Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / opencontrail / 2688110728deda53bd2357a855a9b9c5f5ee48ba / . / README.rst
blob: 2f55b188dc2e0570c4f0920fd8090ebc991045ff [file] [log] [blame]
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]1====================
2OpenContrail Formula
3====================
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]4
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]5Contrail Controller is an open, standards-based software solution that
6delivers network virtualization and service automation for federated cloud
7networks. It provides self-service provisioning, improves network
8troubleshooting and diagnostics, and enables service chaining for dynamic
9application environments across enterprise virtual private cloud (VPC),
10managed Infrastructure as a Service (IaaS), and Networks Functions
11Virtualization (NFV) use cases.
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]12
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]13
Petr Michalec579e64d2017-03-24 12:54:29 +0100[diff] [blame]14Package source
15==============
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]16
Petr Michalec579e64d2017-03-24 12:54:29 +0100[diff] [blame]17Formula support OpenContrail as well as Juniper Contrail package repository in the backend.
18
19Differences withing the configuration and state run are controlled by
20``opencontrail.common.vendor: [opencontrail|juniper]`` pillar attribute.
21
22Default value is set to ``opencontrail``.
23
24Juniper releases tested with this formula:
25 - 3.0.2.x
26
27To use Juniper Contrail repository as a source of packages override pillar as in this example:
28
29.. code-block:: yaml
30
31 opencontrail:
32 common:
33 vendor: juniper
34
35
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]36Sample Pillars
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]37==============
38
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]39Controller nodes
40----------------
41
42There are several scenarios for OpenContrail control plane.
43
44All-in-one single
45~~~~~~~~~~~~~~~~~
46
47Config, control, analytics, database, web -- altogether on one node.
48
49.. code-block:: yaml
50
51 opencontrail:
52 common:
53 version: 2.2
54 source:
55 engine: pkg
56 address: http://mirror.robotice.cz/contrail-havana/
57 identity:
58 engine: keystone
59 host: 127.0.0.1
60 port: 35357
61 token: token
62 password: password
63 network:
64 engine: neutron
65 host: 127.0.0.1
66 port: 9696
67 config:
68 version: 2.2
69 enabled: true
70 network:
71 engine: neutron
72 host: 127.0.0.1
73 port: 9696
74 discovery:
75 host: 127.0.0.1
76 analytics:
77 host: 127.0.0.1
78 bind:
79 address: 127.0.0.1
80 message_queue:
81 engine: rabbitmq
82 host: 127.0.0.1
83 port: 5672
84 database:
85 members:
86 - host: 127.0.0.1
87 port: 9160
88 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]89 members:
90 - host: 127.0.0.1
91 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]92 identity:
93 engine: keystone
94 version: '2.0'
95 region: RegionOne
96 host: 127.0.0.1
97 port: 35357
98 user: admin
99 password: password
100 token: token
101 tenant: admin
102 members:
103 - host: 127.0.0.1
104 id: 1
Dmitry Stremkovskiy841fee32017-09-01 18:08:41 +0300[diff] [blame]105 rootlogger: "INFO, CONSOLE"
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]106 control:
107 version: 2.2
108 enabled: true
109 bind:
110 address: 127.0.0.1
111 discovery:
112 host: 127.0.0.1
113 master:
114 host: 127.0.0.1
115 members:
116 - host: 127.0.0.1
117 id: 1
118 collector:
119 version: 2.2
120 enabled: true
121 bind:
122 address: 127.0.0.1
123 master:
124 host: 127.0.0.1
125 discovery:
126 host: 127.0.0.1
127 data_ttl: 2
128 database:
129 members:
130 - host: 127.0.0.1
131 port: 9160
132 database:
133 version: 2.2
134 cassandra:
135 version: 2
136 enabled: true
137 minimum_disk: 10
138 name: 'Contrail'
139 original_token: 0
Dmitry Stremkovskiy2a079c72017-07-12 23:11:18 +0300[diff] [blame]140 compaction_throughput_mb_per_sec: 16
Dmitry Stremkovskiy71b310a2017-08-11 20:39:11 +0300[diff] [blame]141 concurrent_compactors: 1
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]142 data_dirs:
143 - /var/lib/cassandra
144 id: 1
145 discovery:
146 host: 127.0.0.1
147 bind:
148 host: 127.0.0.1
149 port: 9042
150 rpc_port: 9160
151 members:
152 - host: 127.0.0.1
153 id: 1
154 web:
155 version: 2.2
156 enabled: True
157 bind:
158 address: 127.0.0.1
159 analytics:
160 host: 127.0.0.1
161 master:
162 host: 127.0.0.1
163 cache:
164 engine: redis
165 host: 127.0.0.1
166 port: 6379
167 members:
168 - host: 127.0.0.1
169 id: 1
170 identity:
171 engine: keystone
172 version: '2.0'
173 host: 127.0.0.1
174 port: 35357
175 user: admin
176 password: password
177 token: token
178 tenant: admin
179
180
181All-in-one cluster
182~~~~~~~~~~~~~~~~~~
183
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]184Config, control, analytics, database, web -- altogether, clustered on multiple
185nodes.
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]186
187.. code-block:: yaml
188
189 opencontrail:
190 common:
191 version: 2.2
192 source:
193 engine: pkg
194 address: http://mirror.robotice.cz/contrail-havana/
195 identity:
196 engine: keystone
197 host: 127.0.0.1
198 port: 35357
199 token: token
200 password: password
201 network:
202 engine: neutron
203 host: 127.0.0.1
204 port: 9696
205 config:
206 version: 2.2
207 enabled: true
208 network:
209 engine: neutron
210 host: 127.0.0.1
211 port: 9696
212 discovery:
213 host: 127.0.0.1
214 analytics:
215 host: 127.0.0.1
216 bind:
217 address: 127.0.0.1
218 message_queue:
219 engine: rabbitmq
220 host: 127.0.0.1
221 port: 5672
222 database:
223 members:
224 - host: 127.0.0.1
225 port: 9160
226 - host: 127.0.0.1
227 port: 9160
228 - host: 127.0.0.1
229 port: 9160
230 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]231 members:
232 - host: 127.0.0.1
233 port: 11211
234 - host: 127.0.0.1
235 port: 11211
236 - host: 127.0.0.1
237 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]238 identity:
239 engine: keystone
240 version: '2.0'
241 region: RegionOne
242 host: 127.0.0.1
243 port: 35357
244 user: admin
245 password: password
246 token: token
247 tenant: admin
248 members:
249 - host: 127.0.0.1
250 id: 1
251 - host: 127.0.0.1
252 id: 2
253 - host: 127.0.0.1
254 id: 3
255 control:
256 version: 2.2
257 enabled: true
258 bind:
259 address: 127.0.0.1
260 discovery:
261 host: 127.0.0.1
262 master:
263 host: 127.0.0.1
264 members:
265 - host: 127.0.0.1
266 id: 1
267 - host: 127.0.0.1
268 id: 2
269 - host: 127.0.0.1
270 id: 3
271 collector:
272 version: 2.2
273 enabled: true
274 bind:
275 address: 127.0.0.1
276 master:
277 host: 127.0.0.1
278 discovery:
279 host: 127.0.0.1
280 data_ttl: 1
281 database:
282 members:
283 - host: 127.0.0.1
284 port: 9160
285 - host: 127.0.0.1
286 port: 9160
287 - host: 127.0.0.1
288 port: 9160
289 database:
290 version: 2.2
291 cassandra:
292 version: 2
293 enabled: true
294 name: 'Contrail'
295 minimum_disk: 10
296 original_token: 0
297 data_dirs:
298 - /var/lib/cassandra
299 id: 1
300 discovery:
301 host: 127.0.0.1
302 bind:
303 host: 127.0.0.1
304 port: 9042
305 rpc_port: 9160
306 members:
307 - host: 127.0.0.1
308 id: 1
309 - host: 127.0.0.1
310 id: 2
311 - host: 127.0.0.1
312 id: 3
313 web:
314 version: 2.2
315 enabled: True
316 bind:
317 address: 127.0.0.1
318 master:
319 host: 127.0.0.1
320 analytics:
321 host: 127.0.0.1
322 cache:
323 engine: redis
324 host: 127.0.0.1
325 port: 6379
326 members:
327 - host: 127.0.0.1
328 id: 1
329 - host: 127.0.0.1
330 id: 2
331 - host: 127.0.0.1
332 id: 3
333 identity:
334 engine: keystone
335 version: '2.0'
336 host: 127.0.0.1
337 port: 35357
338 user: admin
339 password: password
340 token: token
341 tenant: admin
342
343
344Separated analytics from control and config
345~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
346
347Config, control, database, web.
348
349.. code-block:: yaml
350
351 opencontrail:
352 common:
353 version: 2.2
354 identity:
355 engine: keystone
356 host: 127.0.0.1
357 port: 35357
358 token: token
359 password: password
360 network:
361 engine: neutron
362 host: 127.0.0.1
363 port: 9696
364 config:
365 version: 2.2
366 enabled: true
367 network:
368 engine: neutron
369 host: 127.0.0.1
370 port: 9696
371 discovery:
372 host: 127.0.0.1
373 analytics:
374 host: 127.0.0.1
375 bind:
376 address: 127.0.0.1
377 message_queue:
378 engine: rabbitmq
379 host: 127.0.0.1
380 port: 5672
381 database:
382 members:
383 - host: 127.0.0.1
384 port: 9160
385 - host: 127.0.0.1
386 port: 9160
387 - host: 127.0.0.1
388 port: 9160
389 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]390 members:
391 - host: 127.0.0.1
392 port: 11211
393 - host: 127.0.0.1
394 port: 11211
395 - host: 127.0.0.1
396 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]397 identity:
398 engine: keystone
399 version: '2.0'
400 region: RegionOne
401 host: 127.0.0.1
402 port: 35357
403 user: admin
404 password: password
405 token: token
406 tenant: admin
407 members:
408 - host: 127.0.0.1
409 id: 1
410 - host: 127.0.0.1
411 id: 2
412 - host: 127.0.0.1
413 id: 3
414 control:
415 version: 2.2
416 enabled: true
417 bind:
418 address: 127.0.0.1
419 discovery:
420 host: 127.0.0.1
421 master:
422 host: 127.0.0.1
423 members:
424 - host: 127.0.0.1
425 id: 1
426 - host: 127.0.0.1
427 id: 2
428 - host: 127.0.0.1
429 id: 3
430 database:
431 version: 127.0.0.1
432 cassandra:
433 version: 2
434 enabled: true
435 name: 'Contrail'
436 minimum_disk: 10
437 original_token: 0
438 data_dirs:
439 - /var/lib/cassandra
440 id: 1
441 discovery:
442 host: 127.0.0.1
443 bind:
444 host: 127.0.0.1
445 port: 9042
446 rpc_port: 9160
447 members:
448 - host: 127.0.0.1
449 id: 1
450 - host: 127.0.0.1
451 id: 2
452 - host: 127.0.0.1
453 id: 3
454 web:
455 version: 2.2
456 enabled: True
457 bind:
458 address: 127.0.0.1
459 analytics:
460 host: 127.0.0.1
461 master:
462 host: 127.0.0.1
463 cache:
464 engine: redis
465 host: 127.0.0.1
466 port: 6379
467 members:
468 - host: 127.0.0.1
469 id: 1
470 - host: 127.0.0.1
471 id: 2
472 - host: 127.0.0.1
473 id: 3
474 identity:
475 engine: keystone
476 version: '2.0'
477 host: 127.0.0.1
478 port: 35357
479 user: admin
480 password: password
481 token: token
482 tenant: admin
483
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]484Analytic nodes
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]485
486Analytics and database on an analytic node(s)
487
488.. code-block:: yaml
489
490 opencontrail:
491 common:
492 version: 2.2
493 identity:
494 engine: keystone
495 host: 127.0.0.1
496 port: 35357
497 token: token
498 password: password
499 network:
500 engine: neutron
501 host: 127.0.0.1
502 port: 9696
503 collector:
504 version: 2.2
505 enabled: true
506 bind:
507 address: 127.0.0.1
508 master:
509 host: 127.0.0.1
510 discovery:
511 host: 127.0.0.1
512 data_ttl: 1
513 database:
514 members:
515 - host: 127.0.0.1
516 port: 9160
517 - host: 127.0.0.1
518 port: 9160
519 - host: 127.0.0.1
520 port: 9160
521 database:
522 version: 2.2
523 cassandra:
524 version: 2
525 enabled: true
526 name: 'Contrail'
527 minimum_disk: 10
528 original_token: 0
529 data_dirs:
530 - /var/lib/cassandra
531 id: 1
532 discovery:
533 host: 127.0.0.1
534 bind:
535 host: 127.0.0.1
536 port: 9042
537 rpc_port: 9160
538 members:
539 - host: 127.0.0.1
540 id: 1
541 - host: 127.0.0.1
542 id: 2
543 - host: 127.0.0.1
544 id: 3
545
546
547Compute nodes
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]548-------------
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]549
550Vrouter configuration on a compute node(s)
551
552.. code-block:: yaml
553
554 opencontrail:
555 common:
556 version: 2.2
557 identity:
558 engine: keystone
559 host: 127.0.0.1
560 port: 35357
561 token: token
562 password: password
563 network:
564 engine: neutron
565 host: 127.0.0.1
566 port: 9696
567 compute:
568 version: 2.2
569 enabled: True
Dmitry Stremkovskiy0cb5c562017-07-26 00:32:51 +0300[diff] [blame]570 hostname: node-12.domain.tld
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]571 discovery:
572 host: 127.0.0.1
573 interface:
574 address: 127.0.0.1
575 dev: eth0
576 gateway: 127.0.0.1
577 mask: /24
578 dns: 127.0.0.1
579 mtu: 9000
580
Petr Jediný5f3008a2017-07-31 15:04:05 +0200[diff] [blame]581
582Compute nodes with gateway_mode
583-------------------------------
584
585Gateway mode: can be server/ vcpe (default is none)
586
587.. code-block:: yaml
588
589 opencontrail:
590 compute:
591 gateway_mode: server
592
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]593TSN nodes
594---------
595
596Configure TSN nodes
597
598.. code-block:: yaml
599
600 opencontrail:
601 compute:
602 enabled: true
603 tor:
604 enabled: true
605 bind:
606 port: 8086
607 agent:
608 tor01:
609 id: 0
610 port: 6632
611 host: 127.0.0.1
612 address: 127.0.0.1
613
Petr Jediný5f3008a2017-07-31 15:04:05 +0200[diff] [blame]614
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]615Set up metadata secret for the Vrouter
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]616--------------------------------------
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]617
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]618In order to get cloud-init within the instance to properly fetch
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]619instance metadata, metadata_proxy_secret in the Vrouter agent config
620should match the value in nova.conf. The administrator should define
621it in the pillar:
622
623.. code-block:: yaml
624
625 opencontrail:
626 compute:
627 metadata:
628 secret: opencontrail
629
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]630Add auth info for Barbican on compute nodes
631-------------------------------------------
632
633.. code-block:: yaml
634
635 opencontrail:
636 compute:
637 lbaas:
638 enabled: true
639 secret_manager:
640 engine: barbican
641 identity:
642 user: admin
643 password: "supersecretpassword123"
644 tenant: admin
645
646
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]647Keystone v3
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]648-----------
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]649
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]650To enable support for keystone v3 in opencontrail, there must be defined
651version for config and web role.
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]652
653.. code-block:: yaml
654
655 opencontrail:
656 config:
657 version: 2.2
658 enabled: true
659 ...
660 identity:
661 engine: keystone
662 version: '3'
663 ...
664
665 opencontrail:
666 web:
667 version: 2.2
668 enabled: true
669 ...
670 identity:
671 engine: keystone
672 version: '3'
673 ...
674
marco10cc2212016-04-03 14:21:54 +0200[diff] [blame]675Without Keystone
676----------------
677
678.. code-block:: yaml
679
680 opencontrail:
681 ...
682 common:
683 ...
684 identity:
685 engine: none
686 token: none
687 password: none
688 ...
689 config:
690 ...
691 identity:
692 engine: none
693 password: none
694 token: none
695 ...
696 web:
697 ...
698 identity:
699 engine: none
700 password: none
701 token: none
702 ...
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]703
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]704Kubernetes support
705------------------
706
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]707Kubernetes vrouter nodes
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]708
709Vrouter configuration on a kubernetes node(s)
710
711.. code-block:: yaml
712
713 opencontrail:
714 ...
715 compute:
716 engine: kubernetes
717 ...
718
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100[diff] [blame]719vRouter with separated control plane
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100[diff] [blame]720
721Separate XMPP traffic from dataplane interface.
722
723.. code-block:: yaml
724
725 opencontrail:
726 compute:
727 bind:
728 address: 172.16.0.50
729 ...
730
Petr Jediný439fab32017-07-10 14:33:09 +0200[diff] [blame]731Override RPF default in Contrail API
732------------------------------------
733
734From MCP1.1 with OpenContrail >= 3.1.1 you can override RPF default for newly
735created virtual networks. This can be useful for usecases like running
736Calico and K8S in overlay. The `override_rpf_default_by` has valid values
737`disable`, `enable`. If not defined, the configuration fallbacks to Contrail
738default - currently `enable`.
739
740.. code-block:: yaml
741
742 opencontrail:
743 ...
744 config:
745 override_rpf_default_by: 'disable'
746 ...
747
Petr Jediný01c18822017-11-15 12:30:53 +0100[diff] [blame]748Cassandra GC logging
749--------------------
750
751From Contrail version 3 you can set a way you want to handle Cassandra GC logs.
752The behavior is controlled by `cassandra_gc_logging`. Valid values are
753'rotation' (default), 'legacy' and false.
754
755- 'rotation' is supported by JDK 6u34 7u2 or later and handles rotation of log
756files automatically.
757- 'legacy' is a way to support older JDKs and you will need to handle logs by
758other means. This can be handled for example by using
759`- service.opencontrail.database.cassandra_log_cleanup` in your reclass model.
760- false will disable the cassandra gc logging
761
762.. code-block:: yaml
763
764 opencontrail:
765 ...
766 database:
767 cassandra_gc_logging: false
768 ...
769
Petr Jediný439fab32017-07-10 14:33:09 +0200[diff] [blame]770
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]771Disable Contrail API authentication
772-----------------------------------
773
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]774Contrail version must >= 3.0. It is useful especially for Keystone v3.
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]775
776.. code-block:: yaml
777
778 opencontrail:
779 ...
780 config:
781 multi_tenancy: false
782 ...
783
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]784Switch from on demand to periodic keystone sync
785-----------------------------------------------
786
787This can be useful when you want to sync projects from OpenStack to Contrail
788automatically. The period of sync is 60s.
789
790.. code-block:: yaml
791
792 opencontrail:
793 ...
794 config:
795 identity:
796 sync_on_demand: false
797 ...
798
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]799Cassandra listen interface
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]800--------------------------
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]801
802.. code-block:: yaml
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]803
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]804 database:
805 ....
806 bind:
807 interface: eth0
808 port: 9042
809 rpc_port: 9160
810 ....
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]811
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]812OpenContrail WebUI version >= 3.1.1
813-----------------------------------
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]814For OpenContrail version >= 3.1.1 and Cassandra >= 2.1 we should override WebUI's cassandra port from 9160 to 9042.
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]815
816For appropriate node at class level:
817
818.. code-block:: yaml
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]819
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]820 opencontrail:
821 ....
822 web:
823 database:
824 port: 9042
825 ....
826
827
Jakub Pavlik9a4de012016-12-14 13:23:55 +0100[diff] [blame]828RabbitMQ HA hosts
829------------------
830
831.. code-block:: yaml
832
833 opencontrail:
834 config:
835 message_queue:
836 engine: rabbitmq
837 members:
838 - host: 10.0.16.1
839 - host: 10.0.16.2
840 - host: 10.0.16.3
841 port: 5672
842
843.. code-block:: yaml
844
845 database:
846 ....
847 bind:
848 interface: eth0
849 port: 9042
850 rpc_port: 9160
851 ....
852
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]853DPDK vRouter
854-------------
855
856.. code-block:: yaml
857
858 opencontrail:
859 compute:
860 dpdk:
861 enabled: true
Jakub Pavlik54761d82017-03-08 11:22:37 +0100[diff] [blame]862 taskset: "0x0000003C00003C"
863 socket_mem: "1024,1024"
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]864 interface:
865 mac_address: 90:e2:ba:7c:22:e1
866 pci: 0000:81:00.1
867 ...
868
Marek Celouddbba7ed2017-12-07 10:36:24 +0100[diff] [blame]869Increase number of alarm-gen workers
870------------------------------------
871
872Port prefix will increment used ports by workers starting with 5901.
873
874.. code-block:: yaml
875
876 collector:
877 alarm_gen:
878 workers: 1
879 port_prefix: 59
880
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]881Contrail client
882---------------
883
884Basic parameters with identity and host configs
885
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]886.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]887
888 opencontrail:
889 client:
890 identity:
891 user: admin
892 project: admin
893 password: adminpass
894 host: keystone_host
895 config:
896 host: contrail_api_host
897 port: contrail_api_ort
898
899Enforcing virtual routers
900
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]901.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]902
903 opencontrail:
904 client:
905 ...
906 virtual_router:
907 cmp01:
908 ip_address: 172.16.0.11
909 dpdk_enabled: True
910 cmp02:
911 ip_address: 172.16.0.12
912 dpdk_enabled: True
913
psvimbersky3c84e272018-01-02 10:34:29 +0100[diff] [blame]914
915Enforcing global system config
916
917.. code-block:: yaml
918
919 opencontrail:
920 client:
921 ...
922 global_system_config:
923 name: default-global-system-config
924 asn: 64512
925 grp:
926 enable: true
927 restart_time: 60
928 end_of_rib_timeout: 30
929 bgp_helper_enable: false
930 xmpp_helper_enable: false
931 long_lived_restart_time: 300
932
933
Pavel Svimbersky13cda442017-09-14 14:46:13 +0200[diff] [blame]934Enforcing global vrouter config
935
936.. code-block:: yaml
937
938 opencontrail:
939 client:
940 ...
941 global_vrouter_config:
942 name: global-vrouter-config
943 parent_type: global-system-config
944 encap_priority: "MPLSoUDP,MPLSoGRE"
945 vxlan_vn_id_mode: automatic
946 fq_names:
947 - 'default-global-system-config'
948 - 'default-global-vrouter-config'
949
psvimbersky3c84e272018-01-02 10:34:29 +0100[diff] [blame]950
951
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]952Enforcing control nodes
953
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]954.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]955
956 opencontrail:
957 client:
958 ...
959 bgp_router:
960 ntw01:
961 type: control-node
962 ip_address: 172.16.0.11
963 nwt02:
964 type: control-node
965 ip_address: 172.16.0.12
966 nwt03:
967 type: control-node
968 ip_address: 172.16.0.13
969
970
971Enforcing edge BGP routers
972
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]973.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]974
975 opencontrail:
976 client:
977 ...
978 bgp_router:
979 mx01:
980 type: router
981 ip_address: 172.16.0.21
982 asn: 64512
983 mx02:
984 type: router
985 ip_address: 172.16.0.22
986 asn: 64512
987
988Enforcing config nodes
989
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]990.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]991
992 opencontrail:
993 client:
994 ...
995 config_node:
996 ctl01:
997 ip_address: 172.16.0.21
998 ctl02:
999 ip_address: 172.16.0.22
1000
1001Enforcing database nodes
1002
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]1003.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1004
1005 opencontrail:
1006 client:
1007 ...
1008 database_node:
1009 ntw01:
1010 ip_address: 172.16.0.21
1011 ntw02:
1012 ip_address: 172.16.0.22
1013
1014Enforcing analytics nodes
1015
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]1016.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1017
1018 opencontrail:
1019 client:
1020 ...
1021 analytics_node:
1022 nal01:
1023 ip_address: 172.16.0.31
1024 nal02:
1025 ip_address: 172.16.0.32
1026
Petr Jediný5f3efe32017-05-26 17:55:09 +0200[diff] [blame]1027Enforcing Link Local Services
1028
1029.. code-block:: yaml
1030
1031 opencontrail:
1032 client:
1033 ...
1034 linklocal_service:
1035 # example with dns name address (only one permited)
1036 meta1:
1037 lls_ip: 10.0.0.23
1038 lls_port: 80
1039 ipf_addresses: "meta.example.com"
1040 ipf_port: 80
1041 # example with multiple ip addresses
1042 meta2:
1043 lls_ip: 10.0.0.23
1044 lls_port: 80
1045 ipf_addresses:
1046 - 10.10.10.10
1047 - 10.20.20.20
1048 - 10.30.30.30
1049 ipf_port: 80
1050 # example with one ip address
1051 meta3:
1052 lls_ip: 10.0.0.23
1053 lls_port: 80
1054 ipf_addresses:
1055 - 10.10.10.10
1056 ipf_port: 80
1057 # example with name override
1058 lls_meta4:
1059 name: meta4
1060 lls_ip: 10.0.0.23
1061 lls_port: 80
1062 ipf_addresses:
1063 - 10.10.10.10
1064 ipf_port: 80
1065
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1066
Michel Nederloff5bccda2017-11-20 13:31:38 +0100[diff] [blame]1067Configuring OpenStack default quotasx
1068
1069.. code-block:: yaml
1070 config:
1071 quota:
1072 network: 5
1073 subnet: 10
1074 router: 10
1075 floating_ip: 100
1076 secgroup: 1000
1077 secgroup_rule: 1000
1078 port: 1000
1079 pool: -1
1080 member: -1
1081 health_monitor: -1
1082 vip: -1
1083
1084Enforcing physical routers
1085h
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1086.. code-block:: yaml
1087
1088 opencontrail:
1089 client:
1090 ...
1091 physical_router:
1092 router1:
1093 name: router1
1094 dataplane_ip: 1.2.3.4
1095 management_ip: 1.2.3.4
1096 vendor_name: ovs
1097 product_name: ovs
1098 agents:
1099 - tsn0-0
1100 - tsn0
1101
1102Enforcing physical/logical interfaces for routers
1103
1104
1105.. code-block:: yaml
1106
1107 opencontrail
1108 client:
1109 ...
1110 physical_router:
1111 router1:
1112 ...
1113 interface:
1114 port1:
1115 name: port1
1116 logical_interface:
1117 port1_l:
1118 name: 'port1.0'
1119 vlan_tag: 0
1120 interface_type: L2
1121 virtual_machine_interface:
1122 port1_port:
1123 name: port1_port
1124 ip_address: 192.168.90.107
1125 mac_address: '2e:92:a8:af:c2:21'
1126 security_group: 'default'
1127 virtual_network: 'virtual-network'
1128
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1129
Michel Nederlof5364ab62017-12-11 15:02:25 +0100[diff] [blame]1130Contrail DNS custom forwarders
1131------------------------------
1132
1133By default Contrail uses the /etc/resolv.conf file to determine the upstream DNS servers.
1134This can have some side-affects, like resolving internal DNS entries on you public instances.
1135
1136In order to overrule this default set, you can configure nameservers using pillar data.
1137The formula is then responsible for configuring and generating a alternate resolv.conf file.
1138
1139Note: this has been patched recently in the Contrail distribution of Mirantis:
1140https://github.com/Mirantis/contrail-controller/commit/ed9a25ccbcfebd7d079a93aecc5a1a7bf1265ea4
1141https://github.com/Mirantis/contrail-controller/commit/94c844cf2e9bcfcd48587aec03d10b869e737ade
1142
1143
1144To change forwarders for the default-dns option (which is handled by compute nodes):
1145
1146.. code-block:: yaml
1147
1148 compute:
1149 ....
1150 dns:
1151 forwarders:
1152 - 8.8.8.8
1153 - 8.8.4.4
1154 ....
1155
1156To change forwarders for vDNS zones (handled by control nodes):
1157
1158.. code-block:: yaml
1159
1160 control:
1161 ....
1162 dns:
1163 forwarders:
1164 - 8.8.8.8
1165 - 8.8.4.4
1166 ....
1167
Michel Nederloff5bccda2017-11-20 13:31:38 +0100[diff] [blame]1168
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1169Usage
1170=====
1171
1172Basic installation
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1173------------------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1174
1175Add control BGP
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1176
1177.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1178
1179 python /etc/contrail/provision_control.py --api_server_ip 192.168.1.11 --api_server_port 8082 --host_name network1.contrail.domain.com --host_ip 192.168.1.11 --router_asn 64512
1180
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1181Install compute node
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1182
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1183.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1184
1185 yum install contrail-vrouter contrail-openstack-vrouter
1186
1187 salt-call state.sls nova,opencontrail
1188
1189Add virtual router
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1190
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1191.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1192
1193 python /etc/contrail/provision_vrouter.py --host_name hostnode1.intra.domain.com --host_ip 10.0.100.101 --api_server_ip 10.0.100.30 --oper add --admin_user admin --admin_password cloudlab --admin_tenant_name admin
1194
1195 /etc/sysconfig/network-scripts/ifcfg-bond0 -- comment GATEWAY,NETMASK,IPADDR
1196
1197 reboot
1198
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]1199Debugging
1200---------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1201
1202Display vhost XMPP connection status
1203
1204You should see the correct controller_ip and state should be established.
1205
1206 http://<compute-node>:8085/Snh_AgentXmppConnectionStatusReq?
1207
1208Display vrouter interface status
1209
1210When vrf_name = ---ERROR--- then something goes wrong
1211
1212 http://<compute-node>:8085/Snh_ItfReq?name=
1213
1214Display IF MAP table
1215
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1216Look for neighbours, if VM has 2, it's ok
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1217
1218 http://<control-node>:8083/Snh_IFMapTableShowReq?table_name=
1219
1220Trace XMPP requests
1221
1222 http://<compute-node>:8085/Snh_SandeshTraceRequest?x=XmppMessageTrace
1223
Filip Pytlounf6b79d42017-02-02 13:02:03 +0100[diff] [blame]1224
1225Documentation and Bugs
1226======================
1227
1228To learn how to install and update salt-formulas, consult the documentation
1229available online at:
1230
1231 http://salt-formulas.readthedocs.io/
1232
1233In the unfortunate event that bugs are discovered, they should be reported to
1234the appropriate issue tracker. Use Github issue tracker for specific salt
1235formula:
1236
1237 https://github.com/salt-formulas/salt-formula-opencontrail/issues
1238
1239For feature requests, bug reports or blueprints affecting entire ecosystem,
1240use Launchpad salt-formulas project:
1241
1242 https://launchpad.net/salt-formulas
1243
1244You can also join salt-formulas-users team and subscribe to mailing list:
1245
1246 https://launchpad.net/~salt-formulas-users
1247
1248Developers wishing to work on the salt-formulas projects should always base
1249their work on master branch and submit pull request against specific formula.
1250
1251 https://github.com/salt-formulas/salt-formula-opencontrail
1252
1253Any questions or feedback is always welcome so feel free to join our IRC
1254channel:
1255
1256 #salt-formulas @ irc.freenode.net