Notes on ORCA Eastsound 5.0

The major enhancement of Eastsound5.0 is the addition of state recovery for actors and controllers which allow them to be restarted without losing slice state information. Also added were

  • Support for CouchDB for actor registry
  • Support for hybrid VLAN provisioning on BNT G8264 switches in all IBM racks
  • Boot console logging on VM boot failures
  • Inference and rule-based slice request validation (replaces previous procedural validation)
  • Various fixes to bare-metal node provisioning, including support for storage attachment

Migration Notes

ORCA 5.0 requires that MySQL be modified - table structure and limits need to be changed. The mysql schema files have already been modified (for creating new tables). Existing tables in ORCA actor databases have to be dropped and recreated.

$ mysql -u orca < $ORCA_SRC/core/schema/mysql/full.schema.sql
$ mysql -u orca < $ORCA_SRC/core/schema/mysql/full.data.sql

You also have to change the /etc/my.cnf file:

Under the [mysqld] section add this line:

max_allowed_packet=32M

Also, you need to change the schemas for both mysql databases (for both containers). Drop and rebuild the tables using full.schema.sql files as described here.

CouchDB

ORCA 5.0 includes integration with CouchDB to support a distributed actor registry. The code for CouchDB is located here. Orca will default to RemoteRegistryCache? if the properties below are not set. In order to enable the DistributedRemoteCacheRegistry? a few properties must be set in orca.properties file:

###############################################
# ORCA distributed actor registry with CouchDB backend
###############################################

registry.class=orca.shirako.container.DistributedRemoteRegistryCache
registry.url.1=https://slookup.exogeni.net,https://slookup2.exogeni.net
registry.certfingerprint.1=df:5c:1d:99:46:9a:5f:a8:92:8e:15:e4:b9:82:d8:ad
registry.certfingerprint.2=df:5c:1d:99:46:9a:5f:a8:92:8e:15:e4:b9:82:d8:ad
registry.couchdb.username=admin
registry.couchdb.password=exoadmin
##registry.replication = {server-continuous, client-triggered}. server-triggered is the default if this property is missing in orca.properties file.
registry.replication=client-triggered

#################

Note that in absence of these properties ORCA will default to the original RemoteCacheRegistry?. The default replication mode is "client-triggered" therefore if registry.replication is missing it is assumed that the actors or whichever client is writing into the actor DB is replicating to all other DARs.

To verify an actor go to: https://control.exogeni.net/dar/index.html, select master server (ufl-hn) and click Edit on the actor to verify. Select "Yes" from dropdown. Code for Management webfront can be found at https://geni-orca.renci.org/trac/browser/orca-external/DAR-Mgmt?

Hybrid/storage network configuration (quantum)

  1. The hybrid design uses the following network names:
vlan-data
vlan-storage
of-data
  1. The storage network must be defined in Quantum.
  2. They must be mapped to appropriate worker node ports in quantum Neuca plugin configuration on each worker node (via Puppet). It is stored under worker:/etc/quantum/plugins/neuca/neuca_quantum_plugin.ini
  3. All of these networks also must be mentioned in the XXXvmsite.rdf (no need to put them in XXXNet.rdf) and map to appropriate ports on the G8264
  4. XCat properties (xcat.site.properties) must define these networks for appropriate worker node ports as for example:
    xcat.interface.map=vlan-data:p2p2,vlan-storage:p2p2
    

Hybrid network handler configuration

There is new handler under providers/quantum-vlan/handler.xml that combines the previous flowvisor handler with support for hybrid switches that can do native vlan provisioning. This is the suggested handler to use on most racks (those that have OpenFlow?-only switches can continue using the old handler, however it is likely to be obsoleted in the future in favor of this one).

To configure this handler, make sure that for VLAN resource type this handler is invoked, i.e. instead of

        <handler path="providers/flowvisor/handler.xml">
          <properties>
               <property name="flowvisor.properties" value="/etc/orca/am+broker-12080/config/flowvisor.properties" />
          </properties>
        </handler>

use

        <handler path="providers/quantum-vlan/handler.xml">
          <properties>
               <property name="quantum-vlan.properties" value="/etc/orca/am+broker-12080/config/quantum-vlan.properties" />
          </properties>
        </handler>

where the quantum-vlan properties file must provide properties as follows (a combination of old flowvisor.properties and additional properties noted at the end):

flowvisor.url=https://localhost:8080/xmlrpc
flowvisor.user=username
flowvisor.passwd=password

fvctrl.first.port=50000
fvctrl.last.port=54999
fvctrl.host=rci-hn.exogeni.net
fvctrl.type=floodlight

nox.core.exec=/opt/nox/bin/nox_core
floodlight.jar=/opt/floodlight/floodlight.jar

# quantum logging 
provider.log.level=debug
provider.log.file=handler-vlan.log
provider.log.dir=/var/log/orca

# use quantum true/false
use.neuca.quantum=true

#tenant that uses orca
quantum.tenant.id=geni-orca

#
# New properties, compared to flowvisor.properties
#

# for IBM switches/racks
router.vlan.type=hybrid
router.type=g8264
router.user=username
router.password=password
router.device=IP address or hostname
router.admin.password=<leave empty for g8264>
router.default.prompt=<leave empty for g8264>