OpenDaylight Installation and Integration to Mininet emulator

Hi guys,

On the previous article i was writing about SDN Concept using Mininet emulator, now we will explore  about OpenDaylight Platform, wait…what is that?? OpenDaylight Platform previously  named OpenDaylight Controller, so basicly OpenDaylight is open source SDN controller hosted by linux foundation.

The OpenDaylight Controller exposes open northbound APIs, which are used by applications. These applications use the Controller to collect information about the network, run algorithms to conduct analytics, and then use the OpenDaylight Controller to create new rules throughout the network. (Source : sdxcentrall.com)

for the southbound communication OpenDaylight includes support for the OpenFlow protocol, but can also support other open SDN standards (Remember 3 Layer architecture Of SDN concept)

okay, the main point of this article i will try to install OpenDaylight Platform as SDN controller to my mininet emulator which I have installed before (you can read how to installed mininet on the previous article)

as usuall i will installed OpenDaylight on my ubuntu 14.04  AMD64 with minimum specification, because this is for testing purposes

a. Specification Requirement:

CPU : 2 Core

RAM : 4 GB

DISK : 40 GB

b. Software Requirement :

Latest Java  (Ver 7 – 8)  because OpenDaylight Platform writing used JAVA Programming language)

apache-maven-3.3.3

OpenDaylight Package

c. Installation Step :

1. Update Repository and Install JAVA 8:

#sudo add-apt-repository ppa:webupd8team/java -y
#sudo apt-get update
#sudo apt-get install oracle-java8-installer

2. Download Maven package and  Configure to the system

Downoad pakage maven used command

#wget https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.3.3/apache-maven-3.3.3-bin.tar.gz

create folder “apache-maven” on directory /usr/local

#mkdir -p /usr/local/apache-maven/

move package maven to folder directory apache-maven

#mv apache-maven-3.3.3-bin.tar.gz /usr/local/apache-maven/

extract package maven with command :

#tar -xzvf /usr/local/apache-maven/apache-maven-3.3.3-bin.tar.gz -C /usr/local/apache-maven/

Configure maven
# sudo update-alternatives –install /usr/bin/mvn mvn /usr/local/apache-maven/apache-maven-3.3.3/bin/mvn 1
# sudo update-alternatives –config mvn

3. Configures ~/.Bashrc  to update path of your JAVA home Directory and Maven Directory

# sudo apt-get install vim
# vim ~/.bashrc

Add this on the end of line

export M2_HOME=/usr/local/apache-maven/apache-maven-3.3.3
export MAVEN_OPTS=”-Xms256m -Xmx512m”
export JAVA_HOME=/usr/lib/jvm/java-8-oracle

used config ~/.bashrc to your system

#source ~/.bashrc

4. and check your Java Home Directory with command

#echo $JAVA_HOME

5. Next we will download OpenDaylight Package from their website, i choose new update ODL “Carbon SR1” on “July 14, 2017”

#wget https://nexus.opendaylight.org/content/repositories/public/org/opendaylight/integration/distribution-karaf/0.6.1-Carbon/distribution-karaf-0.6.1-Carbon.zip

before we start OpenDaylight Controlelr, if you already have openvswitch on your system, stop the service with comamnd

#service openvswitch-controller stop

#service openvswitch-switch stop

6. Next step we will start OpenDaylight Controller, first unzip OpenDaylight package we have downloaded

#unzip distribution-karaf-0.6.1-Carbon.zip

7. Run OpenDaylight with command

#cd /distribution-karaf-0.6.1-Carbon/bin

#./karaf

on this step, we have success running OpenDaylight SDN controller on our linux system, next from the OpenDaylight comamnd line we will install odl-l2switch and OpenDaylight User Experience (DLUX) application.  DLUX is an openflow network management application for Opendaylight controller. this installation feature to add web interface on OpenDaylight Platform, can login to web interface and control Southbound connections to OVS (Open Virtual Switch) with OVSDB to learn MAC address from host connected to the switch

8. Install feature needed by opendaylight

opendaylight-user@root>feature:install odl-l2switch-switch-ui

opendaylight-user@root>odl-dlux-core
opendaylight-user@root>odl-dluxapps-nodes
opendaylight-user@root>odl-dluxapps-topology
opendaylight-user@root>odl-dluxapps-yangui
opendaylight-user@root>odl-dluxapps-yangvisualizer
opendaylight-user@root>odl-dluxapps-yangman

9. after add all feature needed  by OpenDaylight (ODL) , you can check port listening of your ODL system with command :

#netstat -an | grep tcp

make sure you can see port TCP:8181 as port service to access web interface OpenDaylight, TCP:6633 and TCP:6653 (Port Service Communication for OpenFlow)

 d. Access OpenDaylight Platform

To Access OpenDaylight Platform as SDN Controller type on your URL browser

<IP address OpenDaylight>:8181/index.html

ex : 192.168.98.211:8181/index.html (dont forget type till the path index.html)

login to the OpenDaylight controll used default cridential

user : admin

pass : admin

and you will be shown main page of OpenDaylight controller like on the picture below

e. Integrate OpenDaylight to Mininet as SDN Controller

at this stage we have success to run OpenDaylight Platform and access OpenDayligt website interface (DLUX), next step we will integrate our Mininet SDN emulator to OpenDaylight Platform as SDN Controller through Simple topology

  Login to your mininet Virtual Machine, and create simple topology used mininet emulator with  OpenDaylight Platform as Remote Controller SDN with command

root@mininet#sudo mn –topo tree,2 –controller remote,ip=192.168.98.211

Note : 192.168.98.211 is IP address OpenDaylight Platform

from command above, mininet will create 3 OpenVSwitch, 4 host and 1 Remote Controller. after execute that command, we can back to web interface opendaylight to see topology information from mininet. click 3 Bar near logout button on top right corner and choose topology like example picture below

and we can see topology on mininet configuration from command execution before

from execution command before, we know mininet will created 3 OVS and 4 host on network emulator, but on topology OpenDaylight controller, we just see 3 OVS and can not find 4 host connected to OVS, this happen because OVS need obtaining the MAC address to identifying host conencted to they interface. So from mininet command line interface do Ping to all host on mininet topology with command

mininet>pingall

back to topology OpenDaylight and click reload button to refresh topology information , now we can see on OpenDaylight Topology there 4 hosts connected to OpenVSwitch like on the picture below

That’s all i can share to you on this article, hope this informative for you and thank you

 

 

 

 

 

 

 

Learning SDN (Software Defined Networking) Concept with Mininet

Whats is SDN (Software Defined Networking)? well, thats question will create many opinion and statement from many vendor, website, consultant and other organization, from website opennetworking.org i quote “Software-Defined Networking (SDN) is an emerging architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today’s applications. This architecture decouples the network control and forwarding functions, enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. The OpenFlow® protocol is a foundational element for building SDN solutions.”

Whats is the goal of SDN? from sdxcentral.com I was quote “The goal of  Software Defined Networking is to enable cloud and network engineers and administrators to respond quickly to changing business requirements via a centralized control console”

From my own opinion, SDN is a way how we (Network Admin or Engineer) facing the speed of bussines development especially in digital bussines that used software application or software service as a core bussines to their customer or marketplace, this bussines model usually have rapid growing bussines, dynamic, and need fast improvement with new innovation to their product, because on this digital era this model business it’s so promises, and the competition its very tight, software was developed everyday, every device connected to the internet, innovation was come and produce as a software product to solve human problem, make bussines requirement growing fast and pushing traditional networks to the limit ,in addition how we manage network look so slow.

SDN Benefit??

• Directly Prorgrammable : enables the network to be programmatically configured by proprietary or open source automation tools, including OpenStack, Puppet, Ansible, Python Script and  Chef (yes all about automation and agile)
• Reduce Opex : yes, because with directly programmable, we can automate provisioning, configuration, and orchrestation
• Agility : Sure, Abstracting control from forwarding lets administrators dynamically adjust network-wide traffic flow to meet changing needs, (we can totally control the flow)
• Centrally managed : its make we easier to management our network infrastructure then we must remote node by node and do manual config

SDN Architecture??

Like on the picture above, Commonly SDN Architecture have 3 Layer:

1. Application Layer

On this layer there Northbound APIs: Software-Defined Networking uses northbound APIs to communicates with the applications and business logic “above.” These help network administrators to programmatically shape traffic and deploy services.

On the application layer, it can be orchestrator system infrastructure ,automation tools, Or Python Script

 2. Controll Layer

This layer is “brains” of the network, SDN Controllers offer a centralized view of the overall network, and enable network administrators to dictate to the underlying systems (like switches and routers) how the forwarding plane should handle network traffic.

 3. Infrastructure Layer

on infrastructure layer there Southbound APIs: Software-defined networking uses southbound APIs to relay information to the switches and routers “below.” OpenFlow, considered the first standard in SDN, was the original southbound API and remains as one of the most common protocols.

On this article we will do some lab environment to know more aboute concept of Software defined network used “Mininet”, what is mininet?? Mininet is a network emulator which creates a network of virtual hosts, switches, controllers, and links. Mininet hosts run standard Linux network software, and its switches support OpenFlow for highly flexible custom routing and Software-Defined Networking. To know more information you can visit their website on http://mininet.org/overview/.

On this experiment I installed mininet on my linux Ubuntu 14.04 64 Bit, this installation is quietly easy, I used 2 Core, 40 Gb disk and 4 Gb RAM on my Virtualization. Actually you can just download the virtual edition on their website

https://github.com/mininet/mininet/wiki/Mininet-VM-Images

http://mininet.org/download/

but sometimes too easy make you lazy (lol) so I choose installed the mininet manually to my linux Ubuntu system

How to install Mininet??

To Install mininet on your linux system used command:

#sudo apt-get update

# sudo apt-get install mininet

Do clean instalation of mininet with command

# sudo mn -c

Install Git to download mininet from Git source code management

# sudo apt-get install git

Download Mininet Dependency from git Source code management

#git clone git://github.com/mininet/mininet

Change to directory mininet

#cd mininet

Tag release point of mininet with command

#git tag

choose package release you want to install, i choose latest release

#git checkout -b cs244-spring-2012-final

install mininet

#/mininet/util/install.sh –a

installation may take a few minutes, because they will donwload all dependency package from internet repository, and when it done ,will show like on the picture below

Well done, you success install the mininet to your system, easy right,,so dont be lazy la… 😛

Now run the mininet emulator with command

#sudo mn

when we start mininet emulator automaticly mininet will give you a topology with 2 Host, one SDN controller, and one OpenvSwitch, then we will see the mininet command line “mininet>”  act like terminal on SDN controller to show and configure all of node in the mininet topology, to know basic command on mininet terminal we can do help comamnd “mininet>help”

because this is command line base, maybe its hard to we understand how our topology looks like, so we can used some command to figure out mininet topology and understand how they connected

To see topology connection used command

Mininet>net

To see Node available on topology used command

Mininet>nodes

To see links available to interconnect all nodes on topology mininet used command

Mininet>links

To test ping host on default mininet topology you can used command

mininet>pingall

or to be specific

mininet>h1 ping h2

to create topology network on mininet used template you cand used command

local controller : #sudo mn –topo tree,2

remote controller : #sudo mn –topo tree,2 –controller remote,ip=<ip remote controller>

it will automaticly give you a topology network with all link, switch, nodes, and SDN controller

actually you dont worry about this command line interface, maybe you have phobia with command line interface and totally not prever used command line interface to see link connection or your topology network, mininet can integrated with other platform like OpenDaylight to act as remote controller SDN and as web base graphical interface to generate your topologi SDN network into topologi network picture, but actually mininet self have “miniedit”, thats tools will help you to design your network topologi based on topologi network picture, to open miniedit you can used comamnd

and you will shown GUI to design your topologi network like on the picture below

to design your topologi, its pretty simple, you just click  component available on the left corner such Switch, Router, Controller, Link, host and click it to white  page, then i try to create simple design of my network topology like on the picture below

you can save your topology into mininet file with format “.mn” or generate that topology into python script through menu file –> l2 Script

next, how we can start it, and how we controll and configuration our node on thats topologi, well like i said to you before mininet used “mininet terminal” to do configuration on all nodes on topology, to show configuration, and do test connection of all node, to start mininet command line after we used miniedit, first we go to menu edit –> preferences, and do enable checklist on checkbox “Start CLI” like on the picture below

click OK and click Run button to start your emolator, then go to your terminal linux where you start miniedit, and you will see mininet terminal was available to you do some configuration on your node in the topology network

because this is simple topology and all network connected through L2, network on both of host is one segment and we have attached controller to both of OpenvSwitch, we will able do ping h1 to h2 with command “pingall” or “h1 ping h2”

Note : one thing was i get from this miniedit example is, when i created a network topology, example like on the topology miniedit before with 2 switch, two host with same connection network, but without controller connected to both of switch, i cant do test connection ping h1 to h2 and vise versa, either when i changed used one switch and 2 of host connected on one switch, the result of ping test on h1 to h2 is always timeout, then i realize, well, this is the SDN Concept, on legacy network it should be work, but in the SDN environment, even its was a switch, h1 that couldn’t be connect to h2 through a L2 device when that device not connected to the controller

Next, we will do what SDN should be can do, what is that?? yes, we will do some automation on our SDN environment, we will do direct programming to the controller through their API from application layer then controller will generate the configuration and pushed that configuration through OpenFlow to  Infrastrcuture Layer, and on this test i will used python script on application layer to defined my network infrastructure

Lets create script used Python ptogramming, why python? because its simple, its multiplatform, its powerfull to do that, and why u ask? find by tourself, learn, because this program language will be popular to automate your infrastructure (Infrastructure as Code) yo know (lol)

Create Code with Vim editor

#vim sample.py

from code above i will create simple network case inter-VLAN with topology like on the picture below

save that python script and change code file to execute permission with command

#chmod 777 sample.py

and execute code program python to defined your network infrastructure with command

#python sample.py

well, with execute that python code program, we have create Inter-VLAN network infrastructure with one router, one switch, 2 VLAN, and 2 Host, thats pretty simple right?

yeah its will help us, it will simplify your work, make your network more agile, efficient, and its technology pretty good enough. so next we will check  node connection from network environment we just created used python script

check nodes we created

check the network connection topology

Check the network interface address of host “h1”

host “h1” gateway

Check the network interface address of host “h2”

host “h2” gateway

Check Interface “h3” Switch

check VLAN of “h3″switch used command

mininet>h3 brctl show

Check “h4” router interface

And the last thing, lets we do test ping connection from host “h1” to host “h2” through inter-VLAN network

from host “h1” to host “h2”

from host “h2” to host “h1”

Well, done….hope this article can help you and thanks for read my article

 

 

 

 

 

Python Scripting For Network Engineer (Paramiko Part2)

Hi,

Welcome to my article about  Python Scripting for Administration and Automation Management Network Device used Paramiko Part 2, in previous section i was introduce to you about what is python paramiko, and what we can do used paramiko in our infrastructure operation.

oke i help you to remember, Paramiko is python interface around SSH networking, this method was used on Ansible as Configuration management, remote execution, automation deployment, to your system and IT infrastructure without agent installation on your system (Agentless). so in this article i used paramiko with a little bit python scripting to create simply tools application and used that tools to remote my network device or system to get information  what i need used remote execute command. to do configuration task, i will show you on next section.

i was show to you from previous section (Paramiko-Part1) how to install and used python-paramiko to execute script and create remote session to remote device, so i assumed you have understand and i can continue to python script and explanation.

create python script on your linux system (i used Ubuntu 14.04 LTS) with command

#vim paramiko-show.py

i will separate script and give the explanation

#Noted : on this part i declare and import module paramiko to python script so i can called that module when i execute my script

#Noted : This is Banner my application tools (its funny right..LuL)

 

# Noted : this pieces  is code initialization i create remote connection from my terminal, do sleep session in one second “time.sleep(1)” till remote session created done and save output remote session to variable  named “output”

#Noted : This Script is python while loop to check are host destination we want to remote is on UP or Down Condition, user will input Address destination host which will remote and save the value on variable “ip”, and do command “ping -c 1” to ip destination (ping at once count) used “module os” i have import at top and save the value to variable response. next i do python if and else condition in python while loop function, if the value variable “response”  while loop  is Zero (Success) print command in terminal “Destination is UP” while loop will be end “False” and execution will continue to next script, if the value “response” other than Zero, print command “Destination is Down” and looping will be happend and ask user to input destination host

#Noted : on this piece code i used raw_input string to get value from user, and save the input to variable username for username user, and password to password input from user, i used getpass portable password input to hide value password user when they write it on terminal.

on the second piece script i do python paramiko function to called SSH client and do remote connection used value on variable “ip, username, and password”, then when connection success terminal will print info “you are login sir”, show result remote session and clear terminal when its done

Note : in this piece code i do python while loop again to choose menu section after we success login to system the remote host, this menu is option to get information or status from your remote host/device, on this example i  created  remote command to get information from my palo alto firewall like Interface status, route table and software information through choose option.

user will give they inpute choose on integer value and we will save that value on variable “cfchoose“, then from that input user value on variable cfchoose we will create if else condition on python while loop choose menu section.

if user give the integer input number 1 which that mean want to know interface status palo alto device, paramiko will send remote command palo alto “show interface hardware” to get information interface status  of palo alto device, do time sleep on 2 second till all the output success shown, then save that result on variable “output” and print it to our terminal. do time sleep on 10 second till user done to see and capture the result then do clear terminal and looping back to choose menu option

Note : in the example script above, if user choose option number 2 which mean user want to show routing table in this terminal from remote palo alto device, paramiko will send remote command palo alto to show the route table that firewall device with comamnd “show routing route”, do sleep time till all output from remote command shown and save the value to variable output, then show that result to the terminal. next do time sleep on 10 second so user can see and capture the result, before we clear terminal output and looping back to choose menu options

Next section if user choose option number 3 which mean want to know OS version of palo alto firewall device, paramiko will send remote command to palo alto via SSH to get system information used command “show ystem info”, this command will show to you about all system information of palo alto device, like hostname, SN, OS version, Wildfire and many more, but in this case we just want get specific information from that all value we can get from system information, i just want to know the OS version so in this case i used another method from 2 script cfchoose section we have seen before, after do remote command to palo alto, i save the value to variable output, then i do for loop python on section if else cfchoose, i will loop all value i have save on variable output and put it on variable  line  and do if condition againts, if on this loop i get  ‘sw-version’ i will put that value on variable line and show it to the terminal, next do time sleep on 10 second so user can see and capture the result, before we clear terminal output and looping back to choose menu options

Note :  if user choose option number 4 which mean  user want to exit from this application, script will stop python while loop  for choose menu option, close remote session SSH to remote host/device and print information “thank you for used this tools”

and the last is “else” the negative condition, it will show when input user on while loop choose menu option is not valid, it will print info “Your input is not valid, try again” then do looping back to input user on choose menu option

In the picture below i show to you how this application is working :

picture above is section when i run the python script, input address remote host/device and login used my cridential to palo alto device

after we success login, we will see choose option menu, to choose what we will do from their option menu

picture above is example if we choose option one which mean, want to know interface status of palo alto firewall

picture above is example if we choose option 2 which mean show route table of palo alto device

picture above is example if we choose option 3 which mean show OS Version palo alto device from system information value

picture above is example if we choose option 4 which mean want to out from this application

Full Script

Okay , thats all i can share to you on this article, on the next section we will try to create application configuration for network device used python paramiko scripting

Thanks

 

Python Scripting For Network Engineer (Paramiko) Part-1

Wake up on 5.00 AM GMT+7, i start thinking what should i do on this morning, better im playing Dota 2 😛 or Write Some article. and my heart say something sh*t like, used your time for something useful and be a good person with helping each other.

This article is my promise to you from previous article,when im talking about ansible, i was promise to you i will create a new session about what is paramiko? And example scripting used paramiko phyton to manage your network device

1. What is paramiko :

Paramiko is a Python (2.6+, 3.3+) implementation of the SSHv2 protocol [1], providing both client and server functionality. While it leverages a Python C extension for low level cryptography (Cryptography), Paramiko itself is a pure Python interface around SSH networking concepts.

• Paramiko is python interface around SSH networking
• I will used it connect to Network Device or Linux System
• After Create Connection you can execute any task with python script or run other bash script on linux system
• More Information you can get at http://www.paramiko.org

2. How to install paramiko phyton

In this article i still used ubuntu 14.04 LTS to run my python script, on default ubuntu dont have paramiko phyton module on that system, we can check used python interface from linux terminal

Go to phyton interface with command

#python

and try to import module paramiko on python script, like example picture below

> import paramiko

So we will install module paramiko python first to ubuntu system with command

#sudo apt-get update

#sudo apt-get install python-paramiko

On the picture above we can see, import module was error “ImportError : No module named paramiko”

After we success installed paramiko python on our system, next we try again to import module paramiko again to our python script, its should be success

as you can see, we not get error message when we import paramiko on python script

3. Using paramiko on python scripting

Next we will create a simple basic python scripting used python paramiko to do a remote connection to network device, just test remote connection used python paramiko, so you will understand  basic simple scripting using python paramiko. create file python script with command

#vim paramiko-login.py

And create python script like example on the below

============================================================

import paramiko <call module paramiko>
import time
import os
import getpass

terus_tanya = True
while terus_tanya: <<<<<<<<<<<<<<<looping function and conditions>
ip = raw_input(‘Masukkan IP Tujuan:’)
response = os.system(“ping -c 1 ” + ip)

if response == 0:
terus_tanya = False
print “Destination is UP”
else:
terus_tanya = True
print “Destination is Down”

username = raw_input(‘Masukkan Username Anda:’) <input string>
password = getpass.getpass(“Password: “) <save password used module getpass>
port = 22

/*Noted : on this script i used function raw_input phyton to make user give input value and save the value to username variable, because i dont want to defined  username and showed the usename value on this script and used getpass function to password cridential, because i dont want when user input they password it will showed on command prompt*/

remote = paramiko.SSHClient()
remote.set_missing_host_key_policy(paramiko.AutoAddPolicy())
remote.connect(ip, username=username, password=password, look_for_keys=False, allow_agent=False)
print “you are login Sir”

/*above is script to called SSH function and do login session with SSH protocol*/

 

===============================================================

Save python script login parramiko to a file

4. give grant permission on ubuntu system to execute that python script with command

#sudo chmod 111

And check file permission with command

#ll or ls -l

5. Now we can execute the python script with command

#python paramiko.py

on this i will do a remote session used python paramiko script from my ubuntu system on IP 192.168.98.155 to Security Device Palo Alto on IP 192.168.98.51 through SSH protocol, the result i show to you on the example picture below

Example picture above show we success execute python scripting and success login to security device palo alto on ip 192.168.98.51

To make sure our python script success We must check on Palo Alto dashboard log system to get information IP ubuntu system ex (192.168.98.155) have success create SSH connection to palo alto and success do auhtentication admin

From picture above its look like we success login to palo alto device used python paramiko. and this is a end of session article Python Paramiko Part 1

next section, we will create python script to get information on device after we success login to their system with paramiko python scripting, try to configure device, and many more, the last we will create simple application tools to manage our network device via paramiko python scripting

hope you enjoyed it, Thanks