blob: bc1f622f3bbb8849a3bcc49d385fee5e056b8ec4 [file] [log] [blame]
Aleš Komáreka3314b22017-04-11 13:46:06 +02001====================
2OpenContrail Formula
3====================
Filip Pytloun27930402015-10-06 16:28:32 +02004
Jakub Pavlik01fe5372016-05-20 11:23:28 +02005Contrail Controller is an open, standards-based software solution that
6delivers network virtualization and service automation for federated cloud
7networks. It provides self-service provisioning, improves network
8troubleshooting and diagnostics, and enables service chaining for dynamic
9application environments across enterprise virtual private cloud (VPC),
10managed Infrastructure as a Service (IaaS), and Networks Functions
11Virtualization (NFV) use cases.
Filip Pytloun27930402015-10-06 16:28:32 +020012
Jiri Konecny463dee52016-03-03 11:08:46 +010013
Petr Michalec579e64d2017-03-24 12:54:29 +010014Package source
15==============
Aleš Komáreka3314b22017-04-11 13:46:06 +020016
Petr Michalec579e64d2017-03-24 12:54:29 +010017Formula support OpenContrail as well as Juniper Contrail package repository in the backend.
18
19Differences withing the configuration and state run are controlled by
20``opencontrail.common.vendor: [opencontrail|juniper]`` pillar attribute.
21
22Default value is set to ``opencontrail``.
23
24Juniper releases tested with this formula:
25 - 3.0.2.x
26
27To use Juniper Contrail repository as a source of packages override pillar as in this example:
28
29.. code-block:: yaml
30
31 opencontrail:
32 common:
33 vendor: juniper
34
35
Aleš Komáreka3314b22017-04-11 13:46:06 +020036Sample Pillars
Filip Pytloun27930402015-10-06 16:28:32 +020037==============
38
Jiri Konecny463dee52016-03-03 11:08:46 +010039Controller nodes
40----------------
41
42There are several scenarios for OpenContrail control plane.
43
44All-in-one single
45~~~~~~~~~~~~~~~~~
46
47Config, control, analytics, database, web -- altogether on one node.
48
49.. code-block:: yaml
50
51 opencontrail:
52 common:
53 version: 2.2
54 source:
55 engine: pkg
56 address: http://mirror.robotice.cz/contrail-havana/
57 identity:
58 engine: keystone
59 host: 127.0.0.1
60 port: 35357
61 token: token
62 password: password
63 network:
64 engine: neutron
65 host: 127.0.0.1
66 port: 9696
67 config:
68 version: 2.2
69 enabled: true
70 network:
71 engine: neutron
72 host: 127.0.0.1
73 port: 9696
74 discovery:
75 host: 127.0.0.1
76 analytics:
77 host: 127.0.0.1
78 bind:
79 address: 127.0.0.1
80 message_queue:
81 engine: rabbitmq
82 host: 127.0.0.1
83 port: 5672
84 database:
85 members:
86 - host: 127.0.0.1
87 port: 9160
88 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +020089 members:
90 - host: 127.0.0.1
91 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +010092 identity:
93 engine: keystone
94 version: '2.0'
95 region: RegionOne
96 host: 127.0.0.1
97 port: 35357
98 user: admin
99 password: password
100 token: token
101 tenant: admin
102 members:
103 - host: 127.0.0.1
104 id: 1
Dmitry Stremkovskiy841fee32017-09-01 18:08:41 +0300105 rootlogger: "INFO, CONSOLE"
Jiri Konecny463dee52016-03-03 11:08:46 +0100106 control:
107 version: 2.2
108 enabled: true
109 bind:
110 address: 127.0.0.1
111 discovery:
112 host: 127.0.0.1
113 master:
114 host: 127.0.0.1
115 members:
116 - host: 127.0.0.1
117 id: 1
118 collector:
119 version: 2.2
120 enabled: true
121 bind:
122 address: 127.0.0.1
123 master:
124 host: 127.0.0.1
125 discovery:
126 host: 127.0.0.1
127 data_ttl: 2
128 database:
129 members:
130 - host: 127.0.0.1
131 port: 9160
132 database:
133 version: 2.2
134 cassandra:
135 version: 2
136 enabled: true
137 minimum_disk: 10
138 name: 'Contrail'
139 original_token: 0
Dmitry Stremkovskiy2a079c72017-07-12 23:11:18 +0300140 compaction_throughput_mb_per_sec: 16
Dmitry Stremkovskiy71b310a2017-08-11 20:39:11 +0300141 concurrent_compactors: 1
Jiri Konecny463dee52016-03-03 11:08:46 +0100142 data_dirs:
143 - /var/lib/cassandra
144 id: 1
145 discovery:
146 host: 127.0.0.1
147 bind:
148 host: 127.0.0.1
149 port: 9042
150 rpc_port: 9160
151 members:
152 - host: 127.0.0.1
153 id: 1
154 web:
155 version: 2.2
156 enabled: True
157 bind:
158 address: 127.0.0.1
159 analytics:
160 host: 127.0.0.1
161 master:
162 host: 127.0.0.1
163 cache:
164 engine: redis
165 host: 127.0.0.1
166 port: 6379
167 members:
168 - host: 127.0.0.1
169 id: 1
170 identity:
171 engine: keystone
172 version: '2.0'
173 host: 127.0.0.1
174 port: 35357
175 user: admin
176 password: password
177 token: token
178 tenant: admin
179
180
181All-in-one cluster
182~~~~~~~~~~~~~~~~~~
183
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200184Config, control, analytics, database, web -- altogether, clustered on multiple
185nodes.
Jiri Konecny463dee52016-03-03 11:08:46 +0100186
187.. code-block:: yaml
188
189 opencontrail:
190 common:
191 version: 2.2
192 source:
193 engine: pkg
194 address: http://mirror.robotice.cz/contrail-havana/
195 identity:
196 engine: keystone
197 host: 127.0.0.1
198 port: 35357
199 token: token
200 password: password
201 network:
202 engine: neutron
203 host: 127.0.0.1
204 port: 9696
205 config:
206 version: 2.2
207 enabled: true
208 network:
209 engine: neutron
210 host: 127.0.0.1
211 port: 9696
212 discovery:
213 host: 127.0.0.1
214 analytics:
215 host: 127.0.0.1
216 bind:
217 address: 127.0.0.1
218 message_queue:
219 engine: rabbitmq
220 host: 127.0.0.1
221 port: 5672
222 database:
223 members:
224 - host: 127.0.0.1
225 port: 9160
226 - host: 127.0.0.1
227 port: 9160
228 - host: 127.0.0.1
229 port: 9160
230 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200231 members:
232 - host: 127.0.0.1
233 port: 11211
234 - host: 127.0.0.1
235 port: 11211
236 - host: 127.0.0.1
237 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100238 identity:
239 engine: keystone
240 version: '2.0'
241 region: RegionOne
242 host: 127.0.0.1
243 port: 35357
244 user: admin
245 password: password
246 token: token
247 tenant: admin
248 members:
249 - host: 127.0.0.1
250 id: 1
251 - host: 127.0.0.1
252 id: 2
253 - host: 127.0.0.1
254 id: 3
255 control:
256 version: 2.2
257 enabled: true
258 bind:
259 address: 127.0.0.1
260 discovery:
261 host: 127.0.0.1
262 master:
263 host: 127.0.0.1
264 members:
265 - host: 127.0.0.1
266 id: 1
267 - host: 127.0.0.1
268 id: 2
269 - host: 127.0.0.1
270 id: 3
271 collector:
272 version: 2.2
273 enabled: true
274 bind:
275 address: 127.0.0.1
276 master:
277 host: 127.0.0.1
278 discovery:
279 host: 127.0.0.1
280 data_ttl: 1
281 database:
282 members:
283 - host: 127.0.0.1
284 port: 9160
285 - host: 127.0.0.1
286 port: 9160
287 - host: 127.0.0.1
288 port: 9160
289 database:
290 version: 2.2
291 cassandra:
292 version: 2
293 enabled: true
294 name: 'Contrail'
295 minimum_disk: 10
296 original_token: 0
297 data_dirs:
298 - /var/lib/cassandra
299 id: 1
300 discovery:
301 host: 127.0.0.1
302 bind:
303 host: 127.0.0.1
304 port: 9042
305 rpc_port: 9160
306 members:
307 - host: 127.0.0.1
308 id: 1
309 - host: 127.0.0.1
310 id: 2
311 - host: 127.0.0.1
312 id: 3
313 web:
314 version: 2.2
315 enabled: True
316 bind:
317 address: 127.0.0.1
318 master:
319 host: 127.0.0.1
320 analytics:
321 host: 127.0.0.1
322 cache:
323 engine: redis
324 host: 127.0.0.1
325 port: 6379
326 members:
327 - host: 127.0.0.1
328 id: 1
329 - host: 127.0.0.1
330 id: 2
331 - host: 127.0.0.1
332 id: 3
333 identity:
334 engine: keystone
335 version: '2.0'
336 host: 127.0.0.1
337 port: 35357
338 user: admin
339 password: password
340 token: token
341 tenant: admin
342
343
344Separated analytics from control and config
345~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
346
347Config, control, database, web.
348
349.. code-block:: yaml
350
351 opencontrail:
352 common:
353 version: 2.2
354 identity:
355 engine: keystone
356 host: 127.0.0.1
357 port: 35357
358 token: token
359 password: password
360 network:
361 engine: neutron
362 host: 127.0.0.1
363 port: 9696
364 config:
365 version: 2.2
366 enabled: true
367 network:
368 engine: neutron
369 host: 127.0.0.1
370 port: 9696
371 discovery:
372 host: 127.0.0.1
373 analytics:
374 host: 127.0.0.1
375 bind:
376 address: 127.0.0.1
377 message_queue:
378 engine: rabbitmq
379 host: 127.0.0.1
380 port: 5672
381 database:
382 members:
383 - host: 127.0.0.1
384 port: 9160
385 - host: 127.0.0.1
386 port: 9160
387 - host: 127.0.0.1
388 port: 9160
389 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200390 members:
391 - host: 127.0.0.1
392 port: 11211
393 - host: 127.0.0.1
394 port: 11211
395 - host: 127.0.0.1
396 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100397 identity:
398 engine: keystone
399 version: '2.0'
400 region: RegionOne
401 host: 127.0.0.1
402 port: 35357
403 user: admin
404 password: password
405 token: token
406 tenant: admin
407 members:
408 - host: 127.0.0.1
409 id: 1
410 - host: 127.0.0.1
411 id: 2
412 - host: 127.0.0.1
413 id: 3
414 control:
415 version: 2.2
416 enabled: true
417 bind:
418 address: 127.0.0.1
419 discovery:
420 host: 127.0.0.1
421 master:
422 host: 127.0.0.1
423 members:
424 - host: 127.0.0.1
425 id: 1
426 - host: 127.0.0.1
427 id: 2
428 - host: 127.0.0.1
429 id: 3
430 database:
431 version: 127.0.0.1
432 cassandra:
433 version: 2
434 enabled: true
435 name: 'Contrail'
436 minimum_disk: 10
437 original_token: 0
438 data_dirs:
439 - /var/lib/cassandra
440 id: 1
441 discovery:
442 host: 127.0.0.1
443 bind:
444 host: 127.0.0.1
445 port: 9042
446 rpc_port: 9160
447 members:
448 - host: 127.0.0.1
449 id: 1
450 - host: 127.0.0.1
451 id: 2
452 - host: 127.0.0.1
453 id: 3
454 web:
455 version: 2.2
456 enabled: True
457 bind:
458 address: 127.0.0.1
459 analytics:
460 host: 127.0.0.1
461 master:
462 host: 127.0.0.1
463 cache:
464 engine: redis
465 host: 127.0.0.1
466 port: 6379
467 members:
468 - host: 127.0.0.1
469 id: 1
470 - host: 127.0.0.1
471 id: 2
472 - host: 127.0.0.1
473 id: 3
474 identity:
475 engine: keystone
476 version: '2.0'
477 host: 127.0.0.1
478 port: 35357
479 user: admin
480 password: password
481 token: token
482 tenant: admin
483
Jiri Konecny463dee52016-03-03 11:08:46 +0100484Analytic nodes
Jiri Konecny463dee52016-03-03 11:08:46 +0100485
486Analytics and database on an analytic node(s)
487
488.. code-block:: yaml
489
490 opencontrail:
491 common:
492 version: 2.2
493 identity:
494 engine: keystone
495 host: 127.0.0.1
496 port: 35357
497 token: token
498 password: password
499 network:
500 engine: neutron
501 host: 127.0.0.1
502 port: 9696
503 collector:
504 version: 2.2
505 enabled: true
506 bind:
507 address: 127.0.0.1
508 master:
509 host: 127.0.0.1
510 discovery:
511 host: 127.0.0.1
512 data_ttl: 1
513 database:
514 members:
515 - host: 127.0.0.1
516 port: 9160
517 - host: 127.0.0.1
518 port: 9160
519 - host: 127.0.0.1
520 port: 9160
521 database:
522 version: 2.2
523 cassandra:
524 version: 2
525 enabled: true
526 name: 'Contrail'
527 minimum_disk: 10
528 original_token: 0
529 data_dirs:
530 - /var/lib/cassandra
531 id: 1
532 discovery:
533 host: 127.0.0.1
534 bind:
535 host: 127.0.0.1
536 port: 9042
537 rpc_port: 9160
538 members:
539 - host: 127.0.0.1
540 id: 1
541 - host: 127.0.0.1
542 id: 2
543 - host: 127.0.0.1
544 id: 3
545
546
547Compute nodes
Aleš Komáreka3314b22017-04-11 13:46:06 +0200548-------------
Jiri Konecny463dee52016-03-03 11:08:46 +0100549
550Vrouter configuration on a compute node(s)
551
552.. code-block:: yaml
553
554 opencontrail:
555 common:
556 version: 2.2
557 identity:
558 engine: keystone
559 host: 127.0.0.1
560 port: 35357
561 token: token
562 password: password
563 network:
564 engine: neutron
565 host: 127.0.0.1
566 port: 9696
567 compute:
568 version: 2.2
569 enabled: True
Dmitry Stremkovskiy0cb5c562017-07-26 00:32:51 +0300570 hostname: node-12.domain.tld
Jiri Konecny463dee52016-03-03 11:08:46 +0100571 discovery:
572 host: 127.0.0.1
573 interface:
574 address: 127.0.0.1
575 dev: eth0
576 gateway: 127.0.0.1
577 mask: /24
578 dns: 127.0.0.1
579 mtu: 9000
580
Petr Jediný5f3008a2017-07-31 15:04:05 +0200581
582Compute nodes with gateway_mode
583-------------------------------
584
585Gateway mode: can be server/ vcpe (default is none)
586
587.. code-block:: yaml
588
589 opencontrail:
590 compute:
591 gateway_mode: server
592
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300593TSN nodes
594---------
595
596Configure TSN nodes
597
598.. code-block:: yaml
599
600 opencontrail:
601 compute:
602 enabled: true
603 tor:
604 enabled: true
605 bind:
606 port: 8086
607 agent:
608 tor01:
609 id: 0
610 port: 6632
611 host: 127.0.0.1
612 address: 127.0.0.1
613
Petr Jediný5f3008a2017-07-31 15:04:05 +0200614
Andreyeff77ac2017-08-25 12:14:06 -0500615Set up metadata secret for the Vrouter
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200616--------------------------------------
Andreyeff77ac2017-08-25 12:14:06 -0500617
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200618In order to get cloud-init within the instance to properly fetch
Andreyeff77ac2017-08-25 12:14:06 -0500619instance metadata, metadata_proxy_secret in the Vrouter agent config
620should match the value in nova.conf. The administrator should define
621it in the pillar:
622
623.. code-block:: yaml
624
625 opencontrail:
626 compute:
627 metadata:
628 secret: opencontrail
629
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200630Add auth info for Barbican on compute nodes
631-------------------------------------------
632
633.. code-block:: yaml
634
635 opencontrail:
636 compute:
637 lbaas:
638 enabled: true
639 secret_manager:
640 engine: barbican
641 identity:
642 user: admin
643 password: "supersecretpassword123"
644 tenant: admin
645
646
Jakub Pavlik735005f2016-02-26 15:54:53 +0100647Keystone v3
Aleš Komáreka3314b22017-04-11 13:46:06 +0200648-----------
Jakub Pavlik735005f2016-02-26 15:54:53 +0100649
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200650To enable support for keystone v3 in opencontrail, there must be defined
651version for config and web role.
Jakub Pavlik735005f2016-02-26 15:54:53 +0100652
653.. code-block:: yaml
654
655 opencontrail:
656 config:
657 version: 2.2
658 enabled: true
659 ...
660 identity:
661 engine: keystone
662 version: '3'
663 ...
664
665 opencontrail:
666 web:
667 version: 2.2
668 enabled: true
669 ...
670 identity:
671 engine: keystone
672 version: '3'
673 ...
674
marco10cc2212016-04-03 14:21:54 +0200675Without Keystone
676----------------
677
678.. code-block:: yaml
679
680 opencontrail:
681 ...
682 common:
683 ...
684 identity:
685 engine: none
686 token: none
687 password: none
688 ...
689 config:
690 ...
691 identity:
692 engine: none
693 password: none
694 token: none
695 ...
696 web:
697 ...
698 identity:
699 engine: none
700 password: none
701 token: none
702 ...
marcof5461712016-04-04 20:49:36 +0200703
Aleš Komáreka3314b22017-04-11 13:46:06 +0200704Kubernetes support
705------------------
706
marcof5461712016-04-04 20:49:36 +0200707Kubernetes vrouter nodes
marcof5461712016-04-04 20:49:36 +0200708
709Vrouter configuration on a kubernetes node(s)
710
711.. code-block:: yaml
712
713 opencontrail:
714 ...
715 compute:
716 engine: kubernetes
717 ...
718
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100719vRouter with separated control plane
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100720
721Separate XMPP traffic from dataplane interface.
722
723.. code-block:: yaml
724
725 opencontrail:
726 compute:
727 bind:
728 address: 172.16.0.50
729 ...
730
Petr Jediný439fab32017-07-10 14:33:09 +0200731Override RPF default in Contrail API
732------------------------------------
733
734From MCP1.1 with OpenContrail >= 3.1.1 you can override RPF default for newly
735created virtual networks. This can be useful for usecases like running
736Calico and K8S in overlay. The `override_rpf_default_by` has valid values
737`disable`, `enable`. If not defined, the configuration fallbacks to Contrail
738default - currently `enable`.
739
740.. code-block:: yaml
741
742 opencontrail:
743 ...
744 config:
745 override_rpf_default_by: 'disable'
746 ...
747
Petr Jediný01c18822017-11-15 12:30:53 +0100748Cassandra GC logging
749--------------------
750
751From Contrail version 3 you can set a way you want to handle Cassandra GC logs.
752The behavior is controlled by `cassandra_gc_logging`. Valid values are
753'rotation' (default), 'legacy' and false.
754
755- 'rotation' is supported by JDK 6u34 7u2 or later and handles rotation of log
756files automatically.
757- 'legacy' is a way to support older JDKs and you will need to handle logs by
758other means. This can be handled for example by using
759`- service.opencontrail.database.cassandra_log_cleanup` in your reclass model.
760- false will disable the cassandra gc logging
761
762.. code-block:: yaml
763
764 opencontrail:
765 ...
766 database:
767 cassandra_gc_logging: false
768 ...
769
Petr Jediný439fab32017-07-10 14:33:09 +0200770
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200771Disable Contrail API authentication
772-----------------------------------
773
Petr Jediný78e6f422017-06-01 13:24:49 +0200774Contrail version must >= 3.0. It is useful especially for Keystone v3.
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200775
776.. code-block:: yaml
777
778 opencontrail:
779 ...
780 config:
781 multi_tenancy: false
782 ...
783
Petr Jediný78e6f422017-06-01 13:24:49 +0200784Switch from on demand to periodic keystone sync
785-----------------------------------------------
786
787This can be useful when you want to sync projects from OpenStack to Contrail
788automatically. The period of sync is 60s.
789
790.. code-block:: yaml
791
792 opencontrail:
793 ...
794 config:
795 identity:
796 sync_on_demand: false
797 ...
798
marco2502e052016-05-31 22:53:54 +0200799Cassandra listen interface
Petr Jedinýffbe2082017-03-07 00:56:47 +0100800--------------------------
marco2502e052016-05-31 22:53:54 +0200801
802.. code-block:: yaml
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300803
marco2502e052016-05-31 22:53:54 +0200804 database:
805 ....
806 bind:
807 interface: eth0
808 port: 9042
809 rpc_port: 9160
810 ....
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200811
Petr Jedinýffbe2082017-03-07 00:56:47 +0100812OpenContrail WebUI version >= 3.1.1
813-----------------------------------
Petr Jediný78e6f422017-06-01 13:24:49 +0200814For OpenContrail version >= 3.1.1 and Cassandra >= 2.1 we should override WebUI's cassandra port from 9160 to 9042.
Petr Jedinýffbe2082017-03-07 00:56:47 +0100815
816For appropriate node at class level:
817
818.. code-block:: yaml
Aleš Komáreka3314b22017-04-11 13:46:06 +0200819
Petr Jedinýffbe2082017-03-07 00:56:47 +0100820 opencontrail:
821 ....
822 web:
823 database:
824 port: 9042
825 ....
826
827
Jakub Pavlik9a4de012016-12-14 13:23:55 +0100828RabbitMQ HA hosts
829------------------
830
831.. code-block:: yaml
832
833 opencontrail:
834 config:
835 message_queue:
836 engine: rabbitmq
837 members:
838 - host: 10.0.16.1
839 - host: 10.0.16.2
840 - host: 10.0.16.3
841 port: 5672
842
843.. code-block:: yaml
844
845 database:
846 ....
847 bind:
848 interface: eth0
849 port: 9042
850 rpc_port: 9160
851 ....
852
Jakub Pavlike3590062017-02-20 23:32:57 +0100853DPDK vRouter
854-------------
855
856.. code-block:: yaml
857
858 opencontrail:
859 compute:
860 dpdk:
861 enabled: true
Jakub Pavlik54761d82017-03-08 11:22:37 +0100862 taskset: "0x0000003C00003C"
863 socket_mem: "1024,1024"
Jakub Pavlike3590062017-02-20 23:32:57 +0100864 interface:
865 mac_address: 90:e2:ba:7c:22:e1
866 pci: 0000:81:00.1
867 ...
868
Ales Komarekad46d2e2017-03-09 17:16:38 +0100869Contrail client
870---------------
871
872Basic parameters with identity and host configs
873
Petr Jediný78e6f422017-06-01 13:24:49 +0200874.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100875
876 opencontrail:
877 client:
878 identity:
879 user: admin
880 project: admin
881 password: adminpass
882 host: keystone_host
883 config:
884 host: contrail_api_host
885 port: contrail_api_ort
886
887Enforcing virtual routers
888
Petr Jediný78e6f422017-06-01 13:24:49 +0200889.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100890
891 opencontrail:
892 client:
893 ...
894 virtual_router:
895 cmp01:
896 ip_address: 172.16.0.11
897 dpdk_enabled: True
898 cmp02:
899 ip_address: 172.16.0.12
900 dpdk_enabled: True
901
Pavel Svimbersky13cda442017-09-14 14:46:13 +0200902Enforcing global vrouter config
903
904.. code-block:: yaml
905
906 opencontrail:
907 client:
908 ...
909 global_vrouter_config:
910 name: global-vrouter-config
911 parent_type: global-system-config
912 encap_priority: "MPLSoUDP,MPLSoGRE"
913 vxlan_vn_id_mode: automatic
914 fq_names:
915 - 'default-global-system-config'
916 - 'default-global-vrouter-config'
917
Ales Komarekad46d2e2017-03-09 17:16:38 +0100918Enforcing control nodes
919
Petr Jediný78e6f422017-06-01 13:24:49 +0200920.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100921
922 opencontrail:
923 client:
924 ...
925 bgp_router:
926 ntw01:
927 type: control-node
928 ip_address: 172.16.0.11
929 nwt02:
930 type: control-node
931 ip_address: 172.16.0.12
932 nwt03:
933 type: control-node
934 ip_address: 172.16.0.13
935
936
937Enforcing edge BGP routers
938
Petr Jediný78e6f422017-06-01 13:24:49 +0200939.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100940
941 opencontrail:
942 client:
943 ...
944 bgp_router:
945 mx01:
946 type: router
947 ip_address: 172.16.0.21
948 asn: 64512
949 mx02:
950 type: router
951 ip_address: 172.16.0.22
952 asn: 64512
953
954Enforcing config nodes
955
Petr Jediný78e6f422017-06-01 13:24:49 +0200956.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100957
958 opencontrail:
959 client:
960 ...
961 config_node:
962 ctl01:
963 ip_address: 172.16.0.21
964 ctl02:
965 ip_address: 172.16.0.22
966
967Enforcing database nodes
968
Petr Jediný78e6f422017-06-01 13:24:49 +0200969.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100970
971 opencontrail:
972 client:
973 ...
974 database_node:
975 ntw01:
976 ip_address: 172.16.0.21
977 ntw02:
978 ip_address: 172.16.0.22
979
980Enforcing analytics nodes
981
Petr Jediný78e6f422017-06-01 13:24:49 +0200982.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100983
984 opencontrail:
985 client:
986 ...
987 analytics_node:
988 nal01:
989 ip_address: 172.16.0.31
990 nal02:
991 ip_address: 172.16.0.32
992
Petr Jediný5f3efe32017-05-26 17:55:09 +0200993Enforcing Link Local Services
994
995.. code-block:: yaml
996
997 opencontrail:
998 client:
999 ...
1000 linklocal_service:
1001 # example with dns name address (only one permited)
1002 meta1:
1003 lls_ip: 10.0.0.23
1004 lls_port: 80
1005 ipf_addresses: "meta.example.com"
1006 ipf_port: 80
1007 # example with multiple ip addresses
1008 meta2:
1009 lls_ip: 10.0.0.23
1010 lls_port: 80
1011 ipf_addresses:
1012 - 10.10.10.10
1013 - 10.20.20.20
1014 - 10.30.30.30
1015 ipf_port: 80
1016 # example with one ip address
1017 meta3:
1018 lls_ip: 10.0.0.23
1019 lls_port: 80
1020 ipf_addresses:
1021 - 10.10.10.10
1022 ipf_port: 80
1023 # example with name override
1024 lls_meta4:
1025 name: meta4
1026 lls_ip: 10.0.0.23
1027 lls_port: 80
1028 ipf_addresses:
1029 - 10.10.10.10
1030 ipf_port: 80
1031
Vasyl Saienkob10b7202017-09-05 14:19:03 +03001032Enforcing physical routers
1033
1034.. code-block:: yaml
1035
1036 opencontrail:
1037 client:
1038 ...
1039 physical_router:
1040 router1:
1041 name: router1
1042 dataplane_ip: 1.2.3.4
1043 management_ip: 1.2.3.4
1044 vendor_name: ovs
1045 product_name: ovs
1046 agents:
1047 - tsn0-0
1048 - tsn0
1049
1050Enforcing physical/logical interfaces for routers
1051
1052
1053.. code-block:: yaml
1054
1055 opencontrail
1056 client:
1057 ...
1058 physical_router:
1059 router1:
1060 ...
1061 interface:
1062 port1:
1063 name: port1
1064 logical_interface:
1065 port1_l:
1066 name: 'port1.0'
1067 vlan_tag: 0
1068 interface_type: L2
1069 virtual_machine_interface:
1070 port1_port:
1071 name: port1_port
1072 ip_address: 192.168.90.107
1073 mac_address: '2e:92:a8:af:c2:21'
1074 security_group: 'default'
1075 virtual_network: 'virtual-network'
1076
Ales Komarekad46d2e2017-03-09 17:16:38 +01001077
Filip Pytloun27930402015-10-06 16:28:32 +02001078Usage
1079=====
1080
1081Basic installation
Ales Komarekad46d2e2017-03-09 17:16:38 +01001082------------------
Filip Pytloun27930402015-10-06 16:28:32 +02001083
1084Add control BGP
Ales Komarekad46d2e2017-03-09 17:16:38 +01001085
1086.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001087
1088 python /etc/contrail/provision_control.py --api_server_ip 192.168.1.11 --api_server_port 8082 --host_name network1.contrail.domain.com --host_ip 192.168.1.11 --router_asn 64512
1089
Ales Komarekad46d2e2017-03-09 17:16:38 +01001090Install compute node
Filip Pytloun27930402015-10-06 16:28:32 +02001091
Ales Komarekad46d2e2017-03-09 17:16:38 +01001092.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001093
1094 yum install contrail-vrouter contrail-openstack-vrouter
1095
1096 salt-call state.sls nova,opencontrail
1097
1098Add virtual router
Filip Pytloun27930402015-10-06 16:28:32 +02001099
Ales Komarekad46d2e2017-03-09 17:16:38 +01001100.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001101
1102 python /etc/contrail/provision_vrouter.py --host_name hostnode1.intra.domain.com --host_ip 10.0.100.101 --api_server_ip 10.0.100.30 --oper add --admin_user admin --admin_password cloudlab --admin_tenant_name admin
1103
1104 /etc/sysconfig/network-scripts/ifcfg-bond0 -- comment GATEWAY,NETMASK,IPADDR
1105
1106 reboot
1107
Aleš Komáreka3314b22017-04-11 13:46:06 +02001108Debugging
1109---------
Filip Pytloun27930402015-10-06 16:28:32 +02001110
1111Display vhost XMPP connection status
1112
1113You should see the correct controller_ip and state should be established.
1114
1115 http://<compute-node>:8085/Snh_AgentXmppConnectionStatusReq?
1116
1117Display vrouter interface status
1118
1119When vrf_name = ---ERROR--- then something goes wrong
1120
1121 http://<compute-node>:8085/Snh_ItfReq?name=
1122
1123Display IF MAP table
1124
Vasyl Saienkob10b7202017-09-05 14:19:03 +03001125Look for neighbours, if VM has 2, it's ok
Filip Pytloun27930402015-10-06 16:28:32 +02001126
1127 http://<control-node>:8083/Snh_IFMapTableShowReq?table_name=
1128
1129Trace XMPP requests
1130
1131 http://<compute-node>:8085/Snh_SandeshTraceRequest?x=XmppMessageTrace
1132
Filip Pytlounf6b79d42017-02-02 13:02:03 +01001133
1134Documentation and Bugs
1135======================
1136
1137To learn how to install and update salt-formulas, consult the documentation
1138available online at:
1139
1140 http://salt-formulas.readthedocs.io/
1141
1142In the unfortunate event that bugs are discovered, they should be reported to
1143the appropriate issue tracker. Use Github issue tracker for specific salt
1144formula:
1145
1146 https://github.com/salt-formulas/salt-formula-opencontrail/issues
1147
1148For feature requests, bug reports or blueprints affecting entire ecosystem,
1149use Launchpad salt-formulas project:
1150
1151 https://launchpad.net/salt-formulas
1152
1153You can also join salt-formulas-users team and subscribe to mailing list:
1154
1155 https://launchpad.net/~salt-formulas-users
1156
1157Developers wishing to work on the salt-formulas projects should always base
1158their work on master branch and submit pull request against specific formula.
1159
1160 https://github.com/salt-formulas/salt-formula-opencontrail
1161
1162Any questions or feedback is always welcome so feel free to join our IRC
1163channel:
1164
1165 #salt-formulas @ irc.freenode.net