ProHoster > Blog > Administration > Automation of network services or how to build a virtual laboratory using OpenDaylight, Postman and Vrnetlab
Automation of network services or how to build a virtual laboratory using OpenDaylight, Postman and Vrnetlab
In this article, I will show you how to set up opendaylight to work with network equipment, and also show how to use Postman and simple RESTCONF requests, this equipment can be controlled. We will not work with hardware, but instead we will deploy small virtual laboratories with a single router using Vrnetlab over Ubuntu LTS 20.04.
I will show the detailed settings first using the example of a router Juniper vMX 20.1R1.11, and then we compare it with the setting Cisco xRV9000 7.0.2.
Content
Required knowledge
Part 1: discuss briefly OpenDaylight (hereinafter ODL), Postman и Vrnetlab and why do we need them
Part 2: description of the virtual laboratory
Part 3: customize opendaylight
Part 4: customize Vrnetlab
Part 5: by using Postman connect virtual router (Juniper vMX) to ODL
Part 6: get and change the router configuration using Postman и ODL
Part 7: add Cisco xRV9000
Conclusion
PS
Bibliography
Required knowledge
In order for the article not to turn into a sheet, I omitted some technical details (with links to literature where you can read about them).
In this connection, I offer you topics that it would be good (but almost not necessary) to know before reading:
In our case, we are interested in it as a means for sending REST requests to the OpenDaylight API. You can, of course, send requests manually, but in Postman everything looks very clear and suits our purposes perfectly.
For those who want to dig: a lot of training materials have been written on it (for example).
Tool for deploying virtual routers in Docker
Supports: Cisco XRv, Juniper vMX, Arista vEOS, Nokia VSR, etc.
Open Source
A very interesting but little known instrument. In our case, we will use it to run Juniper vMX and Cisco xRV9000 on a regular Ubuntu 20.04 LTS.
In this tutorial, we will set up the following system:
How it works
Juniper vMX rises in Docker container (by means Vrnetlab) and functions as the most common virtual router.
ODL connected to the router and allows you to control it.
Postman launched on a separate machine and through it we send commands ODL: to connect / remove the router, change the configuration, etc.
Commentary on the device of the system
Juniper vMX и ODL require quite a lot of resources for their stable operation. One only vMX asks for 6 Gb of RAM and 4 cores. Therefore, it was decided to move all the "heavyweights" to a separate machine (Heulett Packard Enterprise MicroServer ProLiant Gen8, Ubuntu 20.04 LTS). The router, of course, does not "fly" on it, but the performance is enough for small experiments.
Part 3: Set up OpenDaylight
The current version of ODL at the time of this writing is Magnesium SR1
1) Install Java Open JDK 11 (for more detailed installation here)
ubuntu:~$ sudo apt install default-jdk
2) Find and download the latest build ODLhence
3) Unzip the downloaded archive
4) Go to the resulting directory
5) Run ./bin/karaf
At this step ODL should start and we will find ourselves in the console (Port 8181 is used for access from the outside, which we will use later).
Next, install ODL Featuresdesigned to work with protocols NETCONF и RESTCONF. To do this in the console ODL we execute:
Each router that is supported Vrnetlab, has its own unique setup procedure. When Juniper vMX we just need to upload the .tgz archive with the router (you can download it from the official site) to the vmx directory and run the command make:
ubuntu:~$ cd ~/vrnetlab/vmx
ubuntu:~$ # Копируем в эту директорию .tgz архив с роутером
ubuntu:~$ sudo make
Building an image vMX will take about 10-20 minutes. It's time to go get some coffee!
"This is because the first time the VCP (Control Plane) is started, it reads a config file that determines whether it will run as a VRR VCP in vMX. Previously, this launch was done during Docker startup, but this meant that the VCP was always restarted once before the virtual router became available, resulting in a long boot time (about 5 minutes) Now the first run of the VCP is done during the build of the Docker image, and since the Docker build cannot be run with the --privileged option, this means that qemu works without KVM hardware acceleration and thus the build takes a very long time.During this process, a lot of logs are output, so at least you can see what is going on.I think a long build is not so scary because that we create an image once, but we launch many."
After you can see the image of our router in Docker:
ubuntu:~$ sudo docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
vrnetlab/vr-vmx 20.1R1.11 b1b2369b453c 3 weeks ago 4.43GB
debian stretch 614bb74b620e 7 weeks ago 101MB
Launch vr-vmx container
We start with the command:
ubuntu:~$ sudo docker run -d --privileged --name jun01 b1b2369b453c
Next, we can see information about active containers:
ubuntu:~$ sudo docker container list
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
120f882c8712 b1b2369b453c "/launch.py" 2 minutes ago Up 2 minutes (unhealthy) 22/tcp, 830/tcp, 5000/tcp, 10000-10099/tcp, 161/udp jun01
Connecting to the router
The IP address of the network interface of the router can be obtained with the following command:
Default, Vrnetlab creates a user on the router vrnetlab/VR-netlab9.
Connecting with ssh:
ubuntu:~$ ssh [email protected]
The authenticity of host '172.17.0.2 (172.17.0.2)' can't be established.
ECDSA key fingerprint is SHA256:g9Sfg/k5qGBTOX96WiCWyoJJO9FxjzXYspRoDPv+C0Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
Password:
--- JUNOS 20.1R1.11 Kernel 64-bit JNPR-11.0-20200219.fb120e7_buil
vrnetlab> show version
Model: vmx
Junos: 20.1R1.11
This completes the router setup.
Installation recommendations for routers of various vendors can be found at github project in the respective directories.
Part 5: Postman - connect the router to OpenDaylight
These are internal namespaces XML (XML namespace) for ODL according to which it creates node.
Further, respectively, the name of the router is node-id, router address - host and so on.
The most interesting line is the last one. Schema-cache-directory creates a directory where all files are downloaded YANG Schema connected router. You can find them in $ODL_ROOT/cache/jun01_cache.
Checking the connection of the router
Let's create GET inquiry:
Query string:
GET http://10.132.1.202:8181/restconf/operational/network-topology:network-topology/topology/topology-netconf/
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
We send. Should receive a status of "200 OK" and a list of all supported by the device YANG Schema:
Comment: To see the latter, in my case it was necessary to wait about 10 minutes after the execution PUTuntil all YANG schema unload on ODL. Up to this point, when performing this GET query will display the following:
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
Part 6: Change the router configuration
Getting the configuration
Let's create GET inquiry:
Query string:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
We send. Should receive the status "200 OK" and the router configuration:
Create a configuration
As an example, let's create the following configuration and modify it:
protocols {
bgp {
disable;
shutdown;
}
}
Let's create POST inquiry:
Query string:
POST http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
On the Headers tab, you need to add two headers:
Accept application/xml
Content-Type application/xml
After sending, they should receive the status "204 No Content"
To check that the configuration has changed, you can use the previous query. But for example, we will create another one that will display information only about the protocols configured on the router.
Let's create GET inquiry:
Query string:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
After executing the request, we will see the following:
Change the configuration
Let's change the information about the BGP protocol. After our actions, it will look like this:
protocols {
bgp {
disable;
}
}
Let's create PUT inquiry:
Query string:
PUT http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
Don't forget to change the headers on the Headers tab to:
Accept application/json
Content-Type application/json
After sending, we will get the following result (We look at the answer using GET request):
Part 7: Adding the Cisco xRV9000
What are we all about Juniper, yes Juniper? Let's talk about Cisco!
I found xRV9000 version 7.0.2 (a beast that needs 8Gb RAM and 4 cores. It is not freely available, so contact Cisco) - let's run it.
Running a container
The process of creating a Docker container is practically no different from Juniper. Similarly, we drop the .qcow2 file with the router into the directory corresponding to its name (in this case, xrv9k) and execute the command make docker-image.
After a few minutes, we see that the image has been created:
ubuntu:~$ sudo docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
vrnetlab/vr-xrv9k 7.0.2 54debc7973fc 4 hours ago 1.7GB
vrnetlab/vr-vmx 20.1R1.11 b1b2369b453c 4 weeks ago 4.43GB
debian stretch 614bb74b620e 7 weeks ago 101MB
We start the container:
ubuntu:~$ sudo docker run -d --privileged --name xrv01 54debc7973fc
After a while, we look that the container has started:
ubuntu:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
058c5ecddae3 54debc7973fc "/launch.py" 4 hours ago Up 4 hours (healthy) 22/tcp, 830/tcp, 5000-5003/tcp, 10000-10099/tcp, 161/udp xrv01
Connect via ssh:
ubuntu@ubuntu:~$ ssh [email protected]
Password:
RP/0/RP0/CPU0:ios#show version
Mon Jul 6 12:19:28.036 UTC
Cisco IOS XR Software, Version 7.0.2
Copyright (c) 2013-2020 by Cisco Systems, Inc.
Build Information:
Built By : ahoang
Built On : Fri Mar 13 22:27:54 PDT 2020
Built Host : iox-ucs-029
Workspace : /auto/srcarchive15/prod/7.0.2/xrv9k/ws
Version : 7.0.2
Location : /opt/cisco/XR/packages/
Label : 7.0.2
cisco IOS-XRv 9000 () processor
System uptime is 3 hours 22 minutes
Connecting the router to OpenDaylight
Adding occurs in a completely similar way with vMX. We just need to change the names. PUT inquiry:
Call after a while GET query to check that everything is connected:
Change the configuration
Let's set up the following configuration:
!
router ospf LAB
mpls ldp auto-config
!
Let's create POST inquiry:
Query string:
POST http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ipv4-ospf-cfg:ospf
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
On the Headers tab, you need to add two headers:
Accept application/json
Content-Type application/json
After its execution, they should receive the status "204 No Content".
Let's check what we got.
To do this, we will create GET inquiry:
Query string:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ipv4-ospf-cfg:ospf
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
On the Authorization tab, you must set the parameter Basic Auth and login/password: admin/admin.
Conclusion
In total, as you may have noticed, the procedures for connecting Cisco and Juniper to OpenDaylight do not differ - this opens up quite a wide scope for creativity. Starting from configuration management of all network components and ending with the creation of your own network policies.
In this tutorial, I have given the simplest examples of how you can interact with network equipment using OpenDaylight. Without a doubt, the queries from the above examples can be made much more complex and set up entire services with one click of the mouse - everything is limited only by your imagination *
To be continued ...
PS
If you suddenly already know all this or, on the contrary, have gone through and sunk into the soul of ODL, then I recommend looking towards developing applications on the ODL controller. You can start hence.