Welcome to the ETSI TeraFlowSDN (TFS) Controller wiki!
This wiki provides a walkthrough on how to prepare your environment for executing and contributing to the ETSI SDG TeraFlowSDN. Besides, it describes how to run some example experiments.
-The new release launched on November 5th, 2024 incorporates a number of new features, improvements, and bug resolutions. Try it by following the guides below, and feel free to give us your feedback. -See the Release Notes.
+The new release launched on May 28th, 2025 incorporates a number of new features, improvements, and bug resolutions. Try it by following the guides below, and feel free to give us your feedback. +See the Release Notes.
The guides and walkthroughs below make some reasonable assumptions to simplify the deployment of the TFS controller, the execution of experiments and tests, and the development of new contributions. In particular, we assume:
@@ -563,8 +563,8 @@ In particular, we assume:This section provides access to the links and all the materials prepared for the tutorials and hackfests involving ETSI TeraFlowSDN.
TFS Hackfest #7 (Castelldefels, 19-22 May 2025)
+TFS Hackfest #5 (Sophia Antipolis, FR - 12-14 November 2024)
Welcome to the ETSI TeraFlowSDN (TFS) Controller wiki!
This wiki provides a walkthrough on how to prepare your environment for executing and contributing to the ETSI SDG TeraFlowSDN. Besides, it describes how to run some example experiments.
"},{"location":"#try-teraflowsdn-release-40","title":"Try TeraFlowSDN Release 4.0","text":"The new release launched on November 5th, 2024 incorporates a number of new features, improvements, and bug resolutions. Try it by following the guides below, and feel free to give us your feedback. See the Release Notes.
"},{"location":"#requisites","title":"Requisites","text":"The guides and walkthroughs below make some reasonable assumptions to simplify the deployment of the TFS controller, the execution of experiments and tests, and the development of new contributions. In particular, we assume:
Use the Wiki menu in the left side of this page to navigate through the various contents of this wiki.
"},{"location":"#guides-and-walkthroughs","title":"Guides and Walkthroughs","text":"The following guides and walkthroughs are provided:
This section provides access to the links and all the materials prepared for the tutorials and hackfests involving ETSI TeraFlowSDN.
TFS Hackfest #5 (Sophia Antipolis, FR - 12-14 November 2024)
TFS Hackfest #4 (Athens, 21-22 May 2024)
TFS Hackfest #3 (Castelldefels, 16-17 October 2023)
TFS Hackfest #2 (Madrid, 20-21 June 2023)
OFC SC472 (San Diego, 6 March 2023)
TFS Hackfest #1 (Amsterdam, 20 October 2022)
New versions of TeraFlowSDN are periodically released. Each release is properly tagged and a branch is kept for its future bug fixing, if needed.
To choose the appropriate branch, follow the steps described in 1.3. Deploy TeraFlowSDN > Checkout the Appropriate Git Branch
"},{"location":"#events","title":"Events","text":"Find here after the list of past and future TFS Events:
If your environment does not fit with the proposed assumptions and you experience issues preparing it to work with the ETSI TeraFlowSDN controller, contact the ETSI TeraFlowSDN SDG team through Slack
"},{"location":"deployment_guide/","title":"Deployment Guide","text":"This section walks you through the process of deploying TeraFlowSDN on top of a machine running MicroK8s Kubernetes platform. The guide includes the details on configuring and installing the machine, installing and configuring MicroK8s, and deploying and reporting the status of the TeraFlowSDN controller.
"},{"location":"deployment_guide/#11-configure-your-machine","title":"1.1. Configure your Machine","text":"In this section, we describe how to configure a machine (physical or virtual) to be used as the deployment, execution, and development environment for the ETSI TeraFlowSDN controller. Choose your preferred environment below and follow the instructions provided.
NOTE: If you already have a remote physical server fitting the requirements specified in this section feel free to use it instead of deploying a local VM. Check 1.1.1. Physical Server for further details.
Virtualization platforms tested are:
This section describes how to configure a physical server for running ETSI TeraFlowSDN(TFS) controller.
Minimum Server Specifications for development and basic deployment
Recommended Server Specifications for development and basic deployment
Server Specifications for best development and deployment experience
NOTE: the specifications listed above are provided as a reference. They depend also on the CPU clock frequency, the RAM memory, the disk technology and speed, etc.
For development purposes, it is recommended to run the VSCode IDE (or the IDE of your choice) in a more powerful server, for instance, the recommended server specifications for development and basic deployment.
Given that TeraFlowSDN follows a micro-services architecture, for the deployment, it might be better to use many clusterized servers with many slower cores than a single server with few highly performant cores.
You might consider creating a cluster of machines each featuring, at least, the minimum server specifications. That solution brings you scalability in the future.
No explicit indications are given in terms of networking besides that servers need access to the Internet for downloading dependencies, binaries, and packages while building and deploying the TeraFlowSDN components.
Besides that, the network requirements are essentially the same than that required for running a classical Kubernetes environment. To facilitate the deployment, we extensively use MicroK8s, thus the network requirements are, essentially, the same demanded by MicroK8s, especially, if you consider creating a Kubernetes cluster.
As a reference, the other deployment solutions based on VMs assume the VM is connected to a virtual network configured with the IP range 10.0.2.0/24 and have the gateway at IP 10.0.2.1. The VMs have the IP address 10.0.2.10.
The minimum required ports to be accessible are:
Other ports might be required if you consider to deploy addons such as Kubernetes observability, etc. The details on these ports are left appart given they might vary depending on the Kubernetes environment you use.
The recommended Operating System for deploying TeraFlowSDN is Ubuntu Server 24.04 LTS or Ubuntu Server 22.04 LTS or Ubuntu Server 20.04 LTS. Other version might work, but we have not tested them. We strongly recommend using Long Term Support (LTS) versions as they provide better stability.
Below we provide some installation guidelines:
TeraFlowSDNtfs-vmtfstfs123sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using Oracle VirtualBox. It has been tested with VirtualBox up to version 6.1.40 r154048.
In \"Oracle VM VirtualBox Manager\", Menu \"File > Preferences... > Network\", create a NAT network with the following specifications:
Name CIDR DHCP IPv6 TFS-NAT-Net 10.0.2.0/24 Disabled DisabledWithin the newly created \"TFS-NAT-Net\" NAT network, configure the following IPv4 forwarding rules:
Name Protocol Host IP Host Port Guest IP Guest Port SSH TCP 127.0.0.1 2200 10.0.2.10 22 HTTP TCP 127.0.0.1 8080 10.0.2.10 80Note: IP address 10.0.2.10 is the one that will be assigned to the VM.
Note: (*) settings to be editing after the VM is created.
In \"Oracle VM VirtualBox Manager\", start the VM in normal mode, and follow the installation procedure.
Below we provide some installation guidelines:
Upgrade the Ubuntu distribution
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nInstall VirtualBox Guest Additions
On VirtualBox Manager, open the VM main screen. If you are running the VM in headless mode, right click over the VM in the VirtualBox Manager window and click \"Show\". If a dialog informing about how to leave the interface of the VM is shown, confirm pressing \"Switch\" button. The interface of the VM should appear.
Click menu \"Device > Insert Guest Additions CD image...\"
On the VM terminal, type:
sudo apt-get install -y linux-headers-$(uname -r) build-essential dkms\n # This command might take some minutes depending on your VM specs and your Internet access speed.\nsudo mount /dev/cdrom /mnt/\ncd /mnt/\nsudo ./VBoxLinuxAdditions.run\n # This command might take some minutes depending on your VM specs.\nsudo reboot\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using VMWare Fusion. It has been tested with VMWare Fusion version 12 and 13.
In \"VMWare Fusion\" manager, create a new network from the \"Settings/Network\" menu.
Create a new VM an Ubuntu 22.04.1 ISO:
On the next screen press \"Customize Settings\", save the VM and in \"Settings\" change:
Run the VM to start the installation.
The installation will be automatic, without any configuration required.
Configure the guest IP, gateway and DNS:
Using the Network Settings for the wired connection, set the IP to 10.0.2.10, the mask to 255.255.255.0, the gateway to 10.0.2.2 and the DNS to 10.0.2.2.
Disable and remove swap file:
$ sudo swapoff -a $ sudo rm /swapfile
Then you can remove or comment the /swapfile entry in /etc/fstab
Install Open SSH Server
Restart the VM when the installation is completed.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nIn OpenStack, go to Project - Network - Security Groups - Create Security Group with name TFS
Add the following rules:
Direction Ether Type IP Protocol Port Range Remote IP Prefix Ingress IPv4 TCP 22 (SSH) 0.0.0.0/0 Ingress IPv4 TCP 2200 0.0.0.0/0 Ingress IPv4 TCP 8080 0.0.0.0/0 Ingress IPv4 TCP 80 0.0.0.0/0 Egress IPv4 Any Any 0.0.0.0/0 Egress IPv6 Any Any ::/0Note: The IP address will be assigned depending on the network you have configured inside OpenStack. This IP will have to be modified in TeraFlow configuration files which by default use IP 10.0.2.10
Create a flavourFrom dashboard (Horizon)
Go to Admin - Compute - Flavors and press Create Flavor
From CLI
openstack flavor create TFS --id auto --ram 8192 --disk 60 --vcpus 8\n#cloud-config\n# Modifies the password for the VM instance\nusername: ubuntu\npassword: <your-password>\nchpasswd: { expire: False }\nssh_pwauth: True\nsudo apt-get update -y\nsudo apt-get dist-upgrade -y\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using OpenStack. It has been tested with OpenStack Kolla up to Yoga version.
"},{"location":"deployment_guide/#115-vagrant-box","title":"1.1.5. Vagrant BoxThis section describes how to create a Vagrant Box, using the base virtual machine configured in Oracle Virtual Box.
Virtual Machine specificationsMost of the specifications can be as specified in the Oracle Virtual Box page, however, there are a few particularities to Vagrant that must be accommodated, such as:
Also, before initiating the VM and installing the OS, we'll need to:
At Network Adapt 1, the following port-forwarding rule must be set.
Name Protocol Host IP Host Port Guest IP Guest Port SSH TCP 2222 22 Installing the OSFor a Vagrant Box, it is generally suggested that the ISO's server version is used, as it is intended to be used via SSH, and any web GUI is expected to be forwarded to the host.
Make sure the disk is not configured as an LVM group!
Vagrant serVagrant expects by default, that in the box's OS exists the user vagrant with the password also being vagrant.
Vagrant uses SSH to connect to the boxes, so installing it now will save the hassle of doing it later.
Features server snapsDo not install featured server snaps. It will be done manually later to illustrate how to uninstall and reinstall them in case of trouble with.
UpdatesLet the system install and upgrade the packages. This operation might take some minutes depending on how old is the Optical Drive ISO image you use and your Internet connection speed.
Upgrade the Ubuntu distributionsudo apt-get update -y\nsudo apt-get dist-upgrade -y\nOn VirtualBox Manager, open the VM main screen. If you are running the VM in headless mode, right-click over the VM in the VirtualBox Manager window, and click \"Show\". If a dialog informing about how to leave the interface of the VM is shown, confirm by pressing the \"Switch\" button. The interface of the VM should appear.
Click the menu \"Device > Insert Guest Additions CD image...\"
On the VM terminal, type:
sudo apt-get install -y linux-headers-$(uname -r) build-essential dkms\n # This command might take some minutes depending on your VM specs and your Internet access speed.\nsudo mount /dev/cdrom /mnt/\ncd /mnt/\nsudo ./VBoxLinuxAdditions.run\n # This command might take some minutes depending on your VM specs.\nsudo reboot\nAfter this, proceed to 1.2. Install Microk8s, after which, return to this wiki to finish the Vagrant Box creation.
Box configuration and creationMake sure the ETSI TFS controller is correctly configured. You will not be able to change it after!
It is advisable to do the next configurations from a host's terminal, via a SSH connection.
ssh -p 2222 vagrant@127.0.0.1\nSet the root password to vagrant:
sudo passwd root\nSet up the Vagrant user so that it\u2019s able to use sudo without being prompted for a password.
Anything in the /etc/sudoers.d/* directory is included in the sudoers privileges when created by the root user. Create a new sudo file.
sudo visudo -f /etc/sudoers.d/vagrant\nand add the following lines
# add vagrant user\nvagrant ALL=(ALL) NOPASSWD:ALL\nYou can now test that it works by running a simple command.
sudo pwd\nIssuing this command should result in an immediate response without a request for a password.
Install the Vagrant keyVagrant uses a default set of SSH keys for you to directly connect to boxes via the CLI command vagrant ssh, after which it creates a new set of SSH keys for your new box. Because of this, we need to load the default key to be able to access the box after created.
chmod 0700 /home/vagrant/.ssh\nwget --no-check-certificate https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub -O /home/vagrant/.ssh/authorized_keys\nchmod 0600 /home/vagrant/.ssh/authorized_keys\nchown -R vagrant /home/vagrant/.ssh\nEdit the /etc/ssh/sshd_config file:
sudo vim /etc/ssh/sshd_config\nAnd uncomment the following line:
AuthorizedKeysFile %h/.ssh/authorized_keys\nThen restart SSH.
sudo service ssh restart\nBefore you package the box, if you intend to make your box public, it is best to clean your bash history with:
history -c\nExit the SSH connection, and at you're host machine, package the VM:
vagrant package --base teraflowsdncontroller --output teraflowsdncontroller.box\nAdd the base box to you local Vagrant box list:
vagrant box add --name teraflowsdncontroller ./teraflowsdncontroller.box\nNow you should try to run it, for that you'll need to create a Vagrantfile. For a simple run, this is the minimal required code for this box:
# -*- mode: ruby -*-\n# vi: set ft=ruby :\n\nVagrant.configure(\"2\") do |config|\n config.vm.box = \"teraflowsdncontroller\"\n config.vm.box_version = \"1.1.0\"\n config.vm.network :forwarded_port, host: 8080 ,guest: 80\nend\nNow you'll be able to spin up the virtual machine by issuing the command:
vagrant up\nAnd connect to the machine using:
vagrant ssh\nIf you do not wish to create your own Vagrant Box, you can use one of the existing ones created by TFS contributors. - davidjosearaujo/teraflowsdncontroller - ...
To use them, you simply have to create a Vagrantfile and run vagrant up controller in the same directory. The following example Vagrantfile already allows you to do just that, with the bonus of exposing the multiple management GUIs to your localhost.
Vagrant.configure(\"2\") do |config|\n\n config.vm.define \"controller\" do |controller|\n controller.vm.box = \"davidjosearaujo/teraflowsdncontroller\"\n controller.vm.network \"forwarded_port\", guest: 80, host: 8080 # WebUI\n controller.vm.network \"forwarded_port\", guest: 8084, host: 50750 # Linkerd Viz Dashboard\n controller.vm.network \"forwarded_port\", guest: 8081, host: 8081 # CockroachDB Dashboard\n controller.vm.network \"forwarded_port\", guest: 8222, host: 8222 # NATS Dashboard\n controller.vm.network \"forwarded_port\", guest: 9000, host: 9000 # QuestDB Dashboard\n controller.vm.network \"forwarded_port\", guest: 9090, host: 9090 # Prometheus Dashboard\n\n # Setup Linkerd Viz reverse proxy\n ## Copy config file\n controller.vm.provision \"file\" do |f|\n f.source = \"./reverse-proxy-linkerdviz.sh\"\n f.destination = \"./reverse-proxy-linkerdviz.sh\"\n end\n ## Execute configuration file\n controller.vm.provision \"shell\" do |s|\n s.inline = \"chmod +x ./reverse-proxy-linkerdviz.sh && ./reverse-proxy-linkerdviz.sh\"\n end\n\n # Update controller source code to the desired branch\n if ENV['BRANCH'] != nil\n controller.vm.provision \"shell\" do |s|\n s.inline = \"cd ./tfs-ctrl && git pull && git switch \" + ENV['BRANCH']\n end\n end\n\n end\nend\nThis Vagrantfile also allows for optional repository updates on startup by running the command with a specified environment variable BRANCH
BRANCH=develop vagrant up controller\nBecause of Linkerd's security measures against DNS rebinding, a reverse proxy, that modifies the request's header Host field, is needed to expose the GUI to the host. The previous Vagrantfile already deploys such configurations, for that, all you need to do is create the reverse-proxy-linkerdviz.sh file in the same directory. The content of this file is displayed below.
# Install NGINX\nsudo apt update && sudo apt install nginx -y\n\n# NGINX reverse proxy configuration\necho 'server {\n listen 8084;\n\n location / {\n proxy_pass http://127.0.0.1:50750;\n proxy_set_header Host localhost;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n}' > /home/vagrant/expose-linkerd\n\n# Create symlink of the NGINX configuration file\nsudo ln -s /home/vagrant/expose-linkerd /etc/nginx/sites-enabled/\n\n# Commit the reverse proxy configurations\nsudo systemctl restart nginx\n\n# Enable start on login\necho \"linkerd viz dashboard &\" >> .profile\n\n# Start dashboard\nlinkerd viz dashboard &\n\necho \"Linkerd Viz dashboard running!\"\nThis section describes how to deploy the MicroK8s Kubernetes platform and configure it to be used with ETSI TeraFlowSDN controller. Besides, Docker is installed to build docker images for the ETSI TeraFlowSDN controller.
The steps described in this section might take some minutes depending on your internet connection speed and the resources assigned to your VM, or the specifications of your physical server.
To facilitate work, these steps are easier to be executed through an SSH connection, for instance using tools like PuTTY or MobaXterm.
Upgrade the Ubuntu distributionSkip this step if you already did it during the creation of the VM.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nsudo apt-get install -y ca-certificates curl gnupg lsb-release snapd jq\nInstall Docker CE and Docker BuildX plugin
sudo apt-get install -y docker.io docker-buildx\nNOTE: Starting from Docker v23, Build architecture has been updated and docker build command entered into deprecation process in favor of the new docker buildx build command. Package docker-buildx provides the new docker buildx build command.
Add key \"insecure-registries\" with the private repository to the daemon configuration. It is done in two commands since sometimes read from and write to same file might cause trouble.
if [ -s /etc/docker/daemon.json ]; then cat /etc/docker/daemon.json; else echo '{}'; fi \\\n | jq 'if has(\"insecure-registries\") then . else .+ {\"insecure-registries\": []} end' -- \\\n | jq '.\"insecure-registries\" |= (.+ [\"localhost:32000\"] | unique)' -- \\\n | tee tmp.daemon.json\nsudo mv tmp.daemon.json /etc/docker/daemon.json\nsudo chown root:root /etc/docker/daemon.json\nsudo chmod 600 /etc/docker/daemon.json\nRestart the Docker daemon
sudo systemctl restart docker\nImportant: By default, Kubernetes uses CIDR 10.1.0.0/16 for pods and CIDR 10.152.183.0/24 for services. If they conflict with your internal network CIDR, you might need to change Kubernetes CIDRs at deployment time. To do so, check links below and ask for support if needed.
# Install MicroK8s\nsudo snap install microk8s --classic --channel=1.29/stable\n\n# Wait until MicroK8s is ready\nmicrok8s.status --wait-ready\n\n# Create alias for command \"microk8s.kubectl\" to be usable as \"kubectl\"\nsudo snap alias microk8s.kubectl kubectl\n\n# Create alias for command \"microk8s.helm3\" to be usable as \"helm3\"\nsudo snap alias microk8s.helm3 helm3\nIt is important to make sure that ufw will not interfere with the internal pod-to-pod and pod-to-Internet traffic. To do so, first check the status. If ufw is active, use the following command to enable the communication.
# Verify status of ufw firewall\nsudo ufw status\n\n# If ufw is active, install following rules to enable access pod-to-pod and pod-to-internet\nsudo ufw allow in on cni0 && sudo ufw allow out on cni0\nsudo ufw default allow routed\nNOTE: MicroK8s can be used to compose a Highly Available Kubernetes cluster enabling you to construct an environment combining the CPU, RAM and storage resources of multiple machines. If you are interested in this procedure, review the official instructions in How to build a highly available Kubernetes cluster with MicroK8s, in particular, the step Create a MicroK8s multi-node cluster.
References:
It is important that your user has the permission to run docker and microk8s in the terminal. To allow this, you need to add your user to the docker and microk8s groups with the following commands:
sudo usermod -a -G docker $USER\nsudo usermod -a -G microk8s $USER\nsudo chown -f -R $USER $HOME/.kube\nsudo reboot\nIn case that you get trouble executing the following commands, might due to the .kube folder is not automatically provisioned into your home folder, you may follow the steps below:
mkdir -p $HOME/.kube\nsudo chown -f -R $USER $HOME/.kube\nmicrok8s config > $HOME/.kube/config\nsudo reboot\nTo retrieve the status of Kubernetes once, run the following command:
microk8s.status --wait-ready\nTo retrieve the status of Kubernetes periodically (e.g., every 1 second), run the following command:
watch -n 1 microk8s.status --wait-ready\nTo retrieve the status of the Kubernetes resources once, run the following command:
kubectl get all --all-namespaces\nTo retrieve the status of the Kubernetes resources periodically (e.g., every 1 second), run the following command:
watch -n 1 kubectl get all --all-namespaces\nFirst, we need to enable the community plugins (maintained by third parties):
microk8s.enable community\nNote: In some cases, enabling community add-on might raise an error stating fatal: detected dubious ownership in repository at '/snap/microk8s/current/addons/community/.git' and proposing to run command: git config --global --add safe.directory /snap/microk8s/current/addons/community/.git. If so, execute it and retry enabling community addon.
The mandatory addons to be enabled are:
dns: enables resolving the pods and services by namehostpath-storage: enables providing storage for the pods (required by registry)ingress: deploys an ingress controller to expose the microservices outside Kubernetesregistry: deploys a private registry for the TFS controller imagesmicrok8s.enable dns\nmicrok8s.enable hostpath-storage\nmicrok8s.enable ingress\nmicrok8s.enable registry\nFor scalable production deployments consider enabling addons:
linkerd: deploys the linkerd service mesh used for load balancing among replicasprometheus: set of tools that enable TFS observability through per-component instrumentationmetrics-server: deploys the Kubernetes metrics server for API access to service metricsmicrok8s.enable prometheus\nmicrok8s.enable metrics-server\nmicrok8s.enable linkerd\nImportant: Enabling some of the addons might take few minutes. Do not proceed with next steps until the addons are ready. Otherwise, the deployment might fail. To confirm everything is up and running:
If linkerd is enabled, run the following commands to add the alias to the command, and validate it is working correctly:
sudo snap alias microk8s.linkerd linkerd\nlinkerd check\nIf metrics-server is enabled, run the following command to validate it is working correctly:
kubectl top pods --all-namespaces\nand you should see a screen similar to the top command in Linux, showing the columns namespace, pod name, CPU (cores), and MEMORY (bytes).
In case pods are not starting, check information from pods logs. For example, linkerd is sensitive for proper /etc/resolv.conf syntax.
kubectl logs <podname> --namespace <namespace>\nIf the command shows an error message, also restarting the machine might help.
Stop, Restart, and RedeployFind below some additional commands you might need while you work with MicroK8s:
microk8s.stop # stop MicroK8s cluster (for instance, before power off your computer)\nmicrok8s.start # start MicroK8s cluster\nmicrok8s.reset # reset infrastructure to a clean state\nIf the following commands does not work to recover the MicroK8s cluster, you can redeploy it.
If you want to keep MicroK8s configuration, use:
sudo snap remove microk8s\nIf you need to completely drop MicroK8s and its complete configuration, use:
sudo snap remove microk8s --purge\nsudo apt-get remove --purge docker.io docker-buildx\nIMPORTANT: After uninstalling MicroK8s, it is convenient to reboot the computer (the VM if you work on a VM, or the physical computer if you use a physical computer). Otherwise, there are system configurations that are not correctly cleaned. Especially in what port forwarding and firewall rules matters.
After the reboot, redeploy as it is described in this section.
"},{"location":"deployment_guide/#13-deploy-teraflowsdn","title":"1.3. Deploy TeraFlowSDN","text":"This section describes how to deploy TeraFlowSDN controller on top of MicroK8s using the environment configured in the previous sections.
Install prerequisitessudo apt-get install -y git curl jq\nClone from ETSI-hosted GitLab code repository:
mkdir ~/tfs-ctrl\ngit clone https://labs.etsi.org/rep/tfs/controller.git ~/tfs-ctrl\nImportant: The original H2020-TeraFlow project hosted on GitLab.com has been archieved and will not receive further contributions/updates. Please, clone from ETSI-hosted GitLab code repository.
Checkout the appropriate Git branchTeraFlowSDN controller versions can be found in the appropriate release tags and/or branches as described in Home > Versions.
By default the branch master is checked out and points to the latest stable version of the TeraFlowSDN controller, while branch develop contains the latest developments and contributions under test and validation.
To switch to the appropriate branch run the following command, changing develop by the name of the branch you want to deploy:
cd ~/tfs-ctrl\ngit checkout develop\nCreate a new deployment script, e.g., my_deploy.sh, adding the appropriate settings as follows.
This section provides just an overview of the available settings. An example my_deploy.sh script is provided in the root folder of the project for your convenience with full description of all the settings.
Note: The example my_deploy.sh script provides reasonable settings for deploying a functional and complete enough TeraFlowSDN controller, and a brief description of their meaning. To see extended descriptions, check scripts in the deploy folder.
cd ~/tfs-ctrl\ntee my_deploy.sh >/dev/null << EOF\n# ----- TeraFlowSDN ------------------------------------------------------------\nexport TFS_REGISTRY_IMAGES=\"http://localhost:32000/tfs/\"\nexport TFS_COMPONENTS=\"context device pathcomp service nbi webui\"\nexport TFS_IMAGE_TAG=\"dev\"\nexport TFS_K8S_NAMESPACE=\"tfs\"\nexport TFS_EXTRA_MANIFESTS=\"manifests/nginx_ingress_http.yaml\"\nexport TFS_GRAFANA_PASSWORD=\"admin123+\"\nexport TFS_SKIP_BUILD=\"\"\n\n# ----- CockroachDB ------------------------------------------------------------\nexport CRDB_NAMESPACE=\"crdb\"\nexport CRDB_EXT_PORT_SQL=\"26257\"\nexport CRDB_EXT_PORT_HTTP=\"8081\"\nexport CRDB_USERNAME=\"tfs\"\nexport CRDB_PASSWORD=\"tfs123\"\nexport CRDB_DEPLOY_MODE=\"single\"\nexport CRDB_DROP_DATABASE_IF_EXISTS=\"YES\"\nexport CRDB_REDEPLOY=\"\"\n\n# ----- NATS -------------------------------------------------------------------\nexport NATS_NAMESPACE=\"nats\"\nexport NATS_EXT_PORT_CLIENT=\"4222\"\nexport NATS_EXT_PORT_HTTP=\"8222\"\nexport NATS_REDEPLOY=\"\"\n\n# ----- QuestDB ----------------------------------------------------------------\nexport QDB_NAMESPACE=\"qdb\"\nexport QDB_EXT_PORT_SQL=\"8812\"\nexport QDB_EXT_PORT_ILP=\"9009\"\nexport QDB_EXT_PORT_HTTP=\"9000\"\nexport QDB_USERNAME=\"admin\"\nexport QDB_PASSWORD=\"quest\"\nexport QDB_TABLE_MONITORING_KPIS=\"tfs_monitoring_kpis\"\nexport QDB_TABLE_SLICE_GROUPS=\"tfs_slice_groups\"\nexport QDB_DROP_TABLES_IF_EXIST=\"YES\"\nexport QDB_REDEPLOY=\"\"\n\nEOF\nThe settings are organized in 4 sections:
TeraFlowSDN:TFS_REGISTRY_IMAGE enables to specify the private Docker registry to be used, by default, we assume to use the Docker respository enabled in MicroK8s.TFS_COMPONENTS specifies the components their Docker image will be rebuilt, uploaded to the private Docker registry, and deployed in Kubernetes.TFS_IMAGE_TAG defines the tag to be used for Docker images being rebuilt and uploaded to the private Docker registry.TFS_K8S_NAMESPACE specifies the name of the Kubernetes namespace to be used for deploying the TFS components.TFS_EXTRA_MANIFESTS enables to provide additional manifests to be applied into the Kubernetes environment during the deployment. Typical use case is to deploy ingress controllers, service monitors for Prometheus, etc.TFS_GRAFANA_PASSWORD lets you specify the password you want to use for the admin user of the Grafana instance being deployed and linked to the Monitoring component.TFS_SKIP_BUILD, if set to YES, prevents rebuilding the Docker images. That means, the deploy script will redeploy existing Docker images without rebuilding/updating them.CockroachDB: enables to configure the deployment of the backend CockroachDB database.my_deploy.sh for further details.NATS: enables to configure the deployment of the backend NATS message broker.my_deploy.sh for further details.QuestDB: enables to configure the deployment of the backend QuestDB timeseries database.my_deploy.sh for further details.Run the following command:
microk8s status\nIf it is reported microk8s is not running, try microk8s start, run the following command to start MicroK8s:
microk8s start\nConfirm everything is up and running:
First, source the deployment settings defined in the previous section. This way, you do not need to specify the environment variables in each and every command you execute to operate the TFS controller. Be aware to re-source the file if you open new terminal sessions. Then, run the following command to deploy TeraFlowSDN controller on top of the MicroK8s Kubernetes platform.
cd ~/tfs-ctrl\nsource my_deploy.sh\n./deploy/all.sh\nThe script performs the following steps:
./deploy/crdb.sh to automate deployment of CockroachDB database used by Context component../deploy/nats.sh to automate deployment of NATS message broker used by Context component../deploy/qdb.sh to automate deployment of QuestDB timeseries database used by Monitoring component../deploy/tfs.sh to automate deployment of TeraFlowSDN.TFS_K8S_NAMESPACETFS_COMPONENTSTFS_IMAGE_TAGTFS_REGISTRY_IMAGETFS_COMPONENTStfs_runtime_env_vars.sh with the environment variables for the components defined in TFS_COMPONENTS defining their local host addresses and their port numbers.TFS_EXTRA_MANIFESTS such as:This section describes how to get access to the TeraFlowSDN controller WebUI and the monitoring Grafana dashboards.
Access the TeraFlowSDN WebUIIf you followed the installation steps based on MicroK8s, you got an ingress controller installed that exposes on TCP port 80.
Besides, the ingress controller defines the following reverse proxy paths (on your local machine):
http://127.0.0.1/webui: points to the WebUI of TeraFlowSDN.http://127.0.0.1/grafana: points to the Grafana dashboards. This endpoint brings access to the monitoring dashboards of TeraFlowSDN. The credentials for the adminuser are those defined in the my_deploy.sh script, in the TFS_GRAFANA_PASSWORD variable.http://127.0.0.1/restconf: points to the Compute component NBI based on RestCONF. This endpoint enables connecting external software, such as ETSI OpenSourceMANO NFV Orchestrator, to TeraFlowSDN.Note: In the creation of the VM, a forward from host TCP port 8080 to VM's TCP port 80 is configured, so the WebUIs and REST APIs of TeraFlowSDN should be exposed on the endpoint 127.0.0.1:8080 of your local machine instead of 127.0.0.1:80.
This section presents some helper scripts to inspect the status of the deployment and the logs of the components. These scripts are particularly helpful for troubleshooting during execution of experiments, development, and debugging.
Report the deployment of the TFS controllerThe summary report given at the end of the Deploy TFS controller procedure can be generated manually at any time by running the following command. You can avoid sourcing my_deploy.sh if it has been already done.
cd ~/tfs-ctrl\nsource my_deploy.sh\n./deploy/show.sh\nUse this script to validate that all the pods, deployments, replica sets, ingress controller, etc. are ready and have the appropriate state, e.g., running for Pods, and the services are deployed and have appropriate IP addresses and port numbers.
Report the log of a specific TFS controller componentA number of scripts are pre-created in the scripts folder to facilitate the inspection of the component logs. For instance, to dump the log of the Context component, run the following command. You can avoid sourcing my_deploy.sh if it has been already done.
source my_deploy.sh\n./scripts/show_logs_context.sh\nSkip this step if you already did it during the installation of your machine.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nsudo apt-get install -y make build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev wget \\\n curl llvm git libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev\nWe recommend installing PyEnv through PyEnv Installer. Below you can find the instructions, but we refer you to the link for updated instructions.
curl https://pyenv.run | bash\n# When finished, edit ~/.bash_profile // ~/.profile // ~/.bashrc as the installer proposes.\n# In general, it means to append the following lines to ~/.bashrc:\nexport PYENV_ROOT=\"$HOME/.pyenv\"\ncommand -v pyenv >/dev/null || export PATH=\"$PYENV_ROOT/bin:$PATH\"\neval \"$(pyenv init -)\"\neval \"$(pyenv virtualenv-init -)\"\nIn case .bashrc is not linked properly to your profile, you may need to append the following line into your local .profile file:
# Open ~/.profile and append this line:\n+source \"$HOME\"/.bashrc\nRestart the machine for all the changes to take effect.
sudo reboot\nETSI TeraFlowSDN uses Python 3.9 by default. You should install the latest stable update of Python 3.9, i.e., avoid \"-dev\" versions. To find the latest version available in PyEnv, you can run the following command:
pyenv install --list | grep \" 3.9\"\nAt the time of writing, this command will output the following list:
3.9.0\n 3.9-dev\n 3.9.1\n 3.9.2\n 3.9.4\n 3.9.5\n 3.9.6\n 3.9.7\n 3.9.8\n 3.9.9\n 3.9.10\n 3.9.11\n 3.9.12\n 3.9.13\n 3.9.14 \n 3.9.15\n 3.9.16 ** always select the latest version **\nTherefore, the latest stable version is Python 3.9.16. To install this version, you should run:
pyenv install 3.9.16\n # This command might take some minutes depending on your Internet connection speed \n # and the performance of your machine.\n The following commands create a virtual environment named as tfs using Python 3.9 and associate that environment with the current folder, i.e., ~/tfs-ctrl. That way, when you are in that folder, the associated virtual environment will be used, thus inheriting the Python interpreter, i.e., Python 3.9, and the Python packages installed on it.
cd ~/tfs-ctrl\npyenv virtualenv 3.9.16 tfs\npyenv local 3.9.16/envs/tfs\nAfter completing these commands, you should see in your prompt that now you're within the virtual environment 3.9.16/envs/tfs on folder ~/tfs-ctrl:
(3.9.16/envs/tfs) tfs@tfs-vm:~/tfs-ctrl$\nIn case that the correct pyenv does not get automatically activated when you change to the tfs-ctrl/ folder, then execute the following command:
cd ~/tfs-ctrl\npyenv activate 3.9.16/envs/tfs\n From within the 3.9.16/envs/tfs environment on folder ~/tfs-ctrl, run the following commands to install the basic Python packages required to work with TeraFlowSDN.
cd ~/tfs-ctrl\n./install_requirements.sh\nSome dependencies require to re-load the session, so log-out and log-in again.
Generate the Python code from the gRPC Proto messages and servicesThe components, e.g., microservices, of the TeraFlowSDN controller, in general, use a gRPC-based open API to interoperate. All the protocol definitions can be found in sub-folder proto within the root project folder. For additional details on gRPC, visit the official web-page gRPC.
In order to interact with the components, (re-)generate the Python code from gRPC definitions running the following command:
cd ~/tfs-ctrl\nproto/generate_code_python.sh\nThis section describes how to configure the Python environment to run experiments and develop code for the ETSI TeraFlowSDN controller. In particular, we use PyEnv to install the appropriate version of Python and manage the virtual environments.
"},{"location":"development_guide/#212-java-quarkus","title":"2.1.2. Java (Quarkus)This section describe the steps needed to create a development environment for TFS components implemented in Java. Currently, ZTP and Policy components have been developed in Java (version 11) and use the Quarkus framework, which enables kubernetes-native development.
Install JDKTo begin, make sure that you have java installed and in the correct version
java --version\nIf you don't have java installed you will get an error like the following:
Command 'java' not found, but can be installed with:\n\nsudo apt install default-jre # version 2:1.11-72build1, or\nsudo apt install openjdk-11-jre-headless # version 11.0.14+9-0ubuntu2\nsudo apt install openjdk-17-jre-headless # version 17.0.2+8-1\nsudo apt install openjdk-18-jre-headless # version 18~36ea-1\nsudo apt install openjdk-8-jre-headless # version 8u312-b07-0ubuntu1\nIn which case you should use the following command to install the correct version:
sudo apt install openjdk-11-jre-headless\nElse you should get something like the following:
openjdk 11.0.18 2023-01-17\nOpenJDK Runtime Environment (build 11.0.18+10-post-Ubuntu-0ubuntu120.04.1)\nOpenJDK 64-Bit Server VM (build 11.0.18+10-post-Ubuntu-0ubuntu120.04.1, mixed mode, sharing)\n In the root directory of the existing Java components you will find an executable maven wrapper named mvnw. You could use this executable, which is already configured in pair with the components, instead of your local maven installation. So for example if you want to compile the project you would run the following:
./mvnw compile\n In case you are using VS Code for development, we suggest to install the official Quarkus extension. The extension should be able to automatically find the current open project and integrate with the above mvnw maven wrapper, making it easier to control the maven lifecycle. Make sure that you open the specific component directory (i.e., src/ztp or src/policy) and not the general controller one (i.e., src.)
Sample Project
If you want to create a new TFS component written in Java you could generate a new Quarkus project based on the following project:
TFS Sample Quarkus Project
In that way, you should have most of the libraries you would need to integrate with the rest of the TFS Components. Feel free however to add or remove libraries depending on your needs.
Initial setup
If you used the sample project above, you should have a project with a basic structure. However there are some steps that you should take before starting development.
First make sure that you copy the protobuff files, that are found in the root directory of the TFS SDN controller, to the new-component/src/main/proto directory.
Next you should create the following files:
new-component/.gitlab-ci.ymlnew-component/Dockerfilenew-component/src/resources/application.yamlWe suggest to copy the respective files from existing components (Automation and Policy) and change them according to your needs.
","text":""},{"location":"development_guide/#213-java-maven","title":"2.1.3. Java (Maven)Page under construction
","text":""},{"location":"development_guide/#214-rust","title":"2.1.4. RustPage under construction
","text":""},{"location":"development_guide/#215-erlang","title":"2.1.5. ErlangThis section describes how to configure the Erlang environment to run experiments and develop code for the ETSI TeraFlowSDN controller.
First we need to install Erlang. There is multiple way, for development we will be using ASDF, a tool that allows the installation of multiple version of Erlang at the same time, and switch from one version to the other at will.
First, install any missing dependencies: bash sudo apt install curl git autoconf libncurses-dev build-essential m4 libssl-dev
Download ASDF tool to the local account: bash git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.10.2
Make ASDF activate on login by adding these lines at the end of the ~/.bashrc file: bash . $HOME/.asdf/asdf.sh . $HOME/.asdf/completions/asdf.bash
Logout and log back in to activate ASDF.
ASDF supports multiple tools by installing there corresponding plugins.
Install ASDF plugin for Erlang: bash asdf plugin add erlang https://github.com/asdf-vm/asdf-erlang.git
Install a version of Erlang: bash asdf install erlang 24.3.4.2
Activate Erlang locally for TFS controller. This will create a local file called .tool-versions defining which version of the tools to use when running under the current directory: bash cd tfs-ctrl/ asdf local erlang 24.3.4.2
Erlang projects uses a build tool called rebar3. It is used to manager project dependenecies, compile a project and generate project releases.
Install rebar3 localy from source: bash cd ~ git clone https://github.com/erlang/rebar3.git cd rebar3 asdf local erlang 24.3.4.2 ./bootstrap ./rebar3 local install
Update ~/.bashrc to use rebar3 by adding this line at the end: bash export PATH=$HOME/.cache/rebar3/bin:$PATH
Logout and log back in.
This section describes the steps needed to establish a development environment for TFS (TeraFlowSDN) components implemented in Kotlin. Currently, the Gateway component stands as the sole component developed in Kotlin.
To begin, make sure that you have kotlin installed and its current version:
kotlin -version\nIf you don't have kotlin installed you will get an error like the following:
Command 'kotlin' not found, but can be installed with:\nsudo snap install --classic kotlin\nIn which case you should use the following command to install the correct version:
sudo snap install --classic kotlin\nCurrently, the recommended version is 1.6.21, which uses Java Runtime Environment (JRE) version 11.
Compiling and testing existing componentsTo compile a Kotlin project using Gradle, similarly to using the Maven wrapper (mvnw) for Java projects, you can use the Gradle wrapper (gradlew) within the root directory of your Kotlin component, specifically the gateway directory.
Navigate to the gateway directory within your Kotlin project. Ensure that it contains the gradlew script along with the gradle directory. Then, create a directory named proto and move all the files with extension .proto in this way:
mkdir proto\ncp ../../../proto/*.proto ./proto \nFor building the application, open a terminal or command prompt, navigate to the gateway directory, and run the following command:
./gradlew build\nThe following program runs the gateway application:
./gradlew runServer \nSample Project
If you want to create a new TFS component written in Kotlin you could generate a Kotlin project using gradle. The recommended version is 7.1. Follow the following Gradle guide for its installation. For building the prokect follow this link instead.
From inside the new project directory, run the init task using the following command in a terminal: gradle init.
The output will look like this:
$ gradle init\n\nSelect type of project to generate:\n 1: basic\n 2: application\n 3: library\n 4: Gradle plugin\nEnter selection (default: basic) [1..4] 2\n\nSelect implementation language:\n 1: C++\n 2: Groovy\n 3: Java\n 4: Kotlin\n 5: Scala\n 6: Swift\nEnter selection (default: Java) [1..6] 4\n\nSelect build script DSL:\n 1: Groovy\n 2: Kotlin\nEnter selection (default: Groovy) [1..2] 1\n\nProject name (default: demo):\nSource package (default: demo):\n\n\nBUILD SUCCESSFUL\n2 actionable tasks: 2 executed\nInitial setup
The gradle init command generates the new project.
First, ensure the protobuf files are copied from the root directory of the TFS SDN controller. Run the following command in the directory of the new project:
mkdir proto \ncp TFS/project/root/path/proto/*.proto ./proto/\nThe file build.gradle.ktl is fundamental as it manages dependencies. Adjust it for adding external libraries.
Next you should create the following files:
new-component/.gitlab-ci.ymlnew-component/DockerfileWe recommend leveraging the structures and configurations found in the files of existing components for inspiration.
Docker Container This project operates with Docker containers. Ensure the production of the container version for your component. To generate the container version of the project, modify the 'new-component/Dockerfile.' Execute the following command from the project's root directory:
docker build -t new-image -f new-component/Dockerfile ./\nIf not already done, install VSCode and the \"Remote SSH\" extension on your local machine, not in the VM.
Note: \"Python\" extension is not required here. It will be installed later on the VSCode server running on the VM.
Configure the \"Remote SSH\" extensionHost TFS-VM\n HostName 127.0.0.1\n Port 2200\n ForwardX11 no\n User tfs\nNote: if you get a connection error message, the reason might be due to wrong SSH server fingerprint. Edit file \"<...>/.ssh/known_hosts\" on your local user account, check if there is a line starting with \"[127.0.0.1]:2200\" (assuming previous port forwarding configuration), remove the entire line, save the file, and retry connection.
Add SSH key to prevent typing the password every timeThis step creates an SSH key in the VM and installs it on the VSCode to prevent having to type the password every time.
Run the following commands on the VM's terminal through VSCode bash ssh-keygen -t rsa -b 4096 -f ~/.ssh/tfs-vm.key # leave password empty ssh-copy-id -i ~/.ssh/tfs-vm.key.pub tfs@10.0.2.10 # tfs@10.0.2.10's password: <type tfs user's password: tfs123> rm .ssh/known_hosts
In VSCode, click left \"Explorer\" panel to expand, if not expanded, and click \"Open Folder\" button.
Delete files \"tfs-vm.key\" and \"tfs-vm.key.pub\" on the TFS-VM.
In VSCode, click left \"Remote Explorer\" panel to expand
Host TFS-VM HostName 127.0.0.1 Port 2200 ForwardX11 no User tfs IdentityFile \"<path to the downloaded identity private key file>\"This step installs Python extensions in VSCode server running in the VM.
Install official \"Python\" extension released by Microsoft.
In VSCode (connected to the VM), click left button \"Explorer\"
The source code in the TFS controller project is hosted in folder src/. To help VSCode find the Python modules and packages, add the following file into your working space root folder:
echo \"PYTHONPATH=./src\" >> ~/tfs-ctrl/.env\nPage under construction
"},{"location":"faq/","title":"FAQ","text":"This section addresses common questions you may encounter while working with TFS software.
"},{"location":"faq/#what-if-i-have-some-issues-while-installingusing-tfs","title":"What if I have some issues while installing/using TFS?","text":"Feel free to join our Slack community channel and ask questions! Our experts will soon reply your question.
General Slack Channel
For any other bussiness, you can contact the SDG Support team at SDGsupport@etsi.org
"},{"location":"features_and_bugs/","title":"Feature and bugs","text":"This section describes the procedures to request new features and enhancements, report bugs, and the workflows implemented to manage them.
Project features go through a discussion and approval process. To propose a New Feature, TFS uses the issues on its GitLab code repository.
Important: A feature request is about functionality, not about implementation details.
Two kind of requests are considered in this procedure:
Go to New Issue page https://labs.etsi.org/rep/tfs/controller/-/issues/new.
Create a New Issue for your feature
type::new-feature / type::enhancementcomp-<component-name>.Interact with the TSC and the Community through the issue.
Once a feature has been approved, the design phase starts. The design should be included within the description of the feature (GitLab issue description) by concatenating the Design Feature Template (see below) and properly filling it in. In case the feature description becomes too long, attached files could be included to the feature.
The design is expected to be socialized with the relevant stakeholders (e.g. MDLs and TSC). Dedicated slots can be allocated in the TECH calls on a per-request basis to discuss and refine it.
For writing the design, you can check the design of existing features or use the design template below.
Templates:New feature / Enhancement request template:
# Proposers\n\n- name-of-proposer-1 (institution-of-proposer-1)\n- name-of-proposer-2 (institution-of-proposer-2)\n...\n\n# Description\n\nDescribe your proposal in ~1000 characters.\nYou can reference external content listed in section \"References\" as [Ref-1].\n\n# Demo or definition of done\n\nDescribe which high level conditions needs to be fulfilled to demonstrate this feature implementation is completed.\nYou can reference external content (example, demo paper) listed in section \"References\" as [Ref-2].\n\n# References\n\n1. [Reference name](https://reference-url)\n2. Author1, Author2, Author3, et. al., \u201cMy demo using feature,\u201d in Conference-Name Demo Track, 20XX.\nFeature design Template:
# Feature Design\n\n## Clarifications to Expected Behavior Changes\n\nExisting component logic and workflows between components that need to be altered to realize this feature.\nRemember to justify these changes.\n...\n\n## References\n\nList of relevant references for this feature.\n...\n\n## Assumptions\n\nEnumerate the assumptions for this feature, e.g., fix XXX is implemented and merged, specific configurations, specific\ncomponents deployed.\n...\n\n## Impacted Components\n\nList of impacted components: Context, Device, Service, PathComp, Slice, Monitoring, Automation, Policy, Compute, etc.\nJust an enumeration, elaboration of impacts is done below.\n\n## Component1 Impact\n\nDescribe impact (changes) on component1.\n...\n\n## Component2 Impact\n\nDescribe impact (changes) on component2.\n...\n\n## Testing\n\nDescribe test sets (unitary and integration) to be carried out.\nThis section can include/reference external experiments, demo papers, etc.\n...\nProject bugs go through a review, confirmation, and resolution process. To report a Bug, TFS uses the issues on its GitLab code repository.
Important: New bugs must be properly documented. Please, provide details on:
Without this minimal information, it will/might be difficult to reproduce and resolve the bug, as well as validating the completeness of the solution.
Steps:Go to New Issue page https://labs.etsi.org/rep/tfs/controller/-/issues/new.
Create a New Issue for your bug
type::bugcomp-<component-name>.Interact with the TSC and the Community through the issue.
Once approved, a feature request could transition through the following steps:
Important: An approved feature is not a guarantee for implementation. Implementing a feature requires resources, and resources come from the members, participants and individual contributors integrating the TFS Community, which might have prioritized the development of other features based on their own interests and the interests expressed by the LG, the TSC, and the MDGs.
Once a Feature is mature, e.g., Testing, Review, Completed, it can be accepted for inclusion in a specific Release. This is accomplished by including the issue ticket in the respective EPIC \"ReleaseX.Y\". For instance, to see the Features included in Release X.Y, check EPIC \"ReleaseX.Y\".
"},{"location":"run_experiments/","title":"Run Experiments","text":"This section walks you through the process of running experiments in TeraFlowSDN on top of a machine running MicroK8s Kubernetes platform. The guide includes the details on configuring the Python environment, some basic commands you might need, configuring the network topology, and executing different experiments.
Note that the steps followed here are likely to work regardless of the platform where TeraFlowSDN is deployed over.
Note also that this guide will keep growing with the new experiments and demonstrations that are being carried out involving the ETSI TeraFlowSDN controller.
Important: The NBIs, workflows and drivers have to be considered as experimental. The configuration and monitoring capabilities they support are limited, partially implemented, or tested only with specific laboratory equipment. Use them with care.
3.1. OFC'22 Demo
3.2. ECOC'22 Demo
3.3. OECC-PSC'22 Demo (Work In Progress)
3.4. NFV-SDN'22 Demo (Work In Progress)
This functional test reproduces the live demonstration Demonstration of Zero-touch Device and L3-VPN Service Management Using the TeraFlow Cloud-native SDN Controller carried out at OFC'22 / Open access.
The main features demonstrated are:
This functional test can be found in folder ./src/tests/ofc22/.
This functional test is designed to operate both with real and emulated devices. By default, emulated devices are used; however, if you have access to real devices, you can create/modify the files ./src/tests/ofc22/tests/Objects.py and ./src/tests/ofc22/tests/Credentials.py to point to your devices, and map to your own network topology. Otherwise, you can modify the ./src/tests/ofc22/tests/descriptors_emulated.json that is designed to be uploaded through the WebUI instead of using the command line scripts. Note that the default scenario assumes devices R2 and R4 are always emulated, while devices R1, R3, and O1 can be configured as emulated or real devices.
Important: The device drivers operating with real devices, e.g., OpenConfigDriver, P4Driver, and TransportApiDriver, have to be considered as experimental. The configuration and monitoring capabilities they support are limited or partially implemented/tested. Use them with care.
Deployment and DependenciesTo run this functional test, it is assumed you have deployed a MicroK8s-based Kubernetes environment and a TeraFlowSDN controller instance as described in the Tutorial: Deployment Guide, and you configured the Python environment as described in Tutorial: Development Guide > Configure Environment > Python.
Access to the WebUI and DashboardWhen the deployment completes, you can connect to the TeraFlowSDN WebUI and Dashboards as described in Tutorial: Deployment Guide > WebUI and Grafana Dashboards
Notes:
admin/admin123+.Before executing the tests, we need to prepare a few things.
First, you need to make sure that you have all the gRPC-generate code in your folder. To do so, run:
proto/generate_code_python.sh\nThen, it is time to deploy TeraFlowSDN with the correct specification for this scenario. Make sure to load your deployment variables for this scenario by:
source src/tests/ofc22/deploy_specs.sh\nThen, you need to deploy the components by running:
./deploy/all.sh\nAfter the deployment is finished, you need to load the environment variables to support the execution of the tests by:
source tfs_runtime_env_vars.sh\nTo execute this functional test, four main steps needs to be carried out:
Upon the execution of each test progresses, a report will be generated indicating PASSED / FAILED / SKIPPED. If there is some error during the execution, you should see a detailed report on the error. See the troubleshooting section if needed.
You can check the logs of the different components using the appropriate scripts/show_logs_[component].sh scripts after you execute each step.
There are two ways to execute the functional tests, running all the tests with a single script or running each test independently. In the following we start with the first option, then we comment on how to run each test independently.
Running all tests with a single script
We have a script that executes all the steps at once. It is meant for being used to test if all components involved in this scenario are working correct. To run all the functional tests, you can run:
src/tests/ofc22/run_tests.sh\nThe following sections explain each one of the steps.
Device bootstrapping
This step configures some basic entities (Context and Topology), the devices, and the links in the topology. The expected results are:
To run this step, you can do it from the WebUI by uploading the file ./ofc22/tests/descriptors_emulated.json that contains the descriptors of the contexts, topologies, devices, and links, or by executing the script:
./src/tests/ofc22/run_test_01_bootstrap.sh\nWhen the bootstrapping finishes, check in the Grafana L3-Monitoring Dashboard and you should see the monitoring data being plotted and updated every 5 seconds (by default). Given that there is no service configured, you should see a 0-valued flat plot.
In the WebUI, select the admin Context. Then, in the Devices tab you should see that 5 different emulated devices have been created and activated: 4 packet routers, and 1 optical line system controller. Besides, in the Services tab you should see that there is no service created. Note here that the emulated devices produce synthetic randomly-generated monitoring data and do not represent any particular services configured.
L3VPN Service creation
This step configures a new service emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the script:
./src/tests/ofc22/run_test_02_create_service.sh\nWhen the script finishes, check the WebUI Services tab. You should see that two services have been created, one for the optical layer and another for the packet layer. Besides, you can check the Devices tab to see the configuration rules that have been configured in each device. In the Grafana Dashboard, given that there is now a service configured, you should see the plots with the monitored data for the device. By default, device R1-EMU is selected.
L3VPN Service removal
This step deconfigures the previously created services emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the script:
./src/tests/ofc22/run_test_03_delete_service.sh\nor delete the L3NM service from the WebUI.
When the script finishes, check the WebUI Services tab. You should see that the two services have been removed. Besides, in the Devices tab you can see that the appropriate configuration rules have been deconfigured. In the Grafana Dashboard, given that there is no service configured, you should see a 0-valued flat plot again.
Cleanup
This last step performs a cleanup of the scenario removing all the TeraFlowSDN entities for completeness. To run this step, execute the script:
./src/tests/ofc22/run_test_04_cleanup.sh\nWhen the script finishes, check the WebUI Devices tab, you should see that the devices have been removed. Besides, in the Services tab you can see that the \"admin\" Context has no services given that that context has been removed.
"},{"location":"run_experiments/#32-ecoc22-demo","title":"3.2. ECOC'22 Demo","text":"This functional test reproduces the experimental assessment of Experimental Demonstration of Transport Network Slicing with SLA Using the TeraFlowSDN Controller presented at ECOC'22 / IEEEXplore.
The main features demonstrated are:
This functional test can be found in folder ./src/tests/ecoc22/.
This functional test has only been tested with emulated devices; however, if you have access to real devices, you can modify the files ./src/tests/ecoc22/tests/Objects.py and ./src/tests/ecoc22/tests/Credentials.py to point to your devices, and map to your network topology. Otherwise, you can modify the ./src/tests/ecoc22/tests/descriptors_emulated.json that is designed to be uploaded through the WebUI instead of using the command line scripts.
Important: The device drivers operating with real devices, e.g., OpenConfigDriver, P4Driver, and TransportApiDriver, have to be considered as experimental. The configuration and monitoring capabilities they support are limited or partially implemented/tested. Use them with care.
Deployment and DependenciesTo run this functional test, it is assumed you have deployed a MicroK8s-based Kubernetes environment and a TeraFlowSDN controller instance as described in the Tutorial: Deployment Guide, and you configured the Python environment as described in Tutorial: Development Guide > Configure Environment > Python.
Access to the WebUIWhen the deployment completes, you can connect to the TeraFlowSDN WebUI as described in Tutorial: Deployment Guide > WebUI and Grafana Dashboards
Notes:
admin/admin123+.Before executing the tests, we need to prepare a few things.
First, you need to make sure that you have all the gRPC-generate code in your folder. To do so, run:
proto/generate_code_python.sh\nSecond, it is time to deploy TeraFlowSDN with the correct specification for this scenario. Make sure to load your deployment variables for this scenario by:
source src/tests/ecoc22/deploy_specs.sh\nThen, you need to deploy the components by running:
./deploy/all.sh\nAfter the deployment is finished, you need to load the environment variables to support the execution of the tests by:
source tfs_runtime_env_vars.sh\nTo execute this functional test, four main steps needs to be carried out:
Upon the execution of each test progresses, a report will be generated indicating PASSED / FAILED / SKIPPED. If there is some error during the execution, you should see a detailed report on the error. See the troubleshooting section if needed.
You can check the logs of the different components using the appropriate scripts/show_logs_[component].sh scripts after you execute each step.
Device bootstrapping
This step configures some basic entities (Context and Topology), the devices, and the links in the topology. The expected results are:
To run this step, you can do it from the WebUI by uploading the file ./src/tests/ecoc22/tests/descriptors_emulated.json that contains the descriptors of the contexts, topologies, devices, and links, or by executing the ./src/tests/ecoc22/run_test_01_bootstrap.sh script.
In the WebUI, select the admin Context. Then, in the Devices tab you should see that 5 different emulated devices have been created and activated: 4 packet routers, and 1 optical Open Line System (OLS) controller. Besides, in the Services tab you should see that there is no service created.
L2VPN Slice and Services creation
This step configures a new service emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the ./src/tests/ecoc22/run_test_02_create_service.sh script.
When the script finishes, check the WebUI Slices and Services tab. You should see that, for the connectivity service requested by MockOSM, one slice has been created, three services have been created (two for the optical layer and another for the packet layer). Note that the two services for the optical layer correspond to the primary (service_uuid ending with \":0\") and the backup (service_uuid ending with \":1\") services. Each of the services indicates the connections and sub-services that are supporting them. Besides, you can check the Devices tab to see the configuration rules that have been configured in each device.
L2VPN Slice and Services removal
This step deconfigures the previously created slices and services emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the ./src/tests/ecoc22/run_test_03_delete_service.sh script, or delete the slice from the WebUI.
When the script finishes, check the WebUI Slices and Services tab. You should see that the slice and the services have been removed. Besides, in the Devices tab you can see that the appropriate configuration rules have been deconfigured.
Cleanup
This last step performs a cleanup of the scenario removing all the TeraFlowSDN entities for completeness.
To run this step, execute the ./src/tests/ecoc22/run_test_04_cleanup.sh script.
When the script finishes, check the WebUI Devices tab, you should see that the devices have been removed. Besides, in the Slices and Services tab you can see that the admin Context has no services given that that context has been removed.
"},{"location":"run_experiments/#33-oecc-psc22-demo-work-in-progress","title":"3.3. OECC-PSC'22 Demo (Work In Progress)","text":"Page under construction.
The main features demonstrated are:
Page under construction.
The main features demonstrated are:
This section summarizes the NBI connectors supported by the TeraFlowSDN controller to interoperate with OSS/BSS/NFVO on top of it.
This NBI connector exposes the basic gRPC methods of TeraFlowSDN that enable to manage contexts, topologies, devices, links, services, slices, connections, and policies.
Exposed endpoints:Endpoint /tfs-api/context_ids
GETEndpoint /tfs-api/contexts
GETEndpoint /tfs-api/dummy_contexts
GETEndpoint /tfs-api/context/<path:context_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/topology_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/topologies
GETEndpoint /tfs-api/context/<path:context_uuid>/topology/<path:topology_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/service_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/services
Method: GET
Method: POST
Method: PUT
Method: DELETE
Endpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/slice_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/slices
GETEndpoint /tfs-api/context/<path:context_uuid>/slice/<path:slice_uuid>
GETEndpoint /tfs-api/device_ids
GETEndpoint /tfs-api/devices
GETEndpoint /tfs-api/device/<path:device_uuid>
GETEndpoint /tfs-api/link_ids
GETEndpoint /tfs-api/links
GETEndpoint /tfs-api/link/<path:link_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>/connection_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>/connections
GETEndpoint /tfs-api/connection/<path:connection_uuid>
GETEndpoint /tfs-api/policyrule_ids
GETEndpoint /tfs-api/policyrules
GETEndpoint /tfs-api/policyrule/<path:policyrule_uuid>
GETETSI Traffic Bandwidth Management (BWM) API (GS MEC 015)
Documentation in progress
Supported features:IETF RFC8466: A YANG Data Model for Layer 2 Virtual Private Network (L2VPN) Service Delivery
Documentation in progress
Supported features:IETF RFC8299: YANG Data Model for L3VPN Service Delivery
Documentation in progress
Supported features:IETF RFC8345: A YANG Data Model for Network Topologies
Documentation in progress
This extension also features partial support for:
IETF draft-ietf-teas-ietf-network-slice-nbi-yang: A YANG Data Model for the RFC 9543 Network Slice Service
Important: implemented version is based on version 2 of the draft:
Documentation in progress
Supported features:This section summarizes the SBI drivers supported by the TeraFlowSDN controller to interoperate with underlying network equipment and intermediate controllers.
Documentation in progress
This driver is provided for testing and debugging purposes. It implements an accept-anything behaviour and maintains an in-memory database with configured rules. It implements support for synthetic telemetry streaming data that is activated/deactivated according to enabled/disabled device endpoints.
Device Type:Not applicable.
Reference:None
"},{"location":"supported_sbis_and_network_elements/#52-netconf-openconfig","title":"5.2. NetConf OpenConfig","text":"Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
Device Type:Infinera XR Pluggables through Infinera IPM controller
Documentation in progress
Device Type:IETF RFC8466: A YANG Data Model for Layer 2 Virtual Private Network (L2VPN) Service Delivery
Documentation in progress
Device Type:Documentation in progress
Device Type:NetConf - OpenConfig for Optical Devices (EXPERIMENTAL)
WARNING: This driver is experimental and contains proprietary extensions on top of OpenConfig. Use with care.
Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
This driver manages microwave radio links through an intermediate controller using the data model in IETF RFC8345 \"A YANG Data Model for Network Topologies\".
Device Type:This section summarizes the service handlers supported by the TeraFlowSDN controller.
Documentation in progress
Service handler to configure L2 connectivity services using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L2 VPNs using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L2 VPNs using NetConf/OpenConfig for packet routers/switches.
Suported Drivers:Documentation in progress
Service handler to configure L2 packet forward in P4 switches.
Suported Drivers:Documentation in progress
Service handler to configure L3 connectivity services using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L3 connectivity services using gNMI/OpenConfig for packet routers.
Suported Drivers:Documentation in progress
Service handler to configure L3 VPNs using NetConf/OpenConfig for packet routers.
Suported Drivers:Documentation in progress
Service handler to configure L3 VPNs on top of optical connections using IETF ACTN.
Suported Drivers:Documentation in progress
WARNING: Experimental service handler to for a parent TeraFlowSDN end-to-end orchestrator to configure child TeraFlowSDN controllers acting as IP & Optical SDN controllers.
Suported Drivers:Documentation in progress
Service handler to configure L2 microwave links.
Suported Drivers:Documentation in progress
WARNING: Experimental service handler to configure L0 optical connections.
Suported Drivers:Documentation in progress
Service handler to configure L0 optical connections through intermediate TAPI controller.
Suported Drivers:Service handler to configure XR pluggables for L0 optical connections through intermediate Infinera IPM controller.
Suported Drivers:Page under construction.
Clean images when your /var/lib/docker starts taking up too much space:
docker system prune -a\nIn some cases might happen that some component is not working or reporting errors. In those cases it makes sense to activate DEBUG mode on those components and collect the logs.
Activate DEBUG mode in componentsBefore deploying the TeraFlowSDN, in the manifests folder, modify the appropriate files for the microservices to be inspected, e.g. contextservice.yaml, deviceservice.yaml, serviceservice.yaml, pathcompservice.yaml, and nbiservice.yaml, by changing environment variable LOG_LEVEL to DEBUG.
apiVersion: apps/v1\nkind: Deployment\n#...\nspec:\n # ...\n template:\n # ...\n spec:\n # ...\n containers:\n # ...\n - name: server\n # ...\n env:\n # ...\n - name: LOG_LEVEL\n value: \"INFO\" # change to \"DEBUG\"F\n # ...\nRedeploy TeraFlowSDN as usual using the example my_deploy.sh specifications or whatever file you created with your deploy specs.
source my_deploy.sh\n./deploy/all.sh\nWait for the deployment to finish.
Use TeraFlowSDNDo whatever actions you were testing and were missbehaving, such as onboarding a topology, creating a connectivity service, etc.
Collect log filesA number of helper scripts, named as show_logs_<component>.sh, are provided to facilitate log collection in the scripts folder. These scripts dump, by default, the logs on the screen, but can be redirected to files when needed.
In the following example, the logs of context, device, service, pathcomp-frontend, and nbi are stored in respective log files instead of the screen.
cd ~/tfs-ctrl\n./scripts/show_logs_context.sh > context.log\n./scripts/show_logs_device.sh > device.log\n./scripts/show_logs_service.sh > service.log\n./scripts/show_logs_pathcomp_frontend.sh > pathcomp_frontend.log\n./scripts/show_logs_nbi.sh > nbi.log\nThe resulting logs will be stored in the root TeraFlowSDN folder.
"},{"location":"troubleshooting/#83-download-a-snapshot-of-the-context-database","title":"8.3. Download a snapshot of the Context database","text":"In the WebUI, there is a tab named as Debug that you can use to interrogate the Context database. In particular, there is a link named as Dummy Contexts. This link produces a JSON descriptor file containing all the contexts, topologies, devices, links, slices, services, connections, constraints, and configuration rules present in Context. The resulting file can be onboarded in a blank TeraFlowSDN instance for testing purposes.
IMPORTANT: The Dummy Contexts feature might take few seconds to respond while it composes the reply.
IMPORTANT: The produced file is labelled as \"dummy\": true; that means it is a snapshot of the database that can be loaded directly into Context. This means it does not pass through the Device/Service/Slice components to onboard the records, but it drops the records directly in Context. This is useful to investigate the content on the database when an issue arises.
WARNING: The dump retrieves all the information in clear text! Remember to manually anonymize your sensitive data such as credentials, IP addresses, etc.
"},{"location":"contribute/documenting/","title":"Documenting","text":"TeraFlowSDN's documentation runs on MkDocs.
"},{"location":"contribute/documenting/#eligibility","title":"Eligibility","text":"Documenting TeraFlowSDN is limited to active contributors. So, if you:
MkDocs is a fast and simple static site generator that's geared towards building project documentation. Documentation source files are written in Markdown, and configured with a single YAML configuration file. Start by reading the introductory tutorial, then check the User Guide for more information.
There are 2 ways to upgrade documentation published on the TFS Documentation website:
This documentation repository has 2 protected branches:
In the mkdocs.yml file you will find the navigation structure of the documentation, there you can sections with sub-sections.
For example:
nav:\n - Home : ./index.md\n - Deployment Guide: ./deployment_guide.md\n - Development Guide: ./development_guide.md\n - Run Experiments: ./run_experiments.md\n - Feature and bugs: ./features_and_bugs.md\n - Supported SBIs and Network Elements: ./supported_sbis_and_network_elements.md\n - Supported NBIs: ./supported_nbis.md\n[...] \nPlease take a moment to understand the current structure of the documentations and think to update after contributing if necessary.
"},{"location":"contribute/documenting/#main-page","title":"Main Page","text":"The page shown first is at doc/index.md. That page should be updated with the latest changes of TeraFlowSDN and should reference the version (useful shortcut is {{{ documentation_version }}}).
To contribute to TeraFlowSDN's documentation, you need to follow these easy steps:
1) Clone the Documentation repository with:
git clone https://labs.etsi.org/rep/tfs/documentation.git\n2) Checkout the develop branch (incoming contributions are only accepted to the develop branch):
cd ./documentation\ngit checkout develop\n3) Setup a virtual environment:
python3 -m venv venv # Linux/macOS\nsource venv/bin/activate #Linux/macOS\npython -m venv venv # Windows\nvenv\\Scripts\\activate # Windows\n4) Setup a local mkdocs server by installing requirements:
python -m pip install -r requirements.txt\n4) Wait for all downloads to finish and start the local mkdocs server:
mkdocs serve\n5) Document! \ud83d\ude0a
You should always make sure that the local MkDocs server terminal is not producing any INFO/WARNING messages regarding your contributions.
To update the documentation properly during development, follow those additional steps:
index.md with new functionalities for the latest version);mkdocs locally;The documentation website supports branches, so your accepted changes will be reflected to the develop branch which then becomes the release branch after each corresponding cycle.
"},{"location":"contribute/documenting/#release-a-new-version-of-the-documentation","title":"Release a New Version of the Documentation","text":"When TeraFlowSDN code repository is ready for a new release, we need to follow these steps (made by a TSC Member):
Welcome to the ETSI TeraFlowSDN (TFS) Controller wiki!
This wiki provides a walkthrough on how to prepare your environment for executing and contributing to the ETSI SDG TeraFlowSDN. Besides, it describes how to run some example experiments.
"},{"location":"#try-teraflowsdn-release-50","title":"Try TeraFlowSDN Release 5.0","text":"The new release launched on May 28th, 2025 incorporates a number of new features, improvements, and bug resolutions. Try it by following the guides below, and feel free to give us your feedback. See the Release Notes.
"},{"location":"#requisites","title":"Requisites","text":"The guides and walkthroughs below make some reasonable assumptions to simplify the deployment of the TFS controller, the execution of experiments and tests, and the development of new contributions. In particular, we assume:
Use the Wiki menu in the left side of this page to navigate through the various contents of this wiki.
"},{"location":"#guides-and-walkthroughs","title":"Guides and Walkthroughs","text":"The following guides and walkthroughs are provided:
This section provides access to the links and all the materials prepared for the tutorials and hackfests involving ETSI TeraFlowSDN.
TFS Hackfest #7 (Castelldefels, 19-22 May 2025)
TFS Hackfest #5 (Sophia Antipolis, FR - 12-14 November 2024)
TFS Hackfest #4 (Athens, 21-22 May 2024)
TFS Hackfest #3 (Castelldefels, 16-17 October 2023)
TFS Hackfest #2 (Madrid, 20-21 June 2023)
OFC SC472 (San Diego, 6 March 2023)
TFS Hackfest #1 (Amsterdam, 20 October 2022)
New versions of TeraFlowSDN are periodically released. Each release is properly tagged and a branch is kept for its future bug fixing, if needed.
To choose the appropriate branch, follow the steps described in 1.3. Deploy TeraFlowSDN > Checkout the Appropriate Git Branch
"},{"location":"#events","title":"Events","text":"Find here after the list of past and future TFS Events:
If your environment does not fit with the proposed assumptions and you experience issues preparing it to work with the ETSI TeraFlowSDN controller, contact the ETSI TeraFlowSDN SDG team through Slack
"},{"location":"deployment_guide/","title":"Deployment Guide","text":"This section walks you through the process of deploying TeraFlowSDN on top of a machine running MicroK8s Kubernetes platform. The guide includes the details on configuring and installing the machine, installing and configuring MicroK8s, and deploying and reporting the status of the TeraFlowSDN controller.
"},{"location":"deployment_guide/#11-configure-your-machine","title":"1.1. Configure your Machine","text":"In this section, we describe how to configure a machine (physical or virtual) to be used as the deployment, execution, and development environment for the ETSI TeraFlowSDN controller. Choose your preferred environment below and follow the instructions provided.
NOTE: If you already have a remote physical server fitting the requirements specified in this section feel free to use it instead of deploying a local VM. Check 1.1.1. Physical Server for further details.
Virtualization platforms tested are:
This section describes how to configure a physical server for running ETSI TeraFlowSDN(TFS) controller.
Minimum Server Specifications for development and basic deployment
Recommended Server Specifications for development and basic deployment
Server Specifications for best development and deployment experience
NOTE: the specifications listed above are provided as a reference. They depend also on the CPU clock frequency, the RAM memory, the disk technology and speed, etc.
For development purposes, it is recommended to run the VSCode IDE (or the IDE of your choice) in a more powerful server, for instance, the recommended server specifications for development and basic deployment.
Given that TeraFlowSDN follows a micro-services architecture, for the deployment, it might be better to use many clusterized servers with many slower cores than a single server with few highly performant cores.
You might consider creating a cluster of machines each featuring, at least, the minimum server specifications. That solution brings you scalability in the future.
No explicit indications are given in terms of networking besides that servers need access to the Internet for downloading dependencies, binaries, and packages while building and deploying the TeraFlowSDN components.
Besides that, the network requirements are essentially the same than that required for running a classical Kubernetes environment. To facilitate the deployment, we extensively use MicroK8s, thus the network requirements are, essentially, the same demanded by MicroK8s, especially, if you consider creating a Kubernetes cluster.
As a reference, the other deployment solutions based on VMs assume the VM is connected to a virtual network configured with the IP range 10.0.2.0/24 and have the gateway at IP 10.0.2.1. The VMs have the IP address 10.0.2.10.
The minimum required ports to be accessible are:
Other ports might be required if you consider to deploy addons such as Kubernetes observability, etc. The details on these ports are left appart given they might vary depending on the Kubernetes environment you use.
The recommended Operating System for deploying TeraFlowSDN is Ubuntu Server 24.04 LTS or Ubuntu Server 22.04 LTS or Ubuntu Server 20.04 LTS. Other version might work, but we have not tested them. We strongly recommend using Long Term Support (LTS) versions as they provide better stability.
Below we provide some installation guidelines:
TeraFlowSDNtfs-vmtfstfs123sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using Oracle VirtualBox. It has been tested with VirtualBox up to version 6.1.40 r154048.
In \"Oracle VM VirtualBox Manager\", Menu \"File > Preferences... > Network\", create a NAT network with the following specifications:
Name CIDR DHCP IPv6 TFS-NAT-Net 10.0.2.0/24 Disabled DisabledWithin the newly created \"TFS-NAT-Net\" NAT network, configure the following IPv4 forwarding rules:
Name Protocol Host IP Host Port Guest IP Guest Port SSH TCP 127.0.0.1 2200 10.0.2.10 22 HTTP TCP 127.0.0.1 8080 10.0.2.10 80Note: IP address 10.0.2.10 is the one that will be assigned to the VM.
Note: (*) settings to be editing after the VM is created.
In \"Oracle VM VirtualBox Manager\", start the VM in normal mode, and follow the installation procedure.
Below we provide some installation guidelines:
Upgrade the Ubuntu distribution
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nInstall VirtualBox Guest Additions
On VirtualBox Manager, open the VM main screen. If you are running the VM in headless mode, right click over the VM in the VirtualBox Manager window and click \"Show\". If a dialog informing about how to leave the interface of the VM is shown, confirm pressing \"Switch\" button. The interface of the VM should appear.
Click menu \"Device > Insert Guest Additions CD image...\"
On the VM terminal, type:
sudo apt-get install -y linux-headers-$(uname -r) build-essential dkms\n # This command might take some minutes depending on your VM specs and your Internet access speed.\nsudo mount /dev/cdrom /mnt/\ncd /mnt/\nsudo ./VBoxLinuxAdditions.run\n # This command might take some minutes depending on your VM specs.\nsudo reboot\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using VMWare Fusion. It has been tested with VMWare Fusion version 12 and 13.
In \"VMWare Fusion\" manager, create a new network from the \"Settings/Network\" menu.
Create a new VM an Ubuntu 22.04.1 ISO:
On the next screen press \"Customize Settings\", save the VM and in \"Settings\" change:
Run the VM to start the installation.
The installation will be automatic, without any configuration required.
Configure the guest IP, gateway and DNS:
Using the Network Settings for the wired connection, set the IP to 10.0.2.10, the mask to 255.255.255.0, the gateway to 10.0.2.2 and the DNS to 10.0.2.2.
Disable and remove swap file:
$ sudo swapoff -a $ sudo rm /swapfile
Then you can remove or comment the /swapfile entry in /etc/fstab
Install Open SSH Server
Restart the VM when the installation is completed.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nIn OpenStack, go to Project - Network - Security Groups - Create Security Group with name TFS
Add the following rules:
Direction Ether Type IP Protocol Port Range Remote IP Prefix Ingress IPv4 TCP 22 (SSH) 0.0.0.0/0 Ingress IPv4 TCP 2200 0.0.0.0/0 Ingress IPv4 TCP 8080 0.0.0.0/0 Ingress IPv4 TCP 80 0.0.0.0/0 Egress IPv4 Any Any 0.0.0.0/0 Egress IPv6 Any Any ::/0Note: The IP address will be assigned depending on the network you have configured inside OpenStack. This IP will have to be modified in TeraFlow configuration files which by default use IP 10.0.2.10
Create a flavourFrom dashboard (Horizon)
Go to Admin - Compute - Flavors and press Create Flavor
From CLI
openstack flavor create TFS --id auto --ram 8192 --disk 60 --vcpus 8\n#cloud-config\n# Modifies the password for the VM instance\nusername: ubuntu\npassword: <your-password>\nchpasswd: { expire: False }\nssh_pwauth: True\nsudo apt-get update -y\nsudo apt-get dist-upgrade -y\nThis section describes how to configure a VM for running ETSI TeraFlowSDN(TFS) controller using OpenStack. It has been tested with OpenStack Kolla up to Yoga version.
"},{"location":"deployment_guide/#115-vagrant-box","title":"1.1.5. Vagrant BoxThis section describes how to create a Vagrant Box, using the base virtual machine configured in Oracle Virtual Box.
Virtual Machine specificationsMost of the specifications can be as specified in the Oracle Virtual Box page, however, there are a few particularities to Vagrant that must be accommodated, such as:
Also, before initiating the VM and installing the OS, we'll need to:
At Network Adapt 1, the following port-forwarding rule must be set.
Name Protocol Host IP Host Port Guest IP Guest Port SSH TCP 2222 22 Installing the OSFor a Vagrant Box, it is generally suggested that the ISO's server version is used, as it is intended to be used via SSH, and any web GUI is expected to be forwarded to the host.
Make sure the disk is not configured as an LVM group!
Vagrant serVagrant expects by default, that in the box's OS exists the user vagrant with the password also being vagrant.
Vagrant uses SSH to connect to the boxes, so installing it now will save the hassle of doing it later.
Features server snapsDo not install featured server snaps. It will be done manually later to illustrate how to uninstall and reinstall them in case of trouble with.
UpdatesLet the system install and upgrade the packages. This operation might take some minutes depending on how old is the Optical Drive ISO image you use and your Internet connection speed.
Upgrade the Ubuntu distributionsudo apt-get update -y\nsudo apt-get dist-upgrade -y\nOn VirtualBox Manager, open the VM main screen. If you are running the VM in headless mode, right-click over the VM in the VirtualBox Manager window, and click \"Show\". If a dialog informing about how to leave the interface of the VM is shown, confirm by pressing the \"Switch\" button. The interface of the VM should appear.
Click the menu \"Device > Insert Guest Additions CD image...\"
On the VM terminal, type:
sudo apt-get install -y linux-headers-$(uname -r) build-essential dkms\n # This command might take some minutes depending on your VM specs and your Internet access speed.\nsudo mount /dev/cdrom /mnt/\ncd /mnt/\nsudo ./VBoxLinuxAdditions.run\n # This command might take some minutes depending on your VM specs.\nsudo reboot\nAfter this, proceed to 1.2. Install Microk8s, after which, return to this wiki to finish the Vagrant Box creation.
Box configuration and creationMake sure the ETSI TFS controller is correctly configured. You will not be able to change it after!
It is advisable to do the next configurations from a host's terminal, via a SSH connection.
ssh -p 2222 vagrant@127.0.0.1\nSet the root password to vagrant:
sudo passwd root\nSet up the Vagrant user so that it\u2019s able to use sudo without being prompted for a password.
Anything in the /etc/sudoers.d/* directory is included in the sudoers privileges when created by the root user. Create a new sudo file.
sudo visudo -f /etc/sudoers.d/vagrant\nand add the following lines
# add vagrant user\nvagrant ALL=(ALL) NOPASSWD:ALL\nYou can now test that it works by running a simple command.
sudo pwd\nIssuing this command should result in an immediate response without a request for a password.
Install the Vagrant keyVagrant uses a default set of SSH keys for you to directly connect to boxes via the CLI command vagrant ssh, after which it creates a new set of SSH keys for your new box. Because of this, we need to load the default key to be able to access the box after created.
chmod 0700 /home/vagrant/.ssh\nwget --no-check-certificate https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub -O /home/vagrant/.ssh/authorized_keys\nchmod 0600 /home/vagrant/.ssh/authorized_keys\nchown -R vagrant /home/vagrant/.ssh\nEdit the /etc/ssh/sshd_config file:
sudo vim /etc/ssh/sshd_config\nAnd uncomment the following line:
AuthorizedKeysFile %h/.ssh/authorized_keys\nThen restart SSH.
sudo service ssh restart\nBefore you package the box, if you intend to make your box public, it is best to clean your bash history with:
history -c\nExit the SSH connection, and at you're host machine, package the VM:
vagrant package --base teraflowsdncontroller --output teraflowsdncontroller.box\nAdd the base box to you local Vagrant box list:
vagrant box add --name teraflowsdncontroller ./teraflowsdncontroller.box\nNow you should try to run it, for that you'll need to create a Vagrantfile. For a simple run, this is the minimal required code for this box:
# -*- mode: ruby -*-\n# vi: set ft=ruby :\n\nVagrant.configure(\"2\") do |config|\n config.vm.box = \"teraflowsdncontroller\"\n config.vm.box_version = \"1.1.0\"\n config.vm.network :forwarded_port, host: 8080 ,guest: 80\nend\nNow you'll be able to spin up the virtual machine by issuing the command:
vagrant up\nAnd connect to the machine using:
vagrant ssh\nIf you do not wish to create your own Vagrant Box, you can use one of the existing ones created by TFS contributors. - davidjosearaujo/teraflowsdncontroller - ...
To use them, you simply have to create a Vagrantfile and run vagrant up controller in the same directory. The following example Vagrantfile already allows you to do just that, with the bonus of exposing the multiple management GUIs to your localhost.
Vagrant.configure(\"2\") do |config|\n\n config.vm.define \"controller\" do |controller|\n controller.vm.box = \"davidjosearaujo/teraflowsdncontroller\"\n controller.vm.network \"forwarded_port\", guest: 80, host: 8080 # WebUI\n controller.vm.network \"forwarded_port\", guest: 8084, host: 50750 # Linkerd Viz Dashboard\n controller.vm.network \"forwarded_port\", guest: 8081, host: 8081 # CockroachDB Dashboard\n controller.vm.network \"forwarded_port\", guest: 8222, host: 8222 # NATS Dashboard\n controller.vm.network \"forwarded_port\", guest: 9000, host: 9000 # QuestDB Dashboard\n controller.vm.network \"forwarded_port\", guest: 9090, host: 9090 # Prometheus Dashboard\n\n # Setup Linkerd Viz reverse proxy\n ## Copy config file\n controller.vm.provision \"file\" do |f|\n f.source = \"./reverse-proxy-linkerdviz.sh\"\n f.destination = \"./reverse-proxy-linkerdviz.sh\"\n end\n ## Execute configuration file\n controller.vm.provision \"shell\" do |s|\n s.inline = \"chmod +x ./reverse-proxy-linkerdviz.sh && ./reverse-proxy-linkerdviz.sh\"\n end\n\n # Update controller source code to the desired branch\n if ENV['BRANCH'] != nil\n controller.vm.provision \"shell\" do |s|\n s.inline = \"cd ./tfs-ctrl && git pull && git switch \" + ENV['BRANCH']\n end\n end\n\n end\nend\nThis Vagrantfile also allows for optional repository updates on startup by running the command with a specified environment variable BRANCH
BRANCH=develop vagrant up controller\nBecause of Linkerd's security measures against DNS rebinding, a reverse proxy, that modifies the request's header Host field, is needed to expose the GUI to the host. The previous Vagrantfile already deploys such configurations, for that, all you need to do is create the reverse-proxy-linkerdviz.sh file in the same directory. The content of this file is displayed below.
# Install NGINX\nsudo apt update && sudo apt install nginx -y\n\n# NGINX reverse proxy configuration\necho 'server {\n listen 8084;\n\n location / {\n proxy_pass http://127.0.0.1:50750;\n proxy_set_header Host localhost;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n}' > /home/vagrant/expose-linkerd\n\n# Create symlink of the NGINX configuration file\nsudo ln -s /home/vagrant/expose-linkerd /etc/nginx/sites-enabled/\n\n# Commit the reverse proxy configurations\nsudo systemctl restart nginx\n\n# Enable start on login\necho \"linkerd viz dashboard &\" >> .profile\n\n# Start dashboard\nlinkerd viz dashboard &\n\necho \"Linkerd Viz dashboard running!\"\nThis section describes how to deploy the MicroK8s Kubernetes platform and configure it to be used with ETSI TeraFlowSDN controller. Besides, Docker is installed to build docker images for the ETSI TeraFlowSDN controller.
The steps described in this section might take some minutes depending on your internet connection speed and the resources assigned to your VM, or the specifications of your physical server.
To facilitate work, these steps are easier to be executed through an SSH connection, for instance using tools like PuTTY or MobaXterm.
Upgrade the Ubuntu distributionSkip this step if you already did it during the creation of the VM.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nsudo apt-get install -y ca-certificates curl gnupg lsb-release snapd jq\nInstall Docker CE and Docker BuildX plugin
sudo apt-get install -y docker.io docker-buildx\nNOTE: Starting from Docker v23, Build architecture has been updated and docker build command entered into deprecation process in favor of the new docker buildx build command. Package docker-buildx provides the new docker buildx build command.
Add key \"insecure-registries\" with the private repository to the daemon configuration. It is done in two commands since sometimes read from and write to same file might cause trouble.
if [ -s /etc/docker/daemon.json ]; then cat /etc/docker/daemon.json; else echo '{}'; fi \\\n | jq 'if has(\"insecure-registries\") then . else .+ {\"insecure-registries\": []} end' -- \\\n | jq '.\"insecure-registries\" |= (.+ [\"localhost:32000\"] | unique)' -- \\\n | tee tmp.daemon.json\nsudo mv tmp.daemon.json /etc/docker/daemon.json\nsudo chown root:root /etc/docker/daemon.json\nsudo chmod 600 /etc/docker/daemon.json\nRestart the Docker daemon
sudo systemctl restart docker\nImportant: By default, Kubernetes uses CIDR 10.1.0.0/16 for pods and CIDR 10.152.183.0/24 for services. If they conflict with your internal network CIDR, you might need to change Kubernetes CIDRs at deployment time. To do so, check links below and ask for support if needed.
# Install MicroK8s\nsudo snap install microk8s --classic --channel=1.29/stable\n\n# Wait until MicroK8s is ready\nmicrok8s.status --wait-ready\n\n# Create alias for command \"microk8s.kubectl\" to be usable as \"kubectl\"\nsudo snap alias microk8s.kubectl kubectl\n\n# Create alias for command \"microk8s.helm3\" to be usable as \"helm3\"\nsudo snap alias microk8s.helm3 helm3\nIt is important to make sure that ufw will not interfere with the internal pod-to-pod and pod-to-Internet traffic. To do so, first check the status. If ufw is active, use the following command to enable the communication.
# Verify status of ufw firewall\nsudo ufw status\n\n# If ufw is active, install following rules to enable access pod-to-pod and pod-to-internet\nsudo ufw allow in on cni0 && sudo ufw allow out on cni0\nsudo ufw default allow routed\nNOTE: MicroK8s can be used to compose a Highly Available Kubernetes cluster enabling you to construct an environment combining the CPU, RAM and storage resources of multiple machines. If you are interested in this procedure, review the official instructions in How to build a highly available Kubernetes cluster with MicroK8s, in particular, the step Create a MicroK8s multi-node cluster.
References:
It is important that your user has the permission to run docker and microk8s in the terminal. To allow this, you need to add your user to the docker and microk8s groups with the following commands:
sudo usermod -a -G docker $USER\nsudo usermod -a -G microk8s $USER\nsudo chown -f -R $USER $HOME/.kube\nsudo reboot\nIn case that you get trouble executing the following commands, might due to the .kube folder is not automatically provisioned into your home folder, you may follow the steps below:
mkdir -p $HOME/.kube\nsudo chown -f -R $USER $HOME/.kube\nmicrok8s config > $HOME/.kube/config\nsudo reboot\nTo retrieve the status of Kubernetes once, run the following command:
microk8s.status --wait-ready\nTo retrieve the status of Kubernetes periodically (e.g., every 1 second), run the following command:
watch -n 1 microk8s.status --wait-ready\nTo retrieve the status of the Kubernetes resources once, run the following command:
kubectl get all --all-namespaces\nTo retrieve the status of the Kubernetes resources periodically (e.g., every 1 second), run the following command:
watch -n 1 kubectl get all --all-namespaces\nFirst, we need to enable the community plugins (maintained by third parties):
microk8s.enable community\nNote: In some cases, enabling community add-on might raise an error stating fatal: detected dubious ownership in repository at '/snap/microk8s/current/addons/community/.git' and proposing to run command: git config --global --add safe.directory /snap/microk8s/current/addons/community/.git. If so, execute it and retry enabling community addon.
The mandatory addons to be enabled are:
dns: enables resolving the pods and services by namehostpath-storage: enables providing storage for the pods (required by registry)ingress: deploys an ingress controller to expose the microservices outside Kubernetesregistry: deploys a private registry for the TFS controller imagesmicrok8s.enable dns\nmicrok8s.enable hostpath-storage\nmicrok8s.enable ingress\nmicrok8s.enable registry\nFor scalable production deployments consider enabling addons:
linkerd: deploys the linkerd service mesh used for load balancing among replicasprometheus: set of tools that enable TFS observability through per-component instrumentationmetrics-server: deploys the Kubernetes metrics server for API access to service metricsmicrok8s.enable prometheus\nmicrok8s.enable metrics-server\nmicrok8s.enable linkerd\nImportant: Enabling some of the addons might take few minutes. Do not proceed with next steps until the addons are ready. Otherwise, the deployment might fail. To confirm everything is up and running:
If linkerd is enabled, run the following commands to add the alias to the command, and validate it is working correctly:
sudo snap alias microk8s.linkerd linkerd\nlinkerd check\nIf metrics-server is enabled, run the following command to validate it is working correctly:
kubectl top pods --all-namespaces\nand you should see a screen similar to the top command in Linux, showing the columns namespace, pod name, CPU (cores), and MEMORY (bytes).
In case pods are not starting, check information from pods logs. For example, linkerd is sensitive for proper /etc/resolv.conf syntax.
kubectl logs <podname> --namespace <namespace>\nIf the command shows an error message, also restarting the machine might help.
Stop, Restart, and RedeployFind below some additional commands you might need while you work with MicroK8s:
microk8s.stop # stop MicroK8s cluster (for instance, before power off your computer)\nmicrok8s.start # start MicroK8s cluster\nmicrok8s.reset # reset infrastructure to a clean state\nIf the following commands does not work to recover the MicroK8s cluster, you can redeploy it.
If you want to keep MicroK8s configuration, use:
sudo snap remove microk8s\nIf you need to completely drop MicroK8s and its complete configuration, use:
sudo snap remove microk8s --purge\nsudo apt-get remove --purge docker.io docker-buildx\nIMPORTANT: After uninstalling MicroK8s, it is convenient to reboot the computer (the VM if you work on a VM, or the physical computer if you use a physical computer). Otherwise, there are system configurations that are not correctly cleaned. Especially in what port forwarding and firewall rules matters.
After the reboot, redeploy as it is described in this section.
"},{"location":"deployment_guide/#13-deploy-teraflowsdn","title":"1.3. Deploy TeraFlowSDN","text":"This section describes how to deploy TeraFlowSDN controller on top of MicroK8s using the environment configured in the previous sections.
Install prerequisitessudo apt-get install -y git curl jq\nClone from ETSI-hosted GitLab code repository:
mkdir ~/tfs-ctrl\ngit clone https://labs.etsi.org/rep/tfs/controller.git ~/tfs-ctrl\nImportant: The original H2020-TeraFlow project hosted on GitLab.com has been archieved and will not receive further contributions/updates. Please, clone from ETSI-hosted GitLab code repository.
Checkout the appropriate Git branchTeraFlowSDN controller versions can be found in the appropriate release tags and/or branches as described in Home > Versions.
By default the branch master is checked out and points to the latest stable version of the TeraFlowSDN controller, while branch develop contains the latest developments and contributions under test and validation.
To switch to the appropriate branch run the following command, changing develop by the name of the branch you want to deploy:
cd ~/tfs-ctrl\ngit checkout develop\nCreate a new deployment script, e.g., my_deploy.sh, adding the appropriate settings as follows.
This section provides just an overview of the available settings. An example my_deploy.sh script is provided in the root folder of the project for your convenience with full description of all the settings.
Note: The example my_deploy.sh script provides reasonable settings for deploying a functional and complete enough TeraFlowSDN controller, and a brief description of their meaning. To see extended descriptions, check scripts in the deploy folder.
cd ~/tfs-ctrl\ntee my_deploy.sh >/dev/null << EOF\n# ----- TeraFlowSDN ------------------------------------------------------------\nexport TFS_REGISTRY_IMAGES=\"http://localhost:32000/tfs/\"\nexport TFS_COMPONENTS=\"context device pathcomp service nbi webui\"\nexport TFS_IMAGE_TAG=\"dev\"\nexport TFS_K8S_NAMESPACE=\"tfs\"\nexport TFS_EXTRA_MANIFESTS=\"manifests/nginx_ingress_http.yaml\"\nexport TFS_GRAFANA_PASSWORD=\"admin123+\"\nexport TFS_SKIP_BUILD=\"\"\n\n# ----- CockroachDB ------------------------------------------------------------\nexport CRDB_NAMESPACE=\"crdb\"\nexport CRDB_EXT_PORT_SQL=\"26257\"\nexport CRDB_EXT_PORT_HTTP=\"8081\"\nexport CRDB_USERNAME=\"tfs\"\nexport CRDB_PASSWORD=\"tfs123\"\nexport CRDB_DEPLOY_MODE=\"single\"\nexport CRDB_DROP_DATABASE_IF_EXISTS=\"YES\"\nexport CRDB_REDEPLOY=\"\"\n\n# ----- NATS -------------------------------------------------------------------\nexport NATS_NAMESPACE=\"nats\"\nexport NATS_EXT_PORT_CLIENT=\"4222\"\nexport NATS_EXT_PORT_HTTP=\"8222\"\nexport NATS_REDEPLOY=\"\"\n\n# ----- QuestDB ----------------------------------------------------------------\nexport QDB_NAMESPACE=\"qdb\"\nexport QDB_EXT_PORT_SQL=\"8812\"\nexport QDB_EXT_PORT_ILP=\"9009\"\nexport QDB_EXT_PORT_HTTP=\"9000\"\nexport QDB_USERNAME=\"admin\"\nexport QDB_PASSWORD=\"quest\"\nexport QDB_TABLE_MONITORING_KPIS=\"tfs_monitoring_kpis\"\nexport QDB_TABLE_SLICE_GROUPS=\"tfs_slice_groups\"\nexport QDB_DROP_TABLES_IF_EXIST=\"YES\"\nexport QDB_REDEPLOY=\"\"\n\nEOF\nThe settings are organized in 4 sections:
TeraFlowSDN:TFS_REGISTRY_IMAGE enables to specify the private Docker registry to be used, by default, we assume to use the Docker respository enabled in MicroK8s.TFS_COMPONENTS specifies the components their Docker image will be rebuilt, uploaded to the private Docker registry, and deployed in Kubernetes.TFS_IMAGE_TAG defines the tag to be used for Docker images being rebuilt and uploaded to the private Docker registry.TFS_K8S_NAMESPACE specifies the name of the Kubernetes namespace to be used for deploying the TFS components.TFS_EXTRA_MANIFESTS enables to provide additional manifests to be applied into the Kubernetes environment during the deployment. Typical use case is to deploy ingress controllers, service monitors for Prometheus, etc.TFS_GRAFANA_PASSWORD lets you specify the password you want to use for the admin user of the Grafana instance being deployed and linked to the Monitoring component.TFS_SKIP_BUILD, if set to YES, prevents rebuilding the Docker images. That means, the deploy script will redeploy existing Docker images without rebuilding/updating them.CockroachDB: enables to configure the deployment of the backend CockroachDB database.my_deploy.sh for further details.NATS: enables to configure the deployment of the backend NATS message broker.my_deploy.sh for further details.QuestDB: enables to configure the deployment of the backend QuestDB timeseries database.my_deploy.sh for further details.Run the following command:
microk8s status\nIf it is reported microk8s is not running, try microk8s start, run the following command to start MicroK8s:
microk8s start\nConfirm everything is up and running:
First, source the deployment settings defined in the previous section. This way, you do not need to specify the environment variables in each and every command you execute to operate the TFS controller. Be aware to re-source the file if you open new terminal sessions. Then, run the following command to deploy TeraFlowSDN controller on top of the MicroK8s Kubernetes platform.
cd ~/tfs-ctrl\nsource my_deploy.sh\n./deploy/all.sh\nThe script performs the following steps:
./deploy/crdb.sh to automate deployment of CockroachDB database used by Context component../deploy/nats.sh to automate deployment of NATS message broker used by Context component../deploy/qdb.sh to automate deployment of QuestDB timeseries database used by Monitoring component../deploy/tfs.sh to automate deployment of TeraFlowSDN.TFS_K8S_NAMESPACETFS_COMPONENTSTFS_IMAGE_TAGTFS_REGISTRY_IMAGETFS_COMPONENTStfs_runtime_env_vars.sh with the environment variables for the components defined in TFS_COMPONENTS defining their local host addresses and their port numbers.TFS_EXTRA_MANIFESTS such as:This section describes how to get access to the TeraFlowSDN controller WebUI and the monitoring Grafana dashboards.
Access the TeraFlowSDN WebUIIf you followed the installation steps based on MicroK8s, you got an ingress controller installed that exposes on TCP port 80.
Besides, the ingress controller defines the following reverse proxy paths (on your local machine):
http://127.0.0.1/webui: points to the WebUI of TeraFlowSDN.http://127.0.0.1/grafana: points to the Grafana dashboards. This endpoint brings access to the monitoring dashboards of TeraFlowSDN. The credentials for the adminuser are those defined in the my_deploy.sh script, in the TFS_GRAFANA_PASSWORD variable.http://127.0.0.1/restconf: points to the Compute component NBI based on RestCONF. This endpoint enables connecting external software, such as ETSI OpenSourceMANO NFV Orchestrator, to TeraFlowSDN.Note: In the creation of the VM, a forward from host TCP port 8080 to VM's TCP port 80 is configured, so the WebUIs and REST APIs of TeraFlowSDN should be exposed on the endpoint 127.0.0.1:8080 of your local machine instead of 127.0.0.1:80.
This section presents some helper scripts to inspect the status of the deployment and the logs of the components. These scripts are particularly helpful for troubleshooting during execution of experiments, development, and debugging.
Report the deployment of the TFS controllerThe summary report given at the end of the Deploy TFS controller procedure can be generated manually at any time by running the following command. You can avoid sourcing my_deploy.sh if it has been already done.
cd ~/tfs-ctrl\nsource my_deploy.sh\n./deploy/show.sh\nUse this script to validate that all the pods, deployments, replica sets, ingress controller, etc. are ready and have the appropriate state, e.g., running for Pods, and the services are deployed and have appropriate IP addresses and port numbers.
Report the log of a specific TFS controller componentA number of scripts are pre-created in the scripts folder to facilitate the inspection of the component logs. For instance, to dump the log of the Context component, run the following command. You can avoid sourcing my_deploy.sh if it has been already done.
source my_deploy.sh\n./scripts/show_logs_context.sh\nSkip this step if you already did it during the installation of your machine.
sudo apt-get update -y\nsudo apt-get dist-upgrade -y\nsudo apt-get install -y make build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev wget \\\n curl llvm git libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev\nWe recommend installing PyEnv through PyEnv Installer. Below you can find the instructions, but we refer you to the link for updated instructions.
curl https://pyenv.run | bash\n# When finished, edit ~/.bash_profile // ~/.profile // ~/.bashrc as the installer proposes.\n# In general, it means to append the following lines to ~/.bashrc:\nexport PYENV_ROOT=\"$HOME/.pyenv\"\ncommand -v pyenv >/dev/null || export PATH=\"$PYENV_ROOT/bin:$PATH\"\neval \"$(pyenv init -)\"\neval \"$(pyenv virtualenv-init -)\"\nIn case .bashrc is not linked properly to your profile, you may need to append the following line into your local .profile file:
# Open ~/.profile and append this line:\n+source \"$HOME\"/.bashrc\nRestart the machine for all the changes to take effect.
sudo reboot\nETSI TeraFlowSDN uses Python 3.9 by default. You should install the latest stable update of Python 3.9, i.e., avoid \"-dev\" versions. To find the latest version available in PyEnv, you can run the following command:
pyenv install --list | grep \" 3.9\"\nAt the time of writing, this command will output the following list:
3.9.0\n 3.9-dev\n 3.9.1\n 3.9.2\n 3.9.4\n 3.9.5\n 3.9.6\n 3.9.7\n 3.9.8\n 3.9.9\n 3.9.10\n 3.9.11\n 3.9.12\n 3.9.13\n 3.9.14 \n 3.9.15\n 3.9.16 ** always select the latest version **\nTherefore, the latest stable version is Python 3.9.16. To install this version, you should run:
pyenv install 3.9.16\n # This command might take some minutes depending on your Internet connection speed \n # and the performance of your machine.\n The following commands create a virtual environment named as tfs using Python 3.9 and associate that environment with the current folder, i.e., ~/tfs-ctrl. That way, when you are in that folder, the associated virtual environment will be used, thus inheriting the Python interpreter, i.e., Python 3.9, and the Python packages installed on it.
cd ~/tfs-ctrl\npyenv virtualenv 3.9.16 tfs\npyenv local 3.9.16/envs/tfs\nAfter completing these commands, you should see in your prompt that now you're within the virtual environment 3.9.16/envs/tfs on folder ~/tfs-ctrl:
(3.9.16/envs/tfs) tfs@tfs-vm:~/tfs-ctrl$\nIn case that the correct pyenv does not get automatically activated when you change to the tfs-ctrl/ folder, then execute the following command:
cd ~/tfs-ctrl\npyenv activate 3.9.16/envs/tfs\n From within the 3.9.16/envs/tfs environment on folder ~/tfs-ctrl, run the following commands to install the basic Python packages required to work with TeraFlowSDN.
cd ~/tfs-ctrl\n./install_requirements.sh\nSome dependencies require to re-load the session, so log-out and log-in again.
Generate the Python code from the gRPC Proto messages and servicesThe components, e.g., microservices, of the TeraFlowSDN controller, in general, use a gRPC-based open API to interoperate. All the protocol definitions can be found in sub-folder proto within the root project folder. For additional details on gRPC, visit the official web-page gRPC.
In order to interact with the components, (re-)generate the Python code from gRPC definitions running the following command:
cd ~/tfs-ctrl\nproto/generate_code_python.sh\nThis section describes how to configure the Python environment to run experiments and develop code for the ETSI TeraFlowSDN controller. In particular, we use PyEnv to install the appropriate version of Python and manage the virtual environments.
"},{"location":"development_guide/#212-java-quarkus","title":"2.1.2. Java (Quarkus)This section describe the steps needed to create a development environment for TFS components implemented in Java. Currently, ZTP and Policy components have been developed in Java (version 11) and use the Quarkus framework, which enables kubernetes-native development.
Install JDKTo begin, make sure that you have java installed and in the correct version
java --version\nIf you don't have java installed you will get an error like the following:
Command 'java' not found, but can be installed with:\n\nsudo apt install default-jre # version 2:1.11-72build1, or\nsudo apt install openjdk-11-jre-headless # version 11.0.14+9-0ubuntu2\nsudo apt install openjdk-17-jre-headless # version 17.0.2+8-1\nsudo apt install openjdk-18-jre-headless # version 18~36ea-1\nsudo apt install openjdk-8-jre-headless # version 8u312-b07-0ubuntu1\nIn which case you should use the following command to install the correct version:
sudo apt install openjdk-11-jre-headless\nElse you should get something like the following:
openjdk 11.0.18 2023-01-17\nOpenJDK Runtime Environment (build 11.0.18+10-post-Ubuntu-0ubuntu120.04.1)\nOpenJDK 64-Bit Server VM (build 11.0.18+10-post-Ubuntu-0ubuntu120.04.1, mixed mode, sharing)\n In the root directory of the existing Java components you will find an executable maven wrapper named mvnw. You could use this executable, which is already configured in pair with the components, instead of your local maven installation. So for example if you want to compile the project you would run the following:
./mvnw compile\n In case you are using VS Code for development, we suggest to install the official Quarkus extension. The extension should be able to automatically find the current open project and integrate with the above mvnw maven wrapper, making it easier to control the maven lifecycle. Make sure that you open the specific component directory (i.e., src/ztp or src/policy) and not the general controller one (i.e., src.)
Sample Project
If you want to create a new TFS component written in Java you could generate a new Quarkus project based on the following project:
TFS Sample Quarkus Project
In that way, you should have most of the libraries you would need to integrate with the rest of the TFS Components. Feel free however to add or remove libraries depending on your needs.
Initial setup
If you used the sample project above, you should have a project with a basic structure. However there are some steps that you should take before starting development.
First make sure that you copy the protobuff files, that are found in the root directory of the TFS SDN controller, to the new-component/src/main/proto directory.
Next you should create the following files:
new-component/.gitlab-ci.ymlnew-component/Dockerfilenew-component/src/resources/application.yamlWe suggest to copy the respective files from existing components (Automation and Policy) and change them according to your needs.
","text":""},{"location":"development_guide/#213-java-maven","title":"2.1.3. Java (Maven)Page under construction
","text":""},{"location":"development_guide/#214-rust","title":"2.1.4. RustPage under construction
","text":""},{"location":"development_guide/#215-erlang","title":"2.1.5. ErlangThis section describes how to configure the Erlang environment to run experiments and develop code for the ETSI TeraFlowSDN controller.
First we need to install Erlang. There is multiple way, for development we will be using ASDF, a tool that allows the installation of multiple version of Erlang at the same time, and switch from one version to the other at will.
First, install any missing dependencies: bash sudo apt install curl git autoconf libncurses-dev build-essential m4 libssl-dev
Download ASDF tool to the local account: bash git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.10.2
Make ASDF activate on login by adding these lines at the end of the ~/.bashrc file: bash . $HOME/.asdf/asdf.sh . $HOME/.asdf/completions/asdf.bash
Logout and log back in to activate ASDF.
ASDF supports multiple tools by installing there corresponding plugins.
Install ASDF plugin for Erlang: bash asdf plugin add erlang https://github.com/asdf-vm/asdf-erlang.git
Install a version of Erlang: bash asdf install erlang 24.3.4.2
Activate Erlang locally for TFS controller. This will create a local file called .tool-versions defining which version of the tools to use when running under the current directory: bash cd tfs-ctrl/ asdf local erlang 24.3.4.2
Erlang projects uses a build tool called rebar3. It is used to manager project dependenecies, compile a project and generate project releases.
Install rebar3 localy from source: bash cd ~ git clone https://github.com/erlang/rebar3.git cd rebar3 asdf local erlang 24.3.4.2 ./bootstrap ./rebar3 local install
Update ~/.bashrc to use rebar3 by adding this line at the end: bash export PATH=$HOME/.cache/rebar3/bin:$PATH
Logout and log back in.
This section describes the steps needed to establish a development environment for TFS (TeraFlowSDN) components implemented in Kotlin. Currently, the Gateway component stands as the sole component developed in Kotlin.
To begin, make sure that you have kotlin installed and its current version:
kotlin -version\nIf you don't have kotlin installed you will get an error like the following:
Command 'kotlin' not found, but can be installed with:\nsudo snap install --classic kotlin\nIn which case you should use the following command to install the correct version:
sudo snap install --classic kotlin\nCurrently, the recommended version is 1.6.21, which uses Java Runtime Environment (JRE) version 11.
Compiling and testing existing componentsTo compile a Kotlin project using Gradle, similarly to using the Maven wrapper (mvnw) for Java projects, you can use the Gradle wrapper (gradlew) within the root directory of your Kotlin component, specifically the gateway directory.
Navigate to the gateway directory within your Kotlin project. Ensure that it contains the gradlew script along with the gradle directory. Then, create a directory named proto and move all the files with extension .proto in this way:
mkdir proto\ncp ../../../proto/*.proto ./proto \nFor building the application, open a terminal or command prompt, navigate to the gateway directory, and run the following command:
./gradlew build\nThe following program runs the gateway application:
./gradlew runServer \nSample Project
If you want to create a new TFS component written in Kotlin you could generate a Kotlin project using gradle. The recommended version is 7.1. Follow the following Gradle guide for its installation. For building the prokect follow this link instead.
From inside the new project directory, run the init task using the following command in a terminal: gradle init.
The output will look like this:
$ gradle init\n\nSelect type of project to generate:\n 1: basic\n 2: application\n 3: library\n 4: Gradle plugin\nEnter selection (default: basic) [1..4] 2\n\nSelect implementation language:\n 1: C++\n 2: Groovy\n 3: Java\n 4: Kotlin\n 5: Scala\n 6: Swift\nEnter selection (default: Java) [1..6] 4\n\nSelect build script DSL:\n 1: Groovy\n 2: Kotlin\nEnter selection (default: Groovy) [1..2] 1\n\nProject name (default: demo):\nSource package (default: demo):\n\n\nBUILD SUCCESSFUL\n2 actionable tasks: 2 executed\nInitial setup
The gradle init command generates the new project.
First, ensure the protobuf files are copied from the root directory of the TFS SDN controller. Run the following command in the directory of the new project:
mkdir proto \ncp TFS/project/root/path/proto/*.proto ./proto/\nThe file build.gradle.ktl is fundamental as it manages dependencies. Adjust it for adding external libraries.
Next you should create the following files:
new-component/.gitlab-ci.ymlnew-component/DockerfileWe recommend leveraging the structures and configurations found in the files of existing components for inspiration.
Docker Container This project operates with Docker containers. Ensure the production of the container version for your component. To generate the container version of the project, modify the 'new-component/Dockerfile.' Execute the following command from the project's root directory:
docker build -t new-image -f new-component/Dockerfile ./\nIf not already done, install VSCode and the \"Remote SSH\" extension on your local machine, not in the VM.
Note: \"Python\" extension is not required here. It will be installed later on the VSCode server running on the VM.
Configure the \"Remote SSH\" extensionHost TFS-VM\n HostName 127.0.0.1\n Port 2200\n ForwardX11 no\n User tfs\nNote: if you get a connection error message, the reason might be due to wrong SSH server fingerprint. Edit file \"<...>/.ssh/known_hosts\" on your local user account, check if there is a line starting with \"[127.0.0.1]:2200\" (assuming previous port forwarding configuration), remove the entire line, save the file, and retry connection.
Add SSH key to prevent typing the password every timeThis step creates an SSH key in the VM and installs it on the VSCode to prevent having to type the password every time.
Run the following commands on the VM's terminal through VSCode bash ssh-keygen -t rsa -b 4096 -f ~/.ssh/tfs-vm.key # leave password empty ssh-copy-id -i ~/.ssh/tfs-vm.key.pub tfs@10.0.2.10 # tfs@10.0.2.10's password: <type tfs user's password: tfs123> rm .ssh/known_hosts
In VSCode, click left \"Explorer\" panel to expand, if not expanded, and click \"Open Folder\" button.
Delete files \"tfs-vm.key\" and \"tfs-vm.key.pub\" on the TFS-VM.
In VSCode, click left \"Remote Explorer\" panel to expand
Host TFS-VM HostName 127.0.0.1 Port 2200 ForwardX11 no User tfs IdentityFile \"<path to the downloaded identity private key file>\"This step installs Python extensions in VSCode server running in the VM.
Install official \"Python\" extension released by Microsoft.
In VSCode (connected to the VM), click left button \"Explorer\"
The source code in the TFS controller project is hosted in folder src/. To help VSCode find the Python modules and packages, add the following file into your working space root folder:
echo \"PYTHONPATH=./src\" >> ~/tfs-ctrl/.env\nPage under construction
"},{"location":"faq/","title":"FAQ","text":"This section addresses common questions you may encounter while working with TFS software.
"},{"location":"faq/#what-if-i-have-some-issues-while-installingusing-tfs","title":"What if I have some issues while installing/using TFS?","text":"Feel free to join our Slack community channel and ask questions! Our experts will soon reply your question.
General Slack Channel
For any other bussiness, you can contact the SDG Support team at SDGsupport@etsi.org
"},{"location":"features_and_bugs/","title":"Feature and bugs","text":"This section describes the procedures to request new features and enhancements, report bugs, and the workflows implemented to manage them.
Project features go through a discussion and approval process. To propose a New Feature, TFS uses the issues on its GitLab code repository.
Important: A feature request is about functionality, not about implementation details.
Two kind of requests are considered in this procedure:
Go to New Issue page https://labs.etsi.org/rep/tfs/controller/-/issues/new.
Create a New Issue for your feature
type::new-feature / type::enhancementcomp-<component-name>.Interact with the TSC and the Community through the issue.
Once a feature has been approved, the design phase starts. The design should be included within the description of the feature (GitLab issue description) by concatenating the Design Feature Template (see below) and properly filling it in. In case the feature description becomes too long, attached files could be included to the feature.
The design is expected to be socialized with the relevant stakeholders (e.g. MDLs and TSC). Dedicated slots can be allocated in the TECH calls on a per-request basis to discuss and refine it.
For writing the design, you can check the design of existing features or use the design template below.
Templates:New feature / Enhancement request template:
# Proposers\n\n- name-of-proposer-1 (institution-of-proposer-1)\n- name-of-proposer-2 (institution-of-proposer-2)\n...\n\n# Description\n\nDescribe your proposal in ~1000 characters.\nYou can reference external content listed in section \"References\" as [Ref-1].\n\n# Demo or definition of done\n\nDescribe which high level conditions needs to be fulfilled to demonstrate this feature implementation is completed.\nYou can reference external content (example, demo paper) listed in section \"References\" as [Ref-2].\n\n# References\n\n1. [Reference name](https://reference-url)\n2. Author1, Author2, Author3, et. al., \u201cMy demo using feature,\u201d in Conference-Name Demo Track, 20XX.\nFeature design Template:
# Feature Design\n\n## Clarifications to Expected Behavior Changes\n\nExisting component logic and workflows between components that need to be altered to realize this feature.\nRemember to justify these changes.\n...\n\n## References\n\nList of relevant references for this feature.\n...\n\n## Assumptions\n\nEnumerate the assumptions for this feature, e.g., fix XXX is implemented and merged, specific configurations, specific\ncomponents deployed.\n...\n\n## Impacted Components\n\nList of impacted components: Context, Device, Service, PathComp, Slice, Monitoring, Automation, Policy, Compute, etc.\nJust an enumeration, elaboration of impacts is done below.\n\n## Component1 Impact\n\nDescribe impact (changes) on component1.\n...\n\n## Component2 Impact\n\nDescribe impact (changes) on component2.\n...\n\n## Testing\n\nDescribe test sets (unitary and integration) to be carried out.\nThis section can include/reference external experiments, demo papers, etc.\n...\nProject bugs go through a review, confirmation, and resolution process. To report a Bug, TFS uses the issues on its GitLab code repository.
Important: New bugs must be properly documented. Please, provide details on:
Without this minimal information, it will/might be difficult to reproduce and resolve the bug, as well as validating the completeness of the solution.
Steps:Go to New Issue page https://labs.etsi.org/rep/tfs/controller/-/issues/new.
Create a New Issue for your bug
type::bugcomp-<component-name>.Interact with the TSC and the Community through the issue.
Once approved, a feature request could transition through the following steps:
Important: An approved feature is not a guarantee for implementation. Implementing a feature requires resources, and resources come from the members, participants and individual contributors integrating the TFS Community, which might have prioritized the development of other features based on their own interests and the interests expressed by the LG, the TSC, and the MDGs.
Once a Feature is mature, e.g., Testing, Review, Completed, it can be accepted for inclusion in a specific Release. This is accomplished by including the issue ticket in the respective EPIC \"ReleaseX.Y\". For instance, to see the Features included in Release X.Y, check EPIC \"ReleaseX.Y\".
"},{"location":"run_experiments/","title":"Run Experiments","text":"This section walks you through the process of running experiments in TeraFlowSDN on top of a machine running MicroK8s Kubernetes platform. The guide includes the details on configuring the Python environment, some basic commands you might need, configuring the network topology, and executing different experiments.
Note that the steps followed here are likely to work regardless of the platform where TeraFlowSDN is deployed over.
Note also that this guide will keep growing with the new experiments and demonstrations that are being carried out involving the ETSI TeraFlowSDN controller.
Important: The NBIs, workflows and drivers have to be considered as experimental. The configuration and monitoring capabilities they support are limited, partially implemented, or tested only with specific laboratory equipment. Use them with care.
3.1. OFC'22 Demo
3.2. ECOC'22 Demo
3.3. OECC-PSC'22 Demo (Work In Progress)
3.4. NFV-SDN'22 Demo (Work In Progress)
This functional test reproduces the live demonstration Demonstration of Zero-touch Device and L3-VPN Service Management Using the TeraFlow Cloud-native SDN Controller carried out at OFC'22 / Open access.
The main features demonstrated are:
This functional test can be found in folder ./src/tests/ofc22/.
This functional test is designed to operate both with real and emulated devices. By default, emulated devices are used; however, if you have access to real devices, you can create/modify the files ./src/tests/ofc22/tests/Objects.py and ./src/tests/ofc22/tests/Credentials.py to point to your devices, and map to your own network topology. Otherwise, you can modify the ./src/tests/ofc22/tests/descriptors_emulated.json that is designed to be uploaded through the WebUI instead of using the command line scripts. Note that the default scenario assumes devices R2 and R4 are always emulated, while devices R1, R3, and O1 can be configured as emulated or real devices.
Important: The device drivers operating with real devices, e.g., OpenConfigDriver, P4Driver, and TransportApiDriver, have to be considered as experimental. The configuration and monitoring capabilities they support are limited or partially implemented/tested. Use them with care.
Deployment and DependenciesTo run this functional test, it is assumed you have deployed a MicroK8s-based Kubernetes environment and a TeraFlowSDN controller instance as described in the Tutorial: Deployment Guide, and you configured the Python environment as described in Tutorial: Development Guide > Configure Environment > Python.
Access to the WebUI and DashboardWhen the deployment completes, you can connect to the TeraFlowSDN WebUI and Dashboards as described in Tutorial: Deployment Guide > WebUI and Grafana Dashboards
Notes:
admin/admin123+.Before executing the tests, we need to prepare a few things.
First, you need to make sure that you have all the gRPC-generate code in your folder. To do so, run:
proto/generate_code_python.sh\nThen, it is time to deploy TeraFlowSDN with the correct specification for this scenario. Make sure to load your deployment variables for this scenario by:
source src/tests/ofc22/deploy_specs.sh\nThen, you need to deploy the components by running:
./deploy/all.sh\nAfter the deployment is finished, you need to load the environment variables to support the execution of the tests by:
source tfs_runtime_env_vars.sh\nTo execute this functional test, four main steps needs to be carried out:
Upon the execution of each test progresses, a report will be generated indicating PASSED / FAILED / SKIPPED. If there is some error during the execution, you should see a detailed report on the error. See the troubleshooting section if needed.
You can check the logs of the different components using the appropriate scripts/show_logs_[component].sh scripts after you execute each step.
There are two ways to execute the functional tests, running all the tests with a single script or running each test independently. In the following we start with the first option, then we comment on how to run each test independently.
Running all tests with a single script
We have a script that executes all the steps at once. It is meant for being used to test if all components involved in this scenario are working correct. To run all the functional tests, you can run:
src/tests/ofc22/run_tests.sh\nThe following sections explain each one of the steps.
Device bootstrapping
This step configures some basic entities (Context and Topology), the devices, and the links in the topology. The expected results are:
To run this step, you can do it from the WebUI by uploading the file ./ofc22/tests/descriptors_emulated.json that contains the descriptors of the contexts, topologies, devices, and links, or by executing the script:
./src/tests/ofc22/run_test_01_bootstrap.sh\nWhen the bootstrapping finishes, check in the Grafana L3-Monitoring Dashboard and you should see the monitoring data being plotted and updated every 5 seconds (by default). Given that there is no service configured, you should see a 0-valued flat plot.
In the WebUI, select the admin Context. Then, in the Devices tab you should see that 5 different emulated devices have been created and activated: 4 packet routers, and 1 optical line system controller. Besides, in the Services tab you should see that there is no service created. Note here that the emulated devices produce synthetic randomly-generated monitoring data and do not represent any particular services configured.
L3VPN Service creation
This step configures a new service emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the script:
./src/tests/ofc22/run_test_02_create_service.sh\nWhen the script finishes, check the WebUI Services tab. You should see that two services have been created, one for the optical layer and another for the packet layer. Besides, you can check the Devices tab to see the configuration rules that have been configured in each device. In the Grafana Dashboard, given that there is now a service configured, you should see the plots with the monitored data for the device. By default, device R1-EMU is selected.
L3VPN Service removal
This step deconfigures the previously created services emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the script:
./src/tests/ofc22/run_test_03_delete_service.sh\nor delete the L3NM service from the WebUI.
When the script finishes, check the WebUI Services tab. You should see that the two services have been removed. Besides, in the Devices tab you can see that the appropriate configuration rules have been deconfigured. In the Grafana Dashboard, given that there is no service configured, you should see a 0-valued flat plot again.
Cleanup
This last step performs a cleanup of the scenario removing all the TeraFlowSDN entities for completeness. To run this step, execute the script:
./src/tests/ofc22/run_test_04_cleanup.sh\nWhen the script finishes, check the WebUI Devices tab, you should see that the devices have been removed. Besides, in the Services tab you can see that the \"admin\" Context has no services given that that context has been removed.
"},{"location":"run_experiments/#32-ecoc22-demo","title":"3.2. ECOC'22 Demo","text":"This functional test reproduces the experimental assessment of Experimental Demonstration of Transport Network Slicing with SLA Using the TeraFlowSDN Controller presented at ECOC'22 / IEEEXplore.
The main features demonstrated are:
This functional test can be found in folder ./src/tests/ecoc22/.
This functional test has only been tested with emulated devices; however, if you have access to real devices, you can modify the files ./src/tests/ecoc22/tests/Objects.py and ./src/tests/ecoc22/tests/Credentials.py to point to your devices, and map to your network topology. Otherwise, you can modify the ./src/tests/ecoc22/tests/descriptors_emulated.json that is designed to be uploaded through the WebUI instead of using the command line scripts.
Important: The device drivers operating with real devices, e.g., OpenConfigDriver, P4Driver, and TransportApiDriver, have to be considered as experimental. The configuration and monitoring capabilities they support are limited or partially implemented/tested. Use them with care.
Deployment and DependenciesTo run this functional test, it is assumed you have deployed a MicroK8s-based Kubernetes environment and a TeraFlowSDN controller instance as described in the Tutorial: Deployment Guide, and you configured the Python environment as described in Tutorial: Development Guide > Configure Environment > Python.
Access to the WebUIWhen the deployment completes, you can connect to the TeraFlowSDN WebUI as described in Tutorial: Deployment Guide > WebUI and Grafana Dashboards
Notes:
admin/admin123+.Before executing the tests, we need to prepare a few things.
First, you need to make sure that you have all the gRPC-generate code in your folder. To do so, run:
proto/generate_code_python.sh\nSecond, it is time to deploy TeraFlowSDN with the correct specification for this scenario. Make sure to load your deployment variables for this scenario by:
source src/tests/ecoc22/deploy_specs.sh\nThen, you need to deploy the components by running:
./deploy/all.sh\nAfter the deployment is finished, you need to load the environment variables to support the execution of the tests by:
source tfs_runtime_env_vars.sh\nTo execute this functional test, four main steps needs to be carried out:
Upon the execution of each test progresses, a report will be generated indicating PASSED / FAILED / SKIPPED. If there is some error during the execution, you should see a detailed report on the error. See the troubleshooting section if needed.
You can check the logs of the different components using the appropriate scripts/show_logs_[component].sh scripts after you execute each step.
Device bootstrapping
This step configures some basic entities (Context and Topology), the devices, and the links in the topology. The expected results are:
To run this step, you can do it from the WebUI by uploading the file ./src/tests/ecoc22/tests/descriptors_emulated.json that contains the descriptors of the contexts, topologies, devices, and links, or by executing the ./src/tests/ecoc22/run_test_01_bootstrap.sh script.
In the WebUI, select the admin Context. Then, in the Devices tab you should see that 5 different emulated devices have been created and activated: 4 packet routers, and 1 optical Open Line System (OLS) controller. Besides, in the Services tab you should see that there is no service created.
L2VPN Slice and Services creation
This step configures a new service emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the ./src/tests/ecoc22/run_test_02_create_service.sh script.
When the script finishes, check the WebUI Slices and Services tab. You should see that, for the connectivity service requested by MockOSM, one slice has been created, three services have been created (two for the optical layer and another for the packet layer). Note that the two services for the optical layer correspond to the primary (service_uuid ending with \":0\") and the backup (service_uuid ending with \":1\") services. Each of the services indicates the connections and sub-services that are supporting them. Besides, you can check the Devices tab to see the configuration rules that have been configured in each device.
L2VPN Slice and Services removal
This step deconfigures the previously created slices and services emulating the request an OSM WIM would make by means of a Mock OSM instance.
To run this step, execute the ./src/tests/ecoc22/run_test_03_delete_service.sh script, or delete the slice from the WebUI.
When the script finishes, check the WebUI Slices and Services tab. You should see that the slice and the services have been removed. Besides, in the Devices tab you can see that the appropriate configuration rules have been deconfigured.
Cleanup
This last step performs a cleanup of the scenario removing all the TeraFlowSDN entities for completeness.
To run this step, execute the ./src/tests/ecoc22/run_test_04_cleanup.sh script.
When the script finishes, check the WebUI Devices tab, you should see that the devices have been removed. Besides, in the Slices and Services tab you can see that the admin Context has no services given that that context has been removed.
"},{"location":"run_experiments/#33-oecc-psc22-demo-work-in-progress","title":"3.3. OECC-PSC'22 Demo (Work In Progress)","text":"Page under construction.
The main features demonstrated are:
Page under construction.
The main features demonstrated are:
This section summarizes the NBI connectors supported by the TeraFlowSDN controller to interoperate with OSS/BSS/NFVO on top of it.
This NBI connector exposes the basic gRPC methods of TeraFlowSDN that enable to manage contexts, topologies, devices, links, services, slices, connections, and policies.
Exposed endpoints:Endpoint /tfs-api/context_ids
GETEndpoint /tfs-api/contexts
GETEndpoint /tfs-api/dummy_contexts
GETEndpoint /tfs-api/context/<path:context_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/topology_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/topologies
GETEndpoint /tfs-api/context/<path:context_uuid>/topology/<path:topology_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/service_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/services
Method: GET
Method: POST
Method: PUT
Method: DELETE
Endpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/slice_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/slices
GETEndpoint /tfs-api/context/<path:context_uuid>/slice/<path:slice_uuid>
GETEndpoint /tfs-api/device_ids
GETEndpoint /tfs-api/devices
GETEndpoint /tfs-api/device/<path:device_uuid>
GETEndpoint /tfs-api/link_ids
GETEndpoint /tfs-api/links
GETEndpoint /tfs-api/link/<path:link_uuid>
GETEndpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>/connection_ids
GETEndpoint /tfs-api/context/<path:context_uuid>/service/<path:service_uuid>/connections
GETEndpoint /tfs-api/connection/<path:connection_uuid>
GETEndpoint /tfs-api/policyrule_ids
GETEndpoint /tfs-api/policyrules
GETEndpoint /tfs-api/policyrule/<path:policyrule_uuid>
GETETSI Traffic Bandwidth Management (BWM) API (GS MEC 015)
Documentation in progress
Supported features:IETF RFC8466: A YANG Data Model for Layer 2 Virtual Private Network (L2VPN) Service Delivery
Documentation in progress
Supported features:IETF RFC8299: YANG Data Model for L3VPN Service Delivery
Documentation in progress
Supported features:IETF RFC8345: A YANG Data Model for Network Topologies
Documentation in progress
This extension also features partial support for:
IETF draft-ietf-teas-ietf-network-slice-nbi-yang: A YANG Data Model for the RFC 9543 Network Slice Service
Important: implemented version is based on version 2 of the draft:
Documentation in progress
Supported features:This section summarizes the SBI drivers supported by the TeraFlowSDN controller to interoperate with underlying network equipment and intermediate controllers.
Documentation in progress
This driver is provided for testing and debugging purposes. It implements an accept-anything behaviour and maintains an in-memory database with configured rules. It implements support for synthetic telemetry streaming data that is activated/deactivated according to enabled/disabled device endpoints.
Device Type:Not applicable.
Reference:None
"},{"location":"supported_sbis_and_network_elements/#52-netconf-openconfig","title":"5.2. NetConf OpenConfig","text":"Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
Device Type:Infinera XR Pluggables through Infinera IPM controller
Documentation in progress
Device Type:IETF RFC8466: A YANG Data Model for Layer 2 Virtual Private Network (L2VPN) Service Delivery
Documentation in progress
Device Type:Documentation in progress
Device Type:NetConf - OpenConfig for Optical Devices (EXPERIMENTAL)
WARNING: This driver is experimental and contains proprietary extensions on top of OpenConfig. Use with care.
Documentation in progress
Device Type:Documentation in progress
Device Type:Documentation in progress
This driver manages microwave radio links through an intermediate controller using the data model in IETF RFC8345 \"A YANG Data Model for Network Topologies\".
Device Type:This section summarizes the service handlers supported by the TeraFlowSDN controller.
Documentation in progress
Service handler to configure L2 connectivity services using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L2 VPNs using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L2 VPNs using NetConf/OpenConfig for packet routers/switches.
Suported Drivers:Documentation in progress
Service handler to configure L2 packet forward in P4 switches.
Suported Drivers:Documentation in progress
Service handler to configure L3 connectivity services using emulated driver.
Suported Drivers:Documentation in progress
Service handler to configure L3 connectivity services using gNMI/OpenConfig for packet routers.
Suported Drivers:Documentation in progress
Service handler to configure L3 VPNs using NetConf/OpenConfig for packet routers.
Suported Drivers:Documentation in progress
Service handler to configure L3 VPNs on top of optical connections using IETF ACTN.
Suported Drivers:Documentation in progress
WARNING: Experimental service handler to for a parent TeraFlowSDN end-to-end orchestrator to configure child TeraFlowSDN controllers acting as IP & Optical SDN controllers.
Suported Drivers:Documentation in progress
Service handler to configure L2 microwave links.
Suported Drivers:Documentation in progress
WARNING: Experimental service handler to configure L0 optical connections.
Suported Drivers:Documentation in progress
Service handler to configure L0 optical connections through intermediate TAPI controller.
Suported Drivers:Service handler to configure XR pluggables for L0 optical connections through intermediate Infinera IPM controller.
Suported Drivers:Page under construction.
Clean images when your /var/lib/docker starts taking up too much space:
docker system prune -a\nIn some cases might happen that some component is not working or reporting errors. In those cases it makes sense to activate DEBUG mode on those components and collect the logs.
Activate DEBUG mode in componentsBefore deploying the TeraFlowSDN, in the manifests folder, modify the appropriate files for the microservices to be inspected, e.g. contextservice.yaml, deviceservice.yaml, serviceservice.yaml, pathcompservice.yaml, and nbiservice.yaml, by changing environment variable LOG_LEVEL to DEBUG.
apiVersion: apps/v1\nkind: Deployment\n#...\nspec:\n # ...\n template:\n # ...\n spec:\n # ...\n containers:\n # ...\n - name: server\n # ...\n env:\n # ...\n - name: LOG_LEVEL\n value: \"INFO\" # change to \"DEBUG\"F\n # ...\nRedeploy TeraFlowSDN as usual using the example my_deploy.sh specifications or whatever file you created with your deploy specs.
source my_deploy.sh\n./deploy/all.sh\nWait for the deployment to finish.
Use TeraFlowSDNDo whatever actions you were testing and were missbehaving, such as onboarding a topology, creating a connectivity service, etc.
Collect log filesA number of helper scripts, named as show_logs_<component>.sh, are provided to facilitate log collection in the scripts folder. These scripts dump, by default, the logs on the screen, but can be redirected to files when needed.
In the following example, the logs of context, device, service, pathcomp-frontend, and nbi are stored in respective log files instead of the screen.
cd ~/tfs-ctrl\n./scripts/show_logs_context.sh > context.log\n./scripts/show_logs_device.sh > device.log\n./scripts/show_logs_service.sh > service.log\n./scripts/show_logs_pathcomp_frontend.sh > pathcomp_frontend.log\n./scripts/show_logs_nbi.sh > nbi.log\nThe resulting logs will be stored in the root TeraFlowSDN folder.
"},{"location":"troubleshooting/#83-download-a-snapshot-of-the-context-database","title":"8.3. Download a snapshot of the Context database","text":"In the WebUI, there is a tab named as Debug that you can use to interrogate the Context database. In particular, there is a link named as Dummy Contexts. This link produces a JSON descriptor file containing all the contexts, topologies, devices, links, slices, services, connections, constraints, and configuration rules present in Context. The resulting file can be onboarded in a blank TeraFlowSDN instance for testing purposes.
IMPORTANT: The Dummy Contexts feature might take few seconds to respond while it composes the reply.
IMPORTANT: The produced file is labelled as \"dummy\": true; that means it is a snapshot of the database that can be loaded directly into Context. This means it does not pass through the Device/Service/Slice components to onboard the records, but it drops the records directly in Context. This is useful to investigate the content on the database when an issue arises.
WARNING: The dump retrieves all the information in clear text! Remember to manually anonymize your sensitive data such as credentials, IP addresses, etc.
"},{"location":"contribute/documenting/","title":"Documenting","text":"TeraFlowSDN's documentation runs on MkDocs.
"},{"location":"contribute/documenting/#eligibility","title":"Eligibility","text":"Documenting TeraFlowSDN is limited to active contributors. So, if you:
MkDocs is a fast and simple static site generator that's geared towards building project documentation. Documentation source files are written in Markdown, and configured with a single YAML configuration file. Start by reading the introductory tutorial, then check the User Guide for more information.
There are 2 ways to upgrade documentation published on the TFS Documentation website:
This documentation repository has 2 protected branches:
In the mkdocs.yml file you will find the navigation structure of the documentation, there you can sections with sub-sections.
For example:
nav:\n - Home : ./index.md\n - Deployment Guide: ./deployment_guide.md\n - Development Guide: ./development_guide.md\n - Run Experiments: ./run_experiments.md\n - Feature and bugs: ./features_and_bugs.md\n - Supported SBIs and Network Elements: ./supported_sbis_and_network_elements.md\n - Supported NBIs: ./supported_nbis.md\n[...] \nPlease take a moment to understand the current structure of the documentations and think to update after contributing if necessary.
"},{"location":"contribute/documenting/#main-page","title":"Main Page","text":"The page shown first is at doc/index.md. That page should be updated with the latest changes of TeraFlowSDN and should reference the version (useful shortcut is {{{ documentation_version }}}).
To contribute to TeraFlowSDN's documentation, you need to follow these easy steps:
1) Clone the Documentation repository with:
git clone https://labs.etsi.org/rep/tfs/documentation.git\n2) Checkout the develop branch (incoming contributions are only accepted to the develop branch):
cd ./documentation\ngit checkout develop\n3) Setup a virtual environment:
python3 -m venv venv # Linux/macOS\nsource venv/bin/activate #Linux/macOS\npython -m venv venv # Windows\nvenv\\Scripts\\activate # Windows\n4) Setup a local mkdocs server by installing requirements:
python -m pip install -r requirements.txt\n4) Wait for all downloads to finish and start the local mkdocs server:
mkdocs serve\n5) Document! \ud83d\ude0a
You should always make sure that the local MkDocs server terminal is not producing any INFO/WARNING messages regarding your contributions.
To update the documentation properly during development, follow those additional steps:
index.md with new functionalities for the latest version);mkdocs locally;The documentation website supports branches, so your accepted changes will be reflected to the develop branch which then becomes the release branch after each corresponding cycle.
"},{"location":"contribute/documenting/#release-a-new-version-of-the-documentation","title":"Release a New Version of the Documentation","text":"When TeraFlowSDN code repository is ready for a new release, we need to follow these steps (made by a TSC Member):