您的位置：首页 > 运维架构

OpenStack Tacker介绍 - 5.创建一个简单的VNFFG，即实现一个SFC服务链的自动化创建

2017-10-11 16:25 435 查看

说明：

本文基于已经搭建好的tacker环境，实践tacker基于模板创建一个SFC服务链。

1、环境准备

1.1 、网络配置

# neutron net-list
+-----------+----------------+
| name      | subnets        |
+-----------+----------------+
| net0      | 172.16.30.0/24 |
| net1      | 172.16.40.0/24 |
| net_mgmt  | 192.168.6.0/24 |
+-----------+----------------+

其中：

net_mgmt：为public网络，并且能够与云平台的管理网络互通

net0：为vxlan网络

net1：为vxlan网络

1.2、镜像

预先创建一个镜像名称为cirros-0.3.5-x86_64-disk的镜像

镜像 cirros-0.3.5-x86_64-disk.img 下载路径
http://download.cirros-cloud.net/0.3.5/
1.3 、预先创建一个VIM
1) 定义一个VIM配置文件

# cat /root/config.yaml
auth_url: http://127.0.0.1:5000/v3 username: admin
password: admin
project_name: admin
user_domain_name: Default
project_domain_name: Default

2）创建VIM

说明：test_vim为默认，创建VNFD的时候如果没有指定具体VIM，则使用该VIM

# tacker vim-register --is-default --config-file /root/config.yaml test_vim

1.4、其他

其他跟多请参考
http://blog.csdn.net/linshenyuan1213/article/details/78131686 http://blog.csdn.net/linshenyuan1213/article/details/78195061
2、创建2个VNFD

说明：VNFD的描述文件在本文最下面

tosca-vnffg-vnfd1.yaml的获取路径：
https://github.com/openstack/tacker/blob/master/samples/tosca-templates/vnffgd/tosca-vnffg-vnfd1.yaml
tosca-vnffg-vnfd2.yaml的获取路径：
https://github.com/openstack/tacker/blob/master/samples/tosca-templates/vnffgd/tosca-vnffg-vnfd2.yaml

# tacker vnfd-create --vnfd-file /home/vnffgd/tosca-vnffg-vnfd1.yaml vnfd1
Created a new vnfd:
+-----------------+--------------------------------------+
| Field           | Value                                |
+-----------------+--------------------------------------+
| created_at      | 2017-10-11 06:27:04.098382           |
| description     | Demo example                         |
| id              | 104a402b-9acc-4ec8-87e8-80b5535349ac |
| name            | vnfd1                                |
| service_types   | vnfd                                 |
| template_source | onboarded                            |
| tenant_id       | eaad10cdd84743bf90bdbd7e781ea9a0     |
| updated_at      |                                      |
+-----------------+--------------------------------------+
# tacker vnfd-create --vnfd-file /home/vnffgd/tosca-vnffg-vnfd2.yaml vnfd2
Created a new vnfd:
+-----------------+--------------------------------------+
| Field           | Value                                |
+-----------------+--------------------------------------+
| created_at      | 2017-10-11 06:27:24.248042           |
| description     | Demo example                         |
| id              | 8bfc0e83-a55b-43d0-a553-b7242624180a |
| name            | vnfd2                                |
| service_types   | vnfd                                 |
| template_source | onboarded                            |
| tenant_id       | eaad10cdd84743bf90bdbd7e781ea9a0     |
| updated_at      |                                      |
+-----------------+--------------------------------------+

3、基于VNFD创建2个VNF

# tacker vnf-create --vnfd-name vnfd1 vnf1_001
Created a new vnf:
+----------------+--------------------------------------+
| Field          | Value                                |
+----------------+--------------------------------------+
| created_at     | 2017-10-11 06:27:49.022636           |
| description    | Demo example                         |
| error_reason   |                                      |
| id             | 23853cfb-265f-4f42-a99d-feeeb11d63fd |
| instance_id    | 6b770804-a745-4b14-b174-508d471e70fd |
| mgmt_url       |                                      |
| name           | vnf1_001                             |
| placement_attr | {"vim_name": "test_vim"}             |
| status         | PENDING_CREATE                       |
| tenant_id      | eaad10cdd84743bf90bdbd7e781ea9a0     |
| updated_at     |                                      |
| vim_id         | 9ede7118-7d78-4003-8909-63ca6ec956e4 |
| vnfd_id        | 104a402b-9acc-4ec8-87e8-80b5535349ac |
+----------------+--------------------------------------+

# tacker vnf-create --vnfd-name vnfd2 vnf2_001
Created a new vnf:
+----------------+--------------------------------------+
| Field          | Value                                |
+----------------+--------------------------------------+
| created_at     | 2017-10-11 06:28:16.476876           |
| description    | Demo example                         |
| error_reason   |                                      |
| id             | 06a3b1ab-550f-4432-b7df-17800947287c |
| instance_id    | 62f62bfb-8aab-4147-bb13-a84936363c68 |
| mgmt_url       |                                      |
| name           | vnf2_001                             |
| placement_attr | {"vim_name": "test_vim"}             |
| status         | PENDING_CREATE                       |
| tenant_id      | eaad10cdd84743bf90bdbd7e781ea9a0     |
| updated_at     |                                      |
| vim_id         | 9ede7118-7d78-4003-8909-63ca6ec956e4 |
| vnfd_id        | 8bfc0e83-a55b-43d0-a553-b7242624180a |
+----------------+--------------------------------------+

4、创建一个VNFFGD

tosca-vnffgd-param-sample.yaml获取路径如下，本文末尾也会提供
https://github.com/openstack/tacker/blob/master/samples/tosca-templates/vnffgd/tosca-vnffgd-param-sample.yaml

# tacker vnffgd-create  --vnffgd-file /home/vnffgd/tosca-vnffgd-param-sample.yaml vnffgd_001
Created a new vnffgd:
+-----------------+-------------------------------------+
| Field           | Value                               |
+-----------------+-------------------------------------+
| description     |                                     |
| id              | 1dc2e099-7b7e-4920-ad5b-b9822e61dcdb|
| name            | vnffgd_001                          |
| template        |  template_info                      |
| template_source | onboarded                           |
| tenant_id       | eaad10cdd84743bf90bdbd7e781ea9a0    |
+-----------------+-------------------------------------+
其中template_info 为：
{
"vnffgd": {
"imports": ["/usr/lib/python2.7/site-packages/tacker/tosca/lib/tacker_defs.yaml",
"/usr/lib/python2.7/site-packages/tacker/tosca/lib/tacker_nfv_defs.yaml"],
"description": "Sample VNFFG parameterized template",
"topology_template": {
....
# 该信息为tosca-vnffgd-param-sample.yaml中的数据转化为的json数据
},
"tosca_definitions_version": "tosca_simple_profile_for_nfv_1_0_0"
}
}

5、最终创建一个VNFFG

vnffg-param-file内容如下

# cat /home/vnffgd/vnffg-param-file.yaml
net_src_port_id: 0c988348-141a-47d7-a1d7-1829a8e0851d #这个IP初始情况就取CP12的port的ID，获取其它VM与CPU12同网段的port的ID
ip_dst_pre:
- 172.16.30.0/24 #该网络必须与tosca-vnffgd-param-sample.yaml定义中的CP12,CP22同一个子网，在本文中即为net0

# tacker vnffg-create --vnffgd-name vnffgd_001 \
--param-file /home/vnffgd/vnffg-param-file.yaml \
--vnf-mapping VNFD1:vnf1_001,VNFD2:vnf2_001 vnffg_001
说明：VNFD1:vnf1_001为映射tosca-vnffgd-param-sample.yaml中定义的VNFD1为具体哪个NVF
如果不使用vnffg-param-file.yaml，可以直接在tosca-vnffgd-param-sample.yaml写死参数即可
Created a new vnffg:
+------------------+--------------------------------------------------+
| Field            | Value                                            |
+------------------+--------------------------------------------------+
| description      |                                                  |
| forwarding_paths | 615884c0-7c15-49dc-a6e6-c74c32edd77a             |
| id               | 7157ff30-0f40-44af-9fd2-050e96107fd7             |
| name             | vnffg_001                                        |
| status           | PENDING_CREATE                                   |
| tenant_id        | eaad10cdd84743bf90bdbd7e781ea9a0                 |
| vnf_mapping      | {"VNFD2": "06a3b1ab-550f-4432-b7df-17800947287c",|
|                  |  "VNFD1": "23853cfb-265f-4f42-a99d-feeeb11d63fd"}|
| vnffgd_id        | 1dc2e099-7b7e-4920-ad5b-b9822e61dcdb             |
+------------------+--------------------------------------------------+

6、VNFFG创建成功

# tacker vnffg-list
+-----------+--------+--------------------------------------+
| name      | status | vnffgd_id                            |
+-----------+--------+--------------------------------------+
| vnffg_001 | ACTIVE | 1dc2e099-7b7e-4920-ad5b-b9822e61dcdb |
+-----------+--------+--------------------------------------+

7、创建后的环境配置信息

# neutron port-pair-list
+--------------------------------------+----------------------------+--------------------------------------+--------------------------------------+
| id                                   | name                       | ingress                              | egress                               |
+--------------------------------------+----------------------------+--------------------------------------+--------------------------------------+
| 0cc09bea-ce1f-4447-aead-45b6c6750df8 | vnf2_001-connection-points | 1191ea20-efc0-489c-a7aa-fd9ddd488ae1 | 1191ea20-efc0-489c-a7aa-fd9ddd488ae1 |
| f0c37c95-18a8-445b-8d6c-9cf5d5fe3c48 | vnf1_001-connection-points | 0c988348-141a-47d7-a1d7-1829a8e0851d | 0c988348-141a-47d7-a1d7-1829a8e0851d |
+--------------------------------------+----------------------------+--------------------------------------+--------------------------------------+
# neutron port-pair-group-list
+--------------------------------------+--------------------------+-------------------------------------------+
| id                                   | name                     | port_pairs                                |
+--------------------------------------+--------------------------+-------------------------------------------+
| 96dc3d51-416b-491f-8e8f-ba2b4d76f2cf | vnf2_001-port-pair-group | ['0cc09bea-ce1f-4447-aead-45b6c6750df8'] |
| bfbfc271-f50d-4a81-afb5-acd894ddc8e6 | vnf1_001-port-pair-group | ['f0c37c95-18a8-445b-8d6c-9cf5d5fe3c48'] |
+--------------------------------------+--------------------------+-------------------------------------------+
# neutron flow-classifier-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+------------------------------------------------------------+
| id                                   | summary                                                    |
+--------------------------------------+------------------------------------------------------------+
| a9178eb7-d38d-4070-b27f-926f2431533b | protocol: any,                                             |
|                                      | source[port]: any[any:any],                                |
|                                      | destination[port]: 172.16.30.0/24[any:any],                |
|                                      | neutron_source_port: 0c988348-141a-47d7-a1d7-1829a8e0851d, |
|                                      | neutron_destination_port: None,                            |
|                                      | l7_parameters: {}                                          |
+--------------------------------------+------------------------------------------------------------+
# neutron port-chain-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+----------------------+------------------------------------------+-------------------------------------------+
| name                 | port_pair_groups                         | flow_classifiers                          |
+----------------------+------------------------------------------+-------------------------------------------+
| vnffg_001-port-chain | ['bfbfc271-f50d-4a81-afb5-acd894ddc8e6', |                                           |
|  '96dc3d51-416b-491f-8e8f-ba2b4d76f2cf'] | ['a9178eb7-d38d-4070-b27f-926f2431533b']  |
+----------------------+------------------------------------------+-------------------------------------------+

8、以上通过tacker创建了一个vnffd，即openstack的SFC服务链

再通过配置各个VNF虚拟机内部的流量处理逻辑，既可以实现网络流量的编排。

9、自动化配置VNF虚拟机内部流量处理逻辑的特性

当前tacker实现了一个openwrt的后端驱动，在创建vnf的时候，将想要做的配置放在config里传进去并进行配置

这里可以看下tacker中的mgmt_driver：

代码位于 tacker/vnfm/mgmt_drivers/openwrt/openwrt.py

说白了，就是通过ssh到VNF上，执行一些配置命令，根据这个特性，可以自己开发自己VNF的驱动。

@log.log
def _config_service(self, mgmt_ip_address, service, config):
user = cfg.CONF.openwrt.user
password = cfg.CONF.openwrt.password
try:
cmd = "uci import %s; /etc/init.d/%s restart" % (service, service)
LOG.debug('execute command: %(cmd)s on mgmt_ip_address '
'%(mgmt_ip)s',
{'cmd': cmd,
'mgmt_ip': mgmt_ip_address})
commander = cmd_executer.RemoteCommandExecutor(
user, password, mgmt_ip_address)
commander.execute_command(cmd, input_data=config)
except Exception as ex:
LOG.error("While executing command on remote "
"%(mgmt_ip)s: %(exception)s",
{'mgmt_ip': mgmt_ip_address,
'exception': ex})
raise exceptions.MgmtDriverException()

@log.log
def mgmt_call(self, plugin, context, vnf, kwargs):
if (kwargs[mgmt_constants.KEY_ACTION] !=
mgmt_constants.ACTION_UPDATE_VNF):
return
dev_attrs = vnf.get('attributes', {})

mgmt_url = jsonutils.loads(vnf.get('mgmt_url', '{}'))
if not mgmt_url:
return

vdus_config = dev_attrs.get('config', '')
config_yaml = yaml.safe_load(vdus_config)
if not config_yaml:
return
vdus_config_dict = config_yaml.get('vdus', {})
for vdu, vdu_dict in vdus_config_dict.items():
config = vdu_dict.get('config', {})
for key, conf_value in config.items():
KNOWN_SERVICES = ('firewall', 'network')
if key not in KNOWN_SERVICES:
continue
mgmt_ip_address = mgmt_url.get(vdu, '')
if not mgmt_ip_address:
LOG.warning('tried to configure unknown mgmt '
'address on VNF %(vnf)s VDU %(vdu)s',
{'vnf': vnf.get('name'),
'vdu': vdu})
continue

if isinstance(mgmt_ip_address, list):
for ip_address in mgmt_ip_address:
self._config_service(ip_address, key, conf_value)
else:
self._config_service(mgmt_ip_address, key, conf_value)

10、文中用到的yaml模板内容

# cat /home/vnffgd/tosca-vnffg-vnfd1.yaml
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0

description: Demo example

metadata:
template_name: sample-tosca-vnfd1

topology_template:
node_templates:
VDU1:
type: tosca.nodes.nfv.VDU.Tacker
capabilities:
nfv_compute:
properties:
num_cpus: 1
mem_size: 512 MB
disk_size: 1 GB
properties:
image: cirros-0.3.5-x86_64-disk
availability_zone: nova
mgmt_driver: noop
config: |
param0: key1
param1: key2

CP11:
type: tosca.nodes.nfv.CP.Tacker
properties:
management: true
order: 0
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL11
- virtualBinding:
node: VDU1

CP12:
type: tosca.nodes.nfv.CP.Tacker
properties:
order: 1
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL12
- virtualBinding:
node: VDU1

CP13:
type: tosca.nodes.nfv.CP.Tacker
properties:
order: 2
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL13
- virtualBinding:
node: VDU1

VL11:
type: tosca.nodes.nfv.VL
properties:
network_name: net_mgmt
vendor: Tacker

VL12:
type: tosca.nodes.nfv.VL
properties:
network_name: net0
vendor: Tacker

VL13:
type: tosca.nodes.nfv.VL
properties:
network_name: net1
vendor: Tacker

# cat /home/vnffgd/tosca-vnffg-vnfd2.yaml
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0

description: Demo example

metadata:
template_name: sample-tosca-vnfd1

topology_template:
node_templates:
VDU1:
type: tosca.nodes.nfv.VDU.Tacker
capabilities:
nfv_compute:
properties:
num_cpus: 1
mem_size: 512 MB
disk_size: 1 GB
properties:
image: cirros-0.3.5-x86_64-disk
availability_zone: nova
mgmt_driver: noop
config: |
param0: key1
param1: key2

CP21:
type: tosca.nodes.nfv.CP.Tacker
properties:
management: true
order: 0
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL21
- virtualBinding:
node: VDU1

CP22:
type: tosca.nodes.nfv.CP.Tacker
properties:
order: 1
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL22
- virtualBinding:
node: VDU1

CP23:
type: tosca.nodes.nfv.CP.Tacker
properties:
order: 2
anti_spoofing_protection: false
requirements:
- virtualLink:
node: VL23
- virtualBinding:
node: VDU1

VL21:
type: tosca.nodes.nfv.VL
properties:
network_name: net_mgmt
vendor: Tacker

VL22:
type: tosca.nodes.nfv.VL
properties:
network_name: net0
vendor: Tacker

VL23:
type: tosca.nodes.nfv.VL
properties:
network_name: net1
vendor: Tacker

# cat tosca-vnffgd-param-sample.yaml
tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0

description: Sample VNFFG parameterized template

topology_template:
description: Sample VNFFG parameterized template

inputs:
net_src_port_id:
type: string
description: Port UUID of source VM.
ip_dst_pre:
type: string
description: Cidr format of destination ip.

node_templates:

Forwarding_path1:
type: tosca.nodes.nfv.FP.Tacker
description: creates path (CP12->CP22)
properties:
id: 51
policy:
type: ACL
criteria:
- network_src_port_id: { get_input: net_src_port_id }
- ip_dst_prefix: { get_input: ip_dst_pre }
path:
- forwarder: VNFD1
capability: CP12
- forwarder: VNFD2
capability: CP22

groups:
VNFFG1:
type: tosca.groups.nfv.VNFFG
description: HTTP to Corporate Net
properties:
vendor: tacker
version: 1.0
number_of_endpoints: 2
dependent_virtual_link: [VL12,VL22]
connection_point: [CP12,CP22]
constituent_vnfs: [VNFD1,VNFD2]
members: [Forwarding_path1]

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航