Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / opencontrail / 579e64d94eca05948ce2f0fe19a7224786dab5d3 / . / README.rst
blob: a17fe13ab766e563ab65488b121d4f35d85ea4f8 [file] [log] [blame]
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1============
2OpenContrail
3============
4
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]5Contrail Controller is an open, standards-based software solution that
6delivers network virtualization and service automation for federated cloud
7networks. It provides self-service provisioning, improves network
8troubleshooting and diagnostics, and enables service chaining for dynamic
9application environments across enterprise virtual private cloud (VPC),
10managed Infrastructure as a Service (IaaS), and Networks Functions
11Virtualization (NFV) use cases.
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]12
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]13
Petr Michalec579e64d2017-03-24 12:54:29 +0100[diff] [blame^]14Package source
15==============
16Formula support OpenContrail as well as Juniper Contrail package repository in the backend.
17
18Differences withing the configuration and state run are controlled by
19``opencontrail.common.vendor: [opencontrail|juniper]`` pillar attribute.
20
21Default value is set to ``opencontrail``.
22
23Juniper releases tested with this formula:
24 - 3.0.2.x
25
26To use Juniper Contrail repository as a source of packages override pillar as in this example:
27
28.. code-block:: yaml
29
30 opencontrail:
31 common:
32 vendor: juniper
33
34
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]35Sample pillars
36==============
37
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]38Controller nodes
39----------------
40
41There are several scenarios for OpenContrail control plane.
42
43All-in-one single
44~~~~~~~~~~~~~~~~~
45
46Config, control, analytics, database, web -- altogether on one node.
47
48.. code-block:: yaml
49
50 opencontrail:
51 common:
52 version: 2.2
53 source:
54 engine: pkg
55 address: http://mirror.robotice.cz/contrail-havana/
56 identity:
57 engine: keystone
58 host: 127.0.0.1
59 port: 35357
60 token: token
61 password: password
62 network:
63 engine: neutron
64 host: 127.0.0.1
65 port: 9696
66 config:
67 version: 2.2
68 enabled: true
69 network:
70 engine: neutron
71 host: 127.0.0.1
72 port: 9696
73 discovery:
74 host: 127.0.0.1
75 analytics:
76 host: 127.0.0.1
77 bind:
78 address: 127.0.0.1
79 message_queue:
80 engine: rabbitmq
81 host: 127.0.0.1
82 port: 5672
83 database:
84 members:
85 - host: 127.0.0.1
86 port: 9160
87 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]88 members:
89 - host: 127.0.0.1
90 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]91 identity:
92 engine: keystone
93 version: '2.0'
94 region: RegionOne
95 host: 127.0.0.1
96 port: 35357
97 user: admin
98 password: password
99 token: token
100 tenant: admin
101 members:
102 - host: 127.0.0.1
103 id: 1
104 control:
105 version: 2.2
106 enabled: true
107 bind:
108 address: 127.0.0.1
109 discovery:
110 host: 127.0.0.1
111 master:
112 host: 127.0.0.1
113 members:
114 - host: 127.0.0.1
115 id: 1
116 collector:
117 version: 2.2
118 enabled: true
119 bind:
120 address: 127.0.0.1
121 master:
122 host: 127.0.0.1
123 discovery:
124 host: 127.0.0.1
125 data_ttl: 2
126 database:
127 members:
128 - host: 127.0.0.1
129 port: 9160
130 database:
131 version: 2.2
132 cassandra:
133 version: 2
134 enabled: true
135 minimum_disk: 10
136 name: 'Contrail'
137 original_token: 0
138 data_dirs:
139 - /var/lib/cassandra
140 id: 1
141 discovery:
142 host: 127.0.0.1
143 bind:
144 host: 127.0.0.1
145 port: 9042
146 rpc_port: 9160
147 members:
148 - host: 127.0.0.1
149 id: 1
150 web:
151 version: 2.2
152 enabled: True
153 bind:
154 address: 127.0.0.1
155 analytics:
156 host: 127.0.0.1
157 master:
158 host: 127.0.0.1
159 cache:
160 engine: redis
161 host: 127.0.0.1
162 port: 6379
163 members:
164 - host: 127.0.0.1
165 id: 1
166 identity:
167 engine: keystone
168 version: '2.0'
169 host: 127.0.0.1
170 port: 35357
171 user: admin
172 password: password
173 token: token
174 tenant: admin
175
176
177All-in-one cluster
178~~~~~~~~~~~~~~~~~~
179
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]180Config, control, analytics, database, web -- altogether, clustered on multiple
181nodes.
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]182
183.. code-block:: yaml
184
185 opencontrail:
186 common:
187 version: 2.2
188 source:
189 engine: pkg
190 address: http://mirror.robotice.cz/contrail-havana/
191 identity:
192 engine: keystone
193 host: 127.0.0.1
194 port: 35357
195 token: token
196 password: password
197 network:
198 engine: neutron
199 host: 127.0.0.1
200 port: 9696
201 config:
202 version: 2.2
203 enabled: true
204 network:
205 engine: neutron
206 host: 127.0.0.1
207 port: 9696
208 discovery:
209 host: 127.0.0.1
210 analytics:
211 host: 127.0.0.1
212 bind:
213 address: 127.0.0.1
214 message_queue:
215 engine: rabbitmq
216 host: 127.0.0.1
217 port: 5672
218 database:
219 members:
220 - host: 127.0.0.1
221 port: 9160
222 - host: 127.0.0.1
223 port: 9160
224 - host: 127.0.0.1
225 port: 9160
226 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]227 members:
228 - host: 127.0.0.1
229 port: 11211
230 - host: 127.0.0.1
231 port: 11211
232 - host: 127.0.0.1
233 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]234 identity:
235 engine: keystone
236 version: '2.0'
237 region: RegionOne
238 host: 127.0.0.1
239 port: 35357
240 user: admin
241 password: password
242 token: token
243 tenant: admin
244 members:
245 - host: 127.0.0.1
246 id: 1
247 - host: 127.0.0.1
248 id: 2
249 - host: 127.0.0.1
250 id: 3
251 control:
252 version: 2.2
253 enabled: true
254 bind:
255 address: 127.0.0.1
256 discovery:
257 host: 127.0.0.1
258 master:
259 host: 127.0.0.1
260 members:
261 - host: 127.0.0.1
262 id: 1
263 - host: 127.0.0.1
264 id: 2
265 - host: 127.0.0.1
266 id: 3
267 collector:
268 version: 2.2
269 enabled: true
270 bind:
271 address: 127.0.0.1
272 master:
273 host: 127.0.0.1
274 discovery:
275 host: 127.0.0.1
276 data_ttl: 1
277 database:
278 members:
279 - host: 127.0.0.1
280 port: 9160
281 - host: 127.0.0.1
282 port: 9160
283 - host: 127.0.0.1
284 port: 9160
285 database:
286 version: 2.2
287 cassandra:
288 version: 2
289 enabled: true
290 name: 'Contrail'
291 minimum_disk: 10
292 original_token: 0
293 data_dirs:
294 - /var/lib/cassandra
295 id: 1
296 discovery:
297 host: 127.0.0.1
298 bind:
299 host: 127.0.0.1
300 port: 9042
301 rpc_port: 9160
302 members:
303 - host: 127.0.0.1
304 id: 1
305 - host: 127.0.0.1
306 id: 2
307 - host: 127.0.0.1
308 id: 3
309 web:
310 version: 2.2
311 enabled: True
312 bind:
313 address: 127.0.0.1
314 master:
315 host: 127.0.0.1
316 analytics:
317 host: 127.0.0.1
318 cache:
319 engine: redis
320 host: 127.0.0.1
321 port: 6379
322 members:
323 - host: 127.0.0.1
324 id: 1
325 - host: 127.0.0.1
326 id: 2
327 - host: 127.0.0.1
328 id: 3
329 identity:
330 engine: keystone
331 version: '2.0'
332 host: 127.0.0.1
333 port: 35357
334 user: admin
335 password: password
336 token: token
337 tenant: admin
338
339
340Separated analytics from control and config
341~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
342
343Config, control, database, web.
344
345.. code-block:: yaml
346
347 opencontrail:
348 common:
349 version: 2.2
350 identity:
351 engine: keystone
352 host: 127.0.0.1
353 port: 35357
354 token: token
355 password: password
356 network:
357 engine: neutron
358 host: 127.0.0.1
359 port: 9696
360 config:
361 version: 2.2
362 enabled: true
363 network:
364 engine: neutron
365 host: 127.0.0.1
366 port: 9696
367 discovery:
368 host: 127.0.0.1
369 analytics:
370 host: 127.0.0.1
371 bind:
372 address: 127.0.0.1
373 message_queue:
374 engine: rabbitmq
375 host: 127.0.0.1
376 port: 5672
377 database:
378 members:
379 - host: 127.0.0.1
380 port: 9160
381 - host: 127.0.0.1
382 port: 9160
383 - host: 127.0.0.1
384 port: 9160
385 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]386 members:
387 - host: 127.0.0.1
388 port: 11211
389 - host: 127.0.0.1
390 port: 11211
391 - host: 127.0.0.1
392 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]393 identity:
394 engine: keystone
395 version: '2.0'
396 region: RegionOne
397 host: 127.0.0.1
398 port: 35357
399 user: admin
400 password: password
401 token: token
402 tenant: admin
403 members:
404 - host: 127.0.0.1
405 id: 1
406 - host: 127.0.0.1
407 id: 2
408 - host: 127.0.0.1
409 id: 3
410 control:
411 version: 2.2
412 enabled: true
413 bind:
414 address: 127.0.0.1
415 discovery:
416 host: 127.0.0.1
417 master:
418 host: 127.0.0.1
419 members:
420 - host: 127.0.0.1
421 id: 1
422 - host: 127.0.0.1
423 id: 2
424 - host: 127.0.0.1
425 id: 3
426 database:
427 version: 127.0.0.1
428 cassandra:
429 version: 2
430 enabled: true
431 name: 'Contrail'
432 minimum_disk: 10
433 original_token: 0
434 data_dirs:
435 - /var/lib/cassandra
436 id: 1
437 discovery:
438 host: 127.0.0.1
439 bind:
440 host: 127.0.0.1
441 port: 9042
442 rpc_port: 9160
443 members:
444 - host: 127.0.0.1
445 id: 1
446 - host: 127.0.0.1
447 id: 2
448 - host: 127.0.0.1
449 id: 3
450 web:
451 version: 2.2
452 enabled: True
453 bind:
454 address: 127.0.0.1
455 analytics:
456 host: 127.0.0.1
457 master:
458 host: 127.0.0.1
459 cache:
460 engine: redis
461 host: 127.0.0.1
462 port: 6379
463 members:
464 - host: 127.0.0.1
465 id: 1
466 - host: 127.0.0.1
467 id: 2
468 - host: 127.0.0.1
469 id: 3
470 identity:
471 engine: keystone
472 version: '2.0'
473 host: 127.0.0.1
474 port: 35357
475 user: admin
476 password: password
477 token: token
478 tenant: admin
479
480
481Analytic nodes
482----------------
483
484Analytics and database on an analytic node(s)
485
486.. code-block:: yaml
487
488 opencontrail:
489 common:
490 version: 2.2
491 identity:
492 engine: keystone
493 host: 127.0.0.1
494 port: 35357
495 token: token
496 password: password
497 network:
498 engine: neutron
499 host: 127.0.0.1
500 port: 9696
501 collector:
502 version: 2.2
503 enabled: true
504 bind:
505 address: 127.0.0.1
506 master:
507 host: 127.0.0.1
508 discovery:
509 host: 127.0.0.1
510 data_ttl: 1
511 database:
512 members:
513 - host: 127.0.0.1
514 port: 9160
515 - host: 127.0.0.1
516 port: 9160
517 - host: 127.0.0.1
518 port: 9160
519 database:
520 version: 2.2
521 cassandra:
522 version: 2
523 enabled: true
524 name: 'Contrail'
525 minimum_disk: 10
526 original_token: 0
527 data_dirs:
528 - /var/lib/cassandra
529 id: 1
530 discovery:
531 host: 127.0.0.1
532 bind:
533 host: 127.0.0.1
534 port: 9042
535 rpc_port: 9160
536 members:
537 - host: 127.0.0.1
538 id: 1
539 - host: 127.0.0.1
540 id: 2
541 - host: 127.0.0.1
542 id: 3
543
544
545Compute nodes
546----------------
547
548Vrouter configuration on a compute node(s)
549
550.. code-block:: yaml
551
552 opencontrail:
553 common:
554 version: 2.2
555 identity:
556 engine: keystone
557 host: 127.0.0.1
558 port: 35357
559 token: token
560 password: password
561 network:
562 engine: neutron
563 host: 127.0.0.1
564 port: 9696
565 compute:
566 version: 2.2
567 enabled: True
568 discovery:
569 host: 127.0.0.1
570 interface:
571 address: 127.0.0.1
572 dev: eth0
573 gateway: 127.0.0.1
574 mask: /24
575 dns: 127.0.0.1
576 mtu: 9000
577
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]578Keystone v3
579-------------
580
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]581To enable support for keystone v3 in opencontrail, there must be defined
582version for config and web role.
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]583
584.. code-block:: yaml
585
586 opencontrail:
587 config:
588 version: 2.2
589 enabled: true
590 ...
591 identity:
592 engine: keystone
593 version: '3'
594 ...
595
596 opencontrail:
597 web:
598 version: 2.2
599 enabled: true
600 ...
601 identity:
602 engine: keystone
603 version: '3'
604 ...
605
marco10cc2212016-04-03 14:21:54 +0200[diff] [blame]606Without Keystone
607----------------
608
609.. code-block:: yaml
610
611 opencontrail:
612 ...
613 common:
614 ...
615 identity:
616 engine: none
617 token: none
618 password: none
619 ...
620 config:
621 ...
622 identity:
623 engine: none
624 password: none
625 token: none
626 ...
627 web:
628 ...
629 identity:
630 engine: none
631 password: none
632 token: none
633 ...
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]634
635Kubernetes vrouter nodes
636------------------------
637
638Vrouter configuration on a kubernetes node(s)
639
640.. code-block:: yaml
641
642 opencontrail:
643 ...
644 compute:
645 engine: kubernetes
646 ...
647
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100[diff] [blame]648vRouter with separated control plane
649------------------------------------
650
651Separate XMPP traffic from dataplane interface.
652
653.. code-block:: yaml
654
655 opencontrail:
656 compute:
657 bind:
658 address: 172.16.0.50
659 ...
660
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]661Disable Contrail API authentication
662-----------------------------------
663
664Contrail version must >=3.0. It is useful especially for Keystone v3.
665
666.. code-block:: yaml
667
668 opencontrail:
669 ...
670 config:
671 multi_tenancy: false
672 ...
673
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]674Cassandra listen interface
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]675--------------------------
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]676
677.. code-block:: yaml
678
679 database:
680 ....
681 bind:
682 interface: eth0
683 port: 9042
684 rpc_port: 9160
685 ....
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]686
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]687OpenContrail WebUI version >= 3.1.1
688-----------------------------------
689For OpenContrail version >= 3.1.1 and Cassandra >=2.1 we should override WebUI's cassandra port from 9160 to 9042.
690
691For appropriate node at class level:
692
693.. code-block:: yaml
694 opencontrail:
695 ....
696 web:
697 database:
698 port: 9042
699 ....
700
701
Jakub Pavlik9a4de012016-12-14 13:23:55 +0100[diff] [blame]702RabbitMQ HA hosts
703------------------
704
705.. code-block:: yaml
706
707 opencontrail:
708 config:
709 message_queue:
710 engine: rabbitmq
711 members:
712 - host: 10.0.16.1
713 - host: 10.0.16.2
714 - host: 10.0.16.3
715 port: 5672
716
717.. code-block:: yaml
718
719 database:
720 ....
721 bind:
722 interface: eth0
723 port: 9042
724 rpc_port: 9160
725 ....
726
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]727DPDK vRouter
728-------------
729
730.. code-block:: yaml
731
732 opencontrail:
733 compute:
734 dpdk:
735 enabled: true
Jakub Pavlik54761d82017-03-08 11:22:37 +0100[diff] [blame]736 taskset: "0x0000003C00003C"
737 socket_mem: "1024,1024"
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]738 interface:
739 mac_address: 90:e2:ba:7c:22:e1
740 pci: 0000:81:00.1
741 ...
742
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]743Contrail client
744---------------
745
746Basic parameters with identity and host configs
747
748.. code-block:: bash
749
750 opencontrail:
751 client:
752 identity:
753 user: admin
754 project: admin
755 password: adminpass
756 host: keystone_host
757 config:
758 host: contrail_api_host
759 port: contrail_api_ort
760
761Enforcing virtual routers
762
763.. code-block:: bash
764
765 opencontrail:
766 client:
767 ...
768 virtual_router:
769 cmp01:
770 ip_address: 172.16.0.11
771 dpdk_enabled: True
772 cmp02:
773 ip_address: 172.16.0.12
774 dpdk_enabled: True
775
776Enforcing control nodes
777
778.. code-block:: bash
779
780 opencontrail:
781 client:
782 ...
783 bgp_router:
784 ntw01:
785 type: control-node
786 ip_address: 172.16.0.11
787 nwt02:
788 type: control-node
789 ip_address: 172.16.0.12
790 nwt03:
791 type: control-node
792 ip_address: 172.16.0.13
793
794
795Enforcing edge BGP routers
796
797.. code-block:: bash
798
799 opencontrail:
800 client:
801 ...
802 bgp_router:
803 mx01:
804 type: router
805 ip_address: 172.16.0.21
806 asn: 64512
807 mx02:
808 type: router
809 ip_address: 172.16.0.22
810 asn: 64512
811
812Enforcing config nodes
813
814.. code-block:: bash
815
816 opencontrail:
817 client:
818 ...
819 config_node:
820 ctl01:
821 ip_address: 172.16.0.21
822 ctl02:
823 ip_address: 172.16.0.22
824
825Enforcing database nodes
826
827.. code-block:: bash
828
829 opencontrail:
830 client:
831 ...
832 database_node:
833 ntw01:
834 ip_address: 172.16.0.21
835 ntw02:
836 ip_address: 172.16.0.22
837
838Enforcing analytics nodes
839
840.. code-block:: bash
841
842 opencontrail:
843 client:
844 ...
845 analytics_node:
846 nal01:
847 ip_address: 172.16.0.31
848 nal02:
849 ip_address: 172.16.0.32
850
851
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]852Usage
853=====
854
855Basic installation
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]856------------------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]857
858Add control BGP
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]859
860.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]861
862 python /etc/contrail/provision_control.py --api_server_ip 192.168.1.11 --api_server_port 8082 --host_name network1.contrail.domain.com --host_ip 192.168.1.11 --router_asn 64512
863
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]864Install compute node
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]865
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]866.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]867
868 yum install contrail-vrouter contrail-openstack-vrouter
869
870 salt-call state.sls nova,opencontrail
871
872Add virtual router
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]873
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]874.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]875
876 python /etc/contrail/provision_vrouter.py --host_name hostnode1.intra.domain.com --host_ip 10.0.100.101 --api_server_ip 10.0.100.30 --oper add --admin_user admin --admin_password cloudlab --admin_tenant_name admin
877
878 /etc/sysconfig/network-scripts/ifcfg-bond0 -- comment GATEWAY,NETMASK,IPADDR
879
880 reboot
881
882Service debugging
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]883-----------------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]884
885Display vhost XMPP connection status
886
887You should see the correct controller_ip and state should be established.
888
889 http://<compute-node>:8085/Snh_AgentXmppConnectionStatusReq?
890
891Display vrouter interface status
892
893When vrf_name = ---ERROR--- then something goes wrong
894
895 http://<compute-node>:8085/Snh_ItfReq?name=
896
897Display IF MAP table
898
899Look for neighbours, if VM has 2, it's ok
900
901 http://<control-node>:8083/Snh_IFMapTableShowReq?table_name=
902
903Trace XMPP requests
904
905 http://<compute-node>:8085/Snh_SandeshTraceRequest?x=XmppMessageTrace
906
Filip Pytlounf6b79d42017-02-02 13:02:03 +0100[diff] [blame]907
908Documentation and Bugs
909======================
910
911To learn how to install and update salt-formulas, consult the documentation
912available online at:
913
914 http://salt-formulas.readthedocs.io/
915
916In the unfortunate event that bugs are discovered, they should be reported to
917the appropriate issue tracker. Use Github issue tracker for specific salt
918formula:
919
920 https://github.com/salt-formulas/salt-formula-opencontrail/issues
921
922For feature requests, bug reports or blueprints affecting entire ecosystem,
923use Launchpad salt-formulas project:
924
925 https://launchpad.net/salt-formulas
926
927You can also join salt-formulas-users team and subscribe to mailing list:
928
929 https://launchpad.net/~salt-formulas-users
930
931Developers wishing to work on the salt-formulas projects should always base
932their work on master branch and submit pull request against specific formula.
933
934 https://github.com/salt-formulas/salt-formula-opencontrail
935
936Any questions or feedback is always welcome so feel free to join our IRC
937channel:
938
939 #salt-formulas @ irc.freenode.net