Hi Trinath, I could get this information from Grizzly installation guide <https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/Nicira_SingleNode/OpenStack_Grizzly_Install_Guide.rst>
- Register this Hypervisor Transport Node (Open vSwitch) with Nicira NVP: # Set the open vswitch manager address ovs-vsctl set-manager ssl:<IP Address of one of your Nicira NVP controllers> # Get the client pki cert cat /etc/openvswitch/ovsclient-cert.pem # Copy the contents of the output including the BEGIN and END CERTIFICATE lines and be prepared to paste this into NVP manager # In NVP Manager add a new Hypervisor, follow the prompts and paste the client certificate when prompted # Please review the NVP User Guide for details on adding Hypervisor transport nodes to NVP for more information on this step Thanks, -Ravi. On Wed, Aug 7, 2013 at 2:58 AM, Somanchi Trinath-B39208 < [email protected]> wrote: > Hi Ravi-**** > > ** ** > > With respect to NICIRA NVP Plugin in Quantum, All the processing is done > with respect to Nicira NVP. **** > > ** ** > > Also, the Controller cluster arguments are provided from ini file. **** > > ** ** > > Can you point me to where the OVS certificates are handled in Nicira code > base for quantum.**** > > ** ** > > ** ** > > --**** > > Trinath Somanchi - B39208**** > > [email protected] | extn: 4048**** > > ** ** > > *From:* Ravi Chunduru [mailto:[email protected]] > *Sent:* Wednesday, August 07, 2013 11:32 AM > *To:* OpenStack Development Mailing List > *Subject:* Re: [openstack-dev] [Neutron] Configuration of Openflow > controller reachability information in OVS from Openstack**** > > ** ** > > look into nicira neutrón plugin. > I like the idea of ovs controller config driven through neutrón api. > Nicira approach today is to add ovs certificates onto ovs controller > manually.**** > > On Aug 6, 2013 9:09 PM, "Addepalli Srini-B22160" <[email protected]> > wrote: > > > > Hi, > > > > Using OVS Quantum Plugin and agent, it is possible to configure OVS with > > > > Openflow logical switches. > > Tables > > Ports to the logical switches (VLAN, VXLAN, GRE etc..) > > > > OVS Agent in each compute node uses local ovs-vsctl command to configure > above. > > > > But, there is no simple way for Openstack quantum to configure OVS in > compute nodes with OF controller IP address, TCP Port, SSL Certificates > etc.. > > Also, there is no mechanism today to get hold of DPID of the OVS logical > switches by Openstack controller. > > > > Do you think that it is good to enhance Openstack OVS Quantum Plugin > and agent to pass above information? > > > > At very high level, we are thinking to introduce following: > > > > > > Configuration of OF Controller reachability information > > Quantum extension API though which is used to set following: > > Set of Openflow controllers - For each OF controller > > IP address, Port > > SSL Enabled Yes/No. > > If SSL enabled > > CA certificate chain to validate OF controller identification by the OVS. > > Zone/Cell for which this OF controller is applicable for. > > Changes to QuantumClient to configure above. > > OVS Quantum Plugin to store above information in the database. > > OVS Quantum Agent to Plugin communication to get hold of OF controller > information. > > OVS Quantum Agent to add the information in OVS using ovs-vsctl. > > Generation of logical switch certificates > > OVS Quantum agent requests the plugin to generate local certificate > and private key for each one of the logical switches > > Agent to send DPID > > Plugin to generate certificate & private key pair and sending them as > response. > > Plugin configuration file to have CA certificate to use to sign the > logical switch certificates. > > > > > > Does that make sense? Is this work going on somewhere else? > > > > Thanks > > Srini > > > > > > > > > > _______________________________________________ > > OpenStack-dev mailing list > > [email protected] > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >**** > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > -- Ravi
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
