1 .. This work is licensed under a Creative Commons Attribution 4.0
2 .. International License. http://creativecommons.org/licenses/by/4.0
3 .. Copyright 2017 AT&T Intellectual Property. All rights reserved.
6 Adding a new Openstack Cloud Site to ONAP
7 =========================================
9 The following guide describes how to configure ONAP to be able to instantiate
10 a service in a new cloud site based on Openstack.
12 There are 2 methods for ONAP to communicate with Openstack in order
13 to instantiate a service:
15 * method 1 : ONAP SO => Openstack
16 * method 2 : ONAP SO => ONAP MultiCloud => Openstack
18 In this guideline the following parameters/values will be used
20 * Complex Name: My_Complex
21 * Region Name: ONAP_Cloud_Region_Name
22 * Openstack Tenant Region Value: TenantRegion
23 * Cloud Owner: MyCompanyName
26 Method 1 : without ONAP MultiCloud
27 ----------------------------------
33 Method 2 : using ONAP MultiCloud
34 --------------------------------
36 STEP 1 : declare Cloud Site in ONAP SO to interact with ONAP multiCloud
37 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
39 The MariaDB database of ONAP SO needs to be modified.
41 In the ONAP SO, the use of ONAP Multicloud for that Cloud Site needs to be
44 ONAP SO will communicate with ONAP MultiCloud that interfaces target cloud
45 environment. Two configuration options are offered:
47 * First option: Declare multicloud URL in identity_services table
49 * Openstack tenant credentials are still managed by SO
50 * Openstack tenant region value is checked against Region_ID value in
53 * Second option (from Dublin version): Target solution managing all Openstack
54 tenant information within AAI
56 * ORCHESTRATOR value is set to `multicloud` in cloud_sites table
57 * All Openstack tenant information are stored in AAI and managed by
60 Connect to ONAP SO pod
61 ^^^^^^^^^^^^^^^^^^^^^^
63 In a Unix Terminal, to get the SO pods id that is providing
68 kubectl -n onap get pod | grep mariadb-galera
70 To connect to that SO pod
71 (in this example, the SO pod id is "onap-mariadb-galera-mariadb-galera-0"):
75 kubectl -n onap exec -ti onap-mariadb-galera-mariadb-galera-0 sh
77 Then modify the data in the MariaDB:
80 A "mso_id" and "mso_pass" are required even if, with multicloud,
81 only credentials managed by ESR will be used.
83 Nevertheless, you need to provide a correct encrypted value for the pass value.
85 "MyCompanyName" is a cloud owner value. WARNING : do not use underscore
88 "ONAP_Cloud_Region_Name" is the ONAP region name that can be different from
89 final Openstack tenant region name (TenantRegion in the example).
93 mysql --user=so_admin --password=so_Admin123
96 # First option: Without using ORCHESTRATOR VALUE set to multicloud
97 INSERT INTO identity_services VALUES('MC_KEYSTONE', 'http://msb-iag.onap:80/api/multicloud/v1/MyCompanyName/ONAP_Cloud_Region_Name/identity/v2.0', 'admin', '5b6f369745f5f0e1c61da7f0656f3daf93c8030a2ea94b7964c67abdcfb49bdf2fa2266344b4caaca1eba8264d277831', 'service', 'admin', 1, 'KEYSTONE', 'USERNAME_PASSWORD', 'lastUser', '2019-07-05 10:32:00', '2019-07-05 10:32:00');
98 INSERT INTO cloud_sites VALUES('ONAP_Cloud_Region_Name', 'TenantRegion', 'MC_KEYSTONE', 2.5, 'ONAP_Cloud_Region_Name', NULL, NULL, NULL, 'MySelf', '2019-07-05 10:32:00', '2019-07-05 10:32:00');
100 # Second option: using ORCHESTRATOR VALUE set to multicloud from Dublin version
101 INSERT INTO cloud_sites(ID, REGION_ID, IDENTITY_SERVICE_ID, CLOUD_VERSION, CLLI, ORCHESTRATOR) values("ONAP_Cloud_Region_Name", "ONAP_Cloud_Region_Name", "DEFAULT_KEYSTONE", "2.5", "My_Complex", "multicloud");
104 **Known restriction with second option**
106 See the following tickets:
108 * `MULTICLOUD-846 <https://jira.onap.org/browse/MULTICLOUD-846>`_
109 * `MULTICLOUD-866 <https://jira.onap.org/browse/MULTICLOUD-866>`_
111 ONAP SO VNF Adapter Rest API endpoint version shall be set to version "v2"
112 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
116 to find the right config map name:
120 kubectl -n onap get configmap | grep so-so-bpmn-infra-app-configmap
123 to edit and change the configmap:
127 kubectl -n onap edit configmap onap-so-so-bpmn-infra-app-configmap
129 in the section "vnf", modify the rest endpoint:
134 endpoint: http://so-openstack-adapter.onap:8087/services/VnfAdapter
136 - endpoint: http://so-openstack-adapter.onap:8087/services/rest/v1/vnfs
137 + endpoint: http://so-openstack-adapter.onap:8087/services/rest/v2/vnfs
140 endpoint: http://so-openstack-adapter.onapg:8087/services/rest/v1/volume-groups
143 Having modified the configmap, it is necessary to delete the pod bpmn-infra in
144 order it takes the modification into account.
146 to find the right pod name:
150 kubectl get po -n onap |grep bpmn-infra
153 You need to find the pod that is similar to the following pod id:
155 "onap-so-so-bpmn-infra-79fdf6f9d5-t8qr4"
162 kubectl -n onap delete onap-so-so-bpmn-infra-79fdf6f9d5-t8qr4
165 Then, wait for the pod to restart. To check:
169 kubectl -n onap get po | grep so-so
174 STEP 2 : declare the new cloud Site in ONAP AAI
175 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
178 declare a Complex in ONAP AAI
179 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
182 A Cloud Site is located in a Building called "Complex" object
183 in ONAP AAI datamodel.
185 AAI REST API is used to declare the complex object.
187 Here is an example using "curl" tool to send the API request.
189 The new Complex is named "My_Complex" in this example.
195 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/complexes/complex/My_Complex \
196 -H 'Accept: application/json' \
197 -H 'Authorization: Basic QUFJOkFBSQ==' \
198 -H 'Cache-Control: no-cache' \
199 -H 'Content-Type: application/json' \
200 -H 'Real-Time: true' \
201 -H 'X-FromAppId: jimmy-postman' \
202 -H 'X-TransactionId: 9999' \
204 "physical-location-id": "My_Complex",
205 "data-center-code": "example-data-center-code-val-5556",
206 "complex-name": "My_Complex",
207 "identity-url": "example-identity-url-val-56898",
208 "physical-location-type": "example-physical-location-type-val-7608",
209 "street1": "example-street1-val-34205",
210 "street2": "example-street2-val-99210",
212 "state": "example-state-val-59487",
213 "postal-code": "100000",
214 "country": "example-country-val-94173",
215 "region": "example-region-val-13893",
216 "latitude": "39.9042",
217 "longitude": "106.4074",
218 "elevation": "example-elevation-val-30253",
219 "lata": "example-lata-val-46073"
223 Check the Complexes in ONAP AAI:
228 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/complexes \
229 -H 'Accept: application/json' \
230 -H 'Authorization: Basic QUFJOkFBSQ==' \
231 -H 'X-FromAppId: AAI' \
232 -H 'X-TransactionId: 808b54e3-e563-4144-a1b9-e24e2ed93d4f' \
233 -H 'cache-control: no-cache' -k
238 Declare a Cloud Site in ONAP AAI
239 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
242 To declare a Cloud Site, you need to use the AAI REST API.
244 The new Cloud site is named "ONAP_Cloud_Region_Name" in this example.
246 There is also a "Cloud Owner" notion in ONAP AAI datamodel.
248 The new Cloud Owner is named "MyCompanyName" in this example.
250 In Openstack, there is also a "region" notion. You need to get the value of
251 the region that has been set when deploying your Openstack platform.
253 In the following example the Openstack region has the value "TenantRegion"
254 (in the parameter "cloud-extra-info")
256 parameter "complex-name" relate to the Complex you previously declared.
258 parameter "cloud-type" take the value "openstack"
260 parameter "cloud-region-version" is refering to your Openstack version
262 parameter "cloud-extra-info" will contain the Openstack "region".
263 Here, the region ID of the deployed Openstack cloud site will be set.
265 In the following example the Openstack region has the value "TenantRegion".
267 parameter "esr-system-info-list" will contain the list of Openstack platform
268 credentials that will allow ONAP MultiCloud to communicate with the Cloud Site.
274 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/cloud-regions/cloud-region/MyCompanyName/ONAP_Cloud_Region_Name \
275 -H 'Accept: application/json' \
276 -H 'Authorization: Basic QUFJOkFBSQ==' \
277 -H 'Cache-Control: no-cache' \
278 -H 'Content-Type: application/json' \
279 -H 'Postman-Token: 8b9b95ae-91d6-4436-90fa-69cb4d2db99c' \
280 -H 'Real-Time: true' \
281 -H 'X-FromAppId: jimmy-postman' \
282 -H 'X-TransactionId: 9999' \
284 "cloud-owner": "MyCompanyName",
285 "cloud-region-id": "ONAP_Cloud_Region_Name",
286 "cloud-type": "openstack",
287 "owner-defined-type": "N/A",
288 "cloud-region-version": "pike",
289 "complex-name": "My_Complex",
290 "cloud-zone": "CloudZone",
291 "sriov-automation": false,
292 "identity-url": "WillBeUpdatedByMultiCloud",
293 "cloud-extra-info":"{\"openstack-region-id\":\"TenantRegion\"}"
294 "esr-system-info-list": {
297 "esr-system-info-id": "<random UUID, e.g. 5c85ce1f-aa78-4ebf-8d6f-4b62773e9bde>",
298 "service-url": "http://<your openstack keystone endpoint, e.g. http://10.12.25.2:5000/v3>",
299 "user-name": "<your openstack user>",
300 "password": "<your openstack password>",
301 "system-type": "VIM",
302 "ssl-insecure": false,
303 "cloud-domain": "Default",
304 "default-tenant": "<your openstack project name>",
305 "system-status": "active"
311 In this example, the cloud-region-version is set to `pike` that is the
312 Openstack pike version.
314 * Multicloud pike plugin is claimed to support Openstack pike
315 * It is possible but not guaranteed to support other Openstack version
316 (e.g. rocky) since no testing has been done by multicloud project on all
317 other Openstack versions.
318 * Whatever the Openstack version is tested against, if the cause of a bug roots
319 in Openstack pike source code, this bug shall be reported.
320 * `starlingx` is another possible version value for Openstack clouds.
322 Associate Cloud site to a Complex in ONAP AAI:
327 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/cloud-regions/cloud-region/MyCompanyName/ONAP_Cloud_Region_Name/relationship-list/relationship \
328 -H 'Accept: application/json' \
329 -H 'Authorization: Basic QUFJOkFBSQ==' \
330 -H 'Content-Type: application/json' \
331 -H 'X-FromAppId: AAI' \
332 -H 'X-TransactionId: 808b54e3-e563-4144-a1b9-e24e2ed93d4f' \
333 -H 'cache-control: no-cache' \
335 "related-to": "complex",
336 "related-link": "/aai/v16/cloud-infrastructure/complexes/complex/My_Complex",
337 "relationship-data": [
339 "relationship-key": "complex.physical-location-id",
340 "relationship-value": "My_Complex"
346 Check the Cloud Site creation in ONAP AAI:
351 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/cloud-regions \
352 -H 'Accept: application/json' \
353 -H 'Authorization: Basic QUFJOkFBSQ==' \
354 -H 'X-FromAppId: AAI' \
355 -H 'X-TransactionId: 808b54e3-e563-4144-a1b9-e24e2ed93d4f' \
356 -H 'cache-control: no-cache' -k
360 STEP 3 : Register the Cloud Site in ONAP Multicloud
361 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
366 https://msb.api.discovery.simpledemo.onap.org:30283/api/multicloud/v1/MyCompanyName/ONAP_Cloud_Region_Name/registry \
367 -H 'Accept: application/json' \
368 -H 'Cache-Control: no-cache' \
369 -H 'Content-Type: application/json' \
377 https://aai.api.sparky.simpledemo.onap.org:30233/aai/v16/cloud-infrastructure/cloud-regions/cloud-region/MyCompanyName/ONAP_Cloud_Region_Name?depth=all \
378 -H 'Accept: application/json' \
379 -H 'Authorization: Basic QUFJOkFBSQ==' \
380 -H 'Cache-Control: no-cache' \
381 -H 'Content-Type: application/json' \
382 -H 'Real-Time: true' \
383 -H 'X-FromAppId: jimmy-postman' \
384 -H 'X-TransactionId: 9999' -k
386 The registration is successfull if at least, the field `identity-url` is
387 updated with the multicloud http url. In addition, all the cloud information
388 are loaded in AAI (Flavors, images, etc) but only
390 * if ORCHESTRATOR value is set to `multicloud` in cloud_sites database table
391 * and if the Openstack cloud is configured to support only keystone v2 or v3
392 having the version set in the service url. Multicloud pike and starlingx
393 plugins do not support an Openstack cloud that exposes both v2 and v3.
397 openstack endpoint list --service keystone
398 +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------------+
399 | ID | Region | Service Name | Service Type | Enabled | Interface | URL |
400 +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------------+
401 | 53c0016ad22144b2883b3a9487206a4b | RegionOne | keystone | identity | True | public | https://specific_url:5000/v3 |
402 | 85a7a334353a4b028d8005a454b6578f | RegionOne | keystone | identity | True | admin | http://10.x.x.9:35357/v3 |
403 | 8d5274cd66884ec7b0e3edd965a53f69 | RegionOne | keystone | identity | True | internal | http://10.x.x.9:5000/v3 |
404 +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------------+