The Nuage libnetwork plugin allows users to create new networks of type Nuage. Nuage libnetwork plugin runs on every docker host. Each Docker host, whether bare-metal or virtual, also has the VSP’s Virtual Routing and Switching (VRS) component installed on it. VRS, a software agent, is the Nuage user space component of standard Open vSwitch (OVS). It is responsible for forwarding traffic from the containers, performing the VXLAN encapsulation of layer-2 packets, and enforcing security policies. When creating a Docker container, the user can specify what Zone or Policy Group it belongs to. All endpoints in a given Zone adhere to the same set of security policies. Nuage libnetwork plugin supports built in IPAM driver where the IP address management is done by VSP.
The libnetwork plugin supports both local and global scope networks. The scope defines if your network is going to propagate to all the nodes as part of your cluster. The simplest use case is for single host networking. This translates to networks that are only visible on the host on which the network is added.
In this blog, I provide step by step instructions on how to configure Nuage SDN libnetwork plugin with docker engine for a single host use case.
If you are interested in multi-host networking deployment with consul server (backend store), then check my other blog: Multi-Host Networking using Consul, Docker Libnetwork and Nuage SDN
- Nuage VSP Release 5.0R1 or later release (other versions should work, docker libnetwork plugin is supported with nuage since 4.0R6.1)
- Docker version: 1.13 (needed for Nuage 4.0R8, 4.0R9, 4.0R10, 5.0R1 and above)
- Centos 7.3 (other Linux distributions should work, but I only verified centos 7.3)
- VSD (standalone or cluster) and VSC (at least 1) must be deployed and operational
- CentOS Server with at least 1 NIC that has reachability to both the VSD and VSC/s
- CentOS Server must have internet access for updates
1. Install Nuage VRS dependencies
a. Verify version of OS (centos-release-7-3.1611.el7.centos.x86_64)
rpm --query centos-release
b. Download the nuage-openvswitch plugin. The ip address that I have below is just an example
c. Install Nuage openvswitch plugin (on Centos 7.3). If you are using Ubuntu, you need to download another package
yum -y localinstall nuage-openvswitch-5.0.1-12.el7.x86_64.rpm
d. Edit /etc/default/openvswitch to add container support, controllers IP addresses, and the uplink interface of the host server.
vi /etc/default/openvswitch PLATFORM="kvm, lxc" ACTIVE_CONTROLLER=10.31.134.249 STANDBY_CONTROLLER=10.31.134.247 NETWORK_UPLINK_INTF=eth0
e. Restart the openvswitch and verify that you have connectivity with the VSC controllers
systemctl restart openvswitch systemctl status openvswitch ovs-vsctl show
2. Install Docker and libnetwork on a single host
a. Install docker v1.13
yum install -y yum-utils yum-config-manager --add-repo https://packages.docker.com/1.13/yum/repo/main/centos/7 yum makecache fast sudo rpm --import "https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e" yum install -y docker-engine docker version
b. Start and enable docker
systemctl start docker systemctl enable docker
c. Download the nuage-docker-libnetwork plugin. The ip address that I have below is just an example
wget http://10.31.135.45:8080/ libnetwork-nuage-5.0.1-2.el7.x86_64.rpm
d. install docker libnetwork on centos 7.3 host
yum -y localinstall libnetwork-nuage-5.0.1-2.el7.x86_64.rpm
e. Modify two lines in the YAML configuration file (SCOPE and VSD url). Leave everything else as default. Note: VSD IP address has to be changed with your VSD. Scope is local when the installation is on a single host, and scope is set to global when the installation is done on multihost with external consul.
vi /etc/default/libnetwork-nuage.yaml scope: "local" url: https://10.31.134.241:8443
f. Restart libnetwork Nuage plugin
systemctl restart libnetwork-nuage systemctl status libnetwork-nuage
g. Create a new network with your VSD attributes. Replace the enterprise, domain, zone, subnet, subnet IP address with your values
docker network create --driver=nuage --ipam-driver=nuage-ipam --ipam-opt organization=Enterprise1 --ipam-opt domain=DC_domain --ipam-opt zone=KVM --ipam-opt subnet="Dockers" --ipam-opt user=admin --subnet=18.104.22.168/24 --gateway=22.214.171.124 MyNuageNet
h. Verify that docker network is configured correctly
docker network ls
i. Now run your container and point to your nuage network
docker run -d -it --net MyNuageNet nginx /bin/bash