SAFplus

Overview

OpenClovis’s SAFplus Management Platform provides out-of-the-box comprehensive management functionality for your networking, computing and telecom products. Using your YANG (NETCONF) definition files, we provide NETCONF, SNMP, RESTCONF, and command line access. The SAFplus manageability agents automatically route incoming requests to your applications, running anywhere on the cluster. And at development time, our software can read your YANG files, generating C++ objects for application instrumentation.

Features

Protocols

Figure 1: SAFplus Management Major Elements and Protocols

mgt_interconnect.svg

NETCONF: The SAFplus Management Platform uses the OpenYuma software to provide a NETCONF over SSH northbound interface

SNMP: The SAFplus Management Platform uses the Net-SNMP software to provide an SNMP northbound interface. Either V2, V2c or V3 operation is supported.

future.svg HTTP/HTTPS: The SAFplus Management Platform provides a REST API for access to Management data.

These northbound agents have been customized by SAFplus to identify the user applications involved in the northbound request and to forward the data access requests to the user applications in a transactional manner.

Access

NETCONF Features

SNMP Features

Configuration Management

The SAFplus Management data may be imported and exported to XML using the "safplus_db" application provided on the network element. This facility allows configuration to be saved, analyzed, and modified in a human-understandable format. It also allows configuration to be managed using document revision control systems (i.e. subversion, git, ClearCase), if desired.

Data can be stored in a single or in separate databases, as you prefer. Applications can independently read and write the database, either directly or implicitly when SAFplus Management objects are accessed (the SAFplus object to data mapping layer abstracts database access).

future.svg If data is not bound to an active application, it is retrieved from the database directly.

SAFplus provides a plug-in interface that is used to select the underlying database. SAFplus provides plugins for GDBM, SQLite, and BerkeleyDB. If your chosen database does not natively support replication, you can place the SAFplus Checkpoint (replicated in-RAM hash tables) facility above the database. This allows any non-replicated database to be replicated to multiple controllers. However, since the SAFplus Checkpoint facility stores all data in-RAM (to maximize performance) this solution is not appropriate for large data sets. For large data sets, you must choose a database that supports replication.

Figure 2: SAFplus Configuration Database Communications and Replication

config_management.svg

Access Control

NETCONF authentication is via SSH, so user accounts defined at the Linux level are available as NETCONF logins. Users can be added to groups and access permissions by group are available at the module, NETCONF operation, data element, and notification level as specified by the "Network Configuration Protocol (NETCONF) Access Control Model" (proposed as RFC 6536).

SNMP authentication and access control is via the standard mechanisms defined in V2c or V3.

future.svg HTTPS authentication and access control is via HTTPS session login and cookies. Access control follows the rules specified in the NETCONF Access Control Model.

Remote CLI access control is the same as NETCONF, since the CLI communicates via the NETCONF protocol. "Local access" CLI presumes that the user has already successfully logged into the network element and has permissions to execute the safplus_cli application. Access control therefore occurs via SSH and Linux user security mechanisms. But, if the local access CLI is available to the login user, the super-user role is assumed. In other words, all operations are available to the a user of the local access CLI.

Conversion between XML files and the database also occurs on the network element so access is limited by Linux SSH and the login user's capabilities.

Remote Authentication Dial In User Service (RADIUS)

RADIUS is a centralized authentication system. Commercial and open source (http://freeradius.org/, https://www.gnu.org/software/radius/) implementations of the protocol and RADIUS server exist.

SAFplus Management can be integrated with most RADIUS servers. Since the SAFplus NETCONF authentication uses SSH, an integration between SSH and your RADIUS server using the Linux PAM (Pluggable Authentication Module) facility means that RADIUS will be used for SAFplus NETCONF authentication. The details of this integration is beyond the scope of this document; HOWTOs are available for many Linux flavors and RADIUS implementations.

Likewise, SAFplus Management uses the NET-SNMP project as our SNMP front end. Many RADIUS servers provide integrations with NET-SNMP, please refer to your RADIUS server's documentation for details of such an integration. Additionally, it is possible to tunnel NET-SNMP inside SSH, although this feature may not be supported by your SNMP client. In this case, as with NETCONF, simply integrate RADIUS with SSH (using the Linux PAM facility).

Auditing

Every change to configuration can be written to an audit log.

Application Programming Interface

SAFplus has infrastructure at the application layer that binds objects to the NETCONF path so that C++ objects, and even C++ variables, are management aware. This makes it very easy to connect management definitions to the running code. The binding is dynamic, so that if one process fails another can take over and rebind to the object.

Automatic Object and Object Class Creation. Full C++ Object classes and Object hierarchies can be automatically generated from the Yang file using SAFplus. This code generator is extensible and customizable.

It is also easy to manually create and bind your own management objects -- the programmer simply derives his objects from our base classes.

Provisioning and Statistical Objects Independently Supported. SAFplus supports provisioning (configuration) objects, which are database backed, and statistical objects, which are held in RAM and are read only. The objects are defined in NETCONF and Yang, and are fully supported down through the hierarchy. Since objects are split into two classes, the live running system is more efficient than if there was only a single class.

Easy upgrade to SAFplus High Availability Platform from SAFplus Management Platform. All SAFplus services use management natively. For example all of the Availability Management Framework (AMF) objects, log streams, groups, and messaging pipes are also visible through management interfaces. The resulting close ties between HA and manageability makes things very efficient from a programmer’s and user’s perspective.

High Availability / Redundancy

The SAFplus Management product can be fully integrated with the SAFplus High Availability/Scalability product. This product provides the most powerful and flexible High Availability solution in the market and can be applied to both SAFplus Management components (NETCONF and SNMP protocol handlers, for example) and to user applications. The SAFplus management components are modelled as 1+1 (Active/standby) components and a "virtual" IP address (an IP address that is moved to the active node) is employed to ensure that access to the network element always connects to the active components.

User applications can use any redundancy model supported by SAFplus High Availability/Scalability product. Applications dynamically "bind" in-RAM objects to locations within the management data tree at runtime. Typically a highly available user application binds to the the relevant management configuration and statistics data when it is told to assume the "active" role for a service. However, the "standby" application could, for example, bind to data that provides information about the availability of the standby node. Multiple "active" applications can simultaneously bind to different portions of the management data model to access the configuration or present information locally available in that application. If an active application subsequently fails, its redundant copy is told by the SAFplus HA framework to become active and can then bind its own in-RAM management objects into the management data tree, in effect "taking over" ownership of the management data from the failed application.

future.svg Any in-flight transactions are aborted and reissued, ensuring database consistency during application fail over.

SAFplus: SAFplus Management Architecture and Features (last edited 2016-03-02 18:58:26 by AndrewStone)