odl文档总结

concepts and tools

1. To date, OpenDaylight developers have formed more than 50 projects to address ways to extend network functionality.（已形成50多个项目，来解决扩展网络功能的方法）
2. Apache Karaf provides a lightweight runtime to install the Karaf features you want to implement and is included in the OpenDaylight platform software. By default, OpenDaylight has no pre-installed features.（轻量级的安装部件karaf）
3. Model-Driven Service Abstraction Layer (MD-SAL) is the OpenDaylight framework that allows developers to create new Karaf features in the form of services and protocol drivers and connects them to one another.（md-sal是框架，可以允许开发者用服务和协议驱动的方式来创建新的karaf功能，并连接他们）

MD-SAL 2 components:

a) A shared datastore that maintains the following tree-based structures:（维护以下树状结构的可分享数据存储）

The Config Datastore, which maintains a representation of the desired network state.

The Operational Datastore, which is a representation of the actual network state based on data from the managed network elements.
(配置数据存储，和操作数据存储）

b) A message bus that provides a way for the various services and protocol drivers to notify and communicate with one another.（消息总线，提供为各种服务协议实现通知和互相通信的方式）

4. If you’re interacting with OpenDaylight through the REST APIs while using the OpenDaylight interfaces, the microservices architecture allows you to select available services, protocols, and REST APIs.（微服务架构允许选择可用的服务协议和REST API）

installing opendaylight

before installing:
Java Runtime Environment (JRE) and operating system information Target environment Known issues and limitations.

setting up clustering

clustering: enables multiple processes and programs to work together as one entity.

advantages:

1. scaling(扩展功能): 多个opendaylight实例运行下比一个实例can potentially do more work and store more data.
   break up your data into smaller chunks (shards) and either distribute that data across the cluster.(打碎与分散数据)
2. high availability: 一个崩溃，其他正常运行
3. data persistence: 手动重启或崩溃，不会丢失数据

overview of opendaylight security

high-level security advantages of OpenDaylight.

1. Separating the control and management planes from the data plane (both logically and, in many cases, physically) allows possible security threats to be forced into a smaller attack surface.(控制、管理与数据平面分离，将安全威胁强制转入小的攻击面上)

2. Having centralized information and network control gives network administrators more visibility and control over the entire network, enabling them to make better decisions faster. At the same time, centralization of network control can be an advantage only if access to that control is secure.(集中的信息网络控制，只有当访问控制是安全的才成为优势)

3. The ability to more rapidly evolve southbound protocols and how they are used provides more and faster mechanisms to enact appropriate security mitigations and remediations.(更快发展与使用南向接口协议的能力，提供更多机制建立合适的安全缓解机制与补救措施)

4. OpenDaylight is built from OSGi bundles and the Karaf Java container. Both Karaf and OSGi provide some level of isolation with explicit code boundaries, package imports, package exports, and other security-related features.(建立在OGSi与Karaf java容器上，二者提供了一定程度的分离，包括代码分离，程序包导入导出，其他安全功能)

5. OpenDaylight has a history of rapidly addressing known vulnerabilities and a well-defined process for reporting and dealing with them.(odl具有解决已知漏洞的历史，并具有处理这些漏洞的明确定义的过程)