Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP VAN SDN Controller Software Products 5.4 SDN Controller keystore and truststore locations and passwords

1 133

Download 133 pages, 3.82 Mb

8.Replace your self-signed certificate in your serverKey entry with the signed certificate from your CA (signed.cer).

keytool -importcert -keystore keystore -file signed.cer -alias serverKey

9.If you are operating a team of controllers in your environment, turn off self-signing for inter-controller communication:

Under /opt/sdn/virgo/repository/usr, change the "selfsigned" value to false for the following component:

com.hp.sdn.misc.ServiceRestComponent.properties

10.If you set up a different password than the default "skyline" password for your keystore, you will need to edit /opt/sdn/virgo/configuration/tomcat-server.xmland change the keystorePass value in the <Connector port="8443"…> tag to the new keystore password.

11.Start the controller. Continue to the next section if you are using a different keystore and truststore password than the default "skyline" password.

5.4 SDN Controller keystore and truststore locations and passwords

The SDN Controller keystore and truststore are referenced by several components, and thus need to be updated for these components:

•com.hp.sdn.api.impl.AlertPostManager

•com.hp.sdn.misc.AdminRestComponent

•com.hp.sdn.misc.ServiceRestComponent

To change these configuration of these components:

1.From the navigation menu, select Configurations.

2.Select one of the three components listed above.

3.Select Modify.

4.Repeat for the other two components.

64 SDN Controller authentication

Contents

Page Page Contents Page 5 SDN Controller authentication 7 Team configuration 8 Regional configuration 9 Backing up and restoring Page 1 Introduction 1.1 Supported switches and OpenFlow compatibility 2 Understanding the embedded applications 2.1 Link manager 2.2Node manager 2.3 Path daemon Page 2.4 Path diagnostics 2.5 Topology manager 2.6Topology viewer 3 Navigating the controller user interface 3.1Starting the SDN controller console UI 3.2About the user interface 3.2.1 Banner 3.3 Navigation menu 3.4SDN User window 3.4.1 User window screen details 3.4.2 Expanding the SDN user window 3.5Alerts screen 3.5.3 Alert notification counter 3.5.4 Alerts screen details 3.5.5 Viewing the ten most sever recent active alerts 3.5.6Acknowledging an alert 3.5.7 Deleting an alert 3.5.8Configuring the alert policies 3.6 Applications screen 3.6.3 Obtaining applications from the HP SDN AppStore 3.6.4Adding or upgrading an application 3.6.5Disabling (stopping) or enabling (starting) an application 3.7Configurations screen 3.7.2Summary of configurable controller components Page Page Page Page 3.7.3 Configurations screen details 3.7.4Modifying a component configuration 3.8Audit log screen 3.9 Licenses screen 3.10 Support logs screen 3.10.2 Support logs screen details 3.10.3 Configuring the support log queue size 3.10.4 Configure signed application zip file verification 3.11 OpenFlow monitor screen 3.11.2 OpenFlow monitor screen details 3.11.3 Discovering changes in the topopology 3.11.4 Viewing information about a specific device 3.12 OpenFlow topology screen Page Page Page Page 3.13 OpenFlow trace display 3.13.2 OpenFlow trace display details 3.13.3 Starting, stopping, or clearing OpenFlow trace 3.13.4Displaying trace event details 3.13.5Exporting the OpenFlow trace log 3.13.6Filtering the OpenFlow trace log in a CSV file 3.13.7 Changing the OpenFlow trace interval 3.14OpenFlow classes display 3.14.2 Controller enforcement levels for OpenFlow classes 3.14.3OpenFlow classes display details 3.15 Packet listeners display 4 License Registration and Activation 4.1 Overview 4.2 Preparing for license registration 4.3 Registering and activating a license 4.4 Registering your license and obtaining a license key Page Page Page Page 4.5 Activating a license on the controller 4.6 Managing licenses Page Page Page 5 SDN Controller authentication 5.1 SDN Controller security guidelines 5.2 SDN Controller authentication 5.3Creating SDN Controller keystore and truststore 5.4 SDN Controller keystore and truststore locations and passwords 5.5 Configuration encryption 5.6 Openflow Controller TLS 5.7 REST authentication 5.7.1 Openstack Keystone 5.8 Controller code verification 5.9 Revoking Trust 5.10 SDN administrative REST API 5.11 Virgo admin UI access 5.12 Virgo console access 5.13 JMX console 5.14 Security practices 5.14.2Recommended administrative rules 6 Hybrid mode for controlling packet-forwarding 6.1 Overview 6.2Viewing and changing the hybrid mode configuration 6.3 Coordinating controller hybrid mode and OpenFlow switch settings 6.3.2 Configuring controller settings to support hybrid mode Page 6.4 Controller packet-forwardingwhen hybrid mode is disabled 6.4.1 Controller packet forwarding when hybrid mode is enabled 6.4.2 Learning more about hybrid mode 7 Team configuration 7.1 High availability 7.2 Team management 7.3Requirements for controller teams 7.4 Configuring a controller team 7.4.2Configuration procedure Page 7.5Displaying team configuration 7.6Disbanding a team 7.7 Controller fault tolerance 7.8Error log for team configuration 7.8.1 Team alias node 8 Regional configuration 8.1 Overview 8.2 Creating a region 8.3 Aquiring a region UID 8.4 Updating a region 8.5 Refreshing a region 8.6 Deleting a region 9 Backing up and restoring 9.1 Backing up a controller 9.1.2Backing up a controller 9.1.3Downloading a backup from the controller to another location 9.1.4Recommended backup practices 9.2 Restoring a controller from a backup Page 9.3Distributed (team) backing up and restoring 9.4 Backing up and restoring the keystone configuration and database 10 Requirements for applications 10.1 Application requirements 10.2Application descriptor file mandatory attributes 10.3Application descriptor optional attributes 10.4 Application zip file content criteria 10.5 Application state and OSGi artifacts Page 11 Troubleshooting 11.1 License troubleshooting 11.2 Host location not learned by controller 11.3 Unexpected network or service problems 11.4 Application management exceptions 11.5 Performance testing 11.6Application management errors 11.7 Path diagnostic application via REST command line API Page Page Page Page 12 Support and other resources 12.1Gather information before contacting an authorized support representative 12.2How to contact HP 12.3Get connected to the HP SDN online user forum 12.4 Software technical support and software updates 12.5 Related information 13 Documentation feedback A cURL commands A.1 Export audit log data as a CSV file A.2 Licensing actions A.2.2 Activating a license on the controller A.2.3 Uninstalling licenses to prepare for transfer Page A.3 Application manager actions A.3.2 Listing information about an application A.3.3 Getting application health status A.3.4 Uploading an application (new or upgrade) A.3.5 Installing a new application A.3.6 Upgrading an application A.3.7 Disabling an application A.3.8 Enabling an application A.3.9 Removing a staged application A.3.10 Deleting an application B Scripts B.1 Configuring a controller team B.2 Backing up a controller team Page Page Page Page B.3 Restoring a controller team Page Page Page Page Index