MiniEdit 2.1.0.9

It’s been a little while since I published an update.  Here are a few enhancements and bug fixes.

  • Export Script fixes
    • Link class was not getting set properly for TCLink
    • Now also exports the sFlow and NetFlow configuration you setup in MiniEdit
  • Fix loading saved MiniEdit topologies JSON parsing problem.  Now parses properly back into Python
  • Improve importTopo to support TCLink. Note that MiniEdit does not support all the TCLink parameters at this time.
    sudo ./miniedit-2.1.0.9.py –custom mytopo.py –topo mytopo –link tc
  • Hosts and OF Switches now have text field for user defined shell command/script to run during node startup and shutdown.
    • Start and Stop commands are on the Host and OF switch properties.
    • The Start command is run after all nodes have started(net.start()).
    • The Stop command is the first thing run before the nodes are stopped (net.stop())

Download MiniEdit 2.1.0.9 here.

This will probably be the last release I make using the Mininet 2.1.0 code base.  My next release will be realigned to use the latest code from Mininet to pick up new features introduced after 2.1.0.

Hope everyone enjoys and is having a good summer so far.

This post ‘MiniEdit 2.1.0.9’ first appeared on https://techandtrains.com/.

Open Daylight Controller with SSL and Mininet

In a previous post, I discussed how to run Open vSwtich using SSL for the control traffic using Mininet and also how to start the Open vSwitch test controller (ovs-controller) to listen with SSL. In this post I show how to use Open Daylight as the controller using SSL.

First, go to ODL directory and create a directory we’ll work in. You could use the ‘configuration’ directory. I’m going to create a directory called ssl.

cd /home/odl/controller/opendaylight/distribution/opendaylight/target/distribution.opendaylight-osgipackage/opendaylight
mkdir ssl
cd ssl

Get keys and certs from Mininet VM described in other post and put them in your ssl directory.

Get the controller keys.
/etc/openvswitch/ctl-privkey.pem
/etc/openvswitch/ctl-cert.pem
Get the switch cacert.
/var/lib/openvswitch/pki/switchca/cacert.pem  -> and rename to sw-cacert.pem

Create controller key store for ODL using the keys.

cat ctl-privkey.pem ctl-cert.pem > ctl.pem
openssl pkcs12 -export -out ctl.p12 -in ctl.pem
  # when asked for passwords, just enter 'mininet', as an example.
keytool -importkeystore -srckeystore ctl.p12 -srcstoretype pkcs12 -destkeystore ctlKeyStore -deststoretype jks
  # when asked for passwords, just enter 'mininet', as an example.

Add switch CA to controller trust store.

keytool -import -alias swca1 -file sw-cacert.pem -keystore ctlTrustStore
  # when asked for passwords, just enter 'mininet', as an example.

Edit opendaylight/configuration/config.ini to enable SSL and set properties for store location and password.

secureChannelEnabled=true
controllerKeyStore=./ssl/ctlKeyStore
controllerKeyStorePassword=mininet
controllerTrustStore=./ssl/ctlTrustStore
controllerTrustStorePassword=mininet

Now you can start the ODL controller.

./run.sh

Then, back in your Mininet VM, run the same script used in the other post to start Mininet using SSL.

Hope you find this useful.

This post ‘Open Daylight Controller with SSL and Mininet’ first appeared on https://techandtrains.com/.

Starting OVS Controller with SSL inside Mininet

To continue with my previous post about using SSL, I thought I would pass along another alternative way to start the test OVS Controller. In the other post, we start the ovs-controller manually and set the Mininet script to use a RemoteController. But if you want to start the ovs-controller from your script, we just replace the RemoteController with OVSController and also pass in the parameters to start the controller listening on SSL. Below is the same script as my last post but with the changes I just mentioned.

#!/usr/bin/python
from mininet.net import Mininet
from mininet.node import Controller, RemoteController, OVSController
from mininet.cli import CLI
from mininet.log import setLogLevel, info

def emptyNet():
    net = Mininet( controller=OVSController)
    net.addController( 'c0', cargs='-v pssl:%d -p /etc/openvswitch/ctl-privkey.pem \
     -c /etc/openvswitch/ctl-cert.pem \
     -C /var/lib/openvswitch/pki/switchca/cacert.pem' )
    h1 = net.addHost( 'h1' )
    h2 = net.addHost( 'h2' )
    s1 = net.addSwitch( 's1' )
    net.addLink( h1, s1 )
    net.addLink( h2, s1 )

    net.start()
    s1.cmd('ovs-vsctl set-controller s1 ssl:127.0.0.1:6633')

    net.pingAll()
    CLI( net )
    net.stop()

if __name__ == '__main__':
    setLogLevel( 'info' )
    emptyNet()

This post ‘Starting OVS Controller with SSL inside Mininet’ first appeared on https://gregorygee.wordpress.com/.