wiki:Internal/OpenFlow/Controllers/FlowVisor

Version 8 (modified by akoshibe, 14 years ago) ( diff )

FlowVisor

FlowVisor is a specialized OpenFlow controller that creates slices within an OpenFlow network, allowing the same physical deployment to support multiple controllers. Here we describe the setup/installation FlowVisor 6.0 on Ubuntu 9.10.

references

prereqs

The latest FlowVisor (which supports OpenFlow 1.0 at this time) is based on java, requiring the following packages:

  • ant
  • sun-java6-jdk

It is assumed that you have OpenFlow installed and in working condition.

installation

  1. install above-mentioned packages
  1. pull from git repository: 
     git clone git://openflowswitch.org/flowvisor.git
 cd flowvisor
 git checkout -b flowvisor-0.6 origin/flowvisor-0.6

we need to do a git checkout to make sure we have the right package.

  1. choose the proper version of java with update-alternatives —config java 
     root@internal2:/opt/flowvisor# update-alternatives --config java
There are 2 choices for the alternative java (providing /usr/bin/java).

  Selection    Path                                      Priority   Status
------------------------------------------------------------
  0            /usr/lib/jvm/java-6-openjdk/jre/bin/java   1061      auto mode
  1            /usr/lib/jvm/java-6-openjdk/jre/bin/java   1061      manual mode
* 2            /usr/lib/jvm/java-6-sun/jre/bin/java       63        manual mode

make sure to have java-6-sun version of java chosen as the alternative as shown above.

  1. cd to your flowvisor directory; if ./configure doesn't exist, run ./boot.sh 
    sh ./boot.sh
  1. run ./configure
  1. run make: 
    sudo make CFLAGS="-I/usr/lib/jvm/java-6-sun-1.6.0.20/include -I/usr/lib/jvm/java-6-sun-1.6.0.20/include/linux"
    The paths for CFLAGS should be based on what you get if you do a locate jni.h: 
    $ locate jni.h
/usr/lib/jvm/java-6-sun-1.6.0.20/include/jni.h
  1. run make tests and make install

configuration

the primary means of configuring flowvisor is via fvctl.Unlike older versions of nox, you don't need to create configuration scripts, which is great. Here, we'll describe how to use fvctl through an example run based on the flowvisor webpage.

The testrun Setup

In this setup, FlowVisor is started on port 6655, with an instance of nox listening on port 6656. A FlowVisor slice is created to listen to any controllers using port 6656 (in this case, our test NOX instance). A single virtual switch was made to listen for controllers on port 6655, whereby its control is given to NOX by flowvisor. Everything, unless specified, is done in the flowvisor directory.

  1. set up config file. The config file should be located in your flowvisor directory. Basing it on the default-config.xml file that comes with the flowvisor install: 
    cp default-config.xml config.xml
config-gen-default config.xml (Input: root passwd)

Here, we created a new instance of the configuration file from the sample FlowVisor already has. config-gen-default will also prompt you to create a "root password" that you will be using to make changes to the config file through fvctl.

  1. start FlowVisor. Unlike nox, there are no flags to throw it into the background. Here it is started on port 6655: 
    flowvisor config.xml 6655 &

Since FlowVisor is still buggy as of now, it may be recommended to start FlowVisor with screen to capture any errors. There is also a flowvisor-wrapper that restarts FlowVisor if it dies.

  1. delete sample slices. After inspecting them with getSliceInfo, remove them with deleteSlice. There are two slices, "alice" and "bob". Each action usually requires authentication using the password you created in step 1. 
    fvctl getSliceInfo alice 
fvctl deleteSlice alice 
fvctl getSliceInfo bob 
fvctl deleteSlice bob
  1. create your slice. This is done via createSlice. The syntax goes roughly like this: 
    fvctl createSlice <slice name> tcp:<controller's ip>:<controller's port> <your email>

So for our example, we have a slice "nox-test," which expects a controller with ip 172.16.0.4 living on port 6656: 

fvctl createSlice nox-test tcp:172.16.0.4:6656 foo@sampledomain.com
  1. create your flowspace. Flowspaces define the policy for your slices. Many parameters can be tacked onto addFlowSpace: 
    fvctl addFlowSpace all <priority number> <policy> "Slice:<slice name>=<permissions>"
  • priority - a number between 0 and 231. Higher value = higher priority
  • policy - flow matching policies. Details are under FLOW SYNTAX in the fvctl(1) man pages.
  • slice name - the name of your slice.
  • permissions - similar to chmod, with delegate=1, read=2, write=4.

What we want is very minimal: allow all for the controller of the slice: 

fvctl addFlowSpace all 1000 any "Slice:nox-test=7"
  1. start the controller. Start nox on the IP:port combination defined for the controller in the FlowVisor slice: 
    ./nox_core -i ptcp:6656 switch packetdump -d
  1. start virtual switch. Here we instantiate an IP8800 switch with a virtual switch listening to FlowVisor, which is 172.16.0.4: 
    setvsi 22 37,38 tcp 172.16.0.4:6655 dpid 0x001010223232

The datapath should come up as "connected" under showswitch.

Moving controllers to slices

Here are the steps used to actually move the ORBIT infrastructure to a FlowVisor slice.

  1. edit default port for noxcore. The default settings for snac (e.g. what port it uses, ect) is found in /etc/default/noxcore. Edit the port it uses for the control channel from 6633 to the new port: 
     OF_LISTEN="-i ptcp:6634"
  1. start flowvisor and set up slices: 
     flowvisor config.xml 6633 &
 fvctl createSlice orbit-snac tcp:172.16.0.4:6634 foo@domain.com
 fvctl addFlowSpace all 10000 any "Slice:orbit-snac=7"
  1. restart snac: 
     /etc/init.d/noxcore restart

FlowVisor should now be managing the slice for SNAC.

Note: See TracWiki for help on using the wiki.