doc(xo-server-sdn-controller): enhance documentation (#4461)

2019-09-04 08:48:27 +02:00
parent 181ed1b1a5
commit 54e278d3f7
9 changed files with 95 additions and 25 deletions
--- a/docs/SUMMARY.md
+++ b/docs/SUMMARY.md
@@ -55,6 +55,7 @@
   * [Emergency Shutdown](emergency_shutdown.md)
   * [Auto scalability](auto_scalability.md)
   * [Forecaster](forecaster.md)
+   * [SDN Controller](sdn_controller.md)
 * [Recipes](recipes.md)
   * [Reverse proxy](reverse_proxy.md)
 * [How to contribute?](contributing.md)
--- a/docs/assets/sdn-controller.png
+++ b/docs/assets/sdn-controller.png
--- a/docs/features.md
+++ b/docs/features.md
@@ -15,5 +15,6 @@ We've made multiple categories to help you to find what you need:
 * [Job Manager](scheduler.html)
 * [Alerts](alerts.html)
 * [Load balancing](load_balancing.html)
+* [SDN Controller](sdn_controller.html)

 ![](./assets/xo5tablet.jpg)
--- a/docs/sdn_controller.md
+++ b/docs/sdn_controller.md
@@ -0,0 +1,44 @@
+# SDN Controller
+
+> SDN Controller is available in XOA 5.44 and higher
+
+The SDN Controller enables a user to **create pool-wide and cross-pool** (since XOA 5.48.1) **private networks**.
+
+![](./assets/sdn-controller.png)
+
+## How does it work?
+
+Please read the [dedicated devblog on the SDN Controller](https://xen-orchestra.com/blog/xo-sdn-controller/) and its [extension for cross-pool private networks](https://xen-orchestra.com/blog/devblog-3-extending-the-sdn-controller/).
+
+## Usage
+
+### Network creation
+
+In the network creation view:
+- Select a `pool`
+- Select `Private network`
+- Select an interface on which to create the network's tunnels
+- Select the encapsulation: a choice is offered between `GRE` and `VxLAN`, if `VxLAN` is chosen, then port 4789 must be open for UDP traffic on all the network's hosts (see [the requirements](#requirements))
+- Select other `pool`s to add them to the network if desired
+  - For each added `pool`: select an interface on which to create the tunnels
+- Create the network
+- Have fun! ☺
+
+### Configuration
+
+Like all other xo-server plugins, it can be configured directly via
+the web interface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
+
+The plugin's configuration contains:
+- `cert-dir`: The path where the plugin will look for the certificates to create SSL connections with the hosts.
+If none is provided, the plugin will create its own self-signed certificates.
+- `override-certs`: Enable to uninstall the existing SDN controller CA certificate in order to replace it with the plugin's one.
+
+## Requirements
+
+> All requirements are met by running up to date XCP-ng hosts.
+>
+> On older XCP-ng hosts, or hosts running Citrix Hypervisor, changes might have to be done manually.
+
+To be able to use `VxLAN`, the following line needs to be added, if not already present, in `/etc/sysconfig/iptables` of all the hosts where `VxLAN` is wanted:
+- `-A xapi-INPUT -p udp -m conntrack --ctstate NEW -m udp --dport 4789 -j ACCEPT`
--- a/packages/xo-server-sdn-controller/README.md
+++ b/packages/xo-server-sdn-controller/README.md
@@ -6,29 +6,9 @@ XO Server plugin that allows the creation of pool-wide and cross-pool private ne

 For installing XO and the plugins from the sources, please take a look at [the documentation](https://xen-orchestra.com/docs/from_the_sources.html).

-## Usage
+## Documentation

-### Network creation
-
-In the network creation view:
- Select a `pool` and `Private network`
- Select on which interface to create the network's tunnels
- Select other pools to add them to the network if wanted
- Create the network
-
-Choice is offer between `GRE` and `VxLAN`, if `VxLAN` is chosen, then the port 4789 must be open for UDP traffic.
-The following line needs to be added, if not already present, in `/etc/sysconfig/iptables` of all the hosts where `VxLAN` is wanted:
-`-A xapi-INPUT -p udp -m conntrack --ctstate NEW -m udp --dport 4789 -j ACCEPT`
-
-### Configuration
-
-Like all other xo-server plugins, it can be configured directly via
-the web interface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
-
-The plugin's configuration contains:
- `cert-dir`: A path where to find the certificates to create SSL connections with the hosts.
-If none is provided, the plugin will create its own self-signed certificates.
- `override-certs`: Whether or not to uninstall an already existing SDN controller CA certificate in order to replace it by the plugin's one.
+Please see the plugin's [official documentation](https://xen-orchestra.com/docs/sdn_controller.html).

 ## Contributions

--- a/packages/xo-server-sdn-controller/src/index.js
+++ b/packages/xo-server-sdn-controller/src/index.js
@@ -106,6 +106,22 @@ function updateNetworkOtherConfig(network) {
 // =============================================================================

 class SDNController extends EventEmitter {
+  /*
+  Attributes on created networks:
+  - `other_config`:
+    - `xo:sdn-controller:encapsulation`    : encapsulation protocol used for tunneling (either `gre` or `vxlan`)
+    - `xo:sdn-controller:pif-device`       : PIF device on which the tunnels are created, must be physical and have an IP configuration
+    - `xo:sdn-controller:private-pool-wide`: `true` if the network is created (and so must be managed) by a SDN Controller
+    - `xo:sdn-controller:vni`              : VxLAN Network Identifier,
+        it is used by OpenVSwitch to route traffic of different networks in a single tunnel
+        See: https://tools.ietf.org/html/rfc7348
+
+  Attributes on created tunnels: See: https://xapi-project.github.io/xapi/design/tunnelling.html
+  - `status`:
+    - `active`: `true` if the corresponding OpenVSwitch bridge is correctly configured and working
+    - `key`   : Corresponding OpenVSwitch bridge name (missing if `active` is `false`)
+  */
+
  constructor({ xo, getDataDir }) {
    super()

@@ -127,9 +143,6 @@ class SDNController extends EventEmitter {

    this._overrideCerts = false

-    // VNI: VxLAN Network Identifier, it is used by OpenVSwitch
-    // to route traffic of different networks in a single tunnel.
-    // See: https://tools.ietf.org/html/rfc7348
    this._prevVni = 0
  }

@@ -393,6 +406,8 @@ class SDNController extends EventEmitter {
      name_description: networkDescription,
      MTU: 0,
      other_config: {
+        // Set `automatic` to false so XenCenter does not get confused
+        // See: https://citrix.github.io/xenserver-sdk/#network
        automatic: 'false',
        'xo:sdn-controller:encapsulation': encapsulation,
        'xo:sdn-controller:pif-device': pif.device,
--- a/packages/xo-server-sdn-controller/src/ovsdb-client.js
+++ b/packages/xo-server-sdn-controller/src/ovsdb-client.js
@@ -11,6 +11,25 @@ const OVSDB_PORT = 6640
 // =============================================================================

 export class OvsdbClient {
+  /*
+  Create an SSL connection to an XCP-ng host.
+  Interact with the host's OpenVSwitch (OVS) daemon to create and manage the virtual bridges
+  corresponding to the private networks with OVSDB (OpenVSwitch DataBase) Protocol.
+  See:
+  - OVSDB Protocol: https://tools.ietf.org/html/rfc7047
+  - OVS Tunneling : http://docs.openvswitch.org/en/latest/howto/tunneling/
+
+  Attributes on created OVS ports (corresponds to a XAPI `PIF` or `VIF`):
+  - `other_config`:
+    - `xo:sdn-controller:cross-pool`       : UUID of the remote network connected by the tunnel
+    - `xo:sdn-controller:private-pool-wide`: `true` if created (and managed) by a SDN Controller
+
+  Attributes on created OVS interfaces:
+  - `options`:
+    - `key`      : Network's VNI
+    - `remote_ip`: Remote IP of the tunnel
+  */
+
  constructor(host, clientKey, clientCert, caCert) {
    this._numberOfPortAndInterface = 0
    this._requestId = 0
--- a/packages/xo-web/src/common/intl/messages.js
+++ b/packages/xo-web/src/common/intl/messages.js
@@ -1748,6 +1748,8 @@ const messages = {
  newNetworkInfo: 'Info',
  newNetworkType: 'Type',
  newNetworkEncapsulation: 'Encapsulation',
+  newNetworkSdnControllerTip:
+    'Private networks work on up-to-date XCP-ng hosts, for other scenarios please see the requirements',
  deleteNetwork: 'Delete network',
  deleteNetworkConfirm: 'Are you sure you want to delete this network?',
  networkInUse: 'This network is currently in use',
--- a/packages/xo-web/src/xo-app/new/network/index.js
+++ b/packages/xo-web/src/xo-app/new/network/index.js
@@ -294,6 +294,14 @@ const NewNetwork = decorate([
                      value={isPrivate}
                    />{' '}
                    <label>{_('privateNetwork')}</label>
+                    <div>
+                      <em>
+                        <Icon icon='info' />{' '}
+                        <a href='https://xen-orchestra.com/docs/sdn_controller.html#requirements'>
+                          {_('newNetworkSdnControllerTip')}
+                        </a>
+                      </em>
+                    </div>
                  </div>
                </Section>
                <Section icon='info' title='newNetworkInfo'>