.$i; done
 +
 +
# Get OpenStack admin auth
 +
source $TOP_DIR/openrc admin admin
 +
# nova-manage instance_type create m1.cirrOS 256 1 0 0 0 0
 +
glance add name=cirros-0.3.0-x86_64 disk_format=qcow2 container_format=bare &lt; ~/Downloads/cirros-0.3.0-x86_64-disk.img
 +
glance add name=Ubuntu-12.04 is_public=true container_format=ovf disk_format=qcow2 &lt; ~/Downloads/precise-server-cloudimg-amd64-disk1.img
 +
glance add name=f16-jeos is_public=true disk_format=qcow2 container_format=bare &lt; ~/Downloads/f16-x86_64-openstack-sda.qcow2
 +
# nova-manage floating create --ip_range=192.168.127.6/31
 +
 +
# Get OpenStack demo auth
 +
source $TOP_DIR/openrc demo demo
 +
glance add name=cirros-0.3.0-x86_64 disk_format=qcow2 container_format=bare &lt; ~/Downloads/cirros-0.3.0-x86_64-disk.img
 +
glance add name=Ubuntu-12.04 is_public=true container_format=ovf disk_format=qcow2 &lt; ~/Downloads/precise-server-cloudimg-amd64-disk1.img
 +
glance add name=f16-jeos is_public=true disk_format=qcow2 container_format=bare &lt; ~/Downloads/f16-x86_64-openstack-sda.qcow2
 +
 +
 +
# Import keys from the current user into the default OpenStack user (usually
 +
# ``demo``)
 +
 +
# Get OpenStack auth
 +
source $TOP_DIR/openrc
 +
# Add first keypair found in localhost:$HOME/.ssh
 +
for i in $HOME/.ssh/id_rsa.pub $HOME/.ssh/id_dsa.pub; do
 +
    if [[ -r $i ]]; then
 +
        nova keypair-add --pub_key=$i `hostname`
 +
        break
 +
    fi
 +
done
 +
 +
 +
# Create my Flavor
 +
# ---------------
 +
# Get OpenStack admin auth
 +
source $TOP_DIR/openrc admin admin
 +
# Name of new flavor
 +
# set in ``localrc`` with ``DEFAULT_INSTANCE_TYPE=m1.micro``
 +
MI_NAME=m1.cirrOS
 +
# Create micro flavor if not present
 +
if [[ -z $(nova flavor-list | grep $MI_NAME) ]]; then
 +
nova-manage instance_type create m1.cirrOS 256 1 0 0 0 0
 +
#    nova flavor-create $MI_NAME 6 128 0 1
 +
fi
 +
 +
 +
# Other Uses
 +
# ----------
 +
 +
# Add tcp/22 and icmp to default security group
 +
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
 +
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
 +
</pre>
 +
<p><br />
 +
</p>
 +
<h3> lispd.conf </h3>
 +
<p>LISP is run with
 +
</p>
 +
<pre>
 +
sudo lispd -f /etc/lispd.conf
 +
</pre>
 +
<p>Its configuration file is located in /etc/ and contains:
 +
</p>
 +
<pre>
 +
#      lispd example config file
 +
 +
debug                = on
 +
map-request-retries  = 2                        # send 2 before giving up
 +
 +
# Encapsulated Map-Requests are sent to this map resolver
 +
map-resolver        = 10.32.164.141
 +
 +
# Register to this map server
 +
map-server {
 +
        address    = 10.32.164.141
 +
        key-type    = 1                        # SHA1
 +
        key        = foo%bar
 +
        verify      = off                      # on --&gt; lig(self)
 +
        proxy-reply = on                        # ask ms to proxy reply
 +
}
 +
 +
# Encapsulate packets for non-LISP sites to this Proxy-ETR
 +
proxy-etr {
 +
        address    = 149.20.48.60
 +
        priority    = 1
 +
        weight      = 100
 +
}
 +
 +
# IPv4 EID of the mobile node
 +
database-mapping {
 +
        eid-prefix = 192.168.127.3/32 # for Openstack AllInOne Node     
 +
#        iid        = 0
 +
        interface  = br-lisp
 +
        priority  = 1
 +
        weight    = 100
 +
}
 +
 +
# List of PITRs to SMR on handover
 +
proxy-itrs = {
 +
        69.31.31.98,            # eqx-ash-pxtr
 +
        149.20.48.60,          # isc-pxtr
 +
        198.6.255.37,          # asp-pxtr
 +
        129.250.1.63,          # ntt-amer-pxtr
 +
        217.8.98.33,            # intouch-pxtr-1
 +
        217.8.98.35,            # intouch-pxtr-2
 +
        193.162.145.46,        # tdc-pxtr
 +
        158.38.1.92,            # uninett-pxtr
 +
        203.181.249.172        # apan-pxtr
 +
}
 +
</pre>
 +
 +
<h3> Bringing up a guest VM </h3>
 +
 +
 +
[[Image:Instances_-_OpenStack_Dashboard1.png|850px|middle]]
 +
 +
[[Image:Instance_Detail_-_OpenStack_Dashboard.png|850px|middle]]
 +
 +
 +
 +
<h3> ovs-lisp-openstask-scenario.sh </h3>
 +
<pre>
 +
su -
 +
vi /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
</pre>
<pre>
<pre>
#!/bin/bash
#!/bin/bash
-
echo "=== lakafosi: Stopping firewall and allowing everyone... ==="
+
echo &quot;=== lakafosi: Stopping firewall and allowing everyone... ===&quot;
iptables -F
iptables -F
iptables -X
iptables -X
Line 194: Line 444:
iptables -P FORWARD ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P OUTPUT ACCEPT
-
echo "=== lakafosi: Fixing the bridges... ==="
+
echo &quot;=== lakafosi: Fixing the bridges... ===&quot;
VM_mac=fa:16:$(ifconfig vnet0 | grep HWaddr | awk '{print $5}'i | awk '{print substr($0,7)}')
VM_mac=fa:16:$(ifconfig vnet0 | grep HWaddr | awk '{print $5}'i | awk '{print substr($0,7)}')
#Alternatively:
#Alternatively:
#VM_mac=$(brctl showmacs br100 | grep fa:16: |awk '{print $2}'i)
#VM_mac=$(brctl showmacs br100 | grep fa:16: |awk '{print $2}'i)
-
echo "MAC address of guest VM: $VM_mac"
+
echo &quot;MAC address of guest VM: $VM_mac&quot;
brctl delif br100 vnet0
brctl delif br100 vnet0
brctl delif br100 eth0
brctl delif br100 eth0
Line 209: Line 459:
ovs-vsctl add-br br-lisp
ovs-vsctl add-br br-lisp
ovs-vsctl add-port br-lisp vnet0
ovs-vsctl add-port br-lisp vnet0
-
ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.32.164.175
 
#AllInOne
#AllInOne
-
#ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.32.164.133
+
ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.10.11.10
-
#Compute
+
-
#ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.32.164.132
+
ovs-vsctl add-port br-lisp eth0
ovs-vsctl add-port br-lisp eth0
ovs-ofctl del-flows br-lisp
ovs-ofctl del-flows br-lisp
-
#ovs-ofctl add-flows br-lisp /home/stack/Downloads/lisp_flow_table-AllInOne
 
ovs-ofctl add-flow br-lisp priority=3,dl_dst=00:11:22:ee:ee:ee,action=mod_dl_dst:$VM_mac,NORMAL
ovs-ofctl add-flow br-lisp priority=3,dl_dst=00:11:22:ee:ee:ee,action=mod_dl_dst:$VM_mac,NORMAL
ovs-ofctl add-flow br-lisp priority=2,in_port=1,dl_type=0x0806,action=NORMAL
ovs-ofctl add-flow br-lisp priority=2,in_port=1,dl_type=0x0806,action=NORMAL
Line 224: Line 470:
ifconfig eth0 0.0.0.0
ifconfig eth0 0.0.0.0
#AllInOne
#AllInOne
-
ifconfig br-lisp 10.32.164.132 netmask 255.255.255.192
+
ifconfig br-lisp 10.10.10.10 netmask 255.255.255.192
 +
route add default gw 10.10.1.1
 +
killall farpd
 +
farpd -i br-lisp 192.168.127.0/24
 +
echo &quot;=== lakafosi: Bridge Status: ===&quot;
 +
brctl show
 +
ovs-vsctl show
 +
ovs-appctl fdb/show br-lisp
 +
ovs-dpctl show
 +
ovs-ofctl dump-flows br-lisp
 +
echo &quot;=== lakafosi: Go and START lisp...! ===&quot;
 +
#echo &quot;lakafosi: Starting lisp...&quot;
 +
#lispd -f /etc/lispd.conf &amp;
 +
echo &quot;=== lakafosi: lisp status: ===&quot;
 +
ps -ea | grep lisp; lsmod | grep lisp
 +
</pre>
 +
<p>To run it:
 +
</p>
 +
<pre>
 +
chmod +x /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
/home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
</pre>
 +
<h2> Compute Openstack Node </h2>
 +
<h3> localrc </h3>
 +
<p>Located in /home/stack/devstack/
 +
</p>
 +
<pre>
 +
#SERVICE_HOST_NAME=lakafosi-server-1
 +
SERVICE_HOST=10.10.10.10
 +
HOST_IP=10.10.11.10
 +
 
 +
MULTI_HOST=True
 +
 
 +
#FIXED_RANGE=192.168.127.0/24
 +
 
 +
# compute node
 +
ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol,rabbit
 +
#disable_all_services
 +
#enable_service rabbit n-cpu quantum q-agt n-vol n-api
 +
 
 +
Q_HOST=$SERVICE_HOST
 +
MYSQL_HOST=$SERVICE_HOST
 +
RABBIT_HOST=$SERVICE_HOST
 +
GLANCE_HOSTPORT=$SERVICE_HOST:9292
 +
KEYSTONE_AUTH_HOST=$SERVICE_HOST
 +
KEYSTONE_SERVICE_HOST=$SERVICE_HOST
 +
 
 +
CINDER_BRANCH=stable/folsom
 +
NOVA_BRANCH=stable/folsom
 +
SWIFT_BRANCH=stable/folsom
 +
GLANCE_BRANCH=stable/folsom
 +
KEYSTONE_BRANCH=stable/folsom
 +
HORIZON_BRANCH=stable/folsom
 +
#QUANTUM_BRANCH=stable/folsom
 +
 
 +
# password
 +
MYSQL_PASSWORD=mysql
 +
RABBIT_PASSWORD=rabbit
 +
SERVICE_TOKEN=service
 +
SERVICE_PASSWORD=admin
 +
ADMIN_PASSWORD=admin
 +
 
 +
# Uncomment the following line to save time by skipping checking of packages that need to be installed
 +
#OFFLINE=True
 +
</pre>
 +
<p><br />
 +
</p>
 +
<h3> local.sh </h3>
 +
<p>Make sure no local.sh exists under /home/stack/devstack
 +
</p>
 +
<pre>
 +
rm /home/stack/devstack/local.sh
 +
</pre>
 +
<h3> lispd.conf </h3>
 +
<p>LISP is run with
 +
</p>
 +
<pre>
 +
sudo lispd -f /etc/lispd.conf
 +
</pre>
 +
<p>Its configuration file is located in /etc/ and contains:
 +
</p>
 +
<pre>
 +
#      lispd example config file
 +
 
 +
debug                = on
 +
map-request-retries  = 2                        # send 2 before giving up
 +
 
 +
# Encapsulated Map-Requests are sent to this map resolver
 +
map-resolver        = 10.32.164.141
 +
 
 +
# Register to this map server
 +
map-server {
 +
        address    = 10.32.164.141
 +
        key-type    = 1                        # SHA1
 +
        key        = foo%bar
 +
        verify      = off                      # on --&gt; lig(self)
 +
        proxy-reply = on                        # ask ms to proxy reply
 +
}
 +
 
 +
# Encapsulate packets for non-LISP sites to this Proxy-ETR
 +
proxy-etr {
 +
        address    = 149.20.48.60
 +
        priority    = 1
 +
        weight      = 100
 +
}
 +
 
 +
# IPv4 EID of the mobile node
 +
database-mapping {
 +
        eid-prefix = 192.168.127.4/32 # for Openstack Compute Node       
 +
#        iid        = 0
 +
        interface  = br-lisp
 +
        priority  = 1
 +
        weight    = 100
 +
}
 +
 
 +
# List of PITRs to SMR on handover
 +
proxy-itrs = {
 +
        69.31.31.98,            # eqx-ash-pxtr
 +
        149.20.48.60,          # isc-pxtr
 +
        198.6.255.37,          # asp-pxtr
 +
        129.250.1.63,          # ntt-amer-pxtr
 +
        217.8.98.33,            # intouch-pxtr-1
 +
        217.8.98.35,            # intouch-pxtr-2
 +
        193.162.145.46,        # tdc-pxtr
 +
        158.38.1.92,            # uninett-pxtr
 +
        203.181.249.172        # apan-pxtr
 +
}
 +
</pre>
 +
<p><br />
 +
</p>
 +
<h3> ovs-lisp-openstask-scenario.sh </h3>
 +
<pre>
 +
su -
 +
vi /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
</pre>
 +
<pre>
 +
#!/bin/bash
 +
 
 +
echo &quot;=== lakafosi: Stopping firewall and allowing everyone... ===&quot;
 +
iptables -F
 +
iptables -X
 +
iptables -t nat -F
 +
iptables -t nat -X
 +
iptables -t mangle -F
 +
iptables -t mangle -X
 +
iptables -P INPUT ACCEPT
 +
iptables -P FORWARD ACCEPT
 +
iptables -P OUTPUT ACCEPT
 +
echo &quot;=== lakafosi: Fixing the bridges... ===&quot;
 +
VM_mac=fa:16:$(ifconfig vnet0 | grep HWaddr | awk '{print $5}'i | awk '{print substr($0,7)}')
 +
#Alternatively:
 +
#VM_mac=$(brctl showmacs br100 | grep fa:16: |awk '{print $2}'i)
 +
echo &quot;MAC address of guest VM: $VM_mac&quot;
 +
brctl delif br100 vnet0
 +
brctl delif br100 eth0
 +
#ifconfig br100 0.0.0.0
 +
#ifconfig br100 0.0.0.0
 +
#ifconfig br100 192.168.127.1 netmask 255.255.255.0
 +
ifconfig br100 down
 +
brctl delbr br100
 +
ovs-vsctl -- --if-exists del-br br-lisp
 +
ovs-vsctl add-br br-lisp
 +
ovs-vsctl add-port br-lisp vnet0
 +
#Compute
 +
ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.10.10.10
 +
ovs-vsctl add-port br-lisp eth0
 +
ovs-ofctl del-flows br-lisp
 +
ovs-ofctl add-flow br-lisp priority=3,dl_dst=00:11:22:ee:ee:ee,action=mod_dl_dst:$VM_mac,NORMAL
 +
ovs-ofctl add-flow br-lisp priority=2,in_port=1,dl_type=0x0806,action=NORMAL
 +
ovs-ofctl add-flow br-lisp priority=1,in_port=1,dl_type=0x0800,vlan_tci=0,nw_src=192.168.127.0/24,action=output:2
 +
ovs-ofctl add-flow br-lisp priority=0,action=NORMAL
 +
ifconfig vnet0 up
 +
ifconfig eth0 0.0.0.0
#Compute
#Compute
-
#ifconfig br-lisp 10.32.164.133 netmask 255.255.255.192
+
ifconfig br-lisp 10.10.11.10 netmask 255.255.255.192
-
route add default gw 10.32.164.129
+
route add default gw 10.10.1.1
killall farpd
killall farpd
-
farpd -i br-lisp 192.168.127.5
+
farpd -i br-lisp 192.168.127.0/24
-
echo "=== lakafosi: Bridge Status: ==="
+
echo &quot;=== lakafosi: Bridge Status: ===&quot;
brctl show
brctl show
ovs-vsctl show
ovs-vsctl show
Line 236: Line 654:
ovs-dpctl show
ovs-dpctl show
ovs-ofctl dump-flows br-lisp
ovs-ofctl dump-flows br-lisp
-
echo "=== lakafosi: Go and START lisp...! ==="
+
echo &quot;=== lakafosi: Go and START lisp...! ===&quot;
-
#echo "lakafosi: Starting lisp..."
+
#echo &quot;lakafosi: Starting lisp...&quot;
-
#lispd -f /etc/lispd.conf &
+
#lispd -f /etc/lispd.conf &amp;
-
echo "=== lakafosi: lisp status: ==="
+
echo &quot;=== lakafosi: lisp status: ===&quot;
ps -ea | grep lisp; lsmod | grep lisp
ps -ea | grep lisp; lsmod | grep lisp
</pre>
</pre>
 +
<p>To run it:
 +
</p>
 +
<pre>
 +
chmod +x /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
/home/stack/Downloads/ovs-lisp-openstask-scenario.sh
 +
</pre>
 +
 +
<h1> Demo video </h1>
-
== Compute Openstack Node ==
+
For a copy of the video, please contact lakafosi@cisco.com.

Revision as of 01:20, 6 December 2012

This wiki describes all the steps necessary to setup a testbed of Openstack Folsom nodes (All-in-one node and Compute nodes), which rely on a LISP-enabled OpenVSwitch (OVS) bridge.


Contents


Testbed Setup

Dependencies

The Openstack nodes are considered hereafter to be <a href="http://releases.ubuntu.com/precise/">Ubuntu 12.04.1 LTS (Precise Pangolin)</a> machines (running the 3.2.0-29 kernel version). The following dependencies need to be met.

sudo apt-get update
sudo apt-get upgrade (NOT dist-upgrade)

sudo apt-get install openssh-server vim git openssh-server bridge-utils build-essential git-core libssl-dev libconfuse-dev pkg-config autoconf libtool pkg-config gengetopt \
 clang mosh cscope vim-gtk htop subversion tmux iotop dpatch automake1.9 python-support uml-utilities farpd

sudo apt-get install linux-headers-3.2.0-29-generic

# For KVM
sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils virt-manager virtinst

In case you wish to also use Wireshark (with LISP dissector included):

$ sudo apt-get build-dep wireshark
$ sudo apt-get install autoconf bison flex libtool libgtk2.0-dev libpcap-dev libc-ares-dev libsmi2-dev libgnutls-dev libgcrypt11-dev libkrb5-dev libcap2-bin libgeoip-dev libortp-dev libportaudio-dev

$ mkdir ~/Downloads; cd ~/Downloads; wget http://wiresharkdownloads.riverbed.com/wireshark/src/wireshark-1.8.3.tar.bz2
$ tar -xvf wireshark-1.8.3.tar.bz2 -C /tmp
$ cd /tmp/wireshark-1.8.3/
$ ./autogen.sh
$ ./configure --enable-setcap-install
$ make
$ sudo make install
$ sudo ldconfig
$ wireshark &

Although this is simply a recommendation, the testbed has been successfully run with the following memory settings:

  • 1.8GB for the All-In-One Node
  • 1.2GB for the Compute Node


Network

         Public + Management Network
     --+--------------------------+----- 
       |                          |
       |                          |
       |                          |
+------|-------------+   +--------|-------+
|    (eth0)          |   |      (eth0)    |
|      |             |   |        |       |
|      |             |   |        |       |
|  10.10.10.10       |   |   10.10.11.10  |
|      |             |   |        |       |
|  [ br-lisp ]       |   |     [br-lisp]  |
|    |       |       |   |        |       |
| (vnet0) (vnet1)    |   |     (vnet0)    |
|    |       |       |   |        |       |
|    VM      VM      |   |        VM      |
| 192.168. 192.168.  |   |     192.168.   |
|   127.2   127.4    |   |       127.3    |
+--------------------+   +----------------+
   All-In-One Node          Compute Node


[] OVS-LISP bridge
() Network interface

or

OpenstackandLISP Testbed.png



If instead of physical machines you plan on setting this testbed up with VMware Fusion, make sure the network is configured as Bridged (Ethernet).


Map Server (MS)

Just to get an idea of how the EID addresses are supposed to be associated with their corresponding RLOCs, you can have a look at the following MS configuration, which makes static assignments.

Under regular LISP operation you will not have to impose the following configuration. Rather, it is formed automatically and dynamically.

<?xml version="1.0" encoding="ISO-8859-1"?>

<db>

  <eid prefix="0.0.0.0/3" act="2" ttl="5" />
  <eid prefix="128.0.0.0/8" act="2" ttl="5" />
  <eid prefix="171.0.0.0/8" act="2" ttl="5" />
  <eid prefix="224.0.0.0/4" act="2" ttl="5" />

  <eid prefix="192.168.127.3/32" ttl="1440" A="true">
    <rloc>
      <address>10.10.10.10</address>
      <priority>1</priority>
      <weight>100</weight>
      <m_priority>255</m_priority>
      <m_weight>0</m_weight>
      <reachable>true</reachable>
    </rloc>
  </eid>

  <eid prefix="192.168.127.4/32" ttl="1440" A="true">
    <rloc>
      <address>10.10.11.10</address>
      <priority>1</priority>
      <weight>100</weight>
      <m_priority>255</m_priority>
      <m_weight>0</m_weight>
      <reachable>true</reachable>
    </rloc>
  </eid>

</db>

Installing the LISP-enabled OVS bridge

On both machines do the following. First download the corresponding code:

cd root/src/
git clone https://

First install lispmob:

cd root/src/lispmob-ovs/
make
sudo make install
sudo depmod -a

Afterward install the modified LISP-enabled OpenVswitch:

cd root/src/ovs-lisp/
./boot.sh
./configure --with-linux=/lib/modules/`uname -r`/build
make
cp root/src/lispmob-ovs/lisp_mod/Module.symvers root/src/ovs-lisp/datapath/linux/
sudo vi root/src/ovs-lisp/datapath/linux/Makefile.main.in

...and remove 'Module.symvers' from the 'clean' target (on line 33)

sudo reboot

Then, you will need to REMAKE and REINSTALL lisp and reboot!

cd root/src/lispmob-ovs
make
sudo make install
sudo depmod -a

cd root/src/ovs-lisp/
make
sudo make install
sudo depmod -a

sudo reboot

Please retry the above in case you get the following message: "WARNING: "eid_locator4" [/root/src/ovs-lisp/datapath/linux/openvswitch.ko] undefined!"


In order to bring up the OVS bridge:

sudo root/src/ovs-scripts/ovs-start

which includes:

#!/bin/bash
BUILD_DIR=root/src/ovs-lisp
OVS_PATH=/usr/local

rmmod -s openvswitch
modprobe lisp
insmod ${BUILD_DIR}/datapath/linux/openvswitch.ko
mkdir -p ${OVS_PATH}/etc/openvswitch
rm ${OVS_PATH}/etc/openvswitch/conf.db
ovsdb-tool create /usr/local/etc/openvswitch/conf.db root/src/ovs-lisp/vswitchd/vswitch.ovsschema
${OVS_PATH}/sbin/ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
                     --remote=db:Open_vSwitch,manager_options \
                     --private-key=db:SSL,private_key \
                     --certificate=db:SSL,certificate \
                     --bootstrap-ca-cert=db:SSL,ca_cert \
                     --pidfile --detach
${OVS_PATH}/bin/ovs-vsctl --no-wait init
${OVS_PATH}/sbin/ovs-vswitchd --pidfile --detach
ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs

You can verify everything is setup correctly by issuing:

ps -ea | grep ovs; ps -ea | grep lisp; lsmod | grep lisp; lsmod | grep ovs

which should yield an output similar to the following:

 1404 ?        00:00:00 ovs_workq 
 1406 ?        00:00:00 ovsdb-server
 1409 ?        00:00:00 ovs-vswitchd
 1410 ?        00:00:00 ovs-vswitchd
lisp                   41286  1 openvswitch

Openstack

First create the stack user in order to install and run Openstack without any passwords requested.

su -
useradd -U -G sudo -s /bin/bash -m stack; echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
su stack
cd

This Openstack installation is based on <a href="http://devstack.org/">Devstack</a>.

It is important you stick with the stable Folsom version:

git clone -b stable/folsom https://github.com/openstack-dev/devstack.git

Alternatively,

git clone -b stable/folsom git://git.cisco.com/lakafosi/devstack.git

Additionally, you will have to download one more script for setting up the OVS-bridge and attaching the vnetX ports of the instantiated VMs, the lispd.conf control plane configuration file of LISP and a few cloud qcow2 (Ubuntu and Fedora) images (to use in addition to the preloaded tiny <a href="https://launchpad.net/cirros/+download">CirrOS cloud guest</a>).

mkdir /home/stack/Downloads
mv /* /home/stack/devstack/Downloads/* /home/stack/Downloads


All-In-One Openstack Node

localrc

Located in /home/stack/devstack/

#HOST_NAME=$(hostname)
#SERVICE_HOST_NAME=lakafosi-server-1
SERVICE_HOST=10.10.10.10
HOST_IP=10.10.10.10

FIXED_RANGE=192.168.127.0/24

MULTI_HOST=True
SCHEDULER=nova.scheduler.simple.SimpleScheduler

Q_HOST=$SERVICE_HOST
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST

CINDER_BRANCH=stable/folsom
NOVA_BRANCH=stable/folsom
SWIFT_BRANCH=stable/folsom
GLANCE_BRANCH=stable/folsom
KEYSTONE_BRANCH=stable/folsom
HORIZON_BRANCH=stable/folsom
#QUANTUM_BRANCH=stable/folsom

# password
MYSQL_PASSWORD=mysql
RABBIT_PASSWORD=rabbit
SERVICE_TOKEN=service
SERVICE_PASSWORD=admin
ADMIN_PASSWORD=admin

# Uncomment the following line to save time by skipping checking of packages that need to be installed
#OFFLINE=True


local.sh

This is the script run right after stack.sh, i.e. the Openstack installation. It is located in /home/stack/devstack/ .

#!/usr/bin/env bash

# Sample ``local.sh`` for user-configurable tasks to run automatically
# at the sucessful conclusion of ``stack.sh``.

# Keep track of the devstack directory
TOP_DIR=$(cd $(dirname "$0") && pwd)
# Import common functions
source $TOP_DIR/functions
# Use openrc + stackrc + localrc for settings
source $TOP_DIR/stackrc
# Destination path for installation ``DEST``
DEST=${DEST:-/opt/stack}

# lakafosi
for i in `seq 2 5`; do /opt/stack/nova/bin/nova-manage fixed reserve 192.168.127.$i; done

# Get OpenStack admin auth
source $TOP_DIR/openrc admin admin
# nova-manage instance_type create m1.cirrOS 256 1 0 0 0 0 
glance add name=cirros-0.3.0-x86_64 disk_format=qcow2 container_format=bare < ~/Downloads/cirros-0.3.0-x86_64-disk.img
glance add name=Ubuntu-12.04 is_public=true container_format=ovf disk_format=qcow2 < ~/Downloads/precise-server-cloudimg-amd64-disk1.img
glance add name=f16-jeos is_public=true disk_format=qcow2 container_format=bare < ~/Downloads/f16-x86_64-openstack-sda.qcow2
# nova-manage floating create --ip_range=192.168.127.6/31

# Get OpenStack demo auth
source $TOP_DIR/openrc demo demo
glance add name=cirros-0.3.0-x86_64 disk_format=qcow2 container_format=bare < ~/Downloads/cirros-0.3.0-x86_64-disk.img
glance add name=Ubuntu-12.04 is_public=true container_format=ovf disk_format=qcow2 < ~/Downloads/precise-server-cloudimg-amd64-disk1.img
glance add name=f16-jeos is_public=true disk_format=qcow2 container_format=bare < ~/Downloads/f16-x86_64-openstack-sda.qcow2


# Import keys from the current user into the default OpenStack user (usually
# ``demo``)

# Get OpenStack auth
source $TOP_DIR/openrc
# Add first keypair found in localhost:$HOME/.ssh
for i in $HOME/.ssh/id_rsa.pub $HOME/.ssh/id_dsa.pub; do
    if [[ -r $i ]]; then
        nova keypair-add --pub_key=$i `hostname`
        break
    fi
done


# Create my Flavor
# ---------------
# Get OpenStack admin auth
source $TOP_DIR/openrc admin admin
# Name of new flavor
# set in ``localrc`` with ``DEFAULT_INSTANCE_TYPE=m1.micro``
MI_NAME=m1.cirrOS
# Create micro flavor if not present
if [[ -z $(nova flavor-list | grep $MI_NAME) ]]; then
	nova-manage instance_type create m1.cirrOS 256 1 0 0 0 0 
#    nova flavor-create $MI_NAME 6 128 0 1
fi


# Other Uses
# ----------

# Add tcp/22 and icmp to default security group
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0


lispd.conf

LISP is run with

sudo lispd -f /etc/lispd.conf

Its configuration file is located in /etc/ and contains:

#       lispd example config file

debug                = on
map-request-retries  = 2                        # send 2 before giving up

# Encapsulated Map-Requests are sent to this map resolver
map-resolver        = 10.32.164.141

# Register to this map server
map-server {
        address     = 10.32.164.141
        key-type    = 1                         # SHA1
        key         = foo%bar
        verify      = off                       # on --> lig(self)
        proxy-reply = on                        # ask ms to proxy reply
}

# Encapsulate packets for non-LISP sites to this Proxy-ETR
proxy-etr {
        address     = 149.20.48.60
        priority    = 1
        weight      = 100
}

# IPv4 EID of the mobile node
database-mapping {
         eid-prefix = 192.168.127.3/32		# for Openstack AllInOne Node       
#         iid        = 0
         interface  = br-lisp
         priority   = 1
         weight     = 100
}

# List of PITRs to SMR on handover
proxy-itrs = {
        69.31.31.98,            # eqx-ash-pxtr
        149.20.48.60,           # isc-pxtr
        198.6.255.37,           # asp-pxtr
        129.250.1.63,           # ntt-amer-pxtr
        217.8.98.33,            # intouch-pxtr-1
        217.8.98.35,            # intouch-pxtr-2
        193.162.145.46,         # tdc-pxtr
        158.38.1.92,            # uninett-pxtr
        203.181.249.172         # apan-pxtr
}

Bringing up a guest VM


Instances - OpenStack Dashboard1.png

Instance Detail - OpenStack Dashboard.png


ovs-lisp-openstask-scenario.sh

su -
vi /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
#!/bin/bash

echo "=== lakafosi: Stopping firewall and allowing everyone... ==="
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
echo "=== lakafosi: Fixing the bridges... ==="
VM_mac=fa:16:$(ifconfig vnet0 | grep HWaddr | awk '{print $5}'i | awk '{print substr($0,7)}')
#Alternatively:
#VM_mac=$(brctl showmacs br100 | grep fa:16: |awk '{print $2}'i)
echo "MAC address of guest VM: $VM_mac"
brctl delif br100 vnet0
brctl delif br100 eth0
#ifconfig br100 0.0.0.0
#ifconfig br100 0.0.0.0
#ifconfig br100 192.168.127.1 netmask 255.255.255.0
ifconfig br100 down
brctl delbr br100
ovs-vsctl -- --if-exists del-br br-lisp
ovs-vsctl add-br br-lisp
ovs-vsctl add-port br-lisp vnet0
#AllInOne
ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.10.11.10
ovs-vsctl add-port br-lisp eth0
ovs-ofctl del-flows br-lisp
ovs-ofctl add-flow br-lisp priority=3,dl_dst=00:11:22:ee:ee:ee,action=mod_dl_dst:$VM_mac,NORMAL
ovs-ofctl add-flow br-lisp priority=2,in_port=1,dl_type=0x0806,action=NORMAL
ovs-ofctl add-flow br-lisp priority=1,in_port=1,dl_type=0x0800,vlan_tci=0,nw_src=192.168.127.0/24,action=output:2
ovs-ofctl add-flow br-lisp priority=0,action=NORMAL
ifconfig vnet0 up
ifconfig eth0 0.0.0.0
#AllInOne
ifconfig br-lisp 10.10.10.10 netmask 255.255.255.192
route add default gw 10.10.1.1
killall farpd
farpd -i br-lisp 192.168.127.0/24
echo "=== lakafosi: Bridge Status: ==="
brctl show
ovs-vsctl show
ovs-appctl fdb/show br-lisp
ovs-dpctl show
ovs-ofctl dump-flows br-lisp
echo "=== lakafosi: Go and START lisp...! ==="
#echo "lakafosi: Starting lisp..."
#lispd -f /etc/lispd.conf &
echo "=== lakafosi: lisp status: ==="
ps -ea | grep lisp; lsmod | grep lisp

To run it:

chmod +x /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
/home/stack/Downloads/ovs-lisp-openstask-scenario.sh

Compute Openstack Node

localrc

Located in /home/stack/devstack/

#SERVICE_HOST_NAME=lakafosi-server-1
SERVICE_HOST=10.10.10.10
HOST_IP=10.10.11.10

MULTI_HOST=True

#FIXED_RANGE=192.168.127.0/24

# compute node
ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol,rabbit
#disable_all_services
#enable_service rabbit n-cpu quantum q-agt n-vol n-api

Q_HOST=$SERVICE_HOST
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
KEYSTONE_AUTH_HOST=$SERVICE_HOST
KEYSTONE_SERVICE_HOST=$SERVICE_HOST

CINDER_BRANCH=stable/folsom
NOVA_BRANCH=stable/folsom
SWIFT_BRANCH=stable/folsom
GLANCE_BRANCH=stable/folsom
KEYSTONE_BRANCH=stable/folsom
HORIZON_BRANCH=stable/folsom
#QUANTUM_BRANCH=stable/folsom

# password
MYSQL_PASSWORD=mysql
RABBIT_PASSWORD=rabbit
SERVICE_TOKEN=service
SERVICE_PASSWORD=admin
ADMIN_PASSWORD=admin

# Uncomment the following line to save time by skipping checking of packages that need to be installed
#OFFLINE=True


local.sh

Make sure no local.sh exists under /home/stack/devstack

rm /home/stack/devstack/local.sh

lispd.conf

LISP is run with

sudo lispd -f /etc/lispd.conf

Its configuration file is located in /etc/ and contains:

#       lispd example config file

debug                = on
map-request-retries  = 2                        # send 2 before giving up

# Encapsulated Map-Requests are sent to this map resolver
map-resolver        = 10.32.164.141

# Register to this map server
map-server {
        address     = 10.32.164.141
        key-type    = 1                         # SHA1
        key         = foo%bar
        verify      = off                       # on --> lig(self)
        proxy-reply = on                        # ask ms to proxy reply
}

# Encapsulate packets for non-LISP sites to this Proxy-ETR
proxy-etr {
        address     = 149.20.48.60
        priority    = 1
        weight      = 100
}

# IPv4 EID of the mobile node
database-mapping {
         eid-prefix = 192.168.127.4/32		# for Openstack Compute Node         
#         iid        = 0
         interface  = br-lisp
         priority   = 1
         weight     = 100
}

# List of PITRs to SMR on handover
proxy-itrs = {
        69.31.31.98,            # eqx-ash-pxtr
        149.20.48.60,           # isc-pxtr
        198.6.255.37,           # asp-pxtr
        129.250.1.63,           # ntt-amer-pxtr
        217.8.98.33,            # intouch-pxtr-1
        217.8.98.35,            # intouch-pxtr-2
        193.162.145.46,         # tdc-pxtr
        158.38.1.92,            # uninett-pxtr
        203.181.249.172         # apan-pxtr
}


ovs-lisp-openstask-scenario.sh

su -
vi /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
#!/bin/bash

echo "=== lakafosi: Stopping firewall and allowing everyone... ==="
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
echo "=== lakafosi: Fixing the bridges... ==="
VM_mac=fa:16:$(ifconfig vnet0 | grep HWaddr | awk '{print $5}'i | awk '{print substr($0,7)}')
#Alternatively:
#VM_mac=$(brctl showmacs br100 | grep fa:16: |awk '{print $2}'i)
echo "MAC address of guest VM: $VM_mac"
brctl delif br100 vnet0
brctl delif br100 eth0
#ifconfig br100 0.0.0.0
#ifconfig br100 0.0.0.0
#ifconfig br100 192.168.127.1 netmask 255.255.255.0
ifconfig br100 down
brctl delbr br100
ovs-vsctl -- --if-exists del-br br-lisp
ovs-vsctl add-br br-lisp
ovs-vsctl add-port br-lisp vnet0
#Compute
ovs-vsctl add-port br-lisp lisp0 -- set Interface lisp0 type=lisp options:remote_ip=10.10.10.10
ovs-vsctl add-port br-lisp eth0
ovs-ofctl del-flows br-lisp
ovs-ofctl add-flow br-lisp priority=3,dl_dst=00:11:22:ee:ee:ee,action=mod_dl_dst:$VM_mac,NORMAL
ovs-ofctl add-flow br-lisp priority=2,in_port=1,dl_type=0x0806,action=NORMAL
ovs-ofctl add-flow br-lisp priority=1,in_port=1,dl_type=0x0800,vlan_tci=0,nw_src=192.168.127.0/24,action=output:2
ovs-ofctl add-flow br-lisp priority=0,action=NORMAL
ifconfig vnet0 up
ifconfig eth0 0.0.0.0
#Compute
ifconfig br-lisp 10.10.11.10 netmask 255.255.255.192
route add default gw 10.10.1.1
killall farpd
farpd -i br-lisp 192.168.127.0/24
echo "=== lakafosi: Bridge Status: ==="
brctl show
ovs-vsctl show
ovs-appctl fdb/show br-lisp
ovs-dpctl show
ovs-ofctl dump-flows br-lisp
echo "=== lakafosi: Go and START lisp...! ==="
#echo "lakafosi: Starting lisp..."
#lispd -f /etc/lispd.conf &
echo "=== lakafosi: lisp status: ==="
ps -ea | grep lisp; lsmod | grep lisp

To run it:

chmod +x /home/stack/Downloads/ovs-lisp-openstask-scenario.sh
/home/stack/Downloads/ovs-lisp-openstask-scenario.sh


Demo video

For a copy of the video, please contact lakafosi@cisco.com.

Rating: 3.3/5 (4 votes cast)

Personal tools