Hello,
I am trying to understand, design and test a use case for integrating Open Stack Integration with OnePK. Currently we have All-in-One Pk and ODL VMs on ESXi hosts interfaced to physical/virtual network infrastructure southbound(Cisco IOS and vIOS routers/switches) and to be integrated to Open Stack systems Northbound. For Open Stack, the plan is to use Mirantis Open Stack with Red Hat Linux Open Stack Distribution as well as other open stack distributions.
I have the following queries:
1. Is there a onePK plugin available on OpenStack via the Neutron/Nova capabilities within OpenStack.
2. Can we run OnePK instances within the Open Stack compute node to replicate the OnePK VMs on ESXi hosts?
3. Also understand that tools like Puppet on Open Stack can be leveraged to automate configuration and Management.
What is the best way to go about integrating ( using a few or all of the above) or using elements of OnePk to program network elements from Open Stack.
Thanks and Regards,
Mohan
Solved! Go to Solution.
The onePK Java APIs are pure Java and will work on Android devices. OnePK provides a topology API that uses CDP to go hop-by-hop through a network to discover the topology. Look at the Topology Service Set. This will provide you a graph of edges and nodes that you can render in any way you see fit.
Thanks for your interest in onePK, Mohan. I'll try and address your individual points.
OnePK isn't geared toward provisioning at the moment. Meaning the device changes introduced via onePK do not persist once the application disconnects. So your OS plugin would need to remain connected to the device to continue to provide the desired operational state. If you want more persistence, one option is to consider using the VTY Service Set in onePK for the time being to interact with the CLI to make changes (while using other APIs to gather statistics). These changes can then be persisted as with other configuration.
Hi Joseph,
Thanks very much indeed and that is really helpful information regarding using VTY service sets in onePK for more persistence. On the same note, what we were planning to achieve is to discover the topology of a network ( using the topology API) from a Mobile client( ipad) for example connected via 3G to OpenStack and the underlying the ESXi infrastructure, and to perform various actions on the topology discovered via Open Stack. So it looks like currently we have to directly map this information from the Mobile client to the All-in-one PK on ESXi until CML is available. By the way are there are any Java/OnePK API's that can be instantiated from mobile clients (ipad or android for example) to discover Cisco routers and switches?
Thanks and Regards,
Mohan
The onePK Java APIs are pure Java and will work on Android devices. OnePK provides a topology API that uses CDP to go hop-by-hop through a network to discover the topology. Look at the Topology Service Set. This will provide you a graph of edges and nodes that you can render in any way you see fit.
Hi Joseph,
Thanks very much for the update and sorry for my late reply. Just a quick one on the One PK Java API for Android devices, can we use it in the API set which already exists or do we have to request for Android APIs.Also, is there any road map towards One PK support for iOS/Apple devices.
You can use the Java SDK for Android development. Essentially, just import the onePK jars into your Android project. There is no specific Android SDK for onePK.
I have not heard of any firm plans to do an iOS port of the API libraries. However, you could build a web-based application off device with a mobile interface that makes onePK calls in the backend.
Hi Joseph,
Many thanks for this information and we will try and build applications for certain fail over scenarios (primary to secondary boxes) and extend this to an Android/Ipad device, which can give us an end of end view of the network from the mobile device to the end client(router) which involves topology discovery, interface mappings, IGP/EGP routing, may be even include IPsec in the mix using the various constructs of OnePK and instantiation of fail over from the end mobile device.
By the way, i am sorry going to bother you with another issue my colleague ran into when he was trying to extend the 3node ViRl topology on the All-in-one PK to a 4node topology. He was not able to decode the co-relation of vmcloud orchestrator with the default config and resulted in a parsing error when the 4node Virl file is executed.
The following additional code was added to the 3 node ViRl file and the file was saved as 4node ViRl text:
<node name="router4" type="SIMPLE" subtype="vios" location="371,407" vmImage="/usr/share/vmcloud/data/images/vios.ova">
<extensions>
<entry key="bootstrap configuration" type="String">/home/cisco/vmcloud-example-networks/4node/router4.con</entry>
<entry key="import files" type="String">/home/cisco/vmcloud-example-networks/4node/router4.p12</entry>
</extensions>
<interface name="GigabitEthernet0/0"/>
<interface name="GigabitEthernet0/1"/>
<interface name="GigabitEthernet0/2"/>
</node>
This results in the following error message when the file is executed:
cisco@onepk:~$ vmcloud netcreate -v /home/cisco/vmcloud-example-networks/4node/4node.virl 4node
Using default configuration: /etc/vmcloud/vmcloudrc
Launching NDE network ...
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/vmcloud/action/vmCloud.py", line 279, in netcreate
toponame)
File "/usr/lib/python2.7/dist-packages/vmcloud/parser/virlParser.py", line 245, in getVirlParser
toponame)
File "/usr/lib/python2.7/dist-packages/vmcloud/parser/virlParser.py", line 42, in __init__
self.validateVirl()
File "/usr/lib/python2.7/dist-packages/vmcloud/parser/virlParser.py", line 167, in validateVirl
src_intf = ctxt(src)[0].attrib['name']
IndexError: list index out of range
None
netcreate :list index out of range
NDE network launch: Failed
Thanks and Regards,
Mohan
Did you create configuration and certificate for router R4?
Hi chomjakrichard,
Thanks and yes i did and i have just posted the config file. For the certificate, do we have to generate a new cert for the new router?
I don't see your virl config file. Yes, you do need to generate a new cert for your new router using the createNEp12.sh script under ~cisco/.simpleCA.
Hi Joseph,
I have generated a certificate for a new vIOS router(R4) using the createNEp12 script . Just wondering how can i import this certificate to the new router R4.
Thanks.
For example
where password is same as you generated with createNEp12. demoTP is name of CA.
And IP is ip address of your TFTP server
For more information:
Virtualized environment without double virtualization with GNS3
and
(read comments)Thanks for this..but in my case i am adding a few vIOS routers on the A-I-O VM, have generated certs for the new routers, but cannot login to them to import the certs and if i create "vmcloud netcreate ...." is giving me an Index error.
oh sorry, in your configuration file for vmcloud 4node.virl? Set path to
your certificates. Look into 3node config and you will see something like
"path/to/file.p12" and do it for your configuration.
2014-10-01 8:54 GMT+02:00 Mohan Kumar <community@cisco.com>:
Cisco Communities <https://communities.cisco.com/> Open Stack
Integration with OnePK
reply from Mohan Kumar <https://communities.cisco.com/people/softnet706>
in Developer > Networking > ACI > onePK - View the full discussion
<https://communities.cisco.com/message/165377#165377>
4node.virl
in case of router1
<entry key="import files" type="String">/home/cisco/vmcloud-example-networks/4node/router1.p12</entry>
change this path, where is your certificate.
If your path of certificate is different like "TFTP path" of AllinOne.
I am not sure if it will work, because what I know, AllinOne uses TFTP server for importing certificates to the router.
That's mean if your path of p12 certificates is not in "TFTP path" you router probably won't "download" these certificates correctly!
Richard CHOMJAK