The Connect core

The Connect core includes two key components:
  • plugins
  • deployments

Plugins

Plugins are a core component of the Fabric Services System Connect environment. In the Connect environment, a plugin represents the component that communicates with the external cloud services. The following plugins are supported by the Fabric Services System platform, and are further documented in their respective sections:

Plugins are automatically registered within the Connect service when they are deployed. Each is stored in the database with the following main properties:

Table 1. Plugin properties
Property Description Values/Range
Name The name of the plugin. String
Type The type of plugin, related to the platform it supports. String
External ID An optional field to store an external reference. String
Heartbeat support Indicates whether the plugin sends regular heartbeat messages to signal its live state to Connect. True/False
Heartbeat interval Indicates how often the plugin should send a heartbeat message, in seconds. Integer
Status Indicates whether Connect:
  • is in the process of deploying a resources
  • has finished deploying it
  • has encountered an error during deployment
 String
Region Identifies Fabric Services System region with which this deployment is associated. Must be set if the deployment is changed to Admin Up and it cannot be changed after being set. For more information, see Multi-region support String
Restrictions Restrictions are placed on the deployment by the administrator to prevent some modes of operation. An empty list of restrictions signifies no restrictions on the deployment. The following enum values can be added to the list:
  • NoConnectManaged
  • NoFSSManaged

For more information, see Allowed mode of operation.

 enum
For more details about the full set of available properties, see the API documentation as described in the Fabric Services System API Integration Guide.

Heartbeat

When plugins register with the Connect core service, they can indicate that they support heartbeats. When a plugin supports heartbeats, the plugin is expected to send a heartbeat to the Connect core service at an interval of the configured value (or more frequently). If the Connect core does not receive a heartbeat from the plugin after two intervals, it raises an alarm in the Fabric Services System to indicate that there could be an issue with the plugin.

Deployments

Deployments represent the individual cloud environments that each plugin integrates with. For most plugins, there is only a single deployment. The VMware plugin supports the integration of a single plugin with multiple vCenter servers, where each is represented by a separate deployment.

Deployments have an Admin state, which indicates whether the plugin is allowed to make changes in the fabric for that deployment. This helps to prevent unwanted changes from plugins or deployments that have not been enabled, and are therefore in an Admin Down state.

Deployment states

A plugin can automatically create the deployments to which it belongs. Such deployments are created in an Admin Down state, and an administrator must update the deployment to an Admin Up state to enable it.

Deployments can also be created by an administrator, in which case the administrator can immediately enable the Deployment by setting it to Admin up.

Deployment properties

Deployments have the following main properties:

Table 2. Deployment properties
Property Description Values/Range
Name The name of the deployment String
Description A description of the deployment String
Plugin A reference to the plugin that owns the deployment String
External ID An optional field to store an external reference String
Status Indicates whether Connect:
  • is in the process of deploying a resource
  • has finished deploying it
  • encountered an error occurred during deployment
 String
Settings A collection of settings that depend on the type of the plugin. For a deployment of the VMware plugin, the settings include information about the vCenter hostname, username, and password, which are securely stored. List

Multi-region support

The Fabric Services System Connect service supports multiple regions. The support for multiple regions has been added on the level of the deployment, where a new property has been added that links a deployment to a specific region. This property can only be set once and cannot be changed afterwards. If only one region exists in the Fabric Services System, that region is automatically selected when a deployment is created.

A deployment must have a region set before it can be configured to be Admin Up (enabled). The deployment can only use Fabrics from the region it is associated with.

The Connect UI remains a global resource as the plugins remain global resources. The list of deployments only shows the deployments related to the region that is selected in the region selector in the UI.

The Connect UI

The Fabric Services System UI contains a page from which you can manage the Connect deployments and view details about the Connect plugins.

The first page of the Connect UI displays a list of the Connect deployments and the relevant information for each deployment.

Clicking on the More menu for a deployment opens an action list from which you can:
  • change the Admin state of the plugin in a single click
  • open the deployment for more details
  • delete the deployment.

You can also use the Views drop-down list to open the Plugins view. This opens a new page that lists Connect plugins and displays the relevant information for each plugin.

Clicking on the More menu for a plugin opens an action list from which you can:
  • view a list of the deployment associated with that plugin
  • delete the plugin

Connect UI parameters

Basic deployment parameters

The following parameters are used when managing a deployment's configuration in the Fabric Services System UI. The set of parameters varies depending on the type of plugin the deployment is associated with.

Table 3. Basic deployment parameters

Parameter

Description

Values/Range

Admin Up

Indicates whether the deployment should be Administratively Up, or (if false) left Administratively Down. A deployment that is Administratively Down is not functional.

True

False

Name

 The name used to refer to this deployment within the Fabric Services System.

A string value

Description

 Optionally, a description for this deployment.

A string value

Deployment parameters based on plugin choice

The following parameters are used in the Connect page of the Fabric Services System UI to configure a Connect deployment associated with a Connect plugin.

The set of parameters can vary from one type of plugin to another.

Table 4. Deployment parameters based on plugin choice
Parameter OpenShift OpenStack VMware Description Values/Range
Plugin Yes Yes Yes The type of plugin associated with this deployment.

OpenShift

OpenStack

VMware
Host No No Yes The vCenter host. A valid host URL, in the form (for example) vmware.example.net.
Username No No Yes The username for the vCenter user. A string value, subject to vCenter constraints for user names.
Password No No Yes Password for the vCenter user.
Note: The password characters are obscured for security purposes.
 A string value, subject to vCenter constraints for passwords.
TLS Verify No No Yes Indicates whether to verify TLS with vCenter. True

False
Certificate No No Yes If TLS Verify is set to True, a TLS certificate is required here.

Only a single certificate is supported for a plugin.

Failing to provide a certificate, or providing an invalid certificate, triggers a certificate validation failure alarm.

 A valid TLS certificate

Allowed mode of operation

In some cases, an administrator may want to restrict which mode of operation is available for a specific Deployment.

For this purpose, the Fabric Services System supports the Restrictions setting on deployments.

The Restrictions field is located in the Fabric Services System GUI under the Connect selection in the main menu.

When modifying a deployment, the Restrictions field presents a list of values indicating which restrictions are put on the deployment by the Administrator.

An empty list of restrictions signifies no restrictions on the deployment. The following values can be added to the list:

  • No restrictions (empty value in the API): All operational modes are allowed to be used
  • Restrict to Connect managed networking (NoFssManaged in the API): Only the Connect (CMS) managed operational mode is allowed to be used and any Fabric Services System managed Tenants and Subnets are rejected.
  • Restrict to FSS managed networking (NoConnectManaged in the API): Only the Fabric Services System managed operational mode can be used, and any CMS managed operational mode Tenants and Subnets are rejected.
Note: Changing the Restrictions on a deployment does not have any influence on existing resources. It only impacts newly created resources.
Note: While changing the Restrictions on a deployment does not impact already existing resources, individual plugins may choose to clean up existing non-conforming resources.

Creating Connect deployments and plugins

Follow this procedure to create a new Connect deployment using the Connect page of the Fabric Services System GUI.

For the corresponding process using the API instead of the GUI, see Managing plugins and deployments.

  1. From the main Fabric Services System menu, select Connect.
    The Connect page displays, showing a list of all current Connect deployments.
  2. Click CREATE DEPLOYMENT.
  3. Enter the following information about the deployment as described in Basic deployment parameters:
    • Admin Up
    • Name
    • Description
  4. Select a value for the Plugin parameter.
  5. Select a value for the Restrictions parameter.
  6. Enter information about the associated plugin as described in Deployment parameters based on plugin choice:
    Note: The remaining parameters may vary depending on the plugin you specified in step 4.
  7. Click SAVE.

Managing Connect deployments and plugins

Follow these steps to view, modify, or delete a Connect deployment, or to view a list of plugins or delete a plugin.
  1. From the main menu, select Connect.
    The Connect page displays, showing a list of all current Connect deployments.
  2. Choose one of the following:
    • To view details about a particular deployment, go to step 3.
    • To change the administrative state of a deployment, go to step 4.
    • To modify details about a deployment, go to step 5.
    • To delete a deployment, go to step 6.
    • To view a list of plugins, go to step 7.
    • To delete a plugin, go to step 8.
  3. To view a deployment, do the following:
    1. Find the deployment that you want to view and click at the end of its row.
    2. Select Open from the list of actions.
      Details about the selected deployment are displayed in an overlay.
  4. To change the administrative state of a deployment, do the following:
    1. Find the deployment in the list and click at the end of its row.
    2. Select Set to Admin Up or Set to Admin Down from the list of actions.
  5. To edit a deployment, do the following:
    1. Find the deployment that you want to edit and click at the end of its row.
    2. Select Edit from the list of actions.
    3. Modify the displayed properties as required.
      Note: Not all properties can be modified.
    4. Click SAVE.
  6. To delete a deployment, do the following:
    1. Find the deployment that you want to delete and click at the end of its row.
    2. Select Delete... from the list of actions.
    3. Click OK in the confirmation dialog.
  7. To view a list of plugins select Plugins from the Views drop-down list at the top of the page.
    The list of deployments is replaced by a list of current plugins.
  8. To delete a plugin, do the following:
    1. Select Plugins from the Views drop-down list at the top of the page.
    2. Find the plugin that you want to delete and click at the end of its row.
    3. Select Delete... from the list of actions.
    4. Click OK in the confirmation dialog.

Fabric Services System Connect workflows

In the Cloud Management mode, Connect creates a workload intent for each tenant, and a Fabric Services System subnet for each subnet that is created in the Cloud Management system. In this mode, the changes in the Cloud Management system are transparently reflected into the Fabric Services System. The administrator of the Cloud Management system does not require any knowledge about how to use the Fabric Services System.

For more advanced use cases, another type of workload intent or Fabric Services System subnet may be required. In other advanced use cases some external peering must be configured with the workload intent, or special sub-interfaces are required.

In such cases Nokia recommends using the Fabric Services System Managed mode, which instructs Connect to associate tenants and subnets with existing workload intents and subnets in the Fabric Services System respectively, instead of creating these resources in the Fabric Services System based on the cloud management networking.

In this mode, an administrator (or orchestration engine) with knowledge of the Fabric Services System first creates the necessary resources in the Fabric Services System directly. They can create more complex configurations than the cloud management system itself would be able to do. When creating the networking constructs in the Cloud Management system, the administrator provides a set of unique identifiers referring to those pre-created networking constructs. This way the Connect plugin and Connect service know not to create their own Workloads and Subnets, but to use the pre-created items.

See also:

Managing the Connect core user

Connect uses a specific pre-created Connect user to access the Fabric Services System through an internal REST API. It is not necessary to change the password of this Connect user. However, if you do change the password of this user through the UI or API of the Fabric Services System, you must perform the following procedure which includes updating the Connect pod in the Fabric Services System Kubernetes cluster.

  1. Obtain the base64 encoding value of the new password: 
    $ echo -n 'NewPassword' | base64
Tm9raWFDuZWN0MSE=
  2. Set the password with a new base64 encoded value in the Kubernetes secret file using following command and save the file: 
    $ kubectl edit secrets prod-fss-connect-auth-secret
    Upon executing the above command, the following section is present in the file, which must be updated:
    data:
  password: <New base64 encoded value>
  3. Delete the Connect pod so that Connect uses updated secret values to communicate with rest of the Fabric Services System services.