This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
pharos:pharos_specification [2015/04/08 23:15] Trevor Cooper [Networking] |
pharos:pharos_specification [2015/05/05 00:51] Trevor Cooper [Target Systems State] |
||
---|---|---|---|
Line 3: | Line 3: | ||
==== Objectives / Scope ==== | ==== Objectives / Scope ==== | ||
- | Objectives of environment are for OPNFV platform __deployment__ and __testing__ with requirements to ... | + | Pharos spec defines the OPNFV test environment (in which OPNFV platform can be __deployed__ and __tested__ ... |
- | * Provide a secure, scalable, standard and HA environment | + | * Provides a secure, scalable, standard and HA environment |
- | * Support full deployment lifecycle (this requires a bare metal environment) | + | * Supports full deployment lifecycle (this requires a bare metal environment) |
- | * Support functional and performance testing | + | * Supports functional and performance testing |
- | * Provide common tooling and test scenarios (including test cases and workloads) | + | * Provides common tooling and test scenarios (including test cases and workloads) available to the community |
- | * Provide mechanisms and procedures for secure remote access to the environment | + | * Provides mechanisms and procedures for secure remote access to the test environment |
Virtualized environments will be useful but do not provide a fully featured deployment/test capability | Virtualized environments will be useful but do not provide a fully featured deployment/test capability | ||
Line 24: | Line 24: | ||
* A lights-out network is required for remote management and bare metal provisioning capability | * A lights-out network is required for remote management and bare metal provisioning capability | ||
- | ==== Target Systems State (for Rls 1 follows BGS) ==== | + | ==== Target Systems State ==== |
* Target system state includes default software components, network configuration, storage requirements https://wiki.opnfv.org/get_started/get_started_system_state | * Target system state includes default software components, network configuration, storage requirements https://wiki.opnfv.org/get_started/get_started_system_state | ||
Line 33: | Line 33: | ||
* Foreman environment https://wiki.opnfv.org/get_started_experiment1#topology | * Foreman environment https://wiki.opnfv.org/get_started_experiment1#topology | ||
+ | --------------------------- | ||
+ | ==== Infrastructure Naming Conventions ==== | ||
+ | * [[pharos/pharos_naming|Pharos naming conventions]] provides consistent naming across test-bed environments | ||
- | ==== Hardware ==== | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | --------------------- | ||
+ | ====Hardware==== | ||
=== Servers === | === Servers === | ||
Line 59: | Line 67: | ||
* Single power supply acceptable (redundant power not required/nice to have) | * Single power supply acceptable (redundant power not required/nice to have) | ||
+ | === Provisioning === | ||
Pre-provisioning Jump Server | Pre-provisioning Jump Server | ||
Line 67: | Line 75: | ||
* Collabration Tools | * Collabration Tools | ||
* VNC | * VNC | ||
- | * Test Tools | + | * ? |
- | * Specified per Functest | + | |
- | * Foreman | + | Test Tools |
- | * Fuel | + | * Tests invoked from jump server |
- | * | + | * Jenkins is responsible for pre and post action |
+ | * Objective is for test suites to be independent of installer ... however test-cases could describe different NW configs … for Rls 1 aim is one NW configuration (based on BGS) | ||
+ | * Test Tools are specified by Functest | ||
+ | * Rally/Tempest and Robot scenario tests are automatically triggered by CI/Jenkins | ||
+ | |||
+ | Controller nodes - bare metal | ||
| | ||
- | Provisioning Nodes | + | Compute nodes - bare metal |
- | * Controller nodes - bare metal | + | |
- | * Compute nodes - bare metal | + | |
===Security=== | ===Security=== | ||
- | * Default permissions | + | * Servers |
- | * Server Logins | + | * Default permissions |
+ | * Server Logins | ||
+ | * **Pharos team needs to provide consistent usernames for infrastructure** | ||
- | === Remote management=== | ||
- | Lights-out Management: | ||
- | * Out-of-band management for power on/off/reset and bare-metal provisioning | ||
- | * Access to server is through lights-out-management tool and/or a serial console | ||
- | * Intel lights-out => | ||
- | RMM http://www.intel.com/content/www/us/en/server-management/intel-remote-management-module.html | ||
- | * HP lights-out => ILO | ||
- | http://www8.hp.com/us/en/products/servers/ilo/index.html | ||
- | * CISCO UCS => | ||
- | https://developer.cisco.com/site/ucs-dev-center/index.gsp | ||
+ | ==== Remote management==== | ||
- | ==== Remote access ==== | + | === Remote access === |
* Remote access is required for ... | * Remote access is required for ... | ||
Line 107: | Line 111: | ||
* Refer to individual test-bed as each company may have different access rules and procedures | * Refer to individual test-bed as each company may have different access rules and procedures | ||
* Basic requirement is for SSH sessions to be established (initially on jump server) | * Basic requirement is for SSH sessions to be established (initially on jump server) | ||
- | + | * Majority of packages installed on a system (tools or applications) will be pulled from an external storage solution so this type of things should be solved in a very general sense for the projects | |
Firewall rules | Firewall rules | ||
- | * SSH sessions | + | * SSH sessions |
- | * Jenkins sessions | + | * Jenkins sessions |
+ | Lights-out Management: | ||
+ | * Out-of-band management for power on/off/reset and bare-metal provisioning | ||
+ | * Access to server is through lights-out-management tool and/or a serial console | ||
+ | * Intel lights-out => RMM http://www.intel.com/content/www/us/en/server-management/intel-remote-management-module.html | ||
+ | * HP lights-out => ILO http://www8.hp.com/us/en/products/servers/ilo/index.html | ||
+ | * CISCO lights-out => UCS https://developer.cisco.com/site/ucs-dev-center/index.gsp | ||
+ | * Dell lights-out=> iDRAC http://en.community.dell.com/techcenter/systems-management/w/wiki/3204.dell-remote-access-controller-drac-idrac | ||
+ | |||
+ | |||
+ | === Linux Foundation - VPN service for accessing Lights-Out Management (LOM) infrastructure for the UCS-M hardware === | ||
+ | |||
+ | * People who can authorize access ... 1) 2) 3) | ||
+ | * The people who request VPN access must have a valid PGP key bearing a valid signature from one of these three people. When issuing OpenVPN credentials, LF will be sending TLS certificates and 2-factor authentication tokens, encrypted to each recipient's PGP key. | ||
+ | |||
+ | |||
==== Networking ==== | ==== Networking ==== | ||
Line 172: | Line 193: | ||
* Jira - hosted by LF | * Jira - hosted by LF | ||
* FAQ channel - hosted by LF | * FAQ channel - hosted by LF | ||
- | * Juju and MAAS on JUMP SERVER | ||
- | |||
- | |||
- | |||
- | |||
---- | ---- |