wiki:MyPlc/NetworkCoreRecommendations

Version 11 (modified by Josh Smift, 8 years ago) (diff)

--

Configuration for MyPLC installations which connect to the GENI OpenFlow-enabled Network Core

This page lists the features that MyPLCs should have in order to work well when connected to the GENI OpenFlow-enabled network core. In particular, the Plastic Slices Meso-scale operations project will use MyPLCs configured according to these recommendations.

If any of these features don't make sense for your campus, please ask.

GENI AM API

It should be possible to use the GENI AM API to create slices which contain resources controlled by GENI-connected MyPLCs. In order to add this support to your MyPLC, you need to:

Install and configure the SFA software

Support for the GENI AM API in MyPLC is provided by the SFA utility, developed by Princeton. GPO is successfully deploying the sfa-geni-gec9 tag of SFA. See GpoLab/MyplcReferenceImplementation for details about how we add this version of SFA to a MyPLC.

Configure SFA to trust participating GENI slice authorities

Configuring MyPLC to trust a remote Slice Authority (SA), allows GENI slices created on that SA to create slivers (allocate resources) on the planetlab nodes connected to the MyPLC. Initial Plastic Slices experiments will trust the pgeni.gpolab.bbn.com slice authority. See GpoLab/MyplcReferenceImplementation for details about how we add this SA to a MyPLC.

Configure SFA's maximum sliver renewal duration

The duration of time that an experimenter can renew their sliver in the future using the SFA interface is a configurable parameter. We have tried to consistently set this value to 180 days for aggregates in the mesoscale. See GpoLab/MyplcReferenceImplementation for details on how to do this.

Ensure that the site containing your nodes is public

The default site which comes packaged with a new MyPLC defaults to being private (it is designed for use in managing the PLC itself, and not really intended to contain nodes). Locally-created experiments can use a private site, but SFA requires a public site. If you put your nodes in the default site, you will need to configure that site to be public. See GpoLab/MyplcReferenceImplementation for how we configure the default site to be public.

Dataplane interfaces connected to OpenFlow networks and national backbones

MyPLC Planetlab nodes connected to the GENI OpenFlow-enabled network core should be able to send experimental traffic to each other using that network. This requires interface configuration on the hosts themselves, and configuration of the upstream network. The following pieces are needed:

Connect node secondary interface to OpenFlow-controlled VLANs usable by experimenters

The OpenFlow/CampusTopology page describes a configuration which can give experimenters flexible access to OpenFlow-controlled VLANs on campus and in the nationwide core. To bring each MyPLC-controlled planetlab node into this topology, connect its secondary interface to a VLAN trunk port allowing at least the VLANs 1700, 1750, 3715, and 3716 (as well as any additional VLANs for point-to-point topologies used at your campus). Configure that switch according to OpenFlow/CampusTopology.

Configure subinterfaces on secondary interfaces

The secondary interface on each planetlab host should contain VLAN-tagged subinterfaces for each relevant VLAN. Many IP addresses must be configured on each interface, so that different IPs can be used by different experiments. GPO will provide a list of IPs to configure on each of your nodes. GPO recommends the plifconfig utility and associated MyPLC patch, which allows interfaces to be controlled by planetlab. Obtain plifconfig from the GPO, then follow the steps at GpoLab/MyplcReferenceImplementation to install plifconfig and configure the HelloGENI interface IPs.

Ensure all IP addresses on a node are visible to slivers

In order for experimenters to be able to use the planetlab nodes attached to your MyPLC for networking experiments, the nodes need to successfully configure vserver so that configured interfaces (those which have IP addresses) are visible within slivers. That is, running /sbin/ifconfig -a within a sliver should show all the configured interfaces, rather than nothing or only the control interface. We have seen a lot of different behavior regarding this problem, resulting from different versions of the MyPLC software and various installed packages. We believe that installing a F8 MyPLC from scratch, following GpoLab/MyplcReferenceImplementation exactly, will lead to the desired behavior if you make sure to follow the instructions in GpoLab/MyplcReferenceImplementation. If you have a different configuration and/or see any problems with this, please ask, and we will try to help.

Miscellaneous features

This section contains other features which are necessary or desirable for Plastic Slices use.

Ensure MyPLC and its nodes are reachable through firewalls

In order for an experimenter to use your MyPLC and its nodes, the following firewall exceptions are needed. If these exceptions are not appropriate for your environment, please contact GPO to discuss alternatives:

  • To create slivers on your MyPLC, the experimenter needs to reach TCP ports 80 (HTTP), 443 (HTTPS), and 12346 (SFA) on the MyPLC node.
  • To access slivers and setup/run an experiment, the experimenter needs to reach TCP port 22 (SSH) on the planetlab nodes.
  • To support network experimenters, dataplane interfaces should probably be unfirewalled between your planetlab nodes and the research backbone.

Configure fast nodemanager response to MyPLC changes

Under the default configuration, planetlab nodes check for new slivers, new interface configurations, and other changes managed by MyPLC, approximately once every 15 minutes. Some of the Plastic Slices project requirements need faster sliver creation, and utilization on these nodes is currently low enough that it is reasonable for nodemanager to be more active. GPO recommends that nodemanager on MyPLC planetlab nodes check for changes every 30-45 seconds, and that httpd logs on MyPLC nodes be rotated and compressed more frequently to compensate for the increased log traffic this causes. See GpoLab/MyplcReferenceImplementation for details about how we configure this.