| .. |
| SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org> |
| SPDX-License-Identifier: Apache-2.0 |
| |
| Deployment Guide |
| ================ |
| |
| |
| Provision Switches |
| ------------------ |
| |
| We follow Open Network Install Environment(ONIE) way to install Open Network Linux (ONL) image to switch. |
| To work with the SD-Fabric environment, we have customized the ONL image to support related packages and dependencies. |
| |
| Image source file can be found on ONF repository `opennetworkinglab/OpenNetworkLinux <https://github.com/opennetworkinglab/OpenNetworkLinux>`_. |
| You can also download pre-compiled artifacts from `Github Release page <https://github.com/opennetworkinglab/OpenNetworkLinux/releases>`_ |
| |
| |
| .. note:: |
| If you're not familiar with ONIE/ONL environment, please check `Getting Started <https://github.com/opencomputeproject/OpenNetworkLinux/blob/master/docs/GettingStarted.md>`_ to |
| see how to install the ONL image to an ONIE supported switch. |
| |
| Below is an example about how to install the ONL image. |
| |
| 1. Prepare a server which is accessible by the switch and then download the |
| pre-compiled installer from the release page. |
| |
| .. code-block:: |
| |
| wget https://github.com/opennetworkinglab/OpenNetworkLinux/releases/download/v1.4.3/ONL-onf-ONLPv2_ONL-OS_2021-07-16.2159-5195444_AMD64_INSTALLED_INSTALLER |
| python -m http.server 8080 |
| |
| 2. Reboot the switch to enter ONIE installation mode |
| |
| .. note:: |
| Please access the switch via BMC or serial console to keep connection during the installation. |
| |
| |
| .. code-block:: |
| |
| onl-onie-boot-mode rescue; reboot |
| |
| 3. Install ONL installer |
| |
| .. code-block:: |
| |
| onie-nos-install http://$SERVER_IP:8080/ONL-onf-ONLPv2_ONL-OS_2021-07-16.2159-5195444_AMD64_INSTALLED_INSTALLER |
| |
| 4. Setup switch IP and hostname after the installation. |
| |
| |
| Kubernetes Environment |
| ---------------------- |
| |
| Our `ONL <https://github.com/opennetworkinglab/OpenNetworkLinux>`_ version |
| includes all packages required by running the Kubernetes on top of it. |
| Once the Kubernetes is ready, the `Stratum <https://opennetworking.org/stratum/>`_ application will be deployed to the switch to manage it. |
| |
| Unlike server, switch has less CPU and memory resources and we should avoid |
| deploying unnecessary workloads into switch. |
| Besides, the Stratum application should only be deployed to all switches. |
| |
| To achieve the above goals, please apply the resources to your Kubernetes cluster. |
| |
| 1. Set up Label to all switch node, e.g ``node-role.kubernetes.io=switch`` |
| 2. Set up Taint with ``NoSchedule`` to all switch node, e.g ``node-role.kubernetes.io=switch:NoSchedule`` |
| 3. Properly configure the ``NodeSelector`` and ``Toleration`` when deploying Stratum via DaemonSet |
| |
| Example of a five nodes Kubernetes cluster, two switches and three servers |
| |
| .. code-block:: |
| |
| ╰─$ kubectl get node -o custom-columns=NAME:.metadata.name,TAINT:.spec.taints |
| NAME TAINT |
| compute1 <none> |
| compute2 <none> |
| compute3 <none> |
| leaf1 [map[effect:NoSchedule key:node-role.kubernetes.io value:switch]] |
| leaf2 [map[effect:NoSchedule key:node-role.kubernetes.io value:switch]] |
| ╰─$ kubectl get nodes -lnode-role.kubernetes.io=switch |
| NAME STATUS ROLES AGE VERSION |
| leaf1 Ready worker 27d v1.18.8 |
| leaf2 Ready worker 27d v1.18.8 |
| |
| |
| Please follow the :ref:`Install SD-Fabric section <install_sd_fabric>` to |
| check how to use Taint and NodeSelector during installation. |
| |
| |
| # TODO |
| Build Image |
| ----------- |
| |
| Fetch Images From Private Registry |
| ---------------------------------- |
| |
| Container images can be download from ONF self-hosted container registry but you have to gain the access token first. |
| |
| 1. Login to `Aether Harbor Registry <https://registry.aetherproject.org/harbor/sign-in?redirect_url=%2Fharbor%2Fprojects>`_ using your ONF Crowd credential, |
| 2. Select ``User Profile`` drop-down menu in the upper-right corner |
| 3. Generate the CLI secret and it's the secret token you have to access the container registry via CLI tool. |
| 4. Login to the container registry with your username and access token |
| by ``docker login command`` to ensure you can access it. |
| |
| .. code-block:: |
| |
| ╰─$ docker login registry.aetherproject.org --username hwchiu |
| Password: |
| Login Succeeded |
| |
| |
| Please follow the :ref:`Install SD-Fabric section <install_sd_fabric>` to |
| check how to use Taint and NodeSelector during installation. |
| |
| .. _install_sd_fabric: |
| |
| Install SD-Fabric |
| ----------------- |
| |
| To install SD-Fabric into your Kubernetes cluster, follow instructions |
| described on the `SD-Fabric Helm Chart Repository <https://gerrit.opencord.org/plugins/gitiles/sdfabric-helm-charts/+/HEAD/sdfabric/README.md>`_ |
| |
| A workflow to install the SD-Fabric should be look like |
| |
| 1. Clone the Helm Charts files from the `SD-Fabric Helm Chart Repository <https://gerrit.opencord.org/plugins/gitiles/sdfabric-helm-charts/+/HEAD/sdfabric/README.md>`_ |
| 2. Customize the value file based on your environment |
| 3. Deploy it via Helm command |
| |
| Below is an example how to install SD-Fabric |
| |
| .. note:: |
| Please ensure you have installed switch into Kubernetes cluster and have configured them with proper taints and label, |
| and have the permission to fetch the container image from the `Aether Harbor Registry <https://registry.aetherproject.org/harbor/sign-in?redirect_url=%2Fharbor%2Fprojects>`_. |
| |
| |
| 1. Use the git command to clone the `SD-Fabric Helm Chart Repository <https://gerrit.opencord.org/plugins/gitiles/sdfabric-helm-charts/+/HEAD/sdfabric/README.md>`_ |
| 2. Update dependencies |
| |
| .. code-block:: |
| |
| ╰─$ cd sdfabric |
| ╰─$ helm dep update 146 ↵ |
| Downloading onos-classic from repo https://charts.onosproject.org |
| Downloading stratum from repo https://charts.stratumproject.org/ |
| Deleting outdated charts |
| |
| 3. Prepare your value file, you can modify an existing ``values.yaml`` or use a standalone |
| value file, use the later approach in this example. |
| |
| .. code-block:: |
| |
| ╰─$ cat myvaules.yaml |
| image: |
| credential: |
| username: my_username |
| password: my_access_token |
| |
| onos-classic: |
| config: |
| netcfg: > |
| { |
| "devices": { |
| "device:leaf1": { |
| "segmentrouting": { |
| "ipv4NodeSid": 101, |
| "ipv4Loopback": "10.11.22.33", |
| "routerMac": "aa:bb:cc:dd:ee:ff", |
| "pairDeviceId" : "device:leaf2", |
| "pairLocalPort" : 260, |
| "isEdgeRouter": true, |
| "adjacencySids": [] |
| } |
| } |
| } |
| } |
| |
| |
| stratum: |
| nodeSelector: |
| node-role.kubernetes.io: switch |
| |
| tolerations: |
| - effect: NoSchedule |
| value: switch |
| key: node-role.kubernetes.io |
| |
| Please pay attention to the following fields. |
| |
| * Configure your ``registry username and password`` on image.credential |
| * Configure the ``label`` on stratum.nodeSelector |
| * Configure the ``taint`` on stratum.tolerations |
| * Configure the ``network configuration`` on onos-classic.config.netcfg |
| |
| 4. Verify your Configuration to ensure no YAML/Helm syntax errors |
| |
| .. code-block:: |
| |
| ╰─$ helm template -f myvaules.yaml . |
| |
| 5. Using the helm command to install it. (``helm version is above v3.2``) |
| Following command will install the release `sdfabric` to namespace `sdfabric`. |
| |
| .. code-block:: |
| |
| ╰─$ helm install -n sdfabric --create-namespace -f myvaules.yaml sdfabric . |
| NAME: sdfabric |
| LAST DEPLOYED: Mon Oct 11 11:12:59 2021 |
| NAMESPACE: sdfabric |
| STATUS: deployed |
| REVISION: 1 |
| TEST SUITE: None |
| ╰─$ helm -n sdfabric ls |
| NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION |
| sdfabric sdfabric 1 2021-10-11 11:12:59.178789 -0700 PDT deployed sdfabric-1.0.1 |