实验7:基于REST API的SDN北向应用实践
一、实验目的
- 能够编写程序调用OpenDaylight REST API实现特定网络功能;
- 能够编写程序调用Ryu REST API实现特定网络功能。
二、实验环境
- 下载虚拟机软件Oracle VisualBox或VMware;
- 在虚拟机中安装Ubuntu 20.04 Desktop amd64,并完整安装Mininet、OpenDaylight(Carbon版本)、Postman和Ryu;
三、实验要求
(一)基本要求
-
编写Python程序,调用OpenDaylight的北向接口实现以下功能
(1) 利用Mininet平台搭建下图所示网络拓扑,并连接OpenDaylight;![]()
(2) 下发指令删除s1上的流表数据。
![]()
1 #!/usr/bin/python 2 import requests 3 from requests.auth import HTTPBasicAuth 4 5 def http_delete(url): 6 url= url 7 headers = {'Content-Type':'application/json'} 8 resp = requests.delete(url, headers=headers, auth=HTTPBasicAuth('admin', 'admin')) 9 return resp 10 11 if __name__ == "__main__": 12 url = 'http://127.0.0.1:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:1/' 13 resp = http_delete(url) 14 print(resp.content)
-
(3) 下发硬超时流表,实现拓扑内主机h1和h3网络中断20s。
![]()
timeout.py
1 # timeout.py 2 import requests 3 from requests.auth import HTTPBasicAuth 4 if __name__ == "__main__": 5 url = 'http://127.0.0.1:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:1/flow-node-inventory:table/0/flow/1' 6 with open("./timeOut.json") as file: 7 str = file.read() 8 headers = {'Content-Type': 'application/json'} 9 res = requests.put(url, str, headers=headers, auth=HTTPBasicAuth('admin', 'admin')) 10 print (res.content)
timeout.json
1 # timeout.json 2 { 3 "flow": [ 4 { 5 "id": "1", 6 "match": { 7 "in-port": "1", 8 "ethernet-match": { 9 "ethernet-type": { 10 "type": "0x0800" 11 } 12 }, 13 "ipv4-destination": "10.0.0.3/32" 14 }, 15 "instructions": { 16 "instruction": [ 17 { 18 "order": "0", 19 "apply-actions": { 20 "action": [ 21 { 22 "order": "0", 23 "drop-action": {} 24 } 25 ] 26 } 27 } 28 ] 29 }, 30 "flow-name": "flow", 31 "priority": "65535", 32 "hard-timeout": "20", 33 "cookie": "2", 34 "table_id": "0" 35 } 36 ] 37 }
(4) 获取s1上活动的流表数。
![]()
![]()
getflow.py
1 # getflow.py 2 import requests 3 from requests.auth import HTTPBasicAuth 4 if __name__ == "__main__": 5 url = 'http://127.0.0.1:8181/restconf/operational/opendaylight-inventory:nodes/node/openflow:1/flow-node-inventory:table/0/opendaylight-flow-table-statistics:flow-table-statistics' 6 headers = {'Content-Type': 'application/json'} 7 res = requests.get(url,headers=headers, auth=HTTPBasicAuth('admin', 'admin')) 8 print (res.content)
-
编写Python程序,调用Ryu的北向接口实现以下功能
(1) 实现上述OpenDaylight实验拓扑上相同的硬超时流表下发。![]()
ryu_timeout.py
1 # ryu_timeout.py 2 import requests 3 if __name__ == "__main__": 4 url = 'http://127.0.0.1:8080/stats/flowentry/add' 5 with open("./ryu_timeOut.json") as file: 6 str = file.read() 7 headers = {'Content-Type': 'application/json'} 8 res = requests.post(url, str, headers=headers) 9 print (res.content)
ryu_timeout.json
# ryu_timeout.json { "dpid": 1, "cookie": 1, "cookie_mask": 1, "table_id": 0, "hard_timeout": 20, "priority": 65535, "flags": 1, "match":{ "in_port":1 }, "actions":[ ] }
(2) 参考Ryu REST API的文档,基于VLAN实验的网络拓扑,编程实现相同的VLAN配置。
提示:拓扑生成后需连接Ryu,且Ryu应能够提供REST API服务
| VLAN_ID | Hosts |
|---|---|
| 0 | h1 h3 |
| 1 | h2 h4 |
拓扑代码ryu_topo.py
# ryu_topo.py
from mininet.topo import Topo
class MyTopo(Topo):
def __init__(self):
# initilaize topology
Topo.__init__(self)
self.addSwitch("s1")
self.addSwitch("s2")
self.addHost("h1")
self.addHost("h2")
self.addHost("h3")
self.addHost("h4")
self.addLink("s1", "h1")
self.addLink("s1", "h2")
self.addLink("s2", "h3")
self.addLink("s2", "h4")
self.addLink("s1", "s2")
topos = {'mytopo': (lambda: MyTopo())}
ryu_vlan.py代码
1 # ryu_vlan.py 2 import json 3 4 import requests 5 6 if __name__ == "__main__": 7 url = 'http://127.0.0.1:8080/stats/flowentry/add' 8 headers = {'Content-Type': 'application/json'} 9 flow1 = { 10 "dpid": 1, 11 "priority": 1, 12 "match":{ 13 "in_port": 1 14 }, 15 "actions":[ 16 { 17 "type": "PUSH_VLAN", 18 "ethertype": 33024 19 }, 20 { 21 "type": "SET_FIELD", 22 "field": "vlan_vid", 23 "value": 4096 24 }, 25 { 26 "type": "OUTPUT", 27 "port": 3 28 } 29 ] 30 } 31 flow2 = { 32 "dpid": 1, 33 "priority": 1, 34 "match":{ 35 "in_port": 2 36 }, 37 "actions":[ 38 { 39 "type": "PUSH_VLAN", 40 "ethertype": 33024 41 }, 42 { 43 "type": "SET_FIELD", 44 "field": "vlan_vid", 45 "value": 4097 46 }, 47 { 48 "type": "OUTPUT", 49 "port": 3 50 } 51 ] 52 } 53 flow3 = { 54 "dpid": 1, 55 "priority": 1, 56 "match":{ 57 "vlan_vid": 0 58 }, 59 "actions":[ 60 { 61 "type": "POP_VLAN", 62 "ethertype": 33024 63 }, 64 { 65 "type": "OUTPUT", 66 "port": 1 67 } 68 ] 69 } 70 flow4 = { 71 "dpid": 1, 72 "priority": 1, 73 "match": { 74 "vlan_vid": 1 75 }, 76 "actions": [ 77 { 78 "type": "POP_VLAN", 79 "ethertype": 33024 80 }, 81 { 82 "type": "OUTPUT", 83 "port": 2 84 } 85 ] 86 } 87 flow5 = { 88 "dpid": 2, 89 "priority": 1, 90 "match": { 91 "in_port": 1 92 }, 93 "actions": [ 94 { 95 "type": "PUSH_VLAN", 96 "ethertype": 33024 97 }, 98 { 99 "type": "SET_FIELD", 100 "field": "vlan_vid", 101 "value": 4096 102 }, 103 { 104 "type": "OUTPUT", 105 "port": 3 106 } 107 ] 108 } 109 flow6 = { 110 "dpid": 2, 111 "priority": 1, 112 "match": { 113 "in_port": 2 114 }, 115 "actions": [ 116 { 117 "type": "PUSH_VLAN", 118 "ethertype": 33024 119 }, 120 { 121 "type": "SET_FIELD", 122 "field": "vlan_vid", 123 "value": 4097 124 }, 125 { 126 "type": "OUTPUT", 127 "port": 3 128 } 129 ] 130 } 131 flow7 = { 132 "dpid": 2, 133 "priority": 1, 134 "match": { 135 "vlan_vid": 0 136 }, 137 "actions": [ 138 { 139 "type": "POP_VLAN", 140 "ethertype": 33024 141 }, 142 { 143 "type": "OUTPUT", 144 "port": 1 145 } 146 ] 147 } 148 flow8 = { 149 "dpid": 2, 150 "priority": 1, 151 "match": { 152 "vlan_vid": 1 153 }, 154 "actions": [ 155 { 156 "type": "POP_VLAN", 157 "ethertype": 33024 158 }, 159 { 160 "type": "OUTPUT", 161 "port": 2 162 } 163 ] 164 } 165 res1 = requests.post(url, json.dumps(flow1), headers=headers) 166 res2 = requests.post(url, json.dumps(flow2), headers=headers) 167 res3 = requests.post(url, json.dumps(flow3), headers=headers) 168 res4 = requests.post(url, json.dumps(flow4), headers=headers) 169 res5 = requests.post(url, json.dumps(flow5), headers=headers) 170 res6 = requests.post(url, json.dumps(flow6), headers=headers) 171 res7 = requests.post(url, json.dumps(flow7), headers=headers) 172 res8 = requests.post(url, json.dumps(flow8), headers=headers)
(二)进阶要求
OpenDaylight或Ryu任选其一,编程实现查看前序VLAN实验拓扑中所有节点(含交换机、主机)的名称,以及显示每台交换机的所有流表项。
GetNode.py
1 import requests 2 import time 3 import re 4 5 6 class GetNodes: 7 def __init__(self, ip): 8 self.ip = ip 9 10 def get_switch_id(self): 11 url = 'http://' + self.ip + '/stats/switches' 12 re_switch_id = requests.get(url=url).json() 13 switch_id_hex = [] 14 for i in re_switch_id: 15 switch_id_hex.append(hex(i)) 16 17 return switch_id_hex 18 19 def getflow(self): 20 url = 'http://' + self.ip + '/stats/flow/%d' 21 switch_list = self.get_switch_id() 22 ret_flow = [] 23 for switch in switch_list: 24 new_url = format(url % int(switch, 16)) 25 re_switch_flow = requests.get(url=new_url).json() 26 ret_flow.append(re_switch_flow) 27 return ret_flow 28 29 def show(self): 30 flow_list = self.getflow() 31 for flow in flow_list: 32 for dpid in flow.keys(): 33 dp_id = dpid 34 switchnum= '{1}'.format(hex(int(dp_id)), int(dp_id)) 35 print('s'+switchnum,end = " ") 36 switchnum = int(switchnum) 37 for list_table in flow.values(): 38 for table in list_table: 39 string1 = str(table) 40 if re.search("'dl_vlan': '(.*?)'", string1) is not None: 41 num = re.search("'dl_vlan': '(.*?)'", string1).group(1); 42 if num == '0' and switchnum == 1: 43 print('h1',end = " ") 44 if num == '1' and switchnum == 1: 45 print('h2',end = " ") 46 if num == '0' and switchnum == 2: 47 print('h3',end = " ") 48 if num == '1' and switchnum == 2: 49 print('h4',end = " ") 50 print("") 51 flow_list = self.getflow() 52 for flow in flow_list: 53 for dpid in flow.keys(): 54 dp_id = dpid 55 print('switch_name:s{1}'.format(hex(int(dp_id)), int(dp_id))) 56 for list_table in flow.values(): 57 for table in list_table: 58 print(table) 59 s1 = GetNodes("127.0.0.1:8080") 60 s1.show()
(三)个人总结
在本次的实验过程中,还是遇到了比较多的问题,第一个是在运行python xxx.py命令的时候会出现requests.exceptions.ProxyError:很长一段报错,百度搜索了很多都没有得到解决,后面发现加上sudo就能够执行了。第二个是本次实验使我能够编写程序调用OpenDaylight REST API、Ryu REST API实现特定网络功能。第二个是在硬超时中断20秒,一直没成功,看了我已经打开的端口发现我的ryu根本没有成功打开,且犯了跟上次实验一样的问题,在运行ryu的时候忘记把ODL关闭了,所以就没有成功打开ryu。个人感觉本次实验难度较大,并且本次实验需要有一定的Python基础,需要通过api来完成各种功能,并且要结合前几次的实验。
浙公网安备 33010602011771号