Versions Compared

Old Version 22

changes.mady.by.user Yuriy Malakov

Saved on

compared with

New Version 23

changes.mady.by.user Yuriy Malakov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...



  1. Data Dictionaries: Define the SDNC model used to resolve resource values from various systems.
    1. Define source type (default. Input, DB, A&AI, mS…etc)
    2. Define model used to retrieve the resource value from the various sub-systems (input-key-mapping, output-key-mapping, url, path)
    3. Define DD’s name, type, complex data type (if sub-system supports a list of complex data structure)

  2. Controller Blueprint: Create SDNC model and all associated capabilities, artifact templates, Data Dictionaries
    1. model Identifier: (model name, version, author…etc)
    2. Capabilities ( Resource-Assignment, Artifact-template)
    3. Template Instance (Upload Artifact Templates)
      1. Edit/View each Artifact Template
      2. Upload Artifact Template JSON file
      3. Load template and Auto-Map to Data Dictionaries
      4. Review Mapping Table and Edit DDs, Default values, DD Source

                                                         

Expand
titleArchitecture

SDNC Modeling Process (via Controller Design Studio UI).

title
  1. Heat Mapping: Start by the HEAT environment file as final product required for Openstack spin up. Then for each cloud parameter we define the following:
    1. Cloud parameters assignment type (Default, Input, Capability)
    2. Resources ruleset (Assignment logic : Recipe, ingredients, Model-driven vs Custom logic)
    3. Assignment Capabilities: (microServices, DG-Capability logic, Policy models...
    )
Expand
ONAP Git Repo for Heat YML/ENV files

https://github.com/onap/demo/blob/master/heat/vFW/base_vfw.yaml

Expand
titleONAP GIT Repo for Heat YML/ENV files

https://github.com/onap/demo/blob/master/heat/vFW/base_vfw.yaml

Expand
titlenetbox mS Capability [ccsdk]
Expand
titlenetbox mS Capability [HELM Chart]

The work bellow is based on the following git repository, providing netbox docker images: https://github.com/ninech/netbox-docker

The Netbox helm chart has been submitted in OOM, the code can be found here: https://github.com/onap/oom/tree/master/kubernetes/contrib/charts/netbox

This helm chart is comprised of three subcharts, being:

  • netbox-app: provides the IPAM capability we're seeking for current selected use cases (vFW).
  • netbox-nginx: reverse proxy exposing IPAM system in a secure fashion (using NodePort).
  • netbox-postgress: backend database persisting the Netbox data. Currently a deployment, should be converted to statefull set using StorageClass.


Regarding the netbox-app, this charts come with possibility for customization. The folder tree structure is the following:

Code Block
.
??? config
    ??? configuration				Those are configuration scripts coming from Netbox itself, they remained un-touched.
    ?   ??? configuration.py
    ?   ??? gunicorn_config.py
    ?   ??? ldap_config.py
    ??? initializers				Those YAML files are where we can added so pre-provisioning data, such as user or custom fields.
    ?   ??? custom_fields.yml
    ?   ??? groups.yml
    ?   ??? users.yml
    ??? provisioning				This defines the entrypoint of netbox-app deployment, that will provision prefix to support vFW use case.
    ?   ??? provision.sh
    ??? startup_scripts				Those scripts are provided by Netbox itself, they remained un-touched.
        ??? 00_users.py
        ??? 10_groups.py
        ??? 20_custom_fields.py


In order to test Netbox locally using this helm chart, here are the steps to follow:

Code Block
git clone https://gerrit.onap.org/r/oom
cd oom/kubernetes
helm serve &
make contrib
helm install local/contrib --name netbox --namespace $NAMESPACE

This will result in installing the 3 charts, and run the job that will provisioned Netbox for us.

Ouput of the helm install should look like the following:

Code Block
$ helm install local/contrib --name netbox --namespace onap-adetalhouet
NAME:   netbox

LAST DEPLOYED: Tue Aug 28 14:30:57 2018
NAMESPACE: onap-adetalhouet
STATUS: DEPLOYED

RESOURCES:
==> v1/ConfigMap
NAME                                        DATA  AGE
netbox-netbox-app-configuration-configmap   3     1s
netbox-netbox-app-initializers-configmap    3     1s
netbox-netbox-app-startupscripts-configmap  3     1s
netbox-netbox-app-provisioning-configmap    1     1s
netbox-netbox-nginx-config-configmap        1     1s
netbox-netbox-postgres-docker-entry-initd   0     1s

==> v1/PersistentVolumeClaim
NAME                    STATUS   VOLUME                                    CAPACITY  ACCESS MODES  STORAGECLASS  AGE
netbox-netbox-static    Pending  nfs-dev-sc                                1s
netbox-netbox-postgres  Bound    pvc-8193e062-aaf0-11e8-beaa-f40343575464  1Gi  RWX  nfs-dev-sc  1s

==> v1/Service
NAME             TYPE       CLUSTER-IP     EXTERNAL-IP  PORT(S)         AGE
netbox-app       ClusterIP  10.43.179.246  <none>       8001/TCP        1s
netbox-nginx     NodePort   10.43.136.76   <none>       8080:30269/TCP  1s
netbox-postgres  ClusterIP  10.43.64.155   <none>       5432/TCP        1s

==> v1beta1/Deployment
NAME                    DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
netbox-netbox-app       1        1        1           0          1s
netbox-netbox-nginx     1        1        1           0          1s
netbox-netbox-postgres  1        1        1           0          1s

==> v1/Job
NAME                            DESIRED  SUCCESSFUL  AGE
netbox-netbox-app-provisioning  1        0           1s

==> v1/Pod(related)
NAME                                    READY  STATUS   RESTARTS  AGE
netbox-netbox-app-f54cd84d5-g6xr2       0/1    Pending  0         1s
netbox-netbox-nginx-5d4f86ffcf-qlkhc    0/1    Pending  0         1s
netbox-netbox-postgres-76857df45-5jjm9  0/1    Pending  0         1s
netbox-netbox-app-provisioning-26stg    0/1    Pending  0         1s

==> v1/Secret
NAME                    TYPE    DATA  AGE
netbox-netbox-app-pass  Opaque  6     1s
Expand
titlenetbox mS Capability [IPAM DB Creation SDN-C]

These are the tables to create:

TableColumns 
ipam_ip_poolipam_serial_pool_idcreate_dateprefixprefix_idaddress_family(v4/v6)prefix_status:Pending, Activate, Deletedescription (vfw-protect, or vfw-unprotected)region (RegionOne, RegionTwo)  
ipam_ip_assignmentipam_serial_ip_assignment_idcreate_dateservice_instance_idvf_module_idip_adressip_address_type (vip, fixed, floating etc..) prefix_id (string)ip_address_id (string)ip_statusip_response


These are the tables we created:


Code Block
mysql> show columns from IPAM_IP_ASSIGNEMENT;
+---------------------+--------------+------+-----+-------------------+----------------+
| Field               | Type         | Null | Key | Default           | Extra          |
+---------------------+--------------+------+-----+-------------------+----------------+
| ipam_ip_uuid        | int(11)      | NO   | PRI | NULL              | auto_increment |
| create_date         | datetime     | NO   |     | CURRENT_TIMESTAMP |                |
| service_instance_id | varchar(255) | YES  |     | NULL              |                |
| vf_module_id        | varchar(255) | YES  |     | NULL              |                |
| external_key        | varchar(255) | YES  |     | NULL              |                |
| prefix_id           | varchar(255) | YES  |     | NULL              |                |
| ip_address_id       | varchar(255) | YES  |     | NULL              |                |
| ip_address          | varchar(255) | YES  |     | NULL              |                |
| ip_address_type     | varchar(255) | YES  |     | NULL              |                |
| ip_status           | varchar(255) | YES  |     | NULL              |                |
| ip_response_json    | varchar(255) | YES  |     | NULL              |                |
+---------------------+--------------+------+-----+-------------------+----------------+
10 rows in set (0.00 sec)mysql> show columns from IPAM_IP_POOL;
+----------------+--------------+------+-----+-------------------+----------------+
| Field          | Type         | Null | Key | Default           | Extra          |
+----------------+--------------+------+-----+-------------------+----------------+
| ipam_pool_uuid | int(11)      | NO   | PRI | NULL              | auto_increment |
| create_date    | datetime     | NO   |     | CURRENT_TIMESTAMP |                |
| prefix_id      | int(2)       | YES  |     | NULL              |                |
| prefix         | varchar(255) | YES  |     | NULL              |                |
| address_family | int(1)       | YES  |     | NULL              |                |
| prefix_status  | varchar(255) | YES  |     | NULL              |                |
| description    | varchar(255) | YES  |     | NULL              |                |
+----------------+--------------+------+-----+-------------------+----------------+
Expand
titlenetbox mS Capability [pre-provisioning scripts]

Three main things are achived durig pre-provisioning:

  • Create an admin onap user, as follow. This is part of the netbbox-app chart resources file: config/initializers/users.yml.

    Code Block
    onap:
    first_name: Steve
    last_name: McQueen
    email: steve.mcqueen@onap.org
    password: onap123$
    api_token: onceuponatimeiplayedwithnetbox20180814
    is_staff: true # whether user is admin or not, default = false
    is_active: true # whether user is active, default = true
    is_superuser: true # Whether user has all edit rights or not, default = false

  • Create an custom_fields being client_key in order to uniquely identify the resource with a key generated by ONAP. This is part of the netbbox-app chart resources file: config/initializers/custom_fields.yml.

    Code Block
    external-key: 
  description: "The external-key uniquely identify the resources to a service within ONAP."
  filterable: true
  label: ONAP external key
  on_objects: 
    - ipam.models.IPAddress
  required: true
  type: text
  weight: 0
resource-name:
  description: "The resource-name of the element using this IP."
  filterable: true
  label: ONAP resource name
  on_objects:
    - ipam.models.IPAddress
  required: true
  type: text
  weight: 0

  • The following script creating the prefixes and some objects within Netbox:

    Code Block
    #!/bin/bash

# Create region

echo "Create region: RegionOne"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "RegionOne",
  "slug": "RegionOne"
}'

# Create tenant group

echo "Create tenant group: ONAP group"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "ONAP group",
  "slug": "onap-group"
}'

# Create tenant

echo "Create tenant ONAP in ONAP group"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "ONAP",
  "slug": "onap",
  "group": 1,
  "description": "ONAP tenant",
  "comments": "Tenant for ONAP demo use cases"
}'

# Create site

echo "Create ONAP demo site: Montreal Lab"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "Montreal Lab D3",
  "slug": "mtl-lab-d3",
  "region": 1,
  "tenant": 1,
  "facility": "Campus",
  "time_zone": "Canada/Atlantic",
  "description": "Site hosting the ONAP use cases",
  "physical_address": "1 Graham Bell",
  "shipping_address": "1 Graham Bell",
  "contact_name": "Alexis",
  "contact_phone": "0000000000",
  "contact_email": "adetalhouet89@gmail.com",
  "comments": "ONAP lab"
}'

# Create prefixes

echo "Create Prefix for vFW protected network"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "prefix": "192.168.20.0/24",
  "site": 1,
  "tenant": 1,
  "is_pool": true,
  "description": "IP Pool for protected network - vFW use case"
}'

echo "Create Prefix for vFW unprotected network"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "prefix": "192.168.10.0/24",
  "site": 1,
  "tenant": 1,
  "is_pool": true,
  "description": "IP Pool for unprotected network - vFW use case"
}'

echo "Create Prefix for ONAP general purpose network"
curl --silent -X POST \
  http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
  -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
  -H 'Content-Type: application/json' \
  -d '{
  "prefix": "10.0.0.0/8",
  "site": 1,
  "tenant": 1,
  "is_pool": true,
  "description": "IP Pool for ONAP - general purpose"
}'

...