This repo hosts the ansible-role-nfvbench
Ansible role.
This role aims to deploy NFVbench tool inside an SR-IOV VM on a Openstack platform.
The role includes tasks using the openstack.cloud
Ansible Collection.
- NFVbench Ansible role
ansible-role-nfvbench
is hosted on GitHub in the Orange-OpenSource organization:
https://github.com/Orange-OpenSource/ansible-role-nfvbench
See CHANGELOG.md
Several dependencies have to be installed before ansible-role-nfvbench
can be
used:
- Python >= 3.6 and its package manager
- the Git distributed version control system
- the OpenStack SDK Python package and its Python dependencies including cryptography and netifaces
- the
ansible-core
package - the
openstack.cloud
Ansible collection - the
community.general
Ansible collection
Detailed installation instructions are given below. We will assume we install a
given version of ansible-role-nfvbench
and that it is specified in the
ARN_VERSION
environment variable. For instance: ARN_VERSION=0.2.3
Use your package manager to install Python >= 3.6, Python package manager and Git. Example on Alpine Linux:
apk add python3 py3-pip py3-wheel
apk add git
With the distribution package manager, install openstacksdk
Python
dependencies to avoid the installation of heavy build dependencies. Example on
Alpine Linux:
apk add py3-cryptography py3-netifaces
Then install openstacksdk
:
python3 -m pip install openstacksdk==0.50.0
Remarks:
-
OpenStack SDK has to be available to the Python interpreter on both the Ansible controller and the Ansible target hosts. But in the general case, the controller and target are the same host since
ansible-role-nfvbench
typically targets localhost. -
The last version of OpenStack SDK is supposed to support all operations on all version of OpenStack. But because OpenStack SDK did not reach a stable version number, we cannot blindly install the latest version without risking regressions in
ansible-role-nfvbench
. -
Version 0.50.0 of OpenStack SDK is currently used to test
ansible-role-nfvbench
, so this is the recommended version at the moment. It supports all OpenStack versions up to Victoria (Victoria was initially released in October 2020).
There are several ways to install ansible-core
: with the distribution package
manager, with pip, ... Example with Alpine Linux package manager:
apk add ansible-core
Remark: ansible-role-nfvbench
needs few of the roles and collections provided
by the heavy ansible
package, so it is better to use ansible-core
and then
install the missing required dependencies. This makes a huge size difference
when building container images.
Install the openstack.cloud
and community.general
Ansible collections using
the
requirements.yml
file coming with ansible-role-nfvbench
:
git clone -b ${ARN_VERSION} https://github.com/Orange-OpenSource/ansible-role-nfvbench.git
ansible-galaxy collection install -r ansible-role-nfvbench/requirements.yml
Finally install ansible-role-nfvbench
with:
ansible-galaxy role install \
git+https://github.com/Orange-OpenSource/ansible-role-nfvbench.git,${ARN_VERSION}
- This role uses a
clouds.yaml
file for authentication. This file will permit to detect if user has admin rights to Openstack API. Example ofclouds.yaml
:
clouds:
nfvbench:
auth:
auth_url: https://127.0.0.1/v3
username: nfvbench
password: Nfvbench-P@ssw0rd1
project_id: 1aa22b333cc44dd55eeeee6666fffff
project_name: nfvbench
project_domain_name: default
user_domain_name: Default
cacert: ca.pem
region_name: "RegionOne"
interface: "public"
identity_api_version: 3
Note: Please add this file in the same path as the Ansible playbook file
- A certificate can be used for accessing to Openstack API. Please specify
cacert
property inclouds.yaml
file.
Note: Please add this certificate file in the same path as the Ansible playbook file
- Openstack images are required for NFVbench deployment. These images can be uploaded to Openstack using this role. In this case, replace
image_path
property value in thedefault/main.yml
with the accurate path.
To use this role, please reference the full name of Ansible role, collection name, and module name that you want to use:
---
- hosts: localhost
roles:
- role: ansible-role-nfvbench
Default configuration is available in defaults/main.yml
file in nfvbench ansible role sources.
This configuration can be overridden by replacing this file or using Ansible extra_vars
.
Note: Please find network design options details here :
NFVbench network design options
See below the parameters modified for this network design:
---
# ... see default file to have other parameters
management_networks:
- network_name: nfvbexternal_vn1
external: no
shared: yes
cleanup: true
subnet_name: subnet_nfvbenchexternal_vn1
gateway: 192.168.90.1
cidr: 192.168.90.0/24
enable_dhcp: no
no_gateway_ip: no
port_name: nfvbench_mgmt_port
vnic_type: normal
security_groups: []
port_security: no
generator_networks:
- network_name: net_nfvbench_vn1
physical_network: data2
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_pf1
vnic_type: direct-physical
security_groups: []
port_security: no
- network_name: net_nfvbench_vn2
physical_network: data3
network_type: vlan
segmentation_id: 2519
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_pf2
vnic_type: direct-physical
security_groups: []
port_security: no
loop_vm_networks:
- network_name: net_nfvbench_loop_vn1
physical_network: data1
network_type: vlan
segmentation_id:
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_loop_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
- network_name: net_nfvbench_loop_vn2
physical_network: data1
network_type: vlan
segmentation_id:
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_loop_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
See below the parameters modified for this network design:
---
# ... see default file to have other parameters
management_networks:
- network_name: nfvbexternal_vn1
external: no
shared: yes
cleanup: true
subnet_name: subnet_nfvbenchexternal_vn1
gateway: 192.168.90.1
cidr: 192.168.90.0/24
enable_dhcp: no
no_gateway_ip: no
port_name: nfvbench_mgmt_port
vnic_type: normal
security_groups: []
port_security: no
generator_networks:
- network_name: net_nfvbench_vn1
physical_network: data1
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_pf1
vnic_type: direct-physical
security_groups: []
port_security: no
- network_name: net_nfvbench_vn2
physical_network: data1
network_type: vlan
segmentation_id: 2519
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_pf2
vnic_type: direct-physical
security_groups: []
port_security: no
loop_vm_networks: {{ generator_networks }}
See below the parameters modified for this network design:
---
# ... see default file to have other parameters
management_networks:
- network_name: nfvbexternal_vn1
external: no
shared: yes
cleanup: true
subnet_name: subnet_nfvbenchexternal_vn1
gateway: 192.168.90.1
cidr: 192.168.90.0/24
enable_dhcp: no
no_gateway_ip: no
port_name: nfvbench_mgmt_port
vnic_type: normal
security_groups: []
port_security: no
generator_networks:
- network_name: net_nfvbench_vn1
physical_network: data2
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf1
vnic_type: direct
security_groups: []
port_security: no
- network_name: net_nfvbench_vn1bis
physical_network: data3
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback
subnet_name: subnet_nfvbench_vn1bis
gateway:
cidr: 192.168.92.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf1bis
vnic_type: direct
security_groups: []
port_security: no
- network_name: net_nfvbench_vn2
physical_network: data3
network_type: vlan
segmentation_id: 2519
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf2
vnic_type: direct
security_groups: []
port_security: no
loop_vm_networks:
- network_name: net_nfvbench_loop_vn1
physical_network: data1
network_type: vlan
segmentation_id:
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_loop_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
- network_name: net_nfvbench_loop_vn2
physical_network: data1
network_type: vlan
segmentation_id:
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_loop_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
See below the parameters modified for this network design:
---
# ... see default file to have other parameters
management_networks:
- network_name: nfvbexternal_vn1
external: no
shared: yes
cleanup: true
subnet_name: subnet_nfvbenchexternal_vn1
gateway: 192.168.90.1
cidr: 192.168.90.0/24
enable_dhcp: no
no_gateway_ip: no
port_name: nfvbench_mgmt_port
vnic_type: normal
security_groups: []
port_security: no
generator_networks:
- network_name: net_nfvbench_vn1
physical_network: data1
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback_e2e
subnet_name: subnet_nfvbench_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf1
vnic_type: direct
security_groups: []
port_security: no
- network_name: net_nfvbench_vn1
physical_network: data1
network_type: vlan
segmentation_id: 2518
external: yes
shared: yes
cleanup: true
topology: loopback
subnet_name: subnet_nfvbench_vn1
gateway:
cidr: 192.168.91.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf3
vnic_type: direct
security_groups: []
port_security: no
- network_name: net_nfvbench_vn2
physical_network: data1
network_type: vlan
segmentation_id: 2519
external: yes
shared: yes
cleanup: true
topology: e2e
subnet_name: subnet_nfvbench_vn2
gateway:
cidr: 192.168.93.0/24
enable_dhcp: no
no_gateway_ip: yes
port_name: nfvbench_port_vf2
vnic_type: direct
security_groups: []
port_security: no
loop_vm_networks: {{ generator_networks }}
Copyright (c) 2021 Orange, Inc.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.