Changes between Version 18 and Version 19 of GENIExperimenter/Tutorials/NFV/Ryu


Ignore:
Timestamp:
05/31/17 14:33:39 (23 months ago)
Author:
Nabeel Akhtar
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIExperimenter/Tutorials/NFV/Ryu

    v18 v19  
    1 = NFV Tutorial using Ryu =
     1= NFV Tutorial: Managing a Virtual Network Function using SDN and Control Theory =
    22== Abstract ==
    33The virtualization of network functions (e.g., load balancer, intrusion detection system) has enabled the deployment of such functions anytime and anywhere. This tutorial addresses the deployment of a Virtual Network Function (VNF) and challenges associated with the cost and performance of delivering its service. Specifically, VNF instances can be dynamically deployed to meet changing conditions, i.e., more (less) instances to accommodate higher (less) traffic demand or more (less) stringent service requirements. To illustrate these issues, we present a basic set of GENI experiments on a topology that contains traffic sources, a destination, VNF instances of an intrusion detection system (i.e., Snort), an Open vSwitch (OVS), and a controller. The controller is used to steer traffic toward one or more Snort instances as needed so any intrusion can be detected reliably and in a timely fashion. OpenFlow, as a communication protocol standard of a Software Defined Networking (SDN) architecture, is used to install (update) controller-derived forwarding rules on the OVS switch. To measure load on Snort hosts, we leverage the distributed publish-subscribe architecture of our Recursive InterNetwork Architecture (RINA). These measurements (by sensor processes) are fed to the controller to make its decisions. We show results for both a load-independent controller and a load-dependent control-theoretic controller.
    44
    55== Overview ==
    6 We provide another version of  the NFV tutorial using the Ryu controller (besides the POX controller).  The differences in the instructions compared to the POX version are included in this wiki page, and you may be referred to the [wiki:GENIExperimenter/Tutorials/NFV POX version] of the tutorial while doing this Ryu version.
     6This is a basic tutorial that guides you through an experiment using OpenFlow and Network Function Virtualization (NFV). It is recommended that you first read about [http://archive.openflow.org OpenFlow]  and go over a basic [http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/OpenFlowRyu OpenFlow tutorial] on GENI. The goal of this tutorial is to give you a hands-on experience with OpenFlow, and how it can be used for NFV deployment. Using a basic topology, which contains two sources, a destination, two virtual network functions (IDS), an OVS and a controller, we will show how different OpenFlow rules can be used for NFV management. ''' Once resources are reserved for this topology, the tutorial should take about 45-60 minutes to complete. '''
    77
    8 == Tools ==
    9 -  [https://osrg.github.io/ryu/ Ryu controller],  and a tutorial about how to use the Ryu controller can be found [http://sdnhub.org/tutorials/ryu/ here] . 
     8[[Image(http://csr.bu.edu/rina/grw-bu2016/tutorial_files/image002.gif)]] [[BR]]
     9Figure 1: The image above depicts the network topology used in this tutorial.
     10
     11=== Prerequisites: ===
     12
     13-      A GENI account, if you don't have one sign up! [[BR]]
     14-      Familiarity with how to reserve GENI resources (we will be using the GENI Experimenter Portal as our tool).[[BR]]
     15-      Familiarity with [wiki:HowTo/LoginToNodes logging into GENI compute resources].[[BR]]
     16-      Basic understanding of OpenFlow. An OpenFlow tutorial is [http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/OpenFlowRyu here]! [[BR]]
     17-      Familiarity with the Unix command line.[[BR]]
     18-      Familiarity with the Python programming language. We will use a controller (POX controller) written in Python for this tutorial.[[BR]]
     19-      You will need to be a member of a project.[[BR]]
     20
     21[[Image(http://csr.bu.edu/rina/grw-bu2016/tutorial_files/image026.gif)]]  '''Another version of this tutorial using the [https://osrg.github.io/ryu/ Ryu controller ] is also provided, and details can be found [wiki:GENIExperimenter/Tutorials/NFV/Ryu here] '''. [[BR]]
     22
     23
     24=== Tools ===
     25
     26-       [http://openvswitch.org/ Open vSwitch] [[BR]]
     27-       [http://www.noxrepo.org/pox/about-pox/ POX controller]
     28
     29'''Both of the tools are already installed on the machines''' where the resources are provided. If it happens not to be installed, take a look at the following tutorials to learn how to install these tools: [[BR]]
     30[wiki:HowTo/InstallOVSInProtoGENI Open vSwitch][[BR]]
     31[http://networkstatic.net/pox-openflow-controller-installation-screencast/ POX controller] [[BR]]
     32
     33Where to get help:
     34
     35[https://openflow.stanford.edu/display/ONL/POX+Wiki POX Wiki] [[BR]]
     36[http://openvswitch.org/support/ Open vSwitch] [[BR]]
     37[http://groups.geni.net/geni GENI Wiki] [[BR]]
     38
     39== Tutorial Instruction ==
     40{{{
     41#!html
     42
     43
     44<table id="Table_01" height="409" border="0" cellpadding="0" cellspacing="0">
     45        <tr>
     46                <td>
     47                        <a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/DesignSetup"><img src="http://groups.geni.net/geni/attachment/wiki/GENIExperimenter/Tutorials/Graphics/design.png?format=raw" width="152" height="152" alt="Design/Setup"></a>
     48               </td>
     49               <td>
     50<ul>
     51             <li><a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/DesignSetup">Part I: Design/Setup</a></li>
     52             <ul>
     53                 <li>Step 1:  Design the experiment</li>
     54                 <li>Step 2:  Establish the environment</li>
     55                 <li>Step 3:  Obtain resources</li>
     56             </ul></ul>
     57               </td>
     58        </tr>
     59        <tr>
     60                <td>
     61                        <a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/Execute"><img src="http://groups.geni.net/geni/attachment/wiki/GENIExperimenter/Tutorials/Graphics/execute.png?format=raw" width="152" height="143" alt="Execute"></a>
     62                </td>
     63                <td>
     64             <ul>
     65<li><a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/Execute">Part II: Execute</a></li>
     66             <ul>
     67                 <li>Step 1:  Login to VMs </li>
     68                 <li>Step 2:  Configure and initialize services  </li>
     69                 <li>Step 3:  Execute expriment </li>
     70             </ul></ul>
     71                </td>
     72        </tr>
     73        <tr>
     74                <td>
     75                        <a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/Finish"><img src="http://groups.geni.net/geni/attachment/wiki/GENIExperimenter/Tutorials/Graphics/finish.png?format=raw" width="152" height="114" alt="Finish"></a>
     76                </td>
     77
     78                <td>
     79             <ul>
     80             <li><a href="http://groups.geni.net/geni/wiki/GENIExperimenter/Tutorials/NFV/Finish">Part III: Finish</a></li>
     81             <ul>
     82                 <li>Step 1:  Teardown Experiment</li>
     83                 <li>Step 2:  Release resources</li>
     84             </ul></ul>
     85                </td>
     86
     87        </tr>
     88</table>
     89}}}
     90
     91
    1092
    1193----
    12 == Part I: !Design/Setup ==
    13       - First complete steps 1-3 in this [wiki:GENIExperimenter/Tutorials/NFV/DesignSetup page].
    14       - The Ryu controller should be installed on your controller node (reserved in Step 3.1). You can verify it by running the following command on the controller node. [[BR]]
    15       '''/tmp/ryu/bin/ryu-manager --verbose /tmp/ryu/ryu/app/simple_switch.py'''  [[BR]] If Ryu is installed correctly, you should see an output like this:
     94Author: Nabeel Akhtar
    1695
    17 
     96Supervised by: Ibrahim Matta
    1897
    19 {{{
    20 #!html
    21 <img src="http://csr.bu.edu/rina/grw-bu2016/nfv_ryu/pics/ryu.png" hspace=50>
    22  }}}
    23 
    24       - Stop the Ryu controller by typing '''Ctrl + c'''.
    25       - Run the following command in the OVS window to flush all the forwarding rules installed on the OVS node.
    26           - '''sudo ovs-ofctl del-flows br0'''     
    27 ----
    28 
    29 == Part II: Execute ==
    30 
    31 === 1.     Login to the hosts ===
    32 
    33 Open the following windows:
    34   -      one window with ssh into ''controller''
    35   -      one window with ssh into ''OVS''
    36   -      one window with ssh into ''s1''
    37   -      one window with ssh into ''VNF1''
    38   -      one window with ssh into ''VNF2''
    39   -      one window with ssh into ''destination''
    40 
    41 === 2.     Configure and initialize services ===
    42 
    43 ==== 2.1. Use a simple learning switch controller ====
    44 
    45 This is a very simple example where we are going to run a learning switch control to forward traffic from s1 to VNF1.[[BR]]
    46 
    47       1.     Start a ping from s1 to VNF1 in the window of  s1, which should timeout, since there is no controller running.[[BR]]
    48               '''ping vnf1 -c 10'''
    49       2.     Run the following command in the controller window to start the simple learning controller:
    50                '''/tmp/ryu/bin/ryu-manager --verbose /tmp/ryu/ryu/app/simple_switch.py'''
    51       3.    Now ping again from s1 to VNF1, the ping should work.
    52 
    53       4.    Stop the Ryu controller by typing '''Ctrl + c'''.
    54 
    55       5.    Run the following command in the OVS window to flush all the forwarding rules installed on the OVS node.
    56               '''sudo ovs-ofctl del-flows br0'''
    57    
    58 ====  2.2 NFV OVS controller ====
    59 
    60 Next we are going to run a different Ryu controller that will install !OpenFlow rules to support NFV load balancing as well as handling intrusion. With this controller, the traffic shall go from a source to destination, and duplicate packets are sent to one of the IDS nodes (VNF1 or VNF2) for intrusion detection. The picture below shows a red line representing traffic going from source1 to destination, and the green line represents the duplicate traffic that is sent to VNF1 for intrusion detection.
    61 
    62 {{{
    63 #!html
    64 <img src="http://csr.bu.edu/rina/grw-bu2016/tutorial_files/image040.gif" hspace=100>
    65  }}}
    66 
    67 === 3.     Execute Experiments: ===
    68 
    69 3.1. First we need to download the source code and configuration files for the NFV  Ryu controller onto the controller VM. In the window of controller, run the following:
    70           - '''wget !http://csr.bu.edu/rina/grw-bu2016/nfv_ryu/setup_nfv_ryu_controller.sh'''
    71           -  '''chmod 755 setup_nfv_ryu_controller.sh '''
    72           -  '''./setup_nfv_ryu_controller.sh'''
    73 
    74 3.2. Now you should have all files needed for the NFV Ryu controller. Open ''nfv.config'' file to configure the system parameters. You can use any editor to edit the file, and we use nano here as an example.
    75          -  '''nano /tmp/ryu/ryu/app/nfv.config'''
    76 
    77 3.3. You will see the details of this configuration file as follows.  Change the values of ''vnf1_interface'' and ''vnf2_interface'' to the values that you noted down in ''Section 3.3.1'' in the '''[wiki:GENIExperimenter/Tutorials/NFV/DesignSetup Design/Setup]''' section of this tutorial. These values will tell the controller which interfaces are connected to VNF1 and VNF2.
    78 
    79 {{{
    80 #!html
    81 <img src="http://csr.bu.edu/rina/grw-bu2016/nfv_ryu/pics/configPic.png" hspace=100>
    82  }}}
    83 
    84 '''[wiki:GENIExperimenter/Tutorials/NFV/Ryu/LoadBalanceRRwithRyu Experiment 1:  Load Balancing using Round Robin Control with Ryu Controller]'''[[BR]]
    85 '''[wiki:GENIExperimenter/Tutorials/NFV/Ryu/LoadBalancePIwithRyu Experiment 2:  Load Balancing using Proportional Integral (PI) Control with Ryu Controller]'''[[BR]]
    86 '''[wiki:GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu Experiment 3: Handling Intrusion with Ryu Controller]'''[[BR]]
    87 
    88 ----
    89 == Part III: Finish ==
    90 
    91 === Tear down Experiment and Release Resources: ===
    92 
    93 After you are done with all experiments, close all your open windows and release your resources. In the GENI Portal, select the slice and click on the `Delete` button. Now you can start designing and running your own experiments!
    94 
    95 ----
    96 ----
    97 '''Author: Yuefeng Wang and Nabeel Akhtar'''
    98 
    99 '''Supervised by: Ibrahim Matta'''
    100 
    101 '''Boston University'''
    102 
     98Boston University