blob: 4ab05bb84d8c5aee180891360ac12b762abb1f9f [file] [log] [blame]
Aleš Komáreka3314b22017-04-11 13:46:06 +02001====================
2OpenContrail Formula
3====================
Filip Pytloun27930402015-10-06 16:28:32 +02004
Jakub Pavlik01fe5372016-05-20 11:23:28 +02005Contrail Controller is an open, standards-based software solution that
6delivers network virtualization and service automation for federated cloud
7networks. It provides self-service provisioning, improves network
8troubleshooting and diagnostics, and enables service chaining for dynamic
9application environments across enterprise virtual private cloud (VPC),
10managed Infrastructure as a Service (IaaS), and Networks Functions
11Virtualization (NFV) use cases.
Filip Pytloun27930402015-10-06 16:28:32 +020012
Jiri Konecny463dee52016-03-03 11:08:46 +010013
Petr Michalec579e64d2017-03-24 12:54:29 +010014Package source
15==============
Aleš Komáreka3314b22017-04-11 13:46:06 +020016
Petr Michalec579e64d2017-03-24 12:54:29 +010017Formula support OpenContrail as well as Juniper Contrail package repository in the backend.
18
19Differences withing the configuration and state run are controlled by
20``opencontrail.common.vendor: [opencontrail|juniper]`` pillar attribute.
21
22Default value is set to ``opencontrail``.
23
24Juniper releases tested with this formula:
25 - 3.0.2.x
26
27To use Juniper Contrail repository as a source of packages override pillar as in this example:
28
29.. code-block:: yaml
30
31 opencontrail:
32 common:
33 vendor: juniper
34
35
Aleš Komáreka3314b22017-04-11 13:46:06 +020036Sample Pillars
Filip Pytloun27930402015-10-06 16:28:32 +020037==============
38
Jiri Konecny463dee52016-03-03 11:08:46 +010039Controller nodes
40----------------
41
42There are several scenarios for OpenContrail control plane.
43
44All-in-one single
45~~~~~~~~~~~~~~~~~
46
47Config, control, analytics, database, web -- altogether on one node.
48
49.. code-block:: yaml
50
51 opencontrail:
52 common:
53 version: 2.2
54 source:
55 engine: pkg
56 address: http://mirror.robotice.cz/contrail-havana/
57 identity:
58 engine: keystone
ibumarskov57563252019-04-16 00:15:00 +040059 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +010060 host: 127.0.0.1
61 port: 35357
62 token: token
63 password: password
64 network:
65 engine: neutron
66 host: 127.0.0.1
67 port: 9696
68 config:
69 version: 2.2
70 enabled: true
71 network:
72 engine: neutron
73 host: 127.0.0.1
74 port: 9696
75 discovery:
76 host: 127.0.0.1
77 analytics:
78 host: 127.0.0.1
79 bind:
80 address: 127.0.0.1
81 message_queue:
82 engine: rabbitmq
83 host: 127.0.0.1
84 port: 5672
85 database:
86 members:
87 - host: 127.0.0.1
88 port: 9160
89 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +020090 members:
91 - host: 127.0.0.1
92 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +010093 identity:
94 engine: keystone
95 version: '2.0'
96 region: RegionOne
ibumarskov57563252019-04-16 00:15:00 +040097 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +010098 host: 127.0.0.1
99 port: 35357
100 user: admin
101 password: password
102 token: token
103 tenant: admin
104 members:
105 - host: 127.0.0.1
106 id: 1
Dmitry Stremkovskiy841fee32017-09-01 18:08:41 +0300107 rootlogger: "INFO, CONSOLE"
Jiri Konecny463dee52016-03-03 11:08:46 +0100108 control:
109 version: 2.2
110 enabled: true
111 bind:
112 address: 127.0.0.1
113 discovery:
114 host: 127.0.0.1
115 master:
116 host: 127.0.0.1
117 members:
118 - host: 127.0.0.1
119 id: 1
120 collector:
121 version: 2.2
122 enabled: true
123 bind:
124 address: 127.0.0.1
125 master:
126 host: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400127 contrail_cache:
128 engine: redis
129 host: 127.0.0.1
130 port: 6379
131 password: guest
Jiri Konecny463dee52016-03-03 11:08:46 +0100132 discovery:
133 host: 127.0.0.1
134 data_ttl: 2
135 database:
136 members:
137 - host: 127.0.0.1
138 port: 9160
Sergey Kreysfd017c12018-05-04 18:35:37 +0300139 message_queue:
140 members:
141 - host: 127.0.0.1
142 - host: 127.0.0.1
143 - host: 127.0.0.1
Jiri Konecny463dee52016-03-03 11:08:46 +0100144 database:
145 version: 2.2
146 cassandra:
147 version: 2
148 enabled: true
149 minimum_disk: 10
150 name: 'Contrail'
151 original_token: 0
Dmitry Stremkovskiy2a079c72017-07-12 23:11:18 +0300152 compaction_throughput_mb_per_sec: 16
Dmitry Stremkovskiy71b310a2017-08-11 20:39:11 +0300153 concurrent_compactors: 1
Jiri Konecny463dee52016-03-03 11:08:46 +0100154 data_dirs:
155 - /var/lib/cassandra
156 id: 1
157 discovery:
158 host: 127.0.0.1
159 bind:
160 host: 127.0.0.1
161 port: 9042
162 rpc_port: 9160
163 members:
164 - host: 127.0.0.1
165 id: 1
166 web:
167 version: 2.2
168 enabled: True
169 bind:
170 address: 127.0.0.1
171 analytics:
172 host: 127.0.0.1
173 master:
174 host: 127.0.0.1
175 cache:
176 engine: redis
177 host: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400178 password: guest
Jiri Konecny463dee52016-03-03 11:08:46 +0100179 port: 6379
180 members:
181 - host: 127.0.0.1
182 id: 1
183 identity:
184 engine: keystone
185 version: '2.0'
ibumarskov57563252019-04-16 00:15:00 +0400186 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100187 host: 127.0.0.1
188 port: 35357
189 user: admin
190 password: password
191 token: token
192 tenant: admin
193
194
195All-in-one cluster
196~~~~~~~~~~~~~~~~~~
197
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200198Config, control, analytics, database, web -- altogether, clustered on multiple
199nodes.
Jiri Konecny463dee52016-03-03 11:08:46 +0100200
201.. code-block:: yaml
202
203 opencontrail:
204 common:
205 version: 2.2
206 source:
207 engine: pkg
208 address: http://mirror.robotice.cz/contrail-havana/
209 identity:
210 engine: keystone
ibumarskov57563252019-04-16 00:15:00 +0400211 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100212 host: 127.0.0.1
213 port: 35357
214 token: token
215 password: password
216 network:
217 engine: neutron
218 host: 127.0.0.1
219 port: 9696
220 config:
221 version: 2.2
222 enabled: true
223 network:
224 engine: neutron
225 host: 127.0.0.1
226 port: 9696
227 discovery:
228 host: 127.0.0.1
229 analytics:
230 host: 127.0.0.1
231 bind:
232 address: 127.0.0.1
233 message_queue:
234 engine: rabbitmq
235 host: 127.0.0.1
236 port: 5672
237 database:
238 members:
239 - host: 127.0.0.1
240 port: 9160
241 - host: 127.0.0.1
242 port: 9160
243 - host: 127.0.0.1
244 port: 9160
245 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200246 members:
247 - host: 127.0.0.1
248 port: 11211
249 - host: 127.0.0.1
250 port: 11211
251 - host: 127.0.0.1
252 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100253 identity:
254 engine: keystone
255 version: '2.0'
256 region: RegionOne
ibumarskov57563252019-04-16 00:15:00 +0400257 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100258 host: 127.0.0.1
259 port: 35357
260 user: admin
261 password: password
262 token: token
263 tenant: admin
264 members:
265 - host: 127.0.0.1
266 id: 1
267 - host: 127.0.0.1
268 id: 2
269 - host: 127.0.0.1
270 id: 3
271 control:
272 version: 2.2
273 enabled: true
274 bind:
275 address: 127.0.0.1
276 discovery:
277 host: 127.0.0.1
278 master:
279 host: 127.0.0.1
280 members:
281 - host: 127.0.0.1
282 id: 1
283 - host: 127.0.0.1
284 id: 2
285 - host: 127.0.0.1
286 id: 3
287 collector:
288 version: 2.2
289 enabled: true
290 bind:
291 address: 127.0.0.1
292 master:
293 host: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400294 contrail_cache:
295 engine: redis
296 host: 127.0.0.1
297 port: 6379
298 password: guest
Jiri Konecny463dee52016-03-03 11:08:46 +0100299 discovery:
300 host: 127.0.0.1
301 data_ttl: 1
302 database:
303 members:
304 - host: 127.0.0.1
305 port: 9160
306 - host: 127.0.0.1
307 port: 9160
308 - host: 127.0.0.1
309 port: 9160
Sergey Kreysfd017c12018-05-04 18:35:37 +0300310 message_queue:
311 members:
312 - host: 127.0.0.1
313 - host: 127.0.0.1
314 - host: 127.0.0.1
Jiri Konecny463dee52016-03-03 11:08:46 +0100315 database:
316 version: 2.2
317 cassandra:
318 version: 2
319 enabled: true
320 name: 'Contrail'
321 minimum_disk: 10
322 original_token: 0
323 data_dirs:
324 - /var/lib/cassandra
325 id: 1
326 discovery:
327 host: 127.0.0.1
328 bind:
329 host: 127.0.0.1
330 port: 9042
331 rpc_port: 9160
332 members:
333 - host: 127.0.0.1
334 id: 1
335 - host: 127.0.0.1
336 id: 2
337 - host: 127.0.0.1
338 id: 3
339 web:
340 version: 2.2
341 enabled: True
342 bind:
343 address: 127.0.0.1
344 master:
345 host: 127.0.0.1
346 analytics:
347 host: 127.0.0.1
348 cache:
349 engine: redis
350 host: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400351 password: guest
Jiri Konecny463dee52016-03-03 11:08:46 +0100352 port: 6379
353 members:
354 - host: 127.0.0.1
355 id: 1
356 - host: 127.0.0.1
357 id: 2
358 - host: 127.0.0.1
359 id: 3
360 identity:
361 engine: keystone
362 version: '2.0'
ibumarskov57563252019-04-16 00:15:00 +0400363 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100364 host: 127.0.0.1
365 port: 35357
366 user: admin
367 password: password
368 token: token
369 tenant: admin
370
371
372Separated analytics from control and config
373~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
374
375Config, control, database, web.
376
377.. code-block:: yaml
378
379 opencontrail:
380 common:
381 version: 2.2
382 identity:
383 engine: keystone
ibumarskov57563252019-04-16 00:15:00 +0400384 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100385 host: 127.0.0.1
386 port: 35357
387 token: token
388 password: password
389 network:
390 engine: neutron
391 host: 127.0.0.1
392 port: 9696
393 config:
394 version: 2.2
395 enabled: true
396 network:
397 engine: neutron
398 host: 127.0.0.1
399 port: 9696
400 discovery:
401 host: 127.0.0.1
402 analytics:
403 host: 127.0.0.1
404 bind:
405 address: 127.0.0.1
406 message_queue:
407 engine: rabbitmq
408 host: 127.0.0.1
409 port: 5672
410 database:
411 members:
412 - host: 127.0.0.1
413 port: 9160
414 - host: 127.0.0.1
415 port: 9160
416 - host: 127.0.0.1
417 port: 9160
418 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200419 members:
420 - host: 127.0.0.1
421 port: 11211
422 - host: 127.0.0.1
423 port: 11211
424 - host: 127.0.0.1
425 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100426 identity:
427 engine: keystone
428 version: '2.0'
429 region: RegionOne
ibumarskov57563252019-04-16 00:15:00 +0400430 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100431 host: 127.0.0.1
432 port: 35357
433 user: admin
434 password: password
435 token: token
436 tenant: admin
437 members:
438 - host: 127.0.0.1
439 id: 1
440 - host: 127.0.0.1
441 id: 2
442 - host: 127.0.0.1
443 id: 3
444 control:
445 version: 2.2
446 enabled: true
447 bind:
448 address: 127.0.0.1
449 discovery:
450 host: 127.0.0.1
451 master:
452 host: 127.0.0.1
453 members:
454 - host: 127.0.0.1
455 id: 1
456 - host: 127.0.0.1
457 id: 2
458 - host: 127.0.0.1
459 id: 3
460 database:
461 version: 127.0.0.1
462 cassandra:
463 version: 2
464 enabled: true
465 name: 'Contrail'
466 minimum_disk: 10
467 original_token: 0
468 data_dirs:
469 - /var/lib/cassandra
470 id: 1
471 discovery:
472 host: 127.0.0.1
473 bind:
474 host: 127.0.0.1
475 port: 9042
476 rpc_port: 9160
477 members:
478 - host: 127.0.0.1
479 id: 1
480 - host: 127.0.0.1
481 id: 2
482 - host: 127.0.0.1
483 id: 3
484 web:
485 version: 2.2
486 enabled: True
487 bind:
488 address: 127.0.0.1
489 analytics:
490 host: 127.0.0.1
491 master:
492 host: 127.0.0.1
493 cache:
494 engine: redis
495 host: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400496 password: guest
Jiri Konecny463dee52016-03-03 11:08:46 +0100497 port: 6379
498 members:
499 - host: 127.0.0.1
500 id: 1
501 - host: 127.0.0.1
502 id: 2
503 - host: 127.0.0.1
504 id: 3
505 identity:
506 engine: keystone
507 version: '2.0'
ibumarskov57563252019-04-16 00:15:00 +0400508 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100509 host: 127.0.0.1
510 port: 35357
511 user: admin
512 password: password
513 token: token
514 tenant: admin
515
Jiri Konecny463dee52016-03-03 11:08:46 +0100516Analytic nodes
Jiri Konecny463dee52016-03-03 11:08:46 +0100517
518Analytics and database on an analytic node(s)
519
520.. code-block:: yaml
521
522 opencontrail:
523 common:
524 version: 2.2
525 identity:
526 engine: keystone
ibumarskov57563252019-04-16 00:15:00 +0400527 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100528 host: 127.0.0.1
529 port: 35357
530 token: token
531 password: password
532 network:
533 engine: neutron
534 host: 127.0.0.1
535 port: 9696
536 collector:
537 version: 2.2
538 enabled: true
539 bind:
540 address: 127.0.0.1
Gleb Zimin27521c12018-08-21 14:48:37 +0400541 contrail_cache:
542 engine: redis
543 host: 127.0.0.1
544 password: guest
545 port: 6379
Jiri Konecny463dee52016-03-03 11:08:46 +0100546 master:
547 host: 127.0.0.1
548 discovery:
549 host: 127.0.0.1
550 data_ttl: 1
551 database:
552 members:
553 - host: 127.0.0.1
554 port: 9160
555 - host: 127.0.0.1
556 port: 9160
557 - host: 127.0.0.1
558 port: 9160
Sergey Kreysfd017c12018-05-04 18:35:37 +0300559 message_queue:
560 members:
561 - host: 127.0.0.1
562 - host: 127.0.0.1
563 - host: 127.0.0.1
Jiri Konecny463dee52016-03-03 11:08:46 +0100564 database:
565 version: 2.2
566 cassandra:
567 version: 2
568 enabled: true
569 name: 'Contrail'
570 minimum_disk: 10
571 original_token: 0
572 data_dirs:
573 - /var/lib/cassandra
574 id: 1
575 discovery:
576 host: 127.0.0.1
577 bind:
578 host: 127.0.0.1
579 port: 9042
580 rpc_port: 9160
581 members:
582 - host: 127.0.0.1
583 id: 1
584 - host: 127.0.0.1
585 id: 2
586 - host: 127.0.0.1
587 id: 3
588
589
590Compute nodes
Aleš Komáreka3314b22017-04-11 13:46:06 +0200591-------------
Jiri Konecny463dee52016-03-03 11:08:46 +0100592
593Vrouter configuration on a compute node(s)
594
595.. code-block:: yaml
596
597 opencontrail:
598 common:
599 version: 2.2
600 identity:
601 engine: keystone
ibumarskov57563252019-04-16 00:15:00 +0400602 protocol: http
Jiri Konecny463dee52016-03-03 11:08:46 +0100603 host: 127.0.0.1
604 port: 35357
605 token: token
606 password: password
607 network:
608 engine: neutron
609 host: 127.0.0.1
610 port: 9696
611 compute:
612 version: 2.2
613 enabled: True
Dmitry Stremkovskiy0cb5c562017-07-26 00:32:51 +0300614 hostname: node-12.domain.tld
Danysa144f292018-06-26 16:08:50 +0200615 flow_hold_limit: 0
Sergey Matov0c660522020-01-15 15:25:42 +0400616 vr_flow_entries: 2097152
Jiri Konecny463dee52016-03-03 11:08:46 +0100617 discovery:
618 host: 127.0.0.1
619 interface:
620 address: 127.0.0.1
621 dev: eth0
622 gateway: 127.0.0.1
623 mask: /24
624 dns: 127.0.0.1
625 mtu: 9000
626
Petr Jediný5f3008a2017-07-31 15:04:05 +0200627
628Compute nodes with gateway_mode
629-------------------------------
630
631Gateway mode: can be server/ vcpe (default is none)
632
633.. code-block:: yaml
634
635 opencontrail:
636 compute:
637 gateway_mode: server
638
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300639TSN nodes
640---------
641
642Configure TSN nodes
643
644.. code-block:: yaml
645
646 opencontrail:
647 compute:
Anton Samoylov826a0f22019-04-05 17:00:49 +0400648 enabled: True
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300649 tor:
Anton Samoylov826a0f22019-04-05 17:00:49 +0400650 enabled: True
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300651 agent:
652 tor01:
653 id: 0
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300654 address: 127.0.0.1
Anton Samoylov826a0f22019-04-05 17:00:49 +0400655 tor_name: TOR1
656 tor_ip: 10.11.0.100
657 tor_ovs_port: 6640
658 tor_ovs_protocol: tcp
659 http_server_port: 9090
660 tsn_ip: 127.0.0.1
661 tor_tunnel_ip: 10.10.0.100
662 tor_vendor_name: ovs
663 xmpp_auth_enable: False
664 xmpp_dns_auth_enable: False
Petr Jediný5f3008a2017-07-31 15:04:05 +0200665
Andreyeff77ac2017-08-25 12:14:06 -0500666Set up metadata secret for the Vrouter
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200667--------------------------------------
Andreyeff77ac2017-08-25 12:14:06 -0500668
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200669In order to get cloud-init within the instance to properly fetch
Andreyeff77ac2017-08-25 12:14:06 -0500670instance metadata, metadata_proxy_secret in the Vrouter agent config
671should match the value in nova.conf. The administrator should define
672it in the pillar:
673
674.. code-block:: yaml
675
676 opencontrail:
677 compute:
678 metadata:
679 secret: opencontrail
680
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200681Add auth info for Barbican on compute nodes
682-------------------------------------------
683
684.. code-block:: yaml
685
686 opencontrail:
687 compute:
688 lbaas:
689 enabled: true
690 secret_manager:
691 engine: barbican
692 identity:
693 user: admin
694 password: "supersecretpassword123"
695 tenant: admin
696
697
Jakub Pavlik735005f2016-02-26 15:54:53 +0100698Keystone v3
Aleš Komáreka3314b22017-04-11 13:46:06 +0200699-----------
Jakub Pavlik735005f2016-02-26 15:54:53 +0100700
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200701To enable support for keystone v3 in opencontrail, there must be defined
702version for config and web role.
Jakub Pavlik735005f2016-02-26 15:54:53 +0100703
704.. code-block:: yaml
705
706 opencontrail:
707 config:
708 version: 2.2
709 enabled: true
710 ...
711 identity:
712 engine: keystone
713 version: '3'
714 ...
715
716 opencontrail:
717 web:
718 version: 2.2
719 enabled: true
720 ...
721 identity:
722 engine: keystone
723 version: '3'
724 ...
725
marco10cc2212016-04-03 14:21:54 +0200726Without Keystone
727----------------
728
729.. code-block:: yaml
730
731 opencontrail:
732 ...
733 common:
734 ...
735 identity:
736 engine: none
737 token: none
738 password: none
739 ...
740 config:
741 ...
742 identity:
743 engine: none
744 password: none
745 token: none
746 ...
747 web:
748 ...
749 identity:
750 engine: none
751 password: none
752 token: none
753 ...
marcof5461712016-04-04 20:49:36 +0200754
Pavel Cizinsky14eb00e2018-11-09 15:15:07 +0100755XMPP Encryption
756---------------
757
758Configure encryption of XMPP
759
760Computes nodes
761~~~~~~~~~~~~~~
762
763.. code-block:: yaml
764
765 opencontrail:
766 compute:
767 xmpp:
768 tls:
769 enabled: False
770 auth:
771 enabled: False
772 (optional) cert_file: /etc/contrail/server.pem
773 (optional) key_file: /etc/contrail/privkey.pem
774 (optional) ca_cert_file: /etc/contrail/ca-cert.pem
775
776Control nodes
777~~~~~~~~~~~~~
778
779.. code-block:: yaml
780
781 opencontrail:
782 control:
783 xmpp:
784 tls:
785 enabled: False
786 auth:
787 enabled: False
788 (optional) cert_file: /etc/contrail/server.pem
789 (optional) key_file: /etc/contrail/privkey.pem
790 (optional) ca_cert_file: /etc/contrail/ca-cert.pem
791
Aleš Komáreka3314b22017-04-11 13:46:06 +0200792Kubernetes support
793------------------
794
marcof5461712016-04-04 20:49:36 +0200795Kubernetes vrouter nodes
marcof5461712016-04-04 20:49:36 +0200796
797Vrouter configuration on a kubernetes node(s)
798
799.. code-block:: yaml
800
801 opencontrail:
802 ...
803 compute:
804 engine: kubernetes
805 ...
806
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100807vRouter with separated control plane
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100808
809Separate XMPP traffic from dataplane interface.
810
811.. code-block:: yaml
812
813 opencontrail:
814 compute:
815 bind:
816 address: 172.16.0.50
817 ...
818
Petr Jediný439fab32017-07-10 14:33:09 +0200819Override RPF default in Contrail API
820------------------------------------
821
822From MCP1.1 with OpenContrail >= 3.1.1 you can override RPF default for newly
823created virtual networks. This can be useful for usecases like running
824Calico and K8S in overlay. The `override_rpf_default_by` has valid values
825`disable`, `enable`. If not defined, the configuration fallbacks to Contrail
826default - currently `enable`.
827
828.. code-block:: yaml
829
830 opencontrail:
831 ...
832 config:
833 override_rpf_default_by: 'disable'
834 ...
835
Jan Cach1dcba582019-12-12 10:39:11 +0100836Configure log level for Contrail services
837-----------------------------------------
838
839For OpenContrail 4.0 and 4.1 formula supports setting level of
840the log level for contrail services. Default value of debug level
841is `SYS_NOTICE`.
842
843.. code-block:: yaml
844
845 opencontrail:
846 ...
847 config:
848 log_level:
849 api: SYS_NOTICE
850 device_manager: SYS_NOTICE
851 schema: SYS_NOTICE
852 svc_monitor: SYS_NOTICE
853 collector:
854 log_level:
855 alarm: SYS_NOTICE
856 analytics_api: SYS_NOTICE
857 collector: SYS_NOTICE
858 query_engine: SYS_NOTICE
859 snmp: SYS_NOTICE
860 topology: SYS_NOTICE
861 compute:
862 log_level:
863 agent: SYS_NOTICE
864 control:
865 log_level:
866 control: SYS_NOTICE
867 dns: SYS_NOTICE
868 ...
869
Petr Jediný01c18822017-11-15 12:30:53 +0100870Cassandra GC logging
871--------------------
872
873From Contrail version 3 you can set a way you want to handle Cassandra GC logs.
874The behavior is controlled by `cassandra_gc_logging`. Valid values are
875'rotation' (default), 'legacy' and false.
876
877- 'rotation' is supported by JDK 6u34 7u2 or later and handles rotation of log
878files automatically.
879- 'legacy' is a way to support older JDKs and you will need to handle logs by
880other means. This can be handled for example by using
881`- service.opencontrail.database.cassandra_log_cleanup` in your reclass model.
882- false will disable the cassandra gc logging
883
884.. code-block:: yaml
885
886 opencontrail:
887 ...
888 database:
889 cassandra_gc_logging: false
890 ...
891
Dzmitry Stremkouski16862ad2020-08-31 18:05:15 +0200892[vRouter conf] compute.node_address
893-----------------------------------
894
895Specify an ip address to override compute_node_address value in vrouter config
896or set to false to unset it.
897Valid only for OpenContrail vRouter 3.2
898
899.. code-block:: yaml
900
901 opencontrail:
902 compute:
903 node_address:
904 value: 192.168.111.5
905
906 .. code-block:: yaml
907
908 opencontrail:
909 compute:
910 node_address:
911 enabled: false
912
Petr Jediný439fab32017-07-10 14:33:09 +0200913
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200914Disable Contrail API authentication
915-----------------------------------
916
Petr Jediný78e6f422017-06-01 13:24:49 +0200917Contrail version must >= 3.0. It is useful especially for Keystone v3.
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200918
919.. code-block:: yaml
920
921 opencontrail:
922 ...
923 config:
924 multi_tenancy: false
925 ...
926
Marek Celoudae98c642018-01-31 12:43:42 +0100927Enable RBAC
928-----------
929
930
931.. code-block:: yaml
932
933 opencontrail:
934 ...
935 config:
936 aaa_mode: rbac
937 cloud_admin_role: admin
938 global_read_only_role: member
939 ...
940
Petr Jediný78e6f422017-06-01 13:24:49 +0200941Switch from on demand to periodic keystone sync
942-----------------------------------------------
943
944This can be useful when you want to sync projects from OpenStack to Contrail
945automatically. The period of sync is 60s.
946
947.. code-block:: yaml
948
949 opencontrail:
950 ...
951 config:
952 identity:
953 sync_on_demand: false
954 ...
955
Sergey Kreysb86160a2019-11-05 17:33:29 -0600956Configure duration between polls to keystone to sync domains and projects
957-------------------------------------------------------------------------
958
959.. code-block:: yaml
960
961 opencontrail:
962 ...
963 config:
964 keystone_resync_interval_secs: 60
965 ...
966
Petr Jediný03027902018-07-17 20:32:52 +0200967Cassandra listen configuration
968------------------------------
969
970Interface example:
marco2502e052016-05-31 22:53:54 +0200971
972.. code-block:: yaml
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300973
marco2502e052016-05-31 22:53:54 +0200974 database:
975 ....
976 bind:
977 interface: eth0
978 port: 9042
979 rpc_port: 9160
980 ....
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200981
Petr Jediný03027902018-07-17 20:32:52 +0200982For running config and analytics db clusters on same hosts, you will need to
983change ports not to collide. The host is required.
984
985 database:
986 ....
987 bind:
988 host: 127.0.0.1
989 port: 9042
990 rpc_port: 9160
991 # for containers we need to move configdb to neighbouring ports
992 port_configdb: 9041
993 rpc_port_configdb: 9161
994 ....
995
996
Petr Jedinýffbe2082017-03-07 00:56:47 +0100997OpenContrail WebUI version >= 3.1.1
998-----------------------------------
Petr Jediný78e6f422017-06-01 13:24:49 +0200999For OpenContrail version >= 3.1.1 and Cassandra >= 2.1 we should override WebUI's cassandra port from 9160 to 9042.
Petr Jedinýffbe2082017-03-07 00:56:47 +01001000
1001For appropriate node at class level:
1002
1003.. code-block:: yaml
Aleš Komáreka3314b22017-04-11 13:46:06 +02001004
Petr Jedinýffbe2082017-03-07 00:56:47 +01001005 opencontrail:
1006 ....
1007 web:
1008 database:
1009 port: 9042
1010 ....
1011
1012
Jakub Pavlik9a4de012016-12-14 13:23:55 +01001013RabbitMQ HA hosts
1014------------------
1015
1016.. code-block:: yaml
1017
1018 opencontrail:
1019 config:
1020 message_queue:
1021 engine: rabbitmq
1022 members:
1023 - host: 10.0.16.1
1024 - host: 10.0.16.2
1025 - host: 10.0.16.3
1026 port: 5672
1027
1028.. code-block:: yaml
1029
1030 database:
1031 ....
1032 bind:
1033 interface: eth0
1034 port: 9042
1035 rpc_port: 9160
1036 ....
1037
Jakub Pavlike3590062017-02-20 23:32:57 +01001038DPDK vRouter
1039-------------
1040
1041.. code-block:: yaml
1042
1043 opencontrail:
1044 compute:
1045 dpdk:
1046 enabled: true
Jakub Pavlik54761d82017-03-08 11:22:37 +01001047 taskset: "0x0000003C00003C"
1048 socket_mem: "1024,1024"
Jakub Pavlike3590062017-02-20 23:32:57 +01001049 interface:
1050 mac_address: 90:e2:ba:7c:22:e1
1051 pci: 0000:81:00.1
1052 ...
1053
Petr Jedinýe9960762018-05-04 17:36:59 +02001054Increase number of contrail-api workers
1055---------------------------------------
1056
1057.. code-block:: yaml
1058
1059 opencontrail:
1060 ...
1061 config:
Svimbaca9fa5b2018-09-19 14:31:34 +02001062 api:
1063 workers_count: 3
Petr Jedinýe9960762018-05-04 17:36:59 +02001064 ...
1065
Marek Celouddbba7ed2017-12-07 10:36:24 +01001066Increase number of alarm-gen workers
1067------------------------------------
1068
1069Port prefix will increment used ports by workers starting with 5901.
1070
1071.. code-block:: yaml
1072
1073 collector:
1074 alarm_gen:
1075 workers: 1
1076 port_prefix: 59
1077
Ales Komarekad46d2e2017-03-09 17:16:38 +01001078Contrail client
1079---------------
1080
1081Basic parameters with identity and host configs
1082
Petr Jediný78e6f422017-06-01 13:24:49 +02001083.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001084
1085 opencontrail:
1086 client:
1087 identity:
1088 user: admin
1089 project: admin
1090 password: adminpass
1091 host: keystone_host
1092 config:
1093 host: contrail_api_host
1094 port: contrail_api_ort
1095
1096Enforcing virtual routers
1097
Petr Jediný78e6f422017-06-01 13:24:49 +02001098.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001099
1100 opencontrail:
1101 client:
1102 ...
1103 virtual_router:
1104 cmp01:
1105 ip_address: 172.16.0.11
1106 dpdk_enabled: True
1107 cmp02:
1108 ip_address: 172.16.0.12
1109 dpdk_enabled: True
1110
psvimbersky3c84e272018-01-02 10:34:29 +01001111
1112Enforcing global system config
1113
1114.. code-block:: yaml
1115
1116 opencontrail:
1117 client:
1118 ...
1119 global_system_config:
1120 name: default-global-system-config
1121 asn: 64512
1122 grp:
1123 enable: true
1124 restart_time: 60
1125 end_of_rib_timeout: 30
1126 bgp_helper_enable: false
1127 xmpp_helper_enable: false
1128 long_lived_restart_time: 300
1129
1130
Pavel Svimbersky13cda442017-09-14 14:46:13 +02001131Enforcing global vrouter config
1132
1133.. code-block:: yaml
1134
1135 opencontrail:
1136 client:
1137 ...
1138 global_vrouter_config:
Petr Jediný554d0412018-01-04 22:35:48 +01001139 name: default-global-vrouter-config
Pavel Svimbersky13cda442017-09-14 14:46:13 +02001140 parent_type: global-system-config
1141 encap_priority: "MPLSoUDP,MPLSoGRE"
1142 vxlan_vn_id_mode: automatic
1143 fq_names:
1144 - 'default-global-system-config'
1145 - 'default-global-vrouter-config'
1146
psvimbersky3c84e272018-01-02 10:34:29 +01001147
1148
Ales Komarekad46d2e2017-03-09 17:16:38 +01001149Enforcing control nodes
1150
Petr Jediný78e6f422017-06-01 13:24:49 +02001151.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001152
1153 opencontrail:
1154 client:
1155 ...
1156 bgp_router:
1157 ntw01:
1158 type: control-node
1159 ip_address: 172.16.0.11
1160 nwt02:
1161 type: control-node
1162 ip_address: 172.16.0.12
1163 nwt03:
1164 type: control-node
1165 ip_address: 172.16.0.13
1166
1167
1168Enforcing edge BGP routers
1169
Petr Jediný78e6f422017-06-01 13:24:49 +02001170.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001171
1172 opencontrail:
1173 client:
1174 ...
1175 bgp_router:
1176 mx01:
1177 type: router
1178 ip_address: 172.16.0.21
1179 asn: 64512
1180 mx02:
1181 type: router
1182 ip_address: 172.16.0.22
1183 asn: 64512
Marek Celoud3097e5b2018-01-09 13:52:14 +01001184 key_type: md5
1185 key: password
Ales Komarekad46d2e2017-03-09 17:16:38 +01001186
1187Enforcing config nodes
1188
Petr Jediný78e6f422017-06-01 13:24:49 +02001189.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001190
1191 opencontrail:
1192 client:
1193 ...
1194 config_node:
1195 ctl01:
1196 ip_address: 172.16.0.21
1197 ctl02:
1198 ip_address: 172.16.0.22
1199
1200Enforcing database nodes
1201
Petr Jediný78e6f422017-06-01 13:24:49 +02001202.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001203
1204 opencontrail:
1205 client:
1206 ...
1207 database_node:
1208 ntw01:
1209 ip_address: 172.16.0.21
1210 ntw02:
1211 ip_address: 172.16.0.22
1212
1213Enforcing analytics nodes
1214
Petr Jediný78e6f422017-06-01 13:24:49 +02001215.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +01001216
1217 opencontrail:
1218 client:
1219 ...
1220 analytics_node:
1221 nal01:
1222 ip_address: 172.16.0.31
1223 nal02:
1224 ip_address: 172.16.0.32
1225
Petr Jediný5f3efe32017-05-26 17:55:09 +02001226Enforcing Link Local Services
1227
1228.. code-block:: yaml
1229
1230 opencontrail:
1231 client:
1232 ...
1233 linklocal_service:
1234 # example with dns name address (only one permited)
1235 meta1:
1236 lls_ip: 10.0.0.23
1237 lls_port: 80
1238 ipf_addresses: "meta.example.com"
1239 ipf_port: 80
1240 # example with multiple ip addresses
1241 meta2:
1242 lls_ip: 10.0.0.23
1243 lls_port: 80
1244 ipf_addresses:
1245 - 10.10.10.10
1246 - 10.20.20.20
1247 - 10.30.30.30
1248 ipf_port: 80
1249 # example with one ip address
1250 meta3:
1251 lls_ip: 10.0.0.23
1252 lls_port: 80
1253 ipf_addresses:
1254 - 10.10.10.10
1255 ipf_port: 80
1256 # example with name override
1257 lls_meta4:
1258 name: meta4
1259 lls_ip: 10.0.0.23
1260 lls_port: 80
1261 ipf_addresses:
1262 - 10.10.10.10
1263 ipf_port: 80
1264
Vasyl Saienkob10b7202017-09-05 14:19:03 +03001265
Michel Nederloff5bccda2017-11-20 13:31:38 +01001266Configuring OpenStack default quotasx
1267
1268.. code-block:: yaml
1269 config:
1270 quota:
1271 network: 5
1272 subnet: 10
1273 router: 10
1274 floating_ip: 100
1275 secgroup: 1000
1276 secgroup_rule: 1000
1277 port: 1000
1278 pool: -1
1279 member: -1
1280 health_monitor: -1
1281 vip: -1
1282
1283Enforcing physical routers
Petr Jediný04bed9b2018-05-03 19:44:10 +02001284
Vasyl Saienkob10b7202017-09-05 14:19:03 +03001285.. code-block:: yaml
1286
1287 opencontrail:
1288 client:
1289 ...
1290 physical_router:
1291 router1:
1292 name: router1
1293 dataplane_ip: 1.2.3.4
1294 management_ip: 1.2.3.4
1295 vendor_name: ovs
1296 product_name: ovs
1297 agents:
1298 - tsn0-0
1299 - tsn0
1300
1301Enforcing physical/logical interfaces for routers
1302
1303
1304.. code-block:: yaml
1305
1306 opencontrail
1307 client:
1308 ...
1309 physical_router:
1310 router1:
1311 ...
1312 interface:
1313 port1:
1314 name: port1
1315 logical_interface:
1316 port1_l:
1317 name: 'port1.0'
1318 vlan_tag: 0
1319 interface_type: L2
1320 virtual_machine_interface:
1321 port1_port:
1322 name: port1_port
1323 ip_address: 192.168.90.107
1324 mac_address: '2e:92:a8:af:c2:21'
1325 security_group: 'default'
1326 virtual_network: 'virtual-network'
1327
Jan Cachebfed1c2018-01-09 17:21:35 +01001328Enforcing virtual networks
1329
1330
1331.. code-block:: yaml
1332
1333 opencontrail:
1334 client:
1335 virtual_networks:
1336 net01:
1337 name: 'network01'
1338 ip_address: '172.16.111.0'
1339 ip_prefix: 24
1340 asn: 64512
1341 route_target: 10000
1342 external: True
1343 allow_transit: False
1344 forwarding_mode: 'l2_l3'
1345 rpf: 'disable'
1346 mirror_destination: False
1347 domain: 'default-domain'
1348 project: 'admin'
1349 ipam_domain: 'default-domain'
1350 ipam_project: 'default-project'
1351 ipam_name: 'default-network-ipam'
1352 net02:
1353 name: 'network02'
1354 net03:
1355 name: 'network03'
1356
Ales Komarekad46d2e2017-03-09 17:16:38 +01001357
Jan Cachb3092722018-01-31 12:46:16 +01001358Enforcing floating ip pool setings.
1359
1360Virtual network with flag external needs to be created before managing the floating ip pool.
1361Param vn_name is the name of the external network.
1362
1363.. code-block:: yaml
1364
1365 opencontrail:
1366 client:
1367 floating_ip_pools:
1368 pool1:
1369 vn_name: external-network
1370 vn_project: admin
1371 vn_domain: default-domain
1372 owner_access: 7
1373 global_access: 0
1374 list_of_projects:
1375 - [tenant1, 7]
1376 - [tenant2, 7]
1377 - [tenant3, 7]
1378 pool2:
1379 vn_name: floating-ips
1380 vn_project: admin
1381 vn_domain: default-domain
1382 owner_access: 7
1383 global_access: 0
1384 list_of_projects:
1385 - [tenant3, 7]
1386
1387
Pavel Cizinsky14eb00e2018-11-09 15:15:07 +01001388If you want to remove all shares from the ip floating pool, define only empty list in
Jan Cachb3092722018-01-31 12:46:16 +01001389list of projects, like this:
1390
1391.. code-block:: yaml
1392
1393 opencontrail:
1394 client:
1395 floating_ip_pools:
1396 pool1:
1397 vn_name: external-network
1398 vn_project: admin
1399 vn_domain: default-domain
1400 owner_access: 7
1401 global_access: 0
1402 list_of_projects: []
1403
1404
Michel Nederlof5364ab62017-12-11 15:02:25 +01001405Contrail DNS custom forwarders
1406------------------------------
1407
1408By default Contrail uses the /etc/resolv.conf file to determine the upstream DNS servers.
1409This can have some side-affects, like resolving internal DNS entries on you public instances.
1410
1411In order to overrule this default set, you can configure nameservers using pillar data.
1412The formula is then responsible for configuring and generating a alternate resolv.conf file.
1413
1414Note: this has been patched recently in the Contrail distribution of Mirantis:
1415https://github.com/Mirantis/contrail-controller/commit/ed9a25ccbcfebd7d079a93aecc5a1a7bf1265ea4
1416https://github.com/Mirantis/contrail-controller/commit/94c844cf2e9bcfcd48587aec03d10b869e737ade
1417
1418
1419To change forwarders for the default-dns option (which is handled by compute nodes):
1420
1421.. code-block:: yaml
1422
1423 compute:
1424 ....
1425 dns:
1426 forwarders:
1427 - 8.8.8.8
1428 - 8.8.4.4
1429 ....
1430
1431To change forwarders for vDNS zones (handled by control nodes):
1432
1433.. code-block:: yaml
1434
1435 control:
1436 ....
1437 dns:
1438 forwarders:
1439 - 8.8.8.8
1440 - 8.8.4.4
1441 ....
1442
Petr Jediný04bed9b2018-05-03 19:44:10 +02001443Contrail IF-MAP server configuration
1444------------------------------------
1445
1446Contrail 3.2 contains internal IF-MAP server implementation. This implementation can be enabled
1447by setting ``config:ifmap:engine`` to internal. Currently supported engines are ``internal`` and
1448``irond`` (default). The ``internal`` will configure contrail-api to run as a IF-MAP server in the
1449same process as contrail-api and will generate security certificates in specified folder.
1450
1451.. code-block:: yaml
1452
1453 config:
1454 ....
1455 ifmap:
1456 engine: internal
1457 cert_dir: /etc/contrail/ssl/certs/ # default
1458 basename_cert: ifmap.crt # default
1459 basename_key: ifmap.key # default
1460 ....
1461
1462To set static configuration of the IF-MAP server for contrail-control instead of using
1463discovery service, you can use ``control:ifmap:bind:host`` and ``port``. The static configuration
1464is triggered by existence of non-empty value of ``control:ifmap:bind`` key.
1465
1466.. code-block:: yaml
1467 control:
1468 ....
1469 ifmap
1470 bind:
1471 host: 127.0.0.1
1472 port: 8443
1473 ....
1474
Jan Cach2f99ae82018-10-03 19:50:09 +02001475Configure TCP_TW_RECYCLE in kernel
1476------------------------------------
Petr Jediný04bed9b2018-05-03 19:44:10 +02001477
Jan Cach2f99ae82018-10-03 19:50:09 +02001478Enable fast recycling of TIME-WAIT sockets. To enable set parameter to 1, which is
1479default value in formula. To turn off this option set parameter to 0:
1480
1481.. code-block:: yaml
1482
1483 opencontrail:
1484 ....
1485 common
1486 ....
1487 tcp_tw_recycle: 0
1488 ....
Michel Nederloff5bccda2017-11-20 13:31:38 +01001489
Anton Samoylov28ad4fa2018-10-02 14:45:41 +04001490Define extra states for contrail services health check
1491------------------------------------------------------
1492
1493Service health check procedure verifies that all available contrail services are in ``active``
1494state.
1495Additional states could be defined for every service as expected states for validation procedure.
1496
1497.. code-block:: yaml
1498
1499 config:
1500 ....
1501 services_extra_states:
1502 contrail-schema:
1503 - backup
1504 contrail-device-manager
1505 - backup
1506 contrail-svc-monitor:
1507 - backup
1508 ....
1509
1510``contrail-schema``, ``contrail-device-manager`` and ``contrail-svc-monitor`` config services already
1511have additional ``backup`` state by default.
1512
Svimbac59f8042019-05-03 15:49:08 +02001513Setup Sandesh rate limit
1514------------------------
1515Sandesh send rate limit can be used to throttle system logs transmitted per second. System logs are
1516dropped if the sending rate is exceeded.
1517
1518It is possible to use only global limit for all services of contrail component.
1519
1520.. code-block:: yaml
1521
1522 opencontrail:
1523 control:
1524 ....
1525 sandesh_send_rate_limits:
1526 global: 10
1527 ....
1528
1529
1530Global limit and limit for specific service can be defined together where specific service limit
1531has higher priority.
1532
1533.. code-block:: yaml
1534
1535 opencontrail:
1536 config:
1537 ....
1538 sandesh_send_rate_limits:
1539 global: 10
1540 config_api: 3
1541 schema: 5
1542 ....
1543
1544Only specific service limit can be defined. In this case other services of Contrail component
1545keep default value (0) of `sandesh_send_rate_limit`
1546
1547.. code-block:: yaml
1548
1549 opencontrail:
1550 collector:
1551 ....
1552 sandesh_send_rate_limits:
1553 collector: 100
1554 analytics-api: 50
1555 ....
1556
1557Full list:
1558
1559.. code-block:: yaml
1560
1561 opencontrail:
1562 control:
1563 ....
1564 sandesh_send_rate_limits:
1565 global: 100
1566 control: 10
1567 dns: 10
1568 nodemgr: 10
1569 ....
1570
1571 config:
1572 ....
1573 sandesh_send_rate_limits:
1574 global: 100
1575 config_api: 10
1576 schema: 10
1577 svc_monitor: 10
1578 device_manager: 10
1579 nodemgr: 10
1580 ....
1581
1582 collector:
1583 ....
1584 sandesh_send_rate_limits:
1585 global: 100
1586 collector: 10
1587 analytics_api: 10
1588 query_engine: 10
1589 alarm_gen: 10
1590 snmp_collector: 10
1591 topology: 10
1592 nodemgr: 10
1593 ....
1594
1595 compute:
1596 ....
1597 sandesh_send_rate_limits:
1598 global: 100
1599 agent: 10
1600 nodemgr: 10
1601 ....
1602
Anton Samoylov8080c172019-05-08 18:03:28 +04001603Define aging time for flow-records in seconds
1604---------------------------------------------
1605
1606Flows are aged out based on inactivity for a specific period of time. By default,
1607the timeout value is 180 seconds. This can be modified by configuring flow_cache_timeout for
1608contrail-vrouter-agent service:
1609
1610.. code-block:: yaml
1611
1612 opencontrail:
1613 ....
1614 compute
1615 ....
1616 flow_cache_timeout: 180
1617 ....
1618
Anton Samoylov2b7d3932020-10-18 18:08:56 +04001619Disable stats collection
1620---------------------------------------------
1621
1622This option controlls gathering and sending statistics, related to VMIs
1623and VNs, by vrouter agent to Analytics. If statistics should be gathered
1624and sent - set this option to False. If statistics gathering should be
1625disabled - set it to True.
1626
1627.. code-block:: yaml
1628
1629 opencontrail:
1630 ....
1631 compute
1632 ....
1633 disable_stats_collection: True
1634 ....
1635
Filip Pytloun27930402015-10-06 16:28:32 +02001636Usage
1637=====
1638
1639Basic installation
Ales Komarekad46d2e2017-03-09 17:16:38 +01001640------------------
Filip Pytloun27930402015-10-06 16:28:32 +02001641
1642Add control BGP
Ales Komarekad46d2e2017-03-09 17:16:38 +01001643
1644.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001645
1646 python /etc/contrail/provision_control.py --api_server_ip 192.168.1.11 --api_server_port 8082 --host_name network1.contrail.domain.com --host_ip 192.168.1.11 --router_asn 64512
1647
Ales Komarekad46d2e2017-03-09 17:16:38 +01001648Install compute node
Filip Pytloun27930402015-10-06 16:28:32 +02001649
Ales Komarekad46d2e2017-03-09 17:16:38 +01001650.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001651
1652 yum install contrail-vrouter contrail-openstack-vrouter
1653
1654 salt-call state.sls nova,opencontrail
1655
1656Add virtual router
Filip Pytloun27930402015-10-06 16:28:32 +02001657
Ales Komarekad46d2e2017-03-09 17:16:38 +01001658.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +02001659
1660 python /etc/contrail/provision_vrouter.py --host_name hostnode1.intra.domain.com --host_ip 10.0.100.101 --api_server_ip 10.0.100.30 --oper add --admin_user admin --admin_password cloudlab --admin_tenant_name admin
1661
1662 /etc/sysconfig/network-scripts/ifcfg-bond0 -- comment GATEWAY,NETMASK,IPADDR
1663
1664 reboot
1665
Aleš Komáreka3314b22017-04-11 13:46:06 +02001666Debugging
1667---------
Filip Pytloun27930402015-10-06 16:28:32 +02001668
1669Display vhost XMPP connection status
1670
1671You should see the correct controller_ip and state should be established.
1672
1673 http://<compute-node>:8085/Snh_AgentXmppConnectionStatusReq?
1674
1675Display vrouter interface status
1676
1677When vrf_name = ---ERROR--- then something goes wrong
1678
1679 http://<compute-node>:8085/Snh_ItfReq?name=
1680
1681Display IF MAP table
1682
Vasyl Saienkob10b7202017-09-05 14:19:03 +03001683Look for neighbours, if VM has 2, it's ok
Filip Pytloun27930402015-10-06 16:28:32 +02001684
1685 http://<control-node>:8083/Snh_IFMapTableShowReq?table_name=
1686
1687Trace XMPP requests
1688
1689 http://<compute-node>:8085/Snh_SandeshTraceRequest?x=XmppMessageTrace