Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP VAN SDN Controller Software Products 5.7 REST authentication, 5.6.2 Openflow Controller keystore and truststore locations and passwords

1 133

Download 133 pages, 3.82 Mb

must be signed by the same CA, so that the TLS connection will be established. See your switch’s manual for information about configuring TLS on your switch.

5.6.2 Openflow Controller keystore and truststore locations and passwords

The Openflow Controller’s configurations for keystore/truststore are located in the com.hp.sdn.ctl.of.impl.ControllerManager configuration. The keystore and keystore.password properties capture the location of the keystore and the password of the keystore respectively. Similarly, the truststore and truststore.password capture the location of the truststore and the password of the truststore respectively.

Figure 42 Components that reference OpenFlow keystore and truststore

A controller restart is required if these configurations are changed.

5.7 REST authentication

The SDN Controller relies on token-based authentication to authenticate its REST APIs. In other words, all REST APIs except the /auth and /rsdoc APIs require an authentication token embedded in an "X-Auth-Token" header to be included with each REST request. The /auth API allows you to obtain a token, while the /rsdoc API provides live REST API documentation information about the controller’s REST API. The next section describes how to obtain a token from the /auth API.

66 SDN Controller authentication

Contents

Page Page Contents Page 5 SDN Controller authentication 7 Team configuration 8 Regional configuration 9 Backing up and restoring Page 1 Introduction 1.1 Supported switches and OpenFlow compatibility 2 Understanding the embedded applications 2.1 Link manager 2.2Node manager 2.3 Path daemon Page 2.4 Path diagnostics 2.5 Topology manager 2.6Topology viewer 3 Navigating the controller user interface 3.1Starting the SDN controller console UI 3.2About the user interface 3.2.1 Banner 3.3 Navigation menu 3.4SDN User window 3.4.1 User window screen details 3.4.2 Expanding the SDN user window 3.5Alerts screen 3.5.3 Alert notification counter 3.5.4 Alerts screen details 3.5.5 Viewing the ten most sever recent active alerts 3.5.6Acknowledging an alert 3.5.7 Deleting an alert 3.5.8Configuring the alert policies 3.6 Applications screen 3.6.3 Obtaining applications from the HP SDN AppStore 3.6.4Adding or upgrading an application 3.6.5Disabling (stopping) or enabling (starting) an application 3.7Configurations screen 3.7.2Summary of configurable controller components Page Page Page Page 3.7.3 Configurations screen details 3.7.4Modifying a component configuration 3.8Audit log screen 3.9 Licenses screen 3.10 Support logs screen 3.10.2 Support logs screen details 3.10.3 Configuring the support log queue size 3.10.4 Configure signed application zip file verification 3.11 OpenFlow monitor screen 3.11.2 OpenFlow monitor screen details 3.11.3 Discovering changes in the topopology 3.11.4 Viewing information about a specific device 3.12 OpenFlow topology screen Page Page Page Page 3.13 OpenFlow trace display 3.13.2 OpenFlow trace display details 3.13.3 Starting, stopping, or clearing OpenFlow trace 3.13.4Displaying trace event details 3.13.5Exporting the OpenFlow trace log 3.13.6Filtering the OpenFlow trace log in a CSV file 3.13.7 Changing the OpenFlow trace interval 3.14OpenFlow classes display 3.14.2 Controller enforcement levels for OpenFlow classes 3.14.3OpenFlow classes display details 3.15 Packet listeners display 4 License Registration and Activation 4.1 Overview 4.2 Preparing for license registration 4.3 Registering and activating a license 4.4 Registering your license and obtaining a license key Page Page Page Page 4.5 Activating a license on the controller 4.6 Managing licenses Page Page Page 5 SDN Controller authentication 5.1 SDN Controller security guidelines 5.2 SDN Controller authentication 5.3Creating SDN Controller keystore and truststore 5.4 SDN Controller keystore and truststore locations and passwords 5.5 Configuration encryption 5.6 Openflow Controller TLS 5.7 REST authentication 5.7.1 Openstack Keystone 5.8 Controller code verification 5.9 Revoking Trust 5.10 SDN administrative REST API 5.11 Virgo admin UI access 5.12 Virgo console access 5.13 JMX console 5.14 Security practices 5.14.2Recommended administrative rules 6 Hybrid mode for controlling packet-forwarding 6.1 Overview 6.2Viewing and changing the hybrid mode configuration 6.3 Coordinating controller hybrid mode and OpenFlow switch settings 6.3.2 Configuring controller settings to support hybrid mode Page 6.4 Controller packet-forwardingwhen hybrid mode is disabled 6.4.1 Controller packet forwarding when hybrid mode is enabled 6.4.2 Learning more about hybrid mode 7 Team configuration 7.1 High availability 7.2 Team management 7.3Requirements for controller teams 7.4 Configuring a controller team 7.4.2Configuration procedure Page 7.5Displaying team configuration 7.6Disbanding a team 7.7 Controller fault tolerance 7.8Error log for team configuration 7.8.1 Team alias node 8 Regional configuration 8.1 Overview 8.2 Creating a region 8.3 Aquiring a region UID 8.4 Updating a region 8.5 Refreshing a region 8.6 Deleting a region 9 Backing up and restoring 9.1 Backing up a controller 9.1.2Backing up a controller 9.1.3Downloading a backup from the controller to another location 9.1.4Recommended backup practices 9.2 Restoring a controller from a backup Page 9.3Distributed (team) backing up and restoring 9.4 Backing up and restoring the keystone configuration and database 10 Requirements for applications 10.1 Application requirements 10.2Application descriptor file mandatory attributes 10.3Application descriptor optional attributes 10.4 Application zip file content criteria 10.5 Application state and OSGi artifacts Page 11 Troubleshooting 11.1 License troubleshooting 11.2 Host location not learned by controller 11.3 Unexpected network or service problems 11.4 Application management exceptions 11.5 Performance testing 11.6Application management errors 11.7 Path diagnostic application via REST command line API Page Page Page Page 12 Support and other resources 12.1Gather information before contacting an authorized support representative 12.2How to contact HP 12.3Get connected to the HP SDN online user forum 12.4 Software technical support and software updates 12.5 Related information 13 Documentation feedback A cURL commands A.1 Export audit log data as a CSV file A.2 Licensing actions A.2.2 Activating a license on the controller A.2.3 Uninstalling licenses to prepare for transfer Page A.3 Application manager actions A.3.2 Listing information about an application A.3.3 Getting application health status A.3.4 Uploading an application (new or upgrade) A.3.5 Installing a new application A.3.6 Upgrading an application A.3.7 Disabling an application A.3.8 Enabling an application A.3.9 Removing a staged application A.3.10 Deleting an application B Scripts B.1 Configuring a controller team B.2 Backing up a controller team Page Page Page Page B.3 Restoring a controller team Page Page Page Page Index