<div>Hi Trinath,</div><div><br></div>I could get this information from<a href="https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/Nicira_SingleNode/OpenStack_Grizzly_Install_Guide.rst"> Grizzly installation guide </a><div>
<br></div><div><ul style="padding:0px 0px 0px 30px;margin:15px 0px;font-family:Helvetica,arial,freesans,clean,sans-serif;font-size:15px;line-height:25px;background-color:rgb(255,255,255)"><li><p style="color:rgb(51,51,51);margin:15px 0px">
Register this Hypervisor Transport Node (Open vSwitch) with Nicira NVP:</p><pre style="font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:13px;margin-top:15px;margin-bottom:15px;background-color:rgb(248,248,248);border:1px solid rgb(221,221,221);line-height:19px;overflow:auto;padding:6px 10px;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">
<font color="#333333"># Set the open vswitch manager address
ovs-vsctl set-manager ssl:<IP Address of one of your Nicira NVP controllers>
# Get the client pki cert
cat /etc/openvswitch/ovsclient-cert.pem
</font><font color="#3333ff"># Copy the contents of the output including the BEGIN and END CERTIFICATE lines and be prepared to paste this into NVP manager
# In NVP Manager add a new Hypervisor, follow the prompts and paste the client certificate when prompted
# Please review the NVP User Guide for details on adding Hypervisor transport nodes to NVP for more information on this step</font></pre></li></ul><div><br></div>Thanks,</div><div>-Ravi.</div><div><br><div class="gmail_quote">
On Wed, Aug 7, 2013 at 2:58 AM, Somanchi Trinath-B39208 <span dir="ltr"><<a href="mailto:B39208@freescale.com" target="_blank">B39208@freescale.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi Ravi-<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">With respect to NICIRA NVP Plugin in Quantum, All the processing is done with respect to Nicira NVP.
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Also, the Controller cluster arguments are provided from ini file.
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Can you point me to where the OVS certificates are handled in Nicira code base for quantum.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">--<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Trinath Somanchi - B39208<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">trinath.somanchi@</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">freescale</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">.com</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
| extn: 4048<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Ravi Chunduru [mailto:<a href="mailto:ravivsn@gmail.com" target="_blank">ravivsn@gmail.com</a>]
<br>
<b>Sent:</b> Wednesday, August 07, 2013 11:32 AM<br>
<b>To:</b> OpenStack Development Mailing List<br>
<b>Subject:</b> Re: [openstack-dev] [Neutron] Configuration of Openflow controller reachability information in OVS from Openstack<u></u><u></u></span></p>
</div><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<p>look into nicira neutrón plugin. <br>
I like the idea of ovs controller config driven through neutrón api. Nicira approach today is to add ovs certificates onto ovs controller manually.<u></u><u></u></p>
<p>On Aug 6, 2013 9:09 PM, "Addepalli Srini-B22160" <<a href="mailto:B22160@freescale.com" target="_blank">B22160@freescale.com</a>> wrote:<br>
><br>
> Hi,<br>
> <br>
> Using OVS Quantum Plugin and agent, it is possible to configure OVS with<br>
> <br>
> Openflow logical switches.<br>
> Tables<br>
> Ports to the logical switches (VLAN, VXLAN, GRE etc..)<br>
> <br>
> OVS Agent in each compute node uses local ovs-vsctl command to configure above.<br>
> <br>
> But, there is no simple way for Openstack quantum to configure OVS in compute nodes with OF controller IP address, TCP Port, SSL Certificates etc..<br>
> Also, there is no mechanism today to get hold of DPID of the OVS logical switches by Openstack controller.<br>
> <br>
> Do you think that it is good to enhance Openstack OVS Quantum Plugin and agent to pass above information?<br>
> <br>
> At very high level, we are thinking to introduce following:<br>
> <br>
> <br>
> Configuration of OF Controller reachability information<br>
> Quantum extension API though which is used to set following:<br>
> Set of Openflow controllers - For each OF controller<br>
> IP address, Port<br>
> SSL Enabled Yes/No.<br>
> If SSL enabled<br>
> CA certificate chain to validate OF controller identification by the OVS.<br>
> Zone/Cell for which this OF controller is applicable for.<br>
> Changes to QuantumClient to configure above.<br>
> OVS Quantum Plugin to store above information in the database.<br>
> OVS Quantum Agent to Plugin communication to get hold of OF controller information.<br>
> OVS Quantum Agent to add the information in OVS using ovs-vsctl.<br>
> Generation of logical switch certificates<br>
> OVS Quantum agent requests the plugin to generate local certificate and private key for each one of the logical switches<br>
> Agent to send DPID<br>
> Plugin to generate certificate & private key pair and sending them as response.<br>
> Plugin configuration file to have CA certificate to use to sign the logical switch certificates.<br>
> <br>
> <br>
> Does that make sense? Is this work going on somewhere else?<br>
> <br>
> Thanks<br>
> Srini<br>
> <br>
> <br>
> <br>
><br>
> _______________________________________________<br>
> OpenStack-dev mailing list<br>
> <a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
><u></u><u></u></p>
</div></div></div>
</div>
<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Ravi<br>
</div>