Upgrade ODL Controller

This document provides information on upgrading OpenDaylight (ODL) Controller to work with OnApp Software-defined networking. 

Please note that the stable version for OnApp is OpenDaylight 0.14.0.

Backup of the Datastore in Old ODL Controller



To backup the datastore in an old ODL controller, follow the next procedure:

  1. Create a file with backup file name as a parameter:
# cat ./backup.json
{
  "input": {
	"file-path": "/tmp/datastore_backup"
  }
}


     2. Run API call, with proper admin and pass parameters:

# curl -u ‘admin:adminpass’ -X POST -H "Content-Type: application/json" --data-binary @./backup.json  http://localhost:8181/restconf/operations/cluster-admin:backup-datastore


Stop Old ODL Controller



Stop an old ODL Controller
 by running the following command:

# systemctl stop opendaylight

Install OpenDaylight Silicon


In case of the Log4j 2 vulnerability (CVE-2021-44228), please refer to the CVE Fixes page.

To install OpenDaylight Silicon, follow the next procedure:

  1. Switch to the root home directory and download an archive with ODL by running the next command:

    https://nexus.opendaylight.org/content/repositories/opendaylight.release/org/opendaylight/integration/opendaylight/0.14.0/opendaylight-0.14.0.zip
  2. Unpack the archive by running the following command:

     # unzip opendaylight-0.14.0.zip
  3. Install JVM by running the following command:

    # yum install java-11
  4. Set JAVA_HOME by running the next command:

    # export JAVA_HOME=/usr/lib/jvm/jre-11
  5. Start controller and install the required tools with the following command:

    # cd /root/opendaylight-0.14.0
    # ./bin/karaf
  6. After the ODL console is opened, perform the refresh of repositories with the next command:

     opendaylight-user@root> feature:repo-refresh
  7. Install feature needed by OpenDaylight:

     opendaylight-user@root> feature:install odl-ovsdb-library odl-restconf-all odl-ovsdb-southbound-api odl-ovsdb-southbound-impl odl-ovsdb-southbound-impl-rest
  8.  After the features are installed, log out from the karaf by the following command:

     opendaylight-user@root>logout
  9.   Update the link:
  10. # unlink /etc/sdn
    # ln -s /root/opendaylight-0.14.0 /etc/sdn

 Restore From Backup 


To restore the backup on the target node, the backup file needs to be placed into the $KARAF_HOME/clustered-datastore-restore directory and then, the node restarted. If the directory does not exist (which is quite likely if this is a first-time restore), it needs to be created. On startup, ODL checks if the journal and snapshots directories in $KARAF_HOME are empty and, only then, tries to read the contents of the clustered-datastore-restore directory if it exists. Thus, for a successful restore, these two directories should be empty. The backup file name itself does not matter; the startup process will delete it after a successful restore.

Restore the backup by running the following command:

# rm -rf /root/opendaylight-0.14.0/journal/*	
# rm -rf /root/opendaylight-0.14.0/snapshots/*
# mkdir /root/opendaylight-0.14.0/clustered-datastore-restore
# cp /tmp/datastore_backup  /root/opendaylight-0.14.0/clustered-datastore-restore/


Start OpenDaylight Service


To start OpenDaylight Service, use the following command:

 # systemctl start opendaylight


Similar record should be displayed in the log file at /root/opendaylight-0.12.1/data/log/karaf.log

2020-07-01T13:55:12,889 | INFO  | Blueprint Extender: 3 | DatastoreSnapshotRestore     	| 227 - org.opendaylight.controller.sal-distributed-datastore - 1.11.1 | Clustered datastore will be restored from file ./clustered-datastore-restore/datastore_backup

Don’t forget to set correct credentials and port (8181) at https://onapp--cp--ip/settings/sdn/managers/1/edit

 Password Change


The password can be changed according to this example:

  1. Create a file with password as a parameter:
# cat user.json
{
"name":"admin",
"description":"admin account",
"enabled":"1",
"email":"",
"password":"newpass"
}

     2. Run API call:

# curl -u admin:adminpass -X PUT -H "Content-Type: application/json" --data-binary @./user.json http://localhost:8181/auth/v1/users/admin@sdn
{"userid":"admin@sdn","name":"admin","description":"admin account","enabled":1,"email":"","password":"**********","salt":"**********","domainid":"sdn"}

Tweaks


To prevent intensive logging, you need to decrease log level.
It can be done in config /etc/sdn/etc/org.ops4j.pax.logging.cfg , by changing the value log4j2.rootLogger.level from INFO to ERROR.

# grep log4j2.rootLogger.level /etc/sdn/etc/org.ops4j.pax.logging.cfg
log4j2.rootLogger.level = INFO

In that case, ovsdb-rpc-task-timeout and json-rpc-decoder-max-frame-length parameters can be changed in /etc/sdn/etc/org.opendaylight.ovsdb.library.cfg 

Default values are as follows:

# grep -E 'ovsdb-rpc-task-timeout|json-rpc-decoder-max-frame-length' /etc/sdn/etc/org.opendaylight.ovsdb.library.cfg
json-rpc-decoder-max-frame-length = 100000
ovsdb-rpc-task-timeout = 1000