Bin, I think every component should rely on AAI to get the VIM information. SO and Robot should then be fixed to rely on AAI, instead of there baked configs.
Alexis > On Jan 22, 2018, at 9:32 AM, Yang, Bin <[email protected]> wrote: > > Hi Brian, <> > > Two OpenStack instance cannot have the same Region ID will be > a fundamental (and confusing) assumption which impacts many ONAP components. > MultiCloud is one of them which has been interpreting this Region ID in > different way: MultiCloud assumes that this Cloud Region ID in AAI was to > store the OpenStack’s Region ID , it is confined in scope of a Cloud Owner. > So MultiCloud assumes that Region ID itself does not have to be unique , but > Cloud Owner + Cloud Region ID should be unique. This interpretation was > based on the communication with AAI team (Ethan in cc list could share more > context around that communication). > > With the AAI documentation (aai_swagger_v11.html), the cloud-region is > uniquely identified by {cloud-owner}/{cloud-region-id}, not the > {cloud-region-id} alone. That implies that it is possible that different > {cloud-owner} have the same {cloud-region-id}. > > GET > /cloud-infrastructure/cloud-regions/cloud-region/{cloud-owner}/{cloud-region-id} > Tags: CloudInfrastructure > <file:///C:/workspace/onap/docs/aai/aai_swagger_v11.html#tag-CloudInfrastructure> > returns cloud-region > cloud-owner > Identifies the vendor and cloud name, e.g., att-aic. First part of composite > key should be formatted as vendor-cloudname > path > string > cloud-region-id > Identifier used by the vendor for the region. Second part of composite key > path > string > > > On the other hands, SO, Robot VM, they all use ‘cloud-region-id’ as parameter > to invoke OpenStack API, which means, this ‘cloud-region-id’ is the exactly > the Region ID used in context of OpenStack API. Inevitably, there will be > different OpenStack provisioned with “RegionOne” by default. > > So there is discrepancy between different ONAP components with regarding to > how to interpret this ‘cloud-region-id’ in AAI. This discrepancy should be > resolved in Beijing Release, otherwise it will be a blocking issue when there > is use case to deploy VNFs to multiple VIM/Cloud instances. > > Thanks. > > Best Regards, > Bin Yang, Solution Readiness Team, Wind River > Direct +86,10,84777126 Mobile +86,13811391682 Fax +86,10,64398189 > Skype: yangbincs993 > > From: [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of FREEMAN, BRIAN D > Sent: Thursday, January 11, 2018 2:55 AM > To: Alexis de Talhouët > Cc: onap-discuss > Subject: Re: [onap-discuss] [AAI][SO] How to add another LCP Region > > “So is it fair to say X distinct OpenStack instances must have unique > Region(s) to be used in ONAP? e.g. two instance cannot have the same Region.” > – Yes > > Brian > > From: Alexis de Talhouët [mailto:[email protected] > <mailto:[email protected]>] > Sent: Wednesday, January 10, 2018 1:48 PM > To: FREEMAN, BRIAN D <[email protected] <mailto:[email protected]>> > Cc: onap-discuss <[email protected] > <mailto:[email protected]>> > Subject: Re: [onap-discuss] [AAI][SO] How to add another LCP Region > > Ok, creating another Region in OpenStack , alongs with its service endpoints > is working. > > So is it fair to say X distinct OpenStack instances must have unique > Region(s) to be used in ONAP? e.g. two instance cannot have the same Region. > > Thanks for the help, > Alexis > > > On Jan 10, 2018, at 9:57 AM, FREEMAN, BRIAN D <[email protected] > <mailto:[email protected]>> wrote: > > I would name the second openstack something other than RegionOne in that > Openstack :) I suspect the design assumes the cloud regions have unique > names but I didnt think robot needed the cloud region in their vanilla > openstack keystone queries (but its been a while since I looked at a trace). > I know Rackspace does have unique region names (IAD, DFW, etc) and we do in > our installations but not sure if vanilla would require that. > > Brian > > > From: Alexis de Talhouët [mailto:[email protected] > <mailto:[email protected]>] > Sent: Wednesday, January 10, 2018 9:53 AM > To: FREEMAN, BRIAN D <[email protected] <mailto:[email protected]>> > Cc: onap-discuss <[email protected] > <mailto:[email protected]>> > Subject: Re: [onap-discuss] [AAI][SO] How to add another LCP Region > > Ok, haven’t thought about deploying another robot. > > Regarding my attempt with RegionAlex, the thing is this region doesn’t exist > in my Openstack, it’s RegionOne that exist. That’s why it’s not working. But > I have to use a different name so mso can differentiate. > But maybe I haven’t updated all the python scripts. I’ll have another look at > it. > > Thanks, > Alexis > > > > On Jan 10, 2018, at 9:49 AM, FREEMAN, BRIAN D <[email protected] > <mailto:[email protected]>> wrote: > > I dont think robot can handle multiple cloud regions from one isntance. > > I would run two robot’s – one for each cloud region in all honesty or do what > robot does via POSTMAN > > One thing though: > > Keystone address/Tenant/Username/Password have been changed as per as the > Cloud Identity Service: id=ALEX_KEYSTONE > Now the issue: > —> If the region is RegionAlex, Robot can’t connect > > That should have worked. Are you sure you updated urls, tenantid, > tenantname, credentials etc in all the .py’s needed ? > > Brian > > > > From: Alexis de Talhouët [mailto:[email protected] > <mailto:[email protected]>] > Sent: Wednesday, January 10, 2018 9:31 AM > To: FREEMAN, BRIAN D <[email protected] <mailto:[email protected]>> > Cc: onap-discuss <[email protected] > <mailto:[email protected]>> > Subject: Re: [onap-discuss] [AAI][SO] How to add another LCP Region > > When you have two OpenStack having the same region, e.g. RegionOne, the thing > is pretty complex and I haven’t figured it out completely. > > Create a region in AAI with a different name, like RegionAlex as example > bellow, and add your tenant to the region. Everything down to instantiation > is working. > But then, we need to use heatbridge, which uses values in the > vm_properties.py of robot container. In there, if I put my dummy region > (RegionAlex), connection to the OpenStack is impossible. > If I put the valid region, e.g. RegionOne, connection is possible, but then > heatbridge will try to populate the RegionOne CloudRegion in AAI for the > given tenant, which of course exist under RegionAlex, and not RegionOne, so > heatbridge fails with 404. > So then, if you create the tenant under RegionOne, heatbridge will work, but > then you’re AAI is messed-up. > > To have VID listing the region and the tenant, you need to create them in > AAI. The cloud-region-id has the match the value in the mso-cloud-config, so > correlation can happen and authentication is successful. > > To recap, this is what I have: > > In MSO: > > Cloud Sites: > CloudSite: id=RegionOne, regionId=RegionOne, > identityServiceId=DEFAULT_KEYSTONE, aic_version=2.5, clli=RegionOne > CloudSite: id=RegionAlex, regionId=RegionOne, > identityServiceId=ALEX_KEYSTONE, aic_version=2.5, clli=RegionAlex > > Cloud Identity Services: > Cloud Identity Service: id=DEFAULT_KEYSTONE, > identityUrl=http://10.195.194.216:5000/v2.0 > <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.195.194.216-3A5000_v2.0&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=VUJoYm3UcavMJOo3tmXNf9nc82hLgiwojUtRW6iqYOk&s=T1EDl6plW6A--L5I-BnDXr7lX0IkPRXSDxN9CdIfmt0&e=>, > msoId=nso, adminTenant=service, memberRole=admin, tenantMetadata=true, > identityServerType=KEYSTONE, identityAuthenticationType=USERNAME_PASSWORD > Cloud Identity Service: id=ALEX_KEYSTONE, > identityUrl=http://10.195.194.213:5000/v2.0 > <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.195.194.213-3A5000_v2.0&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=VUJoYm3UcavMJOo3tmXNf9nc82hLgiwojUtRW6iqYOk&s=UCzy0VYIlLOm53l9BwoxQMuT0pDKrDqSpVATrH0Mp0I&e=>, > msoId=vnf, adminTenant=service, memberRole=admin, tenantMetadata=true, > identityServerType=KEYSTONE, identityAuthenticationType=USERNAME_PASSWORD > > In AAI: > { > "cloud-region": [ > { > "cloud-owner": "CloudOwner", > "cloud-region-id": "RegionAlex", > "cloud-type": "SharedNode", > "owner-defined-type": "OwnerType", > "cloud-region-version": "v1", > "cloud-zone": "CloudZone", > "sriov-automation": false, > "resource-version": "1515592843258", > "relationship-list": { > "relationship": [ > { > "related-to": "complex", > "related-link": > "/aai/v11/cloud-infrastructure/complexes/complex/clli2", > "relationship-data": [ > { > "relationship-key": > "complex.physical-location-id", > "relationship-value": "clli2" > } > ] > } > ] > } > }, > { > "cloud-owner": "CloudOwner", > "cloud-region-id": "RegionOne", > "cloud-type": "SharedNode", > "owner-defined-type": "OwnerType", > "cloud-region-version": "v1", > "cloud-zone": "CloudZone", > "sriov-automation": false, > "resource-version": "1515100561059", > "relationship-list": { > "relationship": [ > { > "related-to": "complex", > "related-link": > "/aai/v11/cloud-infrastructure/complexes/complex/clli1", > "relationship-data": [ > { > "relationship-key": > "complex.physical-location-id", > "relationship-value": "clli1" > } > ] > } > ] > } > } > ] > } > > Tenant for RegionOne: > { > "tenant": [ > { > "tenant-id": "5c59f02201d54aa89af1f2207f7be2c1", > "tenant-name": "nso-rancher", > "resource-version": "1515100561148", > "relationship-list": { > "relationship": [ > —[cut]— > ] > } > } > ] > } > > Tenant for RegionAlex: > { > "tenant": [ > { > "tenant-id": "7320ec4a5b9d4589ba7c4412ccfd290f", > "tenant-name": "nso-vnf", > "resource-version": "1515100561148", > "relationship-list": { > "relationship": [ > —[cut]— > ] > } > } > ] > } > > > In vm_properties.py in Robot: > In there, we have the following values populated: keystone address, tanant, > username, password and tenant that we need to update to use the added region. > > Keystone address/Tenant/Username/Password have been changed as per as the > Cloud Identity Service: id=ALEX_KEYSTONE > Now the issue: > —> If the region is RegionAlex, Robot can’t connect > —> If the region is RegionOne, Robot can connect but then fail to update AAI > because tenant > > If I change the region name in AAI (from RegionAlex to RegionOne), and add > the new tenant in there, then MSO picks the wrong Cloud Identity Service, > then instantiation fails. > > > Do you guys have a proper way of doing this, that would really help. > > Thanks, > Alexis > > > > > > > On Jan 9, 2018, at 10:18 AM, Alexis de Talhouët <[email protected] > <mailto:[email protected]>> wrote: > > Ok, so by having the cloud site as follow > > "RegionAlex": > { > "region_id": "RegionAlex", > "clli": "RegionAlex", > "aic_version": "2.5", > "identity_service_id": "ALEX_KEYSTONE" > } > > it’s showing correctly in VID. I also created its own clli in AAI. > > But I thought the region does matter for OpenStack, doesn’t it? > > Alexis > > > > > On Jan 9, 2018, at 9:37 AM, FREEMAN, BRIAN D <[email protected] > <mailto:[email protected]>> wrote: > > You need to name one RegionTwo or something, > > From: [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Alexis de Talhouët > Sent: Tuesday, January 09, 2018 9:34 AM > To: onap-discuss <[email protected] > <mailto:[email protected]>> > Subject: [onap-discuss] [AAI][SO] How to add another LCP Region > > Hello AAI, SO expert, > > I’m trying to add another LCP Region to be able to deploy VNF in another > OpenStack instance. > > To do so, I have done the following: > > In MSO: > - Add a Cloud Site > > "RegionAlex": > { > "region_id": "RegionOne", > "clli": "RegionOne", > "aic_version": "2.5", > "identity_service_id": "ALEX_KEYSTONE" > } > > - Add it’s associated Cloud Identity Services > > "ALEX_KEYSTONE": > { > "identity_url": "http://10.195.194.215:5000/v2.0 > <https://urldefense.proofpoint.com/v2/url?u=http-3A__10.195.194.215-3A5000_v2.0&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=oHswheJmkWJIcCFYw24k7XQ3lZ-POKBf-k_XFejRrNQ&s=u3st_5cAWjMqICf5KR8cqtqgGnlBWa9NLed_jnRmi9Q&e=>", > "mso_id": "nso", > "mso_pass": "86b74198e8ccb959eaaadefevsd2a8a2", > "admin_tenant": "service", > "member_role": "admin", > "tenant_metadata": true, > "identity_server_type": "KEYSTONE", > "identity_authentication_type": "USERNAME_PASSWORD" > } > > In AAI: > - Create a cloud region > > { > "cloud-owner": "CloudOwner", > "cloud-region-id": "RegionAlex", > "cloud-type": "SharedNode", > "owner-defined-type": "OwnerType", > "cloud-region-version": "v1", > "cloud-zone": "CloudZone", > "sriov-automation": false, > "resource-version": "1515506147118", > "relationship-list": { > "relationship": [ > { > "related-to": "complex", > "related-link": > "/aai/v11/cloud-infrastructure/complexes/complex/clli1", > "relationship-data": [ > { > "relationship-key": > "complex.physical-location-id", > "relationship-value": "clli1" > } > ] > } > ] > } > } > > > - Create the tenant in the region for the 4 different services with the right > tenant id: > > { > "tenant-id": "21ca0f4c2239475fbf1b4b499399163e", > "tenant-name": "nso-rancher", > "relationship-list": { > "relationship": [ > { > "related-to": "service-subscription", > "related-link": > "/aai/v11/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vLB", > "relationship-data": [ > { > "relationship-key": "customer.global-customer-id", > "relationship-value": "Demonstration" > }, > { > "relationship-key": > "service-subscription.service-type", > "relationship-value": "vLB" > } > ] > }, > { > "related-to": "service-subscription", > "related-link": > "/aai/v11/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vIMS", > "relationship-data": [ > { > "relationship-key": "customer.global-customer-id", > "relationship-value": "Demonstration" > }, > { > "relationship-key": > "service-subscription.service-type", > "relationship-value": "vIMS" > } > ] > }, > { > "related-to": "service-subscription", > "related-link": > "/aai/v11/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vFWCL", > "relationship-data": [ > { > "relationship-key": "customer.global-customer-id", > "relationship-value": "Demonstration" > }, > { > "relationship-key": > "service-subscription.service-type", > "relationship-value": "vFWCL" > } > ] > }, > { > "related-to": "service-subscription", > "related-link": > "/aai/v11/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vCPE", > "relationship-data": [ > { > "relationship-key": "customer.global-customer-id", > "relationship-value": "Demonstration" > }, > { > "relationship-key": > "service-subscription.service-type", > "relationship-value": "vCPE" > } > ] > } > ] > } > } > > So my expectation is to have VID displaying the two LCP Region so I can pick > the one where I want to deploy. > > The thing is, VID is showing only one “RegionOne” option. But in the console > I can see it’s retrieving two. > > cloudRegionTenantList= creationService.js:909:3 > [ > { > "cloudRegionId": "", > "tenantName": "Please choose a region", > "tenantId": "" > }, > { > "cloudRegionId": "RegionOne", > "tenantName": "nso-rancher", > "tenantId": "5c59f02201d54aa89af1f2207f7be2c1", > "isPermitted": true > }, > { > "cloudRegionId": "RegionOne", > "tenantName": "nso-rancher", > "tenantId": "21ca0f4c2239475fbf1b4b499399163e", > "isPermitted": true > } > ] > > So I’m wondering what I could have done wrong. As the cloudRegionId are the > same, it’s displaying only one, but you can see the tenantId is different. > > > My question is, what should be the process to do this? > > Thanks, > Alexis
_______________________________________________ onap-discuss mailing list [email protected] https://lists.onap.org/mailman/listinfo/onap-discuss
