Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 1 | .. |
| 2 | SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org> |
| 3 | SPDX-License-Identifier: Apache-2.0 |
| 4 | |
Zack Williams | 5d2d678 | 2021-08-26 13:08:44 -0700 | [diff] [blame] | 5 | SD-Fabric Deployment (Beta) |
| 6 | =========================== |
| 7 | |
| 8 | .. note:: |
| 9 | |
| 10 | SD-Fabric using the P4 UPF is a beta feature in the Aether 1.5 release, and |
| 11 | the hardware and software setup is not required if using the BESS UPF. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 12 | |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 13 | Update aether-pod-configs |
| 14 | ------------------------- |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 15 | |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 16 | ``aether-pod-configs`` is a git project hosted on **gerrit.opencord.org** and |
| 17 | we placed the following materials in it. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 18 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 19 | - Terraform scripts to install SD-Fabric applications on Rancher, including ONOS, Stratum and Telegraf. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 20 | - Customized configuration for each application (helm values). |
| 21 | - Application specific configuration files, including ONOS network configuration and Stratum chassis config. |
| 22 | |
| 23 | Here is an example folder structure: |
| 24 | |
| 25 | .. code-block:: console |
| 26 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 27 | ╰─$ tree staging/stg-ace-menlo/sdfabric |
| 28 | staging/stg-ace-menlo/sdfabric |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 29 | ├── app_map.tfvars |
| 30 | ├── backend.tf |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 31 | ├── main.tf -> ../../../common/sdfabric/main.tf |
| 32 | ├── sdfabric |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 33 | │ ├── app_map.tfvars |
| 34 | │ ├── backend.tf |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 35 | │ ├── kubeconfig -> ../../../../common/sdfabric/apps/onos/kubeconfig |
| 36 | │ ├── leaf1-chassis-config.pb.txt |
| 37 | │ ├── leaf2-chassis-config.pb.txt |
| 38 | │ ├── main.tf -> ../../../../common/sdfabric/apps/sdfabric/main.tf |
| 39 | │ ├── sdfabric.yaml |
| 40 | │ ├── spine1-chassis-config.pb.txt |
| 41 | │ ├── spine2-chassis-config.pb.txt |
| 42 | │ └── variables.tf -> ../../../../common/sdfabric/apps/sdfabric/variables.tf |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 43 | ├── telegraf |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 44 | │ ├── app_map.tfvars |
| 45 | │ ├── backend.tf |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 46 | │ ├── main.tf -> ../../../../common/sdfabric/apps/telegraf/main.tf |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 47 | │ ├── telegraf.yaml |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 48 | │ └── variables.tf -> ../../../../common/sdfabric/apps/telegraf/variables.tf |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 49 | └── variables.tf -> ../../../common/tost/variables.tf |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 50 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 51 | There are three Terraform scripts inside **sdfabric** directory and are responsible for managing each service. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 52 | |
| 53 | Root folder |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 54 | """"""""""" |
| 55 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 56 | Terraform reads **app_map.tfvars** to know which application will be installed on Rancher |
| 57 | and which version and customized values need to apply to. |
| 58 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 59 | Here is the example of **app_map.tfvars** which defines prerequisite apps for SD-Fabric |
| 60 | as well as project and namespace in which SD-fabric apps will be provisioned. |
Hyunsun Moon | fc751aa | 2020-11-11 18:49:47 -0800 | [diff] [blame] | 61 | Note that currently we don't have any prerequisite so we left this blank intentionally. |
| 62 | It can be used to specify prerequisites in the future. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 63 | |
| 64 | .. code-block:: |
| 65 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 66 | project_name = "sdfabric" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 67 | namespace_name = "tost" |
| 68 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 69 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 70 | SD-FABRIC folder |
| 71 | """""""""""""""" |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 72 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 73 | All files under **onos** directory are related to ONOS application. |
Hyunsun Moon | fc751aa | 2020-11-11 18:49:47 -0800 | [diff] [blame] | 74 | The **app_map.tfvars** in this folder describes the information about ONOS helm chart. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 75 | |
| 76 | In this example, we specify the **onos-tost** helm chart version to **0.1.18** and load **onos.yaml** |
| 77 | as custom value files. |
| 78 | |
| 79 | .. code-block:: |
| 80 | |
| 81 | apps = ["onos"] |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 82 | namespace_name = "tost" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 83 | |
| 84 | app_map = { |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 85 | sdfabric = { |
| 86 | app_name = "onos-tost" |
| 87 | repo_name = "aether" |
| 88 | chart_name = "sdfabric" |
| 89 | chart_version = "1.0.7" |
| 90 | values_yaml = "sdfabric.yaml" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 91 | } |
| 92 | } |
| 93 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 94 | **sdfabric.yaml** used to custom your sdfabric Helm chart values and please check |
| 95 | `SD-Fabric Helm chart <https://gerrit.opencord.org/plugins/gitiles/sdfabric-helm-charts/+/HEAD/sdfabric/README.md>`_ |
| 96 | to see how to configure it. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 97 | |
| 98 | .. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 99 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 100 | Once the Stratum is deployed to Kubernetes, it will read switch-dependent config files |
| 101 | from the aether-pod-configs repo. |
| 102 | The key folder(**stratum.config.folder**) indicates that relative path of configs. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 103 | |
| 104 | .. attention:: |
| 105 | |
| 106 | The switch-dependent config file should be named as **${hostname}-chassis-config.pb.txt**. |
| 107 | For example, if the host name of your Tofino switch is **my-leaf**, please name config file **my-leaf-config.pb.txt**. |
| 108 | |
| 109 | .. |
| 110 | TODO: Add an example based on the recommended topology |
| 111 | |
| 112 | Telegraf folder |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 113 | """"""""""""""" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 114 | |
| 115 | The app_map.tfvars specify the Helm Chart version and the filename of the custom Helm value file. |
| 116 | |
| 117 | .. code-block:: |
| 118 | |
| 119 | apps=["telegraf"] |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 120 | namespace_name = "tost" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 121 | app_map = { |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 122 | telegraf = { |
| 123 | app_name = "telegraf" |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 124 | repo_name = "aether" |
| 125 | chart_name = "tost-telegraf" |
| 126 | chart_version = "0.1.5" |
| 127 | values_yaml = "telegraf.yaml" |
| 128 | } |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 129 | } |
| 130 | |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 131 | The **telegraf.yaml** used to override the ONOS-Telegraf Helm Chart and its environment-dependent. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 132 | Please pay attention to the **inputs.addresses** section. |
| 133 | Telegraf will read data from stratum so we need to specify all Tofino switch’s IP addresses here. |
| 134 | Taking Menlo staging pod as example, there are four switches so we fill out 4 IP addresses. |
| 135 | |
| 136 | .. code-block:: yaml |
| 137 | |
| 138 | podAnnotations: |
| 139 | field.cattle.io/workloadMetrics: '[{"path":"/metrics","port":9273,"schema":"HTTP"}]' |
| 140 | |
| 141 | config: |
| 142 | outputs: |
| 143 | - prometheus_client: |
| 144 | metric_version: 2 |
| 145 | listen: ":9273" |
| 146 | inputs: |
| 147 | - cisco_telemetry_gnmi: |
| 148 | addresses: |
| 149 | - 10.92.1.81:9339 |
| 150 | - 10.92.1.82:9339 |
| 151 | - 10.92.1.83:9339 |
| 152 | - 10.92.1.84:9339 |
| 153 | redial: 10s |
| 154 | - cisco_telemetry_gnmi.subscription: |
| 155 | name: stratum_counters |
| 156 | origin: openconfig-interfaces |
| 157 | path: /interfaces/interface[name=*]/state/counters |
| 158 | sample_interval: 5000ns |
| 159 | subscription_mode: sample |
| 160 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 161 | |
| 162 | Create Your Own Configs |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 163 | """"""""""""""""""""""" |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 164 | |
| 165 | The easiest way to create your own configs is running the template script. |
| 166 | |
| 167 | Assumed we would like to set up the **ace-example** pod in the production environment. |
| 168 | |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 169 | 1. open the **tools/ace_config.yaml** (You should already have this file when you finish VPN bootstrap stage) |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 170 | 2. fill out all required variables |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 171 | 3. perform the makefile command to generate configuration and directory for SD-Fabric |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 172 | 4. update **onos.yaml** for ONOS |
| 173 | 5. update **${hostname}-chassis-config.pb.txt** for Stratum |
| 174 | 6. commit your change and open the Gerrit patch |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 175 | 7. deploy your patch to ACE cluster and merge it after verifying the fabric connectivity |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 176 | |
| 177 | .. code-block:: console |
| 178 | |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 179 | vim tools/ace_config.yaml |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 180 | make -C tools sdfabric |
| 181 | vim production/ace-example/sdfabric/sdfabric/sdfabric.yaml |
| 182 | vim production/ace-example/sdfabric/sdfabric/*${hostname}-chassis-config.pb.txt** |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 183 | git add commit |
| 184 | git review |
| 185 | |
| 186 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 187 | Quick recap |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 188 | """"""""""" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 189 | |
| 190 | To recap, most of the files in **tost** folder can be copied from existing examples. |
| 191 | However, there are a few files we need to pay extra attentions to. |
| 192 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 193 | - **sdfabric.yaml** in **sdfabric** folder |
| 194 | - Chassis config in **sdfabric** folder |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 195 | There should be one chassis config for each switch. The file name needs to be |
| 196 | **${hostname}-chassis-config.pb.txt** |
| 197 | - **telegraf.yaml** in **telegraf** folder need to be updated with all switch |
| 198 | IP addresses |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 199 | |
| 200 | Double check these files and make sure they have been updated accordingly. |
| 201 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 202 | Create a review request |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 203 | """"""""""""""""""""""" |
| 204 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 205 | We also need to create a gerrit review request, similar to what we have done in |
| 206 | the **Aether Runtime Deployment**. |
| 207 | |
| 208 | Please refer to :doc:`Aether Runtime Deployment <runtime_deployment>` to |
| 209 | create a review request. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 210 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 211 | Deploy to ACE cluster |
| 212 | """"""""""""""""""""" |
| 213 | |
| 214 | SD-Fabric is environment dependent application and you have to prepare correct |
| 215 | configurations for both ONOS and Stratum to make it work. |
| 216 | |
| 217 | A recommended approach is verifying your patch before merging it. You can |
| 218 | type the comment **apply-all** in the Gerrit patch to trigger the deployment |
| 219 | process, and then start to verify fabric connectivity. |
| 220 | |
| 221 | .. attention:: |
| 222 | |
| 223 | Due to the limitation of Terraform's dependent issue, you have to type the |
| 224 | comment **apply-all** to trigger root folder's Terraform script to setup |
| 225 | project and namespace before merging the patch. |
| 226 | |
| 227 | |
| 228 | Check below section to learn more about how we setup the Jenkins job and how it works |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 229 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 230 | Create SD-Fabric (named TOST in Jenkins) deployment job in Jenkins |
| 231 | ------------------------------------------------------------------ |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 232 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 233 | There are three major components in the Jenkins system, the Jenkins pipeline |
| 234 | and Jenkins Job Builder and Jenkins Job. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 235 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 236 | We follow the Infrastructure as Code principle to place three major components |
| 237 | in a Git repo, ``aether-ci-management`` |
| 238 | |
| 239 | Download the ``aether-ci-management`` repository. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 240 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 241 | .. code-block:: shell |
| 242 | |
| 243 | $ cd $WORKDIR |
| 244 | $ git clone "ssh://[username]@gerrit.opencord.org:29418/aether-ci-management" |
| 245 | |
| 246 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 247 | Here is the example of folder structure, we put everything related to three |
| 248 | major components under the jjb folder. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 249 | |
| 250 | .. code-block:: console |
| 251 | |
| 252 | $ tree -d jjb |
| 253 | jjb |
| 254 | ├── ci-management |
| 255 | ├── global |
| 256 | │ ├── jenkins-admin -> ../../global-jjb/jenkins-admin |
| 257 | │ ├── jenkins-init-scripts -> ../../global-jjb/jenkins-init-scripts |
| 258 | │ ├── jjb -> ../../global-jjb/jjb |
| 259 | │ └── shell -> ../../global-jjb/shell |
| 260 | ├── pipeline |
| 261 | ├── repos |
| 262 | ├── shell |
| 263 | └── templates |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 264 | |
| 265 | |
| 266 | Jenkins pipeline |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 267 | """""""""""""""" |
| 268 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 269 | Jenkins pipeline runs the Terraform scripts to install desired applications |
| 270 | into the specified Kubernetes cluster. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 271 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 272 | Both ONOS and Stratum will read configuration files (network config, chassis |
| 273 | config) from aether-pod-config. |
| 274 | |
| 275 | The default git branch is master. For testing purpose, we also provide two |
| 276 | parameters to specify the number of reviews and patchset. |
| 277 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 278 | We will explain more in the next section. |
| 279 | |
| 280 | .. note:: |
| 281 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 282 | Currently, we don’t perform the incremental upgrade for SD-Fabric application. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 283 | Instead, we perform the clean installation. |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 284 | In the pipeline script, Terraform will destroy all existing resources and |
| 285 | then create them again. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 286 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 287 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 288 | We put all pipeline scripts under the pipeline directory, the language of the |
| 289 | pipeline script is groovy. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 290 | |
| 291 | .. code-block:: console |
| 292 | |
| 293 | $ tree pipeline |
| 294 | pipeline |
| 295 | ├── aether-in-a-box.groovy |
| 296 | ├── artifact-release.groovy |
| 297 | ├── cd-pipeline-charts-postrelease.groovy |
| 298 | ├── cd-pipeline-dockerhub-postrelease.groovy |
| 299 | ├── cd-pipeline-postrelease.groovy |
| 300 | ├── cd-pipeline-terraform.groovy |
| 301 | ├── docker-publish.groovy |
| 302 | ├── ng40-func.groovy |
| 303 | ├── ng40-scale.groovy |
| 304 | ├── reuse-scan-gerrit.groovy |
| 305 | ├── reuse-scan-github.groovy |
| 306 | ├── tost-onos.groovy |
| 307 | ├── tost-stratum.groovy |
| 308 | ├── tost-telegraf.groovy |
| 309 | └── tost.groovy |
| 310 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 311 | |
| 312 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 313 | Currently, we had five pipeline scripts for SD-Fabric deployment. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 314 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 315 | 1. tost.groovy |
| 316 | 2. sdfabric.groovy |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 317 | 3. tost-telegraf.groovy |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 318 | 4. tost-onos-debug.groovy |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 319 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 320 | sdfabric.groovy and tost-telegraf.groovy are used to deploy the individual |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 321 | application respectively, and tost.groovy is a high level script, used to |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 322 | deploy whole SD-Fabric application, it will execute the above three scripts in its |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 323 | pipeline script. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 324 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 325 | tost-onos-debug.groovy is used to dump the debug information from the ONOS controller |
| 326 | and it will be executed automatically when ONOS is deployed. |
| 327 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 328 | Jenkins jobs |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 329 | """""""""""" |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 330 | |
| 331 | Jenkins job is the task unit in the Jenkins system. A Jenkins job contains the following information: |
| 332 | |
| 333 | - Jenkins pipeline |
| 334 | - Parameters for Jenkins pipeline |
| 335 | - Build trigger |
| 336 | - Source code management |
| 337 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 338 | We created one Jenkins job for each SD-Fabric component, per Aether edge. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 339 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 340 | We have four Jenkins jobs (HostPath provisioner, ONOS, Stratum and Telegraf) |
| 341 | for each edge as of today. |
| 342 | |
| 343 | There are 10+ parameters in Jenkins jobs and they can be divided into two |
| 344 | parts, cluster-level and application-level. |
| 345 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 346 | Here is an example of supported parameters. |
| 347 | |
| 348 | .. image:: images/jenkins-onos-params.png |
| 349 | :width: 480px |
| 350 | |
| 351 | Application level |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 352 | ''''''''''''''''' |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 353 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 354 | - **GERRIT_CHANGE_NUMBER/GERRIT_PATCHSET_NUMBER**: tell the pipeline script to read |
| 355 | the config for aether-pod-configs repo from a specified gerrit review, instead of the |
| 356 | HEAD branch. It’s good for developer to test its change before merge. |
| 357 | - **onos_user**: used to login ONOS controller |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 358 | - **git_repo/git_server/git_user/git_password_env**: information of git |
| 359 | repository, **git_password_env** is a key for Jenkins Credential system. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 360 | |
| 361 | Cluster level |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 362 | ''''''''''''' |
| 363 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 364 | - **gcp_credential**: Google Cloud Platform credential for remote storage, used |
| 365 | by Terraform. |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 366 | - **terraform_dir**: The root directory of the SD-Fabric directory. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 367 | - **rancher_cluster**: target Rancher cluster name. |
| 368 | - **rancher_api_env**: Rancher credential to access Rancher, used by Terraform. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 369 | |
| 370 | .. note:: |
| 371 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 372 | Typically, developer only focus on **GERRIT_CHANGE_NUMBER** and **GERRIT_PATCHSET_NUMBER**. The rest of them are managed by OPs. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 373 | |
| 374 | Jenkins Job Builder (JJB) |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 375 | """"""""""""""""""""""""" |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 376 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 377 | We prefer to apply the IaC (Infrastructure as Code) for everything. We use the |
| 378 | JJB (Jenkins Job Builder) to create new Jenkins Job, including the Jenkins |
| 379 | pipeline. We need to clone a set of Jenkins jobs when a new edge is deployed. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 380 | |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 381 | In order to provide the flexibility and avoid re-inventing the wheel, we used |
| 382 | the job template to declare your job. Thanks to the JJB, we can use the |
| 383 | parameters in the job template to render different kinds of jobs easily. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 384 | |
| 385 | All the template files are placed under templates directory. |
| 386 | |
| 387 | .. code-block:: console |
| 388 | |
| 389 | ╰─$ tree templates |
| 390 | templates |
| 391 | ├── aether-in-a-box.yaml |
| 392 | ├── archive-artifacts.yaml |
| 393 | ├── artifact-release.yml |
| 394 | ├── cd-pipeline-terraform.yaml |
| 395 | ├── docker-publish-github.yaml |
| 396 | ├── docker-publish.yaml |
| 397 | ├── helm-lint.yaml |
| 398 | ├── make-test.yaml |
| 399 | ├── ng40-nightly.yaml |
| 400 | ├── ng40-test.yaml |
| 401 | ├── private-docker-publish.yaml |
| 402 | ├── private-make-test.yaml |
| 403 | ├── publish-helm-repo.yaml |
| 404 | ├── reuse-gerrit.yaml |
| 405 | ├── reuse-github.yaml |
| 406 | ├── sync-dir.yaml |
| 407 | ├── tost.yaml |
| 408 | ├── verify-licensed.yaml |
| 409 | └── versioning.yaml |
| 410 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 411 | We defined all SD-Fabric required job templates in tost.yaml and here is its partial |
Zack Williams | 794532a | 2021-03-18 17:38:36 -0700 | [diff] [blame] | 412 | content. |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 413 | |
| 414 | .. code-block:: yaml |
| 415 | |
| 416 | - job-template: |
| 417 | name: "{name}-onos" |
| 418 | id: "deploy-onos" |
| 419 | project-type: pipeline |
| 420 | dsl: !include-raw-escape: jjb/pipeline/tost-onos.groovy |
| 421 | triggers: |
| 422 | - onf-infra-tost-gerrit-trigger: |
| 423 | gerrit-server-name: '{gerrit-server-name}' |
| 424 | trigger_command: "apply" |
| 425 | pattern: "{terraform_dir}/tost/onos/.*" |
| 426 | logrotate: |
| 427 | daysToKeep: 7 |
| 428 | numToKeep: 10 |
| 429 | artifactDaysToKeep: 7 |
| 430 | artifactNumToKeep: 10 |
| 431 | parameters: |
| 432 | - string: |
| 433 | name: gcp_credential |
| 434 | default: "{google_bucket_access}" |
| 435 | - string: |
| 436 | name: rancher_cluster |
| 437 | default: "{rancher_cluster}" |
| 438 | - string: |
| 439 | name: rancher_api_env |
| 440 | default: "{rancher_api}" |
| 441 | - string: |
| 442 | name: git_repo |
| 443 | default: "aether-pod-configs" |
| 444 | - string: |
| 445 | name: git_server |
| 446 | default: "gerrit.opencord.org" |
| 447 | - string: |
| 448 | name: git_ssh_user |
| 449 | default: "jenkins" |
| 450 | |
| 451 | |
| 452 | |
| 453 | |
| 454 | Once we have the job template, we need to tell the JJB, we want to use the job template to create our own jobs. |
| 455 | Here comes the concept of project, you need to define job templates you want to use and the values of all parameters. |
| 456 | |
| 457 | |
| 458 | We put all project yaml files under the repo directory and here is the example |
| 459 | |
| 460 | .. code-block:: console |
| 461 | |
| 462 | ╰─$ tree repos 130 ↵ |
| 463 | repos |
| 464 | ├── aether-helm-charts.yaml |
| 465 | ├── aether-in-a-box.yaml |
| 466 | ├── cd-pipeline-terraform.yaml |
| 467 | ├── ng40-test.yaml |
| 468 | ├── spgw.yaml |
| 469 | └── tost.yaml |
| 470 | |
| 471 | |
| 472 | Following is the example of tost projects, we defined three projects here, and each project has different |
| 473 | parameters and Jenkins jobs it wants to use. |
| 474 | |
| 475 | .. code-block:: yaml |
| 476 | |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 477 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 478 | - project: |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 479 | name: deploy-tucson-pairedleaves-dev |
| 480 | rancher_cluster: "dev-pairedleaves-tucson" |
| 481 | terraform_dir: "staging/dev-pairedleaves-tucson" |
| 482 | rancher_api: "{rancher_staging_access}" |
| 483 | properties: |
| 484 | - onf-infra-onfstaff-private |
| 485 | jobs: |
| 486 | - "deploy" |
| 487 | - "deploy-onos" |
| 488 | - "deploy-stratum" |
| 489 | - "deploy-telegraf" |
| 490 | - "debug-tost" |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 491 | |
| 492 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 493 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 494 | Create Your Own Jenkins Job |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 495 | """"""""""""""""""""""""""" |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 496 | |
| 497 | Basically, if you don't need to customize the Jenkins pipeline script and the job configuration, the only thing |
| 498 | you need to do is modify the repos/tost.yaml to add your project. |
| 499 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 500 | For example, we would like to deploy the SD-Fabric to our production pod, let's assume it named "tost-example". |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 501 | Add the following content into repos/tost.yaml |
| 502 | |
| 503 | .. code-block:: yaml |
| 504 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 505 | |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 506 | - project: |
| 507 | name: deploy-tost-example-production |
| 508 | rancher_cluster: "ace-test-example" |
| 509 | terraform_dir: "production/tost-example" |
| 510 | rancher_api: "{rancher_production_access}" |
Hung-Wei Chiu | ac7c010 | 2021-10-29 14:37:56 -0700 | [diff] [blame] | 511 | disable-job: false |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 512 | need_stratum: false |
| 513 | need_onos: false |
| 514 | need_sdfabric: true |
| 515 | debug_namespace: tost |
| 516 | topology: |
| 517 | - sdfabric |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 518 | properties: |
| 519 | - onf-infra-onfstaff-private |
| 520 | jobs: |
| 521 | - "deploy" |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 522 | trigger_path: "sdfabric/.* |
| 523 | - "deploy-sdfabric" |
Hung-Wei Chiu | d06947b | 2021-08-10 16:10:07 -0700 | [diff] [blame] | 524 | - "deploy-telegraf" |
| 525 | - "debug-tost" |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 526 | |
Hung-Wei Chiu | 3accfe9 | 2021-11-02 12:23:53 -0700 | [diff] [blame] | 527 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 528 | .. note:: |
| 529 | |
| 530 | The **terraform_dir** indicates the directory location in aether-pod-configs repo, please ensure your Terraform scripts |
| 531 | already there before running the Jenkins job. |
| 532 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 533 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 534 | Trigger SD-Fabric (named TOST in Jenkins) deployment in Jenkins |
| 535 | --------------------------------------------------------------- |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 536 | |
Hung-Wei Chiu | f7cadb3 | 2020-11-19 04:49:35 +0000 | [diff] [blame] | 537 | Whenever a change is merged into **aether-pod-config**, |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 538 | the Jenkins job should be triggered automatically to (re)deploy SD-Fabric (named TOST in Jenkins). |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 539 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 540 | You can also type the comment **apply** in the Gerrit patch, it will trigger Jenkins jobs to deploy SD-Fabric for you. |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 541 | |
Charles Chan | 2cb05c7 | 2020-12-09 16:31:20 -0800 | [diff] [blame] | 542 | |
| 543 | Verification |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 544 | ------------ |
| 545 | |
Charles Chan | 2cb05c7 | 2020-12-09 16:31:20 -0800 | [diff] [blame] | 546 | Fabric connectivity should be fully ready at this point. |
| 547 | We should verify that **all servers**, including compute nodes and the management server, |
| 548 | have an IP address and are **able to reach each other via fabric interface** before continuing the next step. |
| 549 | |
| 550 | This can be simply done by running a **ping** command from one server to another server's fabric IP. |
| 551 | |
| 552 | |
Hung-Wei Chiu | ac7c010 | 2021-10-29 14:37:56 -0700 | [diff] [blame] | 553 | Disable deployment jobs |
| 554 | ----------------------- |
| 555 | |
| 556 | After verifying the SD-Fabric is ready, please submit another patch to disable the job. |
| 557 | |
| 558 | .. code-block:: diff |
| 559 | |
| 560 | $ cd $WORKDIR/aether-ci-management |
| 561 | $ vi jjb/repos/tost.yaml |
| 562 | |
| 563 | # Add jobs for the new cluster |
| 564 | diff --git a/jjb/repos/tost.yaml b/jjb/repos/tost.yaml |
| 565 | index 19bade4..81b4ab1 100644 |
| 566 | --- a/jjb/repos/tost.yaml |
| 567 | +++ b/jjb/repos/tost.yaml |
| 568 | @@ -478,7 +478,7 @@ |
| 569 | rancher_cluster: "ace-ntt" |
| 570 | terraform_dir: "production/ace-ntt" |
| 571 | rancher_api: "{rancher_production_access}" |
| 572 | - disable-job: false |
| 573 | + disable-job: true |
| 574 | properties: |
| 575 | - onf-infra-onfstaff-private |
| 576 | jobs: |
| 577 | |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 578 | Troubleshooting |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 579 | --------------- |
Charles Chan | 4a10722 | 2020-10-30 17:23:48 -0700 | [diff] [blame] | 580 | |
| 581 | The deployment process involves the following steps: |
| 582 | |
| 583 | 1. Jenkins Job |
| 584 | 2. Jenkins Pipeline |
| 585 | 3. Clone Git Repository |
| 586 | 4. Execute Terraform scripts |
| 587 | 5. Rancher start to install applications |
| 588 | 6. Applications be deployed into Kubernetes cluster |
| 589 | 7. ONOS/Stratum will read the configuration (network config, chassis config) |
| 590 | 8. Pod become running |
| 591 | |
| 592 | Taking ONOS as an example, here's what you can do to troubleshoot. |
| 593 | |
| 594 | You can see the log message of the first 4 steps in Jenkins console. |
| 595 | If something goes wrong, the status of the Jenkins job will be in red. |
| 596 | If Jenkins doesn't report any error message, the next step is going to Rancher's portal |
| 597 | to ensure the Answers is same as the *onos.yaml* in *aether-pod-configs*. |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 598 | |
| 599 | Accessing the Stratum CLI |
| 600 | """"""""""""""""""""""""" |
| 601 | |
| 602 | You can login to the Stratum container running on a switch using this script: |
| 603 | |
| 604 | .. code-block:: sh |
| 605 | |
| 606 | #!/bin/bash |
| 607 | echo 'Attaching to Stratum container. Ctrl-P Ctrl-Q to exit' |
| 608 | echo 'Press Enter to continue...' |
| 609 | DOCKER_ID=`docker ps | grep stratum-bf | awk '{print $1}'` |
| 610 | docker attach $DOCKER_ID |
| 611 | |
Zack Williams | 1ae109e | 2021-07-27 11:17:04 -0700 | [diff] [blame] | 612 | You should then see the ``bf_sde`` prompt: |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 613 | |
| 614 | .. code-block:: sh |
| 615 | |
| 616 | bf_sde> pm |
| 617 | bf_sde.pm> show -a |
| 618 | |
| 619 | Accessing the ONOS CLI |
| 620 | """""""""""""""""""""" |
| 621 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 622 | After setting up kubectl to access the SD-Fabric pods, run: |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 623 | |
| 624 | .. code-block:: sh |
| 625 | |
| 626 | $ kubectl get pods -n tost |
| 627 | |
Hung-Wei Chiu | 6ed7910 | 2021-08-24 14:27:26 -0700 | [diff] [blame] | 628 | Pick a SD-Fabric pod, and make a port forward to it, then login to it with the |
Zack Williams | bcc4c2b | 2021-04-07 16:58:03 -0700 | [diff] [blame] | 629 | ``onos`` CLI tool: |
| 630 | |
| 631 | .. code-block:: sh |
| 632 | |
| 633 | $ kubectl -n tost port-forward onos-tost-onos-classic-0 8181 8101 |
| 634 | $ onos karaf@localhost |
| 635 | |
| 636 | In some rare cases, you may need to access the ONOS master instance CLI, in |
| 637 | which case you can run ``roles``: |
| 638 | |
| 639 | .. code-block:: sh |
| 640 | |
| 641 | karaf@root > roles |
| 642 | device:devswitch1: master=onos-tost-onos-classic-1, standbys=[ onos-tost-onos-classic-0 ] |
| 643 | |
| 644 | Above lines show that ``onos-tost-onos-classic-1`` is the master. So switch to |
| 645 | that by killing the port forward, starting a new one pointing at the master, |
| 646 | then logging into that one: |
| 647 | |
| 648 | .. code-block:: sh |
| 649 | |
| 650 | $ ps ax | grep -i kubectl |
| 651 | # returns kubectl commands running, pick the port-forward one and kill it |
| 652 | $ kill 0123 |
| 653 | $ kubectl -n tost port-forward onos-tost-onos-classic-1 8181 8101 |
| 654 | $ onos karaf@localhost |