Overview

The Nuage libnetwork plugin allows users to create new networks of type Nuage. Nuage libnetwork plugin runs on every docker host. Each Docker host, whether bare-metal or virtual, also has the VSP’s Virtual Routing and Switching (VRS) component installed on it. VRS, a software agent, is the Nuage user space component of standard Open vSwitch (OVS). It is responsible for forwarding traffic from the containers, performing the VXLAN encapsulation of layer-2 packets, and enforcing security policies. When creating a Docker container, the user can specify what Zone or Policy Group it belongs to. All endpoints in a given Zone adhere to the same set of security policies. Nuage libnetwork plugin supports built in IPAM driver where the IP address management is done by VSP.

The libnetwork plugin supports both local and global scope networks. The scope defines if your network is going to propagate to all the nodes as part of your cluster. The simplest use case is for single host networking. This translates to networks that are only visible on the host on which the network is added.

In this blog, I provide step by step instructions on how to configure Nuage SDN libnetwork plugin with docker engine for a single host use case.

If you are interested in multi-host networking deployment with consul server (backend store), then check my other blog: Multi-Host Networking using Consul, Docker Libnetwork and Nuage SDN

Prerequisites

  • Nuage VSP Release 5.0R1 or later release (other versions should work, docker libnetwork plugin is supported with nuage since 4.0R6.1)
  • Docker version: 1.13 (needed for Nuage 4.0R8, 4.0R9, 4.0R10, 5.0R1 and above)
  • Centos 7.3 (other Linux distributions should work, but I only verified centos 7.3)
  • VSD (standalone or cluster) and VSC (at least 1) must be deployed and operational
  • CentOS Server with at least 1 NIC that has reachability to both the VSD and VSC/s
  • CentOS Server must have internet access for updates

Installation steps

1. Install Nuage VRS dependencies

a. Verify version of OS (centos-release-7-3.1611.el7.centos.x86_64)

rpm --query centos-release

b. Download the nuage-openvswitch plugin. The ip address that I have below is just an example

wget http://10.31.135.45:8080/nuage-openvswitch-5.0.1-12.el7.x86_64.rpm

c. Install Nuage openvswitch plugin (on Centos 7.3). If you are using Ubuntu, you need to download another package

yum -y localinstall nuage-openvswitch-5.0.1-12.el7.x86_64.rpm

d. Edit /etc/default/openvswitch to add container support, controllers IP addresses, and the uplink interface of the host server.

vi /etc/default/openvswitch

PLATFORM="kvm, lxc"

ACTIVE_CONTROLLER=10.31.134.249
STANDBY_CONTROLLER=10.31.134.247

NETWORK_UPLINK_INTF=eth0

e. Restart the openvswitch and verify that you have connectivity with the VSC controllers

systemctl restart openvswitch
systemctl status openvswitch
ovs-vsctl show

2. Install Docker and libnetwork on a single host

a. Install docker v1.13

yum install -y yum-utils
yum-config-manager --add-repo https://packages.docker.com/1.13/yum/repo/main/centos/7
yum makecache fast
sudo rpm --import "https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e"
yum install -y docker-engine
docker version

b. Start and enable docker

systemctl start docker
systemctl enable docker

c. Download the nuage-docker-libnetwork plugin. The ip address that I have below is just an example

wget http://10.31.135.45:8080/ libnetwork-nuage-5.0.1-2.el7.x86_64.rpm

d. install docker libnetwork on centos 7.3 host

yum -y localinstall libnetwork-nuage-5.0.1-2.el7.x86_64.rpm

e. Modify two lines in the YAML configuration file (SCOPE and VSD url). Leave everything else as default. Note: VSD IP address has to be changed with your VSD. Scope is local when the installation is on a single host, and scope is set to global when the installation is done on multihost with external consul.

vi /etc/default/libnetwork-nuage.yaml
scope: "local"
url: https://10.31.134.241:8443

f. Restart libnetwork Nuage plugin

systemctl restart libnetwork-nuage
systemctl status libnetwork-nuage

g. Create a new network with your VSD attributes. Replace the enterprise, domain, zone, subnet, subnet IP address with your values

docker network create --driver=nuage --ipam-driver=nuage-ipam --ipam-opt organization=Enterprise1 --ipam-opt domain=DC_domain --ipam-opt zone=KVM --ipam-opt subnet="Dockers" --ipam-opt user=admin --subnet=192.1.60.0/24 --gateway=192.1.60.1 MyNuageNet

h. Verify that docker network is configured correctly

docker network ls

i. Now run your container and point to your nuage network

docker run -d -it --net MyNuageNet nginx /bin/bash