The Connect core
Fabric Services System Connect workflows
In the Cloud Management mode, Connect creates a workload intent for each tenant, and a Fabric Services System subnet for each subnet that are created in the Cloud Management system. In this mode, the changes in the Cloud Management system are transparently reflected into the Fabric Services System. The administrator of the Cloud Management system does not require any knowledge about how to use the Fabric Services System.
For more advanced use cases, another type of workload intent or Fabric Services System subnet might be required. In other advanced use cases some external peering must be configured with the workload intent, or special sub-interfaces are required.
In such cases Nokia recommends using the Fabric Services System Managed mode, which instructs Connect to associate tenants and subnets with existing workload intents and subnets in the Fabric Services System respectively, instead of creating these resources in the Fabric Services System based on the cloud management networking.
In this mode, an administrator (or orchestration engine) with knowledge of the Fabric Services System first creates the necessary resources in the Fabric Services System directly. They can create more complex configurations than the cloud management system itself would be able to do. When creating the networking constructs in the Cloud Management system, the administrator provides a set of unique identifiers referring to those pre-created networking constructs. This way the Connect plugin and Connect service know not to create their own Workloads and Subnets, but to use the pre-created items.
See also:
Managing the Connect core user
Connect uses a specific pre-created Connect user to access the Fabric Services System through an internal REST API. It is not necessary to change the password of this Connect user. However, if you do change the password of this user through the UI or API of the Fabric Services System, you must perform the following procedure which includes updating the Connect pod in the Fabric Services System Kubernetes cluster.
.
-
Obtain the base64 encoding value of the new password:
$ echo -n 'NewPassword' | base64 Tm9raWFDuZWN0MSE=
-
Set the password with a new base64 encoded value in the Kubernetes secret file
using following command and save the file:
$ kubectl edit secrets dev-fss-connect-auth-secret
Upon executing the above command you will find the following section in the file, which must be updated:data: password: <New base64 encoded value>
- Delete the Connect pod so that Connect uses updated secret values to communicate with rest of the Fabric Services System services.