1 of 100

Open Networking Enterprise Suite (ONES)

Introduction and Overview

Open Networking Enterprise Suite (ONES) is a Network Orchestration, Visibility, and Assurance solution for multi-vendor and multi-NOS operated Network Infrastructure. ONES provides a one-stop solution from delivering deep visibility into your datacenter networks to extending 24x7 support functions for SONiC. It also hosts a powerful analytics engine that assists users to identify network issues and troubleshoot their networks, in case of common network anomalies and disruptions.

ONES uses Auto-discovery for SONiC devices and a YAML or CSV-based template for adding non-SONiC devices during the onboarding process and continuously collects streaming telemetry data from them to provide insights on;

Data Center Inventory
Network State
Platform and System Health
Control and Data Plane resource Utilisation

ONES monitors various control and data plane metrics to provide these insights.

Rule Engine

ONESv2.1 application has the capability to trigger notifications via Slack app notifications when certain user-defined threshold values are breached.

In data centre operations, a rule engine with alerts for various metrics is essential for proactive monitoring and management of critical components and services. Rule Engine pushes the configured rule notification in case any device breaches the threshold value configured under the rule to SLACK Channel & Zendesk Support page.

Let's see the different types of rule engine metrics for specific Entity/features in a data centre environment

CPU and Memory Utilisation
Fan and PSU LED status
Traffic Bandwidth
ASIC Routes

ONES Orchestration

ONES orchestration provide network admins to automate the fabric configuration using configuration templates for provisioning physical interfaces, layer 3 configuration for building IP-CLOS fabric using

BGP as a routing protocol including BGP-unnumbered
Symmetric/Asymmetric IRB
BGP Peering with PO
L2/L3 MC-LAG

ONES orchestration not only configures the fabric but also make sure the Fabric is operational by doing verifying the configuration at every stage.

ONES provides north bound API access for configurations originating from external orchestration tools.

Data Lake

A data lake is a centralized repository that allows you to store vast amounts of structured, semi-structured, and unstructured data in its raw format. Unlike traditional data warehouses where data is stored in a structured manner, a data lake retains the data in its native format until it's needed for analysis or processing. ONES provide the capability to store the RAW data of all the Metrics to Cloud and then user will be able to use that RAW data for any deployment or any other use cases.

Here are key components and characteristics of a ONE DL.

Storage of Diverse Data Types: A data lake can store various types of data, including structured data (like relational databases), semi-structured data (like JSON, XML), and unstructured data (like documents, images, videos). This flexibility allows organizations to ingest and store data from different sources without the need for extensive preprocessing.
Scalable and Cost-Effective Storage: Data lakes are typically built on scalable storage systems, such as cloud-based object storage (e.g., Amazon S3, Azure Data Lake Storage) or Splunk . These systems can efficiently handle large volumes of data and offer cost-effective storage solutions.
Schema-on-Read Approach: In contrast to traditional data warehouses that use a schema-on-write approach (where data must be structured and conform to a predefined schema before storage), data lakes adopt a schema-on-read approach. This means that data is stored in its original form, and the schema is applied at the time of data retrieval or analysis. This flexibility allows users to apply different schemas and interpretations to the same dataset based on their analytical needs.

In summary, ONE DL provides a flexible and scalable platform for storing, managing, and analyzing diverse data types at scale. By leveraging a schema-on-read approach and supporting various analytics tools, ONES DL facilitate advanced data analytics and enable organizations to derive valuable insights from their data assets. However, proper governance, security, and metadata management are crucial to ensure the usability, reliability, and integrity of data lakes.

ONES Application

Overview

Below are the primary components of ONES Application

ONES Telemetry Collector(s) for Network Visibility
ONES Rule Engine
ONES Orchestrator for Fabric Configuration
ONES Supportability
ONES Security
ONE DL (DataLake)

ONES Time Scale Metric Calculation

Overview

ONES Agent pushes all the telemetry at every 20 seconds to the ONES Collector, so DB will have the values of every 20sec, Further as per time series selection ONES-UI plots the Graph with different average values.

Below are the Average values Calculated by ONES-UI as per Time-Scale:

ONES Orchestration

Why do we need Network Orchestration?

Orchestration refers to tasks or actions required to achieve a set of objectives for your Network Infrastructure operations

A centralized application like ONES translates these objectives into a network configuration template, applies and monitors to validate the operational efficiency and functionality

Automated tasks are performed on your Network Fabric in a purposeful order and each step is verified for success before moving to the next

ONES Security

ONES is a support application for SONiC stack. It is designed for customer's engineering team such as SRE’s, HW and SW engineering teams for their daily network diagnosis and troubleshooting needs. In addition to that ONES exposes the API to integrate with external tools or customer homegrown applications.

This section describes how ONES authenticates users and secures communication.

Features

ONES Support

RBAC: Role-Based Access Control

Secure Access to the Application

ONES application provides HTTPs over standard port 443 supporting both self-signed and CA signed certificates.

HTTPS Support CA Signed
HTTPS Self Signed

Secure Access to the switch*

ONES utilizes gRPC infrastructure to communicate with switch agents. TLS (Transport Layer Security) is the primary security protocol used by gRPC to secure communication between the client and the server. TLS provides authentication, confidentiality, and integrity of data. Authentication is achieved using digital certificates, which verify the identity of the client and the server.

With an added extra layer of security, ONESv2.1 support Certificate based communication between switches and ONES Controller, and all the metrics will be streamed using the certificate-based encryption

Agent Based Deployment with TLS certificate

Transport Layer Security (TLS) is a crucial protocol that ensures secure communication between ONES Controller and Agent, Whenever Agent will register to ONES server and further it will start sending the update it will encapsulate all the metrics and will do the encryption based on certificate provided at the time of installation, by using this all the communication will be encrypted between ONES agent and ONES controller TLS relies on digital certificates issued by trusted Certificate Authorities (CAs) to authenticate servers and sometimes clients. These certificates validate the identity of the entities involved in the communication and establish trust in the encrypted connection.

What's new?

ONES Package

Installation Allow user to add DataLake end point
Agent installation Allow user to add one more controller IP without reinstallation of ONES-Agent

ONES UI

New Topology Page with more filters
Device SSD Details
- Temperature
- Health

ONES Telemetry

SSD Resource Check
- Temperature
- Health
- Memory

ONES Orchestration

Yaml Config Illustrator
Multivendor SONiC Support
Improved Session Management
Seamless Copy-Paste Functionality

ONES Rule-Engine

SSD Temperature
SSD Health
SSD Memory
Device Down

ONE DL 1.0.0

Integration of Splunk
Integration of Amazon S3

Subscription

ONES provides the following subscriptions to manage and monitor the devices.

Subscription Type

Details

Support up to 8 devices

Support up to 16 devices

Support up to 32 devices

SONiC Trail License
SONiC Support
SONiC NetOps (Includes SONiC Support)

For Trail License Engineer needs to contact to AVIZ support Team.

ONES Installation

Installation Pre-requisites

Installation Overview

ONES Installation follows the below steps in the order sequence of:

License Readiness
Preparing and Installing ONES Application machine
Installing ONES Agents on SONiC Switches for Orchestrator and Telemetry
Enabling OpenConfig on non-SONiC Switches for Telemetry

License Readiness

After installation of ONES application user needs to contact AVIZ support to generate a trail license, trail license works for 8 devices and upto 30 days a customer can use.

ONES Application License (As per device count)

Trail license support feature

Telemetry Visibility (Monitor, inventory, analytics)
Add/remove Non-SONiC devices via YAML or CSV
Support (Zendesk)- Ability to open a ticket with inventory dump
Syslog access, Console/SSH access for device

To obtain a license, contact support@aviznetworks.com providing the below details;

License Duration - In Years (1-5)
Devices Count - 8, 16, 32, 64, 128, 256, 512 or 1024
ONES installation ID
Email ID: (For Account creation)

Users can get the ONES installation ID on the ONES-UI Login page after the installation

System Hardware Requirements – ONES Application

In the current release, ONES can support managing up to 1024 devices. For ONES Application Installation, the system hardware requirements vary based on the number of devices to manage;

Devices

Processor and Cores

RAM

Storage

System Software Requirements - ONES Application

Libraries

Task

Command

Validation

ONES Application package will take care of this prerequisite at the time of installation, Package verify the availability of the dependencies first then execute the application scripts

Note* Script do not take care about the update to latest version of ubuntu

Customer Firewall Configuration (Ports to be opened)

Ports to be open from Agent(Source) to ONES controller(Destination)

These ports has to be enable on ONES Controller

ONES Service

Port Numbers

Ports to be open from ONES controller(source) to Agent(Destination)

These ports has to be enable on Device(Switch)

ONES Service

Port Numbers

Ports to be open on ONES Server for ONES Services

ONES Service

Port Numbers

Ports to be open for HTTPS Access

HTTPS port has to be enable if a firewall is present in between User-machine and ONES-Controller

ONES Service

Port Numbers

These port numbers should be available to use and all ports must be allowed in the firewall if the Database server and devices are in the different DMZ zone

sudo iptables -L // This command can be used to verify the used ports

Network Switch (Managed Node) Configuration Requirement

SSH is enabled
Network Reachability from ONES Application
OpenConfig feature is enabled (for non-SONiC Switches)

Browser Requirements for ONES Web User Interface access

Google Chrome version 107 or later
Mozilla Firefox version 106 or later

ONE-DL cloud Deployment

Using this section user can install ONES-DL backend AWS

Provisioning an EC2 Instance

AWS EC2 Instance Sizing for Event Ingestion

For efficient event ingestion, it's crucial to select the right EC2 instance type based on your event volume:

CISCO NXOS (GRPC)

CISCO NXOS support its own way to stream telemetry data using GRPC, we can enable GRPC and can get offered metrics from the device

Enable GRPC

switch-1# configure terminal
switch-1(config)#
switch-1# feature grpc
switch-1(config)#
switch(config)# grpc use-vrf default

GRPC Verification

Show run GRPC

GRPC Service Statistics

GRPC Summary

Supported Telemetry

VMware ONES Deployment

Download OVA Package

Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal
Login to

KVM ONES Deployment

QCOW Deployment

Download Qcow2 Package

Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal
Login to with your account credentials
Click on the Downloads section, under ONES, click to download ONES Release 2.1
Copy ONES Release 2.1 package (qcow2) to KVM Hypervisor Server

Create the VM using GUI App virt-manager

If your host server has Ubuntu Desktop and virt-manager installed you can use it to deploy the VM. Make sure you can start the Virtual Machine Manager and that it connects successfully to the local hypervisor.

Creating a VM with virt-manager is very straightforward, Use the following steps to deploy the ONES-Application

File -> New Virtual Machine -> Import existing disk image -> Forward

Now the ONES Application is ready to use

Create the VM using QEMU (XML configuration)

Create an XML configuration file from the following template using vi

Create a Linux bridge configuration file (bridged-network.xml) for libvirt from the following template

Define the Linux bridge for the VM

Start the VM

If you see a permission error run the virsh command with sudo may fix the issue

Check the VM status

Credentials to access ONES QCOW2 VM

ONES Web GUI Administration

ONES User Interface - Features

SONiC Devices use auto-discovery
Non-SONiC devices needs to add using YAML editor or using CSV file

Open Networking Enterprise Suite (ONES)

Introduction and Overview

Data Center Inventory
Network State
Platform and System Health
Control and Data Plane resource Utilisation

ONES monitors various control and data plane metrics to provide these insights.

Rule Engine

ONESv2.1 application has the capability to trigger notifications via Slack app notifications when certain user-defined threshold values are breached.

Let's see the different types of rule engine metrics for specific Entity/features in a data centre environment

CPU and Memory Utilisation
Fan and PSU LED status
Traffic Bandwidth
ASIC Routes

ONES Orchestration

BGP as a routing protocol including BGP-unnumbered
Symmetric/Asymmetric IRB
BGP Peering with PO
L2/L3 MC-LAG

ONES orchestration not only configures the fabric but also make sure the Fabric is operational by doing verifying the configuration at every stage.

ONES provides north bound API access for configurations originating from external orchestration tools.

Data Lake

Here are key components and characteristics of a ONE DL.

Storage of Diverse Data Types: A data lake can store various types of data, including structured data (like relational databases), semi-structured data (like JSON, XML), and unstructured data (like documents, images, videos). This flexibility allows organizations to ingest and store data from different sources without the need for extensive preprocessing.
Scalable and Cost-Effective Storage: Data lakes are typically built on scalable storage systems, such as cloud-based object storage (e.g., Amazon S3, Azure Data Lake Storage) or Splunk . These systems can efficiently handle large volumes of data and offer cost-effective storage solutions.
Schema-on-Read Approach: In contrast to traditional data warehouses that use a schema-on-write approach (where data must be structured and conform to a predefined schema before storage), data lakes adopt a schema-on-read approach. This means that data is stored in its original form, and the schema is applied at the time of data retrieval or analysis. This flexibility allows users to apply different schemas and interpretations to the same dataset based on their analytical needs.

aviz@aviz % ssh -i ones-dl-qa.pem ubuntu@34.215.5.89
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 6.2.0-1018-aws x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/pro

  System information as of Thu Mar  7 06:17:12 UTC 2024

  System load:  0.01513671875      Processes:                224
  Usage of /:   1.0% of 247.92GB   Users logged in:          1
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218
~
".env" 7L, 323B                                                                                                                                     1,1           All
  Memory usage: 0%                 IPv4 address for docker0: 172.17.0.1
  Swap usage:   0%                 IPv4 address for ens5:    172.31.28.5


Expanded Security Maintenance for Applications is not enabled.

39 updates can be applied immediately.
25 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable

7 additional security updates can be applied with ESM Apps.
Learn more about enabling ESM Apps service at https://ubuntu.com/esm


Last login: Thu Mar  7 06:10:37 2024 from 18.237.140.163
ubuntu@ip-172-31-28-5:~$
ubuntu@ip-172-31-28-5:~$ pwd
/home/ubuntu
ubuntu@ip-172-31-28-5:~$ cd ONES-DL-CLOUD/
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ pwd
/home/ubuntu/ONES-DL-CLOUD
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ls
one-dl.tar.gz
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ tar -xvf one-dl.tar.gz
docker-compose.yml
one-dl-multitenant-installer.sh
.env
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ vi .env
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cat .env
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cp .env .env-backup
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cat .env-backup
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ls
docker-compose.yml  one-dl-multitenant-installer.sh  one-dl.tar.gz

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ./one-dl-multitenant-installer.sh
SHELL=/bin/bash
REGION=us-west-2
KAFKA_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
PWD=/home/ubuntu/ONES-DL-CLOUD
LOGNAME=ubuntu
XDG_SESSION_TYPE=tty
SCHEMA_REGISTRY_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
MOTD_SHOWN=pam
HOME=/home/ubuntu
LANG=C.UTF-8
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
VPC_ID=vpc-09a64a3439e9c1022
LC_TERMINAL=iTerm2
SSH_CONNECTION=43.224.130.156 61180 172.31.28.5 22
LESSCLOSE=/usr/bin/lesspipe %s %s
XDG_SESSION_CLASS=user
TERM=xterm-256color
LESSOPEN=| /usr/bin/lesspipe %s
USER=ubuntu
SG_ID=sg-04c3752b777d8f77e
LC_TERMINAL_VERSION=3.4.16
SHLVL=2
XDG_SESSION_ID=5
LC_CTYPE=C.UTF-8
XDG_RUNTIME_DIR=/run/user/1000
SSH_CLIENT=43.224.130.156 61180 22
XDG_DATA_DIRS=/usr/local/share:/usr/share:/var/lib/snapd/desktop
ZOOKEEPER_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
INSTANCE_ID=i-01300eb6edb18273b
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
SSH_TTY=/dev/pts/1
OLDPWD=/home/ubuntu
_=/usr/bin/env
us-west-2 i-01300eb6edb18273b vpc-09a64a3439e9c1022 sg-04c3752b777d8f77e
Error response from daemon: No such container: zookeeper
Error response from daemon: No such container: kafka
Error response from daemon: No such container: schema-registry
Error response from daemon: No such container: kafka-connect
Error response from daemon: No such container: zookeeper
Error response from daemon: No such container: kafka
Error response from daemon: No such container: schema-registry
Error response from daemon: No such container: kafka-connect
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-07f887d736a7c773c",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 29092,
            "ToPort": 29092,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-0d446cf43dbf8c55a",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 9092,
            "ToPort": 9092,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-08d752b5cbfea8b1c",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 2181,
            "ToPort": 2181,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-058962812f2650b4e",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8083,
            "ToPort": 8083,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-03a801549ac17a74d",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8081,
            "ToPort": 8081,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-01ae4abe9d99c0086",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8181,
            "ToPort": 8181,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
[+] Running 10/10
 ✔ zookeeper 9 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                                         5.1s
   ✔ 23828d760c7b Pull complete                                                                                                                                  0.6s
   ✔ e2670537dceb Pull complete                                                                                                                                  0.5s
   ✔ 3c059ccfa418 Pull complete                                                                                                                                  0.6s
   ✔ a23d33d59f2a Pull complete                                                                                                                                  0.7s
   ✔ 842a648f5439 Pull complete                                                                                                                                  0.9s
   ✔ 278244c5561f Pull complete                                                                                                                                  0.9s
   ✔ 0ab51e87b8dc Pull complete                                                                                                                                  1.0s
   ✔ 26ff518a75d1 Pull complete                                                                                                                                  1.4s
   ✔ 050c7bc3a5c4 Pull complete                                                                                                                                  1.1s
[+] Running 1/1
 ✔ Container zookeeper  Started                                                                                                                                  4.2s
[+] Running 12/12
 ✔ kafka 11 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                                          9.4s
   ✔ fe36fc382320 Pull complete                                                                                                                                  0.7s
   ✔ 4250354b4fb7 Pull complete                                                                                                                                  2.1s
   ✔ c4c5f447179d Pull complete                                                                                                                                  0.3s
   ✔ 17fe3a92262f Pull complete                                                                                                                                  0.6s
   ✔ 5420596c14ab Pull complete                                                                                                                                  1.1s
   ✔ 0e55377ebe37 Pull complete                                                                                                                                  0.9s
   ✔ da7039bb2113 Pull complete                                                                                                                                  1.1s
   ✔ d389b3791c2e Pull complete                                                                                                                                  1.4s
   ✔ c24709eccb2a Pull complete                                                                                                                                  1.4s
   ✔ ad79ffd84e00 Pull complete                                                                                                                                  2.4s
   ✔ 218229bf30d9 Pull complete                                                                                                                                  1.7s
[+] Running 1/1
 ✔ Container kafka  Started                                                                                                                                      5.7s
[+] Running 12/12
 ✔ schema-registry 11 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                               17.9s
   ✔ fe36fc382320 Already exists                                                                                                                                 0.0s
   ✔ 4250354b4fb7 Already exists                                                                                                                                 0.0s
   ✔ c4c5f447179d Already exists                                                                                                                                 0.0s
   ✔ 17fe3a92262f Already exists                                                                                                                                 0.0s
   ✔ 5420596c14ab Already exists                                                                                                                                 0.0s
   ✔ 0e55377ebe37 Already exists                                                                                                                                 0.0s
   ✔ da7039bb2113 Already exists                                                                                                                                 0.0s
   ✔ d389b3791c2e Already exists                                                                                                                                 0.0s
   ✔ c24709eccb2a Already exists                                                                                                                                 0.0s
   ✔ e69ded016b1a Pull complete                                                                                                                                  8.9s
   ✔ 83e8ec805f43 Pull complete                                                                                                                                  0.3s
[+] Running 1/1
 ✔ Container schema-registry  Started                                                                                                                           18.7s
[+] Running 21/21
 ✔ kafka-connect 20 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                        18.1s
   ✔ a49367d57626 Pull complete                                                                                                                                  0.7s
   ✔ eeec2f37f4a0 Pull complete                                                                                                                                  2.8s
   ✔ ae805807db54 Pull complete                                                                                                                                  1.4s
   ✔ c553584e96cc Pull complete                                                                                                                                  1.1s
   ✔ 28769e081b94 Pull complete                                                                                                                                  2.4s
   ✔ 151cf144f79d Pull complete                                                                                                                                  1.9s
   ✔ 04292bb11042 Pull complete                                                                                                                                  2.3s
   ✔ c2e0c70921ea Pull complete                                                                                                                                  2.7s
   ✔ e8d7f71a6ca4 Pull complete                                                                                                                                  2.9s
   ✔ eb27eb7b8f05 Pull complete                                                                                                                                  4.7s
   ✔ 9bb8b7d5f6a0 Pull complete                                                                                                                                  3.3s
   ✔ 302eaef771e0 Pull complete                                                                                                                                 11.7s
   ✔ 1d0d5b44b6f1 Pull complete                                                                                                                                  3.8s
   ✔ 22df7873ee50 Pull complete                                                                                                                                  4.4s
   ✔ 4f4fb700ef54 Pull complete                                                                                                                                  4.7s
   ✔ 972adc085ab6 Pull complete                                                                                                                                  7.0s
   ✔ c4f994822767 Pull complete                                                                                                                                  6.1s
   ✔ 70547799762d Pull complete                                                                                                                                  7.0s
   ✔ 3f0c034e271c Pull complete                                                                                                                                  7.5s
   ✔ b6195a937e7b Pull complete                                                                                                                                  7.7s
[+] Running 1/1
 ✔ Container kafka-connect  Started                                                                                                                              4.6s
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ sudo su
root@ip-172-31-28-5:/home/ubuntu/ONES-DL-CLOUD# docker ps
CONTAINER ID   IMAGE                             COMMAND                  CREATED              STATUS                             PORTS     NAMES
ab8aa46cc746   avizdock/kafka-connect:latest     "/etc/confluent/dock…"   28 seconds ago       Up 23 seconds (health: starting)             kafka-connect
346522f4baf5   confluentinc/cp-schema-registry   "/etc/confluent/dock…"   About a minute ago   Up About a minute                            schema-registry
23c50c44bc5b   confluentinc/cp-kafka:latest      "/etc/confluent/dock…"   2 minutes ago        Up 2 minutes                                 kafka
633eba10034d   zookeeper                         "/docker-entrypoint.…"   3 minutes ago        Up 3 minutes                                 zookeeper
root@ip-172-31-28-5:/home/ubuntu/ONES-DL-CLOUD#

aviz@aviz % ssh -i ones-dl-qa.pem ubuntu@34.215.5.89
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 6.2.0-1018-aws x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/pro

  System information as of Thu Mar  7 06:17:12 UTC 2024

  System load:  0.01513671875      Processes:                224
  Usage of /:   1.0% of 247.92GB   Users logged in:          1
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218
~
".env" 7L, 323B                                                                                                                                     1,1           All
  Memory usage: 0%                 IPv4 address for docker0: 172.17.0.1
  Swap usage:   0%                 IPv4 address for ens5:    172.31.28.5


Expanded Security Maintenance for Applications is not enabled.

39 updates can be applied immediately.
25 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable

7 additional security updates can be applied with ESM Apps.
Learn more about enabling ESM Apps service at https://ubuntu.com/esm


Last login: Thu Mar  7 06:10:37 2024 from 18.237.140.163
ubuntu@ip-172-31-28-5:~$
ubuntu@ip-172-31-28-5:~$ pwd
/home/ubuntu
ubuntu@ip-172-31-28-5:~$ cd ONES-DL-CLOUD/
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ pwd
/home/ubuntu/ONES-DL-CLOUD
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ls
one-dl.tar.gz
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ tar -xvf one-dl.tar.gz
docker-compose.yml
one-dl-multitenant-installer.sh
.env
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ vi .env
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cat .env
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cp .env .env-backup
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ cat .env-backup
ZOOKEEPER_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
KAFKA_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
SCHEMA_REGISTRY_SERVER_VALUE=ec2-35-93-19-159.us-west-2.compute.amazonaws.com
INSTANCE_ID=i-06e36f82c35173cc9
VPC_ID=vpc-09a64a3439e9c1022
REGION=us-west-2
SG_ID=sg-0057cdb5b97e1d218

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ls
docker-compose.yml  one-dl-multitenant-installer.sh  one-dl.tar.gz

ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ ./one-dl-multitenant-installer.sh
SHELL=/bin/bash
REGION=us-west-2
KAFKA_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
PWD=/home/ubuntu/ONES-DL-CLOUD
LOGNAME=ubuntu
XDG_SESSION_TYPE=tty
SCHEMA_REGISTRY_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
MOTD_SHOWN=pam
HOME=/home/ubuntu
LANG=C.UTF-8
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:
VPC_ID=vpc-09a64a3439e9c1022
LC_TERMINAL=iTerm2
SSH_CONNECTION=43.224.130.156 61180 172.31.28.5 22
LESSCLOSE=/usr/bin/lesspipe %s %s
XDG_SESSION_CLASS=user
TERM=xterm-256color
LESSOPEN=| /usr/bin/lesspipe %s
USER=ubuntu
SG_ID=sg-04c3752b777d8f77e
LC_TERMINAL_VERSION=3.4.16
SHLVL=2
XDG_SESSION_ID=5
LC_CTYPE=C.UTF-8
XDG_RUNTIME_DIR=/run/user/1000
SSH_CLIENT=43.224.130.156 61180 22
XDG_DATA_DIRS=/usr/local/share:/usr/share:/var/lib/snapd/desktop
ZOOKEEPER_SERVER_VALUE=ec2-34-215-5-89.us-west-2.compute.amazonaws.com
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
INSTANCE_ID=i-01300eb6edb18273b
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
SSH_TTY=/dev/pts/1
OLDPWD=/home/ubuntu
_=/usr/bin/env
us-west-2 i-01300eb6edb18273b vpc-09a64a3439e9c1022 sg-04c3752b777d8f77e
Error response from daemon: No such container: zookeeper
Error response from daemon: No such container: kafka
Error response from daemon: No such container: schema-registry
Error response from daemon: No such container: kafka-connect
Error response from daemon: No such container: zookeeper
Error response from daemon: No such container: kafka
Error response from daemon: No such container: schema-registry
Error response from daemon: No such container: kafka-connect
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-07f887d736a7c773c",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 29092,
            "ToPort": 29092,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-0d446cf43dbf8c55a",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 9092,
            "ToPort": 9092,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-08d752b5cbfea8b1c",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 2181,
            "ToPort": 2181,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-058962812f2650b4e",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8083,
            "ToPort": 8083,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-03a801549ac17a74d",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8081,
            "ToPort": 8081,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
{
    "Return": true,
    "SecurityGroupRules": [
        {
            "SecurityGroupRuleId": "sgr-01ae4abe9d99c0086",
            "GroupId": "sg-04c3752b777d8f77e",
            "GroupOwnerId": "259789323334",
            "IsEgress": false,
            "IpProtocol": "tcp",
            "FromPort": 8181,
            "ToPort": 8181,
            "CidrIpv4": "0.0.0.0/0"
        }
    ]
}
[+] Running 10/10
 ✔ zookeeper 9 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                                         5.1s
   ✔ 23828d760c7b Pull complete                                                                                                                                  0.6s
   ✔ e2670537dceb Pull complete                                                                                                                                  0.5s
   ✔ 3c059ccfa418 Pull complete                                                                                                                                  0.6s
   ✔ a23d33d59f2a Pull complete                                                                                                                                  0.7s
   ✔ 842a648f5439 Pull complete                                                                                                                                  0.9s
   ✔ 278244c5561f Pull complete                                                                                                                                  0.9s
   ✔ 0ab51e87b8dc Pull complete                                                                                                                                  1.0s
   ✔ 26ff518a75d1 Pull complete                                                                                                                                  1.4s
   ✔ 050c7bc3a5c4 Pull complete                                                                                                                                  1.1s
[+] Running 1/1
 ✔ Container zookeeper  Started                                                                                                                                  4.2s
[+] Running 12/12
 ✔ kafka 11 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                                          9.4s
   ✔ fe36fc382320 Pull complete                                                                                                                                  0.7s
   ✔ 4250354b4fb7 Pull complete                                                                                                                                  2.1s
   ✔ c4c5f447179d Pull complete                                                                                                                                  0.3s
   ✔ 17fe3a92262f Pull complete                                                                                                                                  0.6s
   ✔ 5420596c14ab Pull complete                                                                                                                                  1.1s
   ✔ 0e55377ebe37 Pull complete                                                                                                                                  0.9s
   ✔ da7039bb2113 Pull complete                                                                                                                                  1.1s
   ✔ d389b3791c2e Pull complete                                                                                                                                  1.4s
   ✔ c24709eccb2a Pull complete                                                                                                                                  1.4s
   ✔ ad79ffd84e00 Pull complete                                                                                                                                  2.4s
   ✔ 218229bf30d9 Pull complete                                                                                                                                  1.7s
[+] Running 1/1
 ✔ Container kafka  Started                                                                                                                                      5.7s
[+] Running 12/12
 ✔ schema-registry 11 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                               17.9s
   ✔ fe36fc382320 Already exists                                                                                                                                 0.0s
   ✔ 4250354b4fb7 Already exists                                                                                                                                 0.0s
   ✔ c4c5f447179d Already exists                                                                                                                                 0.0s
   ✔ 17fe3a92262f Already exists                                                                                                                                 0.0s
   ✔ 5420596c14ab Already exists                                                                                                                                 0.0s
   ✔ 0e55377ebe37 Already exists                                                                                                                                 0.0s
   ✔ da7039bb2113 Already exists                                                                                                                                 0.0s
   ✔ d389b3791c2e Already exists                                                                                                                                 0.0s
   ✔ c24709eccb2a Already exists                                                                                                                                 0.0s
   ✔ e69ded016b1a Pull complete                                                                                                                                  8.9s
   ✔ 83e8ec805f43 Pull complete                                                                                                                                  0.3s
[+] Running 1/1
 ✔ Container schema-registry  Started                                                                                                                           18.7s
[+] Running 21/21
 ✔ kafka-connect 20 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                                        18.1s
   ✔ a49367d57626 Pull complete                                                                                                                                  0.7s
   ✔ eeec2f37f4a0 Pull complete                                                                                                                                  2.8s
   ✔ ae805807db54 Pull complete                                                                                                                                  1.4s
   ✔ c553584e96cc Pull complete                                                                                                                                  1.1s
   ✔ 28769e081b94 Pull complete                                                                                                                                  2.4s
   ✔ 151cf144f79d Pull complete                                                                                                                                  1.9s
   ✔ 04292bb11042 Pull complete                                                                                                                                  2.3s
   ✔ c2e0c70921ea Pull complete                                                                                                                                  2.7s
   ✔ e8d7f71a6ca4 Pull complete                                                                                                                                  2.9s
   ✔ eb27eb7b8f05 Pull complete                                                                                                                                  4.7s
   ✔ 9bb8b7d5f6a0 Pull complete                                                                                                                                  3.3s
   ✔ 302eaef771e0 Pull complete                                                                                                                                 11.7s
   ✔ 1d0d5b44b6f1 Pull complete                                                                                                                                  3.8s
   ✔ 22df7873ee50 Pull complete                                                                                                                                  4.4s
   ✔ 4f4fb700ef54 Pull complete                                                                                                                                  4.7s
   ✔ 972adc085ab6 Pull complete                                                                                                                                  7.0s
   ✔ c4f994822767 Pull complete                                                                                                                                  6.1s
   ✔ 70547799762d Pull complete                                                                                                                                  7.0s
   ✔ 3f0c034e271c Pull complete                                                                                                                                  7.5s
   ✔ b6195a937e7b Pull complete                                                                                                                                  7.7s
[+] Running 1/1
 ✔ Container kafka-connect  Started                                                                                                                              4.6s
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$
ubuntu@ip-172-31-28-5:~/ONES-DL-CLOUD$ sudo su
root@ip-172-31-28-5:/home/ubuntu/ONES-DL-CLOUD# docker ps
CONTAINER ID   IMAGE                             COMMAND                  CREATED              STATUS                             PORTS     NAMES
ab8aa46cc746   avizdock/kafka-connect:latest     "/etc/confluent/dock…"   28 seconds ago       Up 23 seconds (health: starting)             kafka-connect
346522f4baf5   confluentinc/cp-schema-registry   "/etc/confluent/dock…"   About a minute ago   Up About a minute                            schema-registry
23c50c44bc5b   confluentinc/cp-kafka:latest      "/etc/confluent/dock…"   2 minutes ago        Up 2 minutes                                 kafka
633eba10034d   zookeeper                         "/docker-entrypoint.…"   3 minutes ago        Up 3 minutes                                 zookeeper
root@ip-172-31-28-5:/home/ubuntu/ONES-DL-CLOUD#

Devices

This section explains how users can add/manage/remove the devices using ONES.

Devices

Navigate to Inventory >> Devices

Using this tab, user can:
- Onboard the non-sonic(Agent-Less) device to the application using Add devices
- Syslogs capture
- Upgrade the device using Custom Upgrade

The user needs to make sure, The devices have a unique name, otherwise, there will issue while plotting the full topology view(Topology Page).

Sonic Devices

Agent-based devices auto-discover the ONES-App and get registered automatically on the ONES Inventory page

Add Non-Sonic Devices

To Onboard the Agent-Less devices user needs to add them manually
- Navigate to Inventory

This page gives the control to onboard the devices with two options
1. Add Devices using the YAML Editor
2. Upload the CSV file containing the device list

The movement user chooses CSV upload, then the YAML Editor will be disabled

1. Add Devices using YAML

Click on Add Devices
Upload Device Inventory using YAML Editor
Navigate to Inventory >> Devices >> Add Devices >> Use YAML

To Identify the device type user needs to mention the platform

Device Type

Cumulus: cumulus
Arista: arista
Cisco: cisco-nxos
SONiC: sonic

For SONiC-based devices, the user can also leave the type field empty

Make sure to use the correct indentation for the YAML files

Click Save & Apply
ONES Application is now ready to manage the added devices

2. Add devices using CSV

Click on Add Devices
Upload Device Inventory using CSV File
Navigate to Inventory >> Devices >> Add Devices >> Use CSV
Use the below format to add devices to the application

Select CVS file to Upload >> Choose CSV file containing devices entry >>

Upload & Add

Feature Set

Role / Region: Shows the device roles and regions
SKU / ASIC: Shows the device hardware SKU and ASIC vendor
Port / Max Speed
- Shows the number of ports per device and max port speed on the device

PSUs / Fans: Shows the total number of Power supplies and Fans present on a particular device
NOS Image: Shows the details of the network operating system running on the device and when it was last updated
ONIE Version: Shows which ONIE version is running on the device and when the last reboot time of the device
Agent Version / Network OS: Shows the agent version running on the device and the current active OS version on the device

Remove Devices from the ONES Application

Navigate to Inventory >> Devices >> Remove Devices

Choose the devices to be removed & confirm

once the user clicks on confirm, the Inventory page will remove the device

If the devices are agent-based they will get added again after some time, if the user wants to remove the agent-based devices, then the user needs to uninstall the agent from the device

Now the selected devices have been removed from the ONES application

Custom Upgrade

This feature gives the control to upgrade the device to the new version

An HTTP image link is required to use the custom upgrade

Select any of the devices to upgrade to the new version

Click on Custom Upgrade

put the new Image URL and then Submit

It will show the status as In Progress

HTTP image URL should be accessible

This image will be downloaded to the device and configured as the next boot image and devices will be reloaded

Once the device comes up with the new image, the ONES application will install Telemetry and Fabric manager agent

when we upgrade any device that will be locked to do any further changes after a successful upgrade user can again use the same device for another task

Once the image is loaded, the ONES application will show the last image details and time stamp

Upgrade via ZTP

Using this page a user can directly upgrade the box

Select any of the devices to upgrade via ZTP

Click on Upgrade via ZTP

Click on Yes

when we upgrade any device that will be locked to do any further changes, after a successful upgrade user can again use the same device for another task

Reboot Device

Here we will see how we can reboot a device using
We have the option to choose one or multiple devices at a time to reboot
Choose one of the devices that we want to reboot

Click on Reboot
Click on Yes

While rebooting the device, the device will be locked to do any other task, once the reboot is successful, the lock will be removed and the user can take any new action

ONES Orchestration

This section explains how large data centers can be designed seamlessly using ONES.

Configuring Devices

Most fabric orchestration solutions available today are complex and often difficult to understand. ONES provides simple and effective tools, such as predefined templates (YAML file), to configure data centers at scale. ONES allows a customized way of configuring devices that includes enhancements to the standard configuration.

Configuration Commands:

Save Config:
Copy to File:
Restore Config: //If needed only

Speed config for the Host Facing port should be updated before Orchestration if there is any change in the default speed config.

Ex: Interface speed is 25G, but you can use it with 10G Transceiver. In such cases, user needs to update speed.

Configuration Commands:

Save Config:
Copy to File:
Restore Config: //If needed only

You need to provide the following inputs to configure the devices:

Device Details

Username - Device User-Name

Management IP - Device IP for management

Device Credentials - Login admin user-name & password with write permission

BGP ASN (Autonomous System Number)

Local AS number - Local BGP AS number a user wants to use

Subnet Details

IPv4 Subnet - IPv4 address range a user wants to use in the domain

IPv4 Loopback - IPv4 address range to use on the devices only for the loopback address

IPv6 Subnet - IPv6 address range a user wants to use in the domain

Connectivity

Link connectivity between (SuperSpine, Spine, Leaf & TOR)

Link Type (Access Trunk)

Layer-2 / Layer3 - interface type

MCLAG Details

VLAN - VLAN to b used for interfaces

PO Group - PortChannel number to be used to bundle the interface

Keepalive VLAN - VLAN a user wants to use to send keepalive messages

VRF number - VRF number to be used for MC-LAG

Host Interface

L2 Access & VLAN - Host facing interface with Access port & VLAN allocation

L2 Trunk & VLAN - Host facing interface with trunk port & VLAN allocation

L3 - Host facing interface with Layer 3 properties

Network Service Address

NTP server - NTP server a user wants to add

Syslog - Syslog server IP address

SNMP - SNMP Server address a user wants to add

VXLAN

VLAN Range - VLAN range a user wants to use for VXLAN Ex. 200-205

VNI Range - VNI range a user wants to use for VXLAN Ex.20000-20005

Any-Cast Gateway - Any-cast Gateway Subnet

Host Per Vlan - Allocation of Host per VLAN

IRB VLAN Range - IRB VLAN is a separate input and should not overlap with VXLAN VNI

IRB VNI Range - IRB VNI is separate input and should not overlap with VXLAN VNI

ONES requires a minimal set of information from the users to configure the devices. The tool is simple to use and allows to configure a large number of devices simultaneously.

Configuration Overview

This section explains the device configuration procedures, that gets applied seamlessly across the entire fabric

Navigate to Configurations >> Devices

Click on the Configure Devices button in the top right corner. This opens a new screen with a sample device configuration. You can edit the configurations directly in the UI to make the desired changes. You can also download the sample YAML file by clicking on Download YAML button, provided at the bottom of the above screen, make new changes and upload the YAML file using Upload YAML button.

A detailed explanation of all the intend fields

Inventory: Specify how many devices you want to add in any particular role - Super Spine, Spine, Leaf, and ToR.

Connectivity: Specify the parameters required to establish link connectivity such as:

Device switch ID: unique ID for every device, required to correctly render the topology
Switch name: hostname of the device
IP address: management address of the device
Autonomous System Number (ASN)

BGP: Specify if you want to enable regular BGP peering or BGP unnumbered peering.

PhysicalIfCfg: Enable or disable FEC and change the MTU settings on all the links being configured.

ASN: Assign a BGP ASN (Autonomous System Number) from the specified pool. Dynamic assigning ASN will be implemented in ONES release 2.0. For release 1.0, you need to specify the ASN under the device configuration, as shown in the sample YAML file.

IPv4Pool: Assign IP pools to different subnets. ONES automatically divides the subnets according to the number of available links.

ONES application uses IPv4 subnets for:

Interfaces
Loopbacks
Host interfaces
To configure BGP neighborship

IPv6Pool: Assign IPv6 subnet.

ONES application uses:

IPv6 subnet for interfaces
Subnets to configure BGP neighborship
Automatically advertise these subnets in BGP

Note* IPv6 loopback is not supported

NTP: Provide the NTP server address, to enable NTP. You can choose your desired timezone.

Supported Time Zone

Africa/Abidjan

Africa/Accra

Africa/Addis_Ababa

Africa/Algiers

Africa/Asmara

Africa/Asmera

Africa/Bamako

Africa/Bangui

SYSLOG: Provide the SYSLOG server address, to enable SYSLOG.

SNMP: Provide the SNMP server address, to enable SNMP.

Parameters: Provide user the ability to enable VXLAN and related Parameters.

Creating Configuration

Navigate to Configurations >> Devices >> Configure Devices

Applying Configuration

Click on Apply Configs button in the bottom right corner of the above screen, to push the configs across the entire fabric.

ONES provides real-time updates when the devices are being configured and validates the configurations automatically to ensure the network is ready to use.

You will see the below screen, after the configurations are successfully verified:

FRR config Issue

With Few versions of FRR, when user gives reboot, existing config is erased and default config is pushed to FRR. This will lead to missing the configuration for users. below is the workaround config in this situation

Go inside BGP Container & Open docker_init.sh
Look for "Split" Keyword & Comment out the statemets inside that with if conditions
Add a new line which writes Service integrated in vtysh.conf

Various fields shown in the top right corner of the above slide are explained below:

Connect

Configuration Page allows a user to connect to the device using console access or using SSH method too.

Navigate >> Configurations >> Devices >> Connect

User can choose SSH or console option to access the device.

Console Logs

Console Logs show the exact configuration loaded on the device and the overview of the config loaded as per YAML & Derived Host IP Range can be viewed from the "Derived_Config:" section

Navigate >> Configurations >> Devices >> Console Logs

Click on the Console Log of the device

Config

This section describes the configuration feature of ONES using which you can check the applied and running configurations.

Navigate >> Configurations >> Devices >> Config

Click on Config

Compare Configuration

This section describes the compare configuration feature of ONES using which you can compare the applied and running configurations.

Navigate >> Configurations >> Devices >> Compare Configs

Compare Config

This page allows the user to compare applied configurations to the running configuration of a selected device.

The user should select only one device from the list and perform 'Compare Config' on this page, it may take several minutes to fetch the running configuration from the device

YAML Editor will appear with two windows comparing applied and running configurations as depicted in the below picture

The difference in configuration is highlighted with colour coding in the respective window of the configuration

Backup & Configuration

This Section describe the use of Backup & Restore Configuration across all the managed devices

Navigate >> Configurations >> Devices >> Backup & Restore Configs

Using this feature, a user will be able to take multiple backups and will be able to restore the backup at any time.

Taking a Backup

Select Backup & Restore Configs

Give a Tag Name to the device & Select the device, the device you want to take a backup config
Submit the task

Once submitted the config will backup with the given name & can be used to restore the config at any time in future

Restoring a Backup

Select Backup & Restore Configs
Select Restore Config

Click on the drop-down button of the device on which the user wants to restore the config

Select the backup a user wants to restore from the Backups Available list
Then Submit the backup & Click on Yes to confirm

Open Networking Enterprise Suite (ONES)

Introduction and Overview

Rule Engine

ONES Orchestration

Data Lake

Here are key components and characteristics of a ONE DL.

ONES Application

Overview

ONES Time Scale Metric Calculation

Overview

Below are the Average values Calculated by ONES-UI as per Time-Scale:

ONES Orchestration

Why do we need Network Orchestration?

ONES Security

This section describes how ONES authenticates users and secures communication.

RBAC: Role-Based Access Control

Secure Access to the Application

Secure Access to the switch*

Agent Based Deployment with TLS certificate

What's new?

ONES Package

ONES UI

ONES Telemetry

ONES Orchestration

ONES Rule-Engine

ONE DL 1.0.0

Subscription

ONES Installation

Installation Pre-requisites

Installation Overview

License Readiness

Trail license support feature

System Hardware Requirements – ONES Application

System Software Requirements - ONES Application

Customer Firewall Configuration (Ports to be opened)

Ports to be open from Agent(Source) to ONES controller(Destination)

Ports to be open from ONES controller(source) to Agent(Destination)

Ports to be open on ONES Server for ONES Services

Ports to be open for HTTPS Access

Network Switch (Managed Node) Configuration Requirement

Browser Requirements for ONES Web User Interface access

ONE-DL cloud Deployment

Provisioning an EC2 Instance

AWS EC2 Instance Sizing for Event Ingestion

CISCO NXOS (GRPC)

Enable GRPC

GRPC Verification

Show run GRPC

GRPC Service Statistics

GRPC Summary

Supported Telemetry

VMware ONES Deployment

Download OVA Package

KVM ONES Deployment

QCOW Deployment

Download Qcow2 Package

Create the VM using GUI App virt-manager

Create the VM using QEMU (XML configuration)

Credentials to access ONES QCOW2 VM

ONES Web GUI Administration

ONES User Interface - Features

ONES Application

Overview

ONES Time Scale Metric Calculation

Overview

Below are the Average values Calculated by ONES-UI as per Time-Scale:

ONES Orchestration

Why do we need Network Orchestration?

FMCLI

Fabric Manager CLI

NetOps API

Few Operations can be done By NetOps API

Open Networking Enterprise Suite (ONES)

Introduction and Overview

Rule Engine

ONES Orchestration

Data Lake

Here are key components and characteristics of a ONE DL.

ONES Security

This section describes how ONES authenticates users and secures communication.