Operating OPNFV: !Deploy it, test it, run your VNF

Frank Brockners !OPNFV TSC Member!Distinguished Engineer, Cisco!

May 5th, 2015

Users expect a robust, yet flexible base infrastructure layer for NFV. But systems integration is hard. OPNFV is here to help: OPNFV provides system integration for NFV as a community-led effort.

Based on a discussion of the build and composition philosophy of OPNFV, we’ll approach the benefits of OPNFV for users from different angles: OPNFV as a reference building block to install, test and deploy NFV; OPNFV as reference system integration to get your own use-cases integrated into; OPNFV as a foundation to evolve and further develop NFV – privately or as part of the community.

Abstract

5/5/15

…  

OpenSource as the Basis for the Evolution Of The Network Software Stack

Applica)on  So-ware  

Infrastructure  So-ware  

Embedded  So-ware  

Network  OS   Guest  Apps/Plugins  

Orchestra)on  So-ware  

Management  So-ware  

Op)miza)on  So-ware  

Base  OS:    Linux,  …  

Base  Control    Infrastructure  

virtual   physical   Protocols:    IETF,  IEEE,  …  

Applica)ons  

…  

Appliances   PaaS  

•  Systems/Solu)ons  •  Management  and  opera)ons  (orchestra)on  &  NFV)  •  Service  assurance:    Fault,  performance,    

resource  management    and  service  analy)cs  …  •  Network  control  models,  APIs  •  Open  Systems  Integra/on  

Systems-integration is hard! OPNFV provides system integration for NFV as a community-led open-source effort.

5/5/15

Assembling A Platform For NFV

•  “This is the Unix philosophy: !Write programs that do one thing and do it well. Write programs to work together.”

Doug  McIlroy  

Theme: “Run my VNF for real” !Assemble a minimal set of base infrastructure to enable real-world VNF deployments •  Predictable performance – Deploy to bare metal •  Validated – Functional testing, multiple test environments •  Repeatable – Automatic deployment •  Carrier-class – High availability

Do One Thing and Do It Well – “dotadiw”Creating a starting point for OPNFV

See  also:  hSps://wiki.opnfv.org/get_started/get_started_system_state        

Do One Thing and Do It Well – “dotadiw”Base infrastructure requirements: Components

VM  control   Store  Images  (VNFs)  

Iden)ty  Services  /AAA  

Message  Bus  

Cluster  Comms  

HA  &  Loadbalance  

Portal  Network  Control  

Hypervisor   Virtual  Forwarder  

Virtual  disks  (block  storage)  

Data-­‐Base  

Compute   Storage   Opera)ons  Infra  Network  

Orchestra)on  Object  store  

Telemetry  

Test  

Verify  

Benchmark  

Test  VNFs  

Do One Thing and Do It Well – “dotadiw”Choosing a minimal set of base infrastructure

O/S  Nova   O/S  Glance  

O/S  Keystone  

RabbitMQ  

Corosync  

PaceMaker  

O/S  Horizon  OpenDaylight  

KVM   OpenvSwitch  O/S  Cinder  

MySQL  

Compute   Storage   Opera)ons  Infra  Network  

O/S  Heat  O/S  Swi-  

O/S  Ceilometer  

Test  

O/S  Tempest  Robot  

Rally  

Sample  VNFs  

See  also:  hSps://wiki.opnfv.org/get_started/get_started_system_state        

…And Add Continuous Integration and Deployment

KVM  OpenDaylight  OpenStack  OpenVSwitch  <future  component>  <your  component>  

Install  on    reference  system(s)  

Test  on    reference  system(s)  

Choice  of  exis)ng  components*    &  System  state  defini)on  

Lab1  Lab2  

Lab3  

Lab1  Lab2  

Lab3  

Integrate  &  build*    as  a  system  

*OPNFV  currently  composes  builts  from  exis)ng  ar)facts  (e.g.  RPMs)  rather  than  builds  from  source  

Deploying OPNFV

Getting ready to run a VNF on OPNFV

Prepare   Deploy   Run  

•  What  hardware  to  run  OPNFV  on?  

•  Where  to  run  OPNFV?  

•  What  OPNFV  so-ware  to  install?  

•  How  to  deploy  the  OPNFV  so-ware?  

•  How  to  test  the  OPNFV  deployment?  

•  How  to  run  a  VNF  on  the  deployed  OPNFV  plaeorm  

•  Servers –  >= 3 Control nodes –  >= 2 Compute nodes –  1 Provisioning node (“jumphost”)!

(Centos 7, runs test infra and installer VM) •  Services

–  No additional services (e.g. DHCP) !available on subnets. Installers run!services that are required themselves

–  Remote access for community members –  Lights-out-management (IPMI, PXE boot)

Choose your Hardware:OPNFV Reference Infra

Jumphost      

Control  node  

Control  node  

Control  node  

Compute  node  

Compute  node  

Compute  node  

Compute  node  

Control  node  

Traffic    subnet(s)  

O&M    subnet(s)  

Firewall  Internet  

Example  HW  (Linux  Founda)on  lab):  Blade  servers  with  80G  connec)vity  each  (Cisco  UCS-­‐B)  Per  server:  

Intel  Xeon  E5-­‐2637V3  /  3.5  GHz  processor  2  x  1.2  TB  6G  SAS  10K  RPM  SFF  disks,  32G  Memory  

Installer  VM  

Test  Infra  

See  also:  hSps://wiki.opnfv.org/pharos/pharos_specifica)on    

•  OPNFV offers a set of community test labs

•  Compliant to OPNFV hardware reference spec

•  Individual hardware components for custom/advanced testing

Build your own lab or choose an OPNFV community lab

See  also:  hSps://wiki.opnfv.org/pharos    

OPNFV System Summary View

OPNFV Confidential

Automa)c  System  Test    

Control  Node  #1  (Centos)  

Control  Node  #2  (Centos)  

HA  

Compute  Node  #1  (Centos  7)  

   

Linux  

Control  Node  #3  (Centos)  

Automa)c  setup/install   Rally/Tempest,  Robot  

ODL  

Compute  Node  #2  (Centos  7)  

   

Linux  

Open  Stack  

HA  

OVS  

vPing   vIMS   VNFs  

Virtual  Forwarder  …  

…   …  

OVS  

vPing   vIMS   VNFs  

Virtual  Forwarder  …  

…   …  

Future:  ODL  clustering  

•  OPNFV system software: !main delivery vehicle –  Bootable disk image (ISO format) to

install jumphost –  Jumphost drives installation of

OPNFV system •  Alternative

–  Install script (“deploy.sh”) to automatically install the jumphost from repositories

OPNFV Artifacts for Deployment

Find  latest  ISO  images  in  hSp://build.opnfv.org/ar)facts/  Deploy  scripts:  hSps://git.opnfv.org/cgit/genesis/tree/foreman/ci/deploy.sh                                                              hSps://git.opnfv.org/cgit/genesis/tree/fuel/deploy/deploy.sh      

Deployment in a Nutshell

•  Document your node roles, addresses etc. •  Cable your servers and configure any networking gear needed •  Deploy (and optionally customize) your jumphost (“build server”) •  Kick-off control nodes, compute node deployment, network setup •  Download images and upload into Glance •  Boot instance, test connectivity •  Modify setup to meet your needs

17

•  Have a nice day J

Install and Deployment - Concept

•  Installer setup, parametrization of environment, setup and deployment of OPNFV can be automated

•  Details of individual deployment steps differ by installer (e.g. Foreman, Fuel)

5/5/15

Put  node  into  build  mode  with  BMC  reboot  

PXE-­‐boot  nodes  

Install  host  OS  and  associated  control  infra  (Puppet  etc.)  

Install  roles  specific  so-ware  on  nodes    

Setup  and  Deploy  OPNFV  

Deploy  and  Configure  Installer  Setup  Installer  

Configure  parameters,  choose  components  (“pod.yml”)  Parameterize  OPNFV  environment  

Manual  and  automated  deployment  &  

Deployment Tool and Target OPNFV SystemObjective: “Many Installers – one OPNFV”

BASE  VM  Manager  INSTALLATION   OPNFV-­‐INSTALLATION  and  MAINTENANCE    

Common    Configura)on  

(Puppet  Manifests)  

System  level  tests  

(Rally,  Robot)    …  

Phase  1:  Vanilla  VM-­‐manager  install  by  one  of  the  available  installers.  

Once  complete,  installer  “terminates”.  

Phase  2:  OPNFV  specific  installa)ons  and  maintenance.  Goal:  Phase  2  to  be  as  

independent  from  base  installer  as  possible    

Foreman  

Fuel  

OpenStack  Installer  xvy…  

Arno  

Arno  

See  also  hSps://wiki.opnfv.org/get_started/get_started_installer_approach    

OPNFV  test-­‐cases  define  and  validate  target  system  state  

OPNFV Testing

•  Initial Test Focus: !Leverage Scenario tests from upstream; Run a set of sample VNFs

•  Future: OPNFV specific scenario tests

5/5/15

Verify  (scenario  tests)  

Benchmark  (generate  user  load)  

Report  (generate  reports)  

Deployment  

Tempest  (invoked  by  Rally)  

Rally  

Rally  

Robot  

Robot  

OpenStack  scenarios  

OpenDaylight  scenarios  

Deploy  VNF  

vPing,  vIMS  

Manual  and  automated  tes:ng  &  

See  also:  hSps://wiki.opnfv.org/opnfv_func)onal_tes)ng    

Rally  

Robot  

Rally  

Rally/Tempest  

Test samples

5/5/15

Ready! Run your own VNFs

Cinder  create  a  volume  

Create  a  new  SSH  key-­‐pair  and  add  it  to  Nova  

Choose  a  VNF  image  and  upload  the  image  to  Glance  

Create  a  tenant  network  +  router  

Spawn  VNF  instance  and  link  to  criteria  set  above  

Ensure  VNF  spawned  (horizon,  nova  list,  or  ssh)  

Check  connec)vity:  Ping  your  VNF  

Bring  up  any  other  Traffic  Generator  instances,  verify  test  traffic  to  VNF  

Evolve And Influence OPNFVTweak OPNFV to your needs

Kicking The Wheel:Leverage And Tweak OPNFV

5/5/15

KVM  OpenDaylight  OpenStack  OpenVSwitch  <future  component>  <your  component>  

Install  on    reference  system(s)  

Integrate  &  build  as  a  system  

Requirements  

<your  test-­‐cases>  (can  incl.  your  VNFs)  

Indirect:  Use-­‐cases  defined  

as  test  cases  

Direct:  Feature  enhancements  

through  collab.  development  

Test  on    reference  system(s)  

Run  your  VNF  

Add  your  component  

Synchronize your Tool Chain with OPNFV:Continuously deploy OPNFV to your lab

•  Create an OPNFV compliant lab

•  Hook-up your local Jenkins to OPNFV

•  Continuously deploy to your !lab

5/5/15

Further  details:  hSp://build.opnfv.org/ar)facts.opnfv.org/octopus/docs/opnfv-­‐jenkins-­‐slave-­‐connec)on.pdf  Current  Jenkins  slaves:  hSps://build.opnfv.org/ci/computer/      

OPNFV  Jenkins    master  

Your  Lab  

Community  Lab  A  

Community  Lab  ..  

Jenkins  slave  OPNFV’s  slave.jar  

Jenkins  slave  OPNFV’s  slave.jar  

Jenkins  slave  OPNFV’s  slave.jar  

Customized ComponentsReplace OPNFV choices to meet your individual needs: Example

Leverage OPNFV tool chain to integrate and validate

•  Define your use-cases

•  Create associated scenario tests (Tempest, Robot)

•  Get them integrated into OPNFV

•  Consider to contribute them to!OPNFV: Your use-case will be !part of OPNFV evolution

Your Use-Cases in OPNFV

•  OPNFV has a project category for “requirements projects”: –  “Projects which focus on

gathering and documenting OPNFV related requirements”

•  Gather momentum and drive requirements as a community;!within OPNFV and with other upstream communities and SDOs

Your requirements articulated via OPNFV

See  also:  hSps://www.opnfv.org/developers/technical-­‐project-­‐governance/project-­‐lifecycle    

Summary & Closing Thoughts

Summary

•  OPNFV – Systems-integration as an open, meritocratic, community effort •  Starting point (“Arno” release):

–  “dotadiw” approach to get started –  Lab/developer focused first release –  “Run my VNF for real” mind set: Deploy to bare metal with HA –  Instantiate cross-project CI/CD tool chain –  Distributed lab infrastructure

•  Multiple ways to leverage and participate in OPNFV: Run your VNF, get your use-cases/test-cases implemented, articulate your requirements –  User uptake to determine OPNFV’s success: !

Can common merit be achieved quickly enough to achieve industry acceptance?

5/5/15

Closing thoughts

•  NFV base infrastructure is a natural candidate for !open-source and community driven development –  “Hard work” – “Low on IP”, … but integration is still an art

•  NFV base infrastructure has a strong systems-integration aspect:!Choose vs. Choice –  Systems-integration is about picking, choosing and Trust –  Open-Source is about creating choice and recognizing merit created … Could a meritocratic approach provide for a solution?

•  Create and Maintain one Open Platform for NFV – adhere to “dotiadiw” –  Verification (test driven) definition of OPNFV target system state moving forward?

5/5/15

Thank you!