Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / opencontrail / dbba7ed2b7f3a88c8d765c1c1b4a9ffa678cf5e4 / . / README.rst
blob: 8e3f7dfdb7f10a7ba800b6a830e9f7670f566976 [file] [log] [blame]
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]1====================
2OpenContrail Formula
3====================
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]4
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]5Contrail Controller is an open, standards-based software solution that
6delivers network virtualization and service automation for federated cloud
7networks. It provides self-service provisioning, improves network
8troubleshooting and diagnostics, and enables service chaining for dynamic
9application environments across enterprise virtual private cloud (VPC),
10managed Infrastructure as a Service (IaaS), and Networks Functions
11Virtualization (NFV) use cases.
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]12
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]13
Petr Michalec579e64d2017-03-24 12:54:29 +0100[diff] [blame]14Package source
15==============
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]16
Petr Michalec579e64d2017-03-24 12:54:29 +0100[diff] [blame]17Formula support OpenContrail as well as Juniper Contrail package repository in the backend.
18
19Differences withing the configuration and state run are controlled by
20``opencontrail.common.vendor: [opencontrail|juniper]`` pillar attribute.
21
22Default value is set to ``opencontrail``.
23
24Juniper releases tested with this formula:
25 - 3.0.2.x
26
27To use Juniper Contrail repository as a source of packages override pillar as in this example:
28
29.. code-block:: yaml
30
31 opencontrail:
32 common:
33 vendor: juniper
34
35
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]36Sample Pillars
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]37==============
38
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]39Controller nodes
40----------------
41
42There are several scenarios for OpenContrail control plane.
43
44All-in-one single
45~~~~~~~~~~~~~~~~~
46
47Config, control, analytics, database, web -- altogether on one node.
48
49.. code-block:: yaml
50
51 opencontrail:
52 common:
53 version: 2.2
54 source:
55 engine: pkg
56 address: http://mirror.robotice.cz/contrail-havana/
57 identity:
58 engine: keystone
59 host: 127.0.0.1
60 port: 35357
61 token: token
62 password: password
63 network:
64 engine: neutron
65 host: 127.0.0.1
66 port: 9696
67 config:
68 version: 2.2
69 enabled: true
70 network:
71 engine: neutron
72 host: 127.0.0.1
73 port: 9696
74 discovery:
75 host: 127.0.0.1
76 analytics:
77 host: 127.0.0.1
78 bind:
79 address: 127.0.0.1
80 message_queue:
81 engine: rabbitmq
82 host: 127.0.0.1
83 port: 5672
84 database:
85 members:
86 - host: 127.0.0.1
87 port: 9160
88 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]89 members:
90 - host: 127.0.0.1
91 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]92 identity:
93 engine: keystone
94 version: '2.0'
95 region: RegionOne
96 host: 127.0.0.1
97 port: 35357
98 user: admin
99 password: password
100 token: token
101 tenant: admin
102 members:
103 - host: 127.0.0.1
104 id: 1
Dmitry Stremkovskiy841fee32017-09-01 18:08:41 +0300[diff] [blame]105 rootlogger: "INFO, CONSOLE"
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]106 control:
107 version: 2.2
108 enabled: true
109 bind:
110 address: 127.0.0.1
111 discovery:
112 host: 127.0.0.1
113 master:
114 host: 127.0.0.1
115 members:
116 - host: 127.0.0.1
117 id: 1
118 collector:
119 version: 2.2
120 enabled: true
121 bind:
122 address: 127.0.0.1
123 master:
124 host: 127.0.0.1
125 discovery:
126 host: 127.0.0.1
127 data_ttl: 2
128 database:
129 members:
130 - host: 127.0.0.1
131 port: 9160
132 database:
133 version: 2.2
134 cassandra:
135 version: 2
136 enabled: true
137 minimum_disk: 10
138 name: 'Contrail'
139 original_token: 0
Dmitry Stremkovskiy2a079c72017-07-12 23:11:18 +0300[diff] [blame]140 compaction_throughput_mb_per_sec: 16
Dmitry Stremkovskiy71b310a2017-08-11 20:39:11 +0300[diff] [blame]141 concurrent_compactors: 1
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]142 data_dirs:
143 - /var/lib/cassandra
144 id: 1
145 discovery:
146 host: 127.0.0.1
147 bind:
148 host: 127.0.0.1
149 port: 9042
150 rpc_port: 9160
151 members:
152 - host: 127.0.0.1
153 id: 1
154 web:
155 version: 2.2
156 enabled: True
157 bind:
158 address: 127.0.0.1
159 analytics:
160 host: 127.0.0.1
161 master:
162 host: 127.0.0.1
163 cache:
164 engine: redis
165 host: 127.0.0.1
166 port: 6379
167 members:
168 - host: 127.0.0.1
169 id: 1
170 identity:
171 engine: keystone
172 version: '2.0'
173 host: 127.0.0.1
174 port: 35357
175 user: admin
176 password: password
177 token: token
178 tenant: admin
179
180
181All-in-one cluster
182~~~~~~~~~~~~~~~~~~
183
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]184Config, control, analytics, database, web -- altogether, clustered on multiple
185nodes.
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]186
187.. code-block:: yaml
188
189 opencontrail:
190 common:
191 version: 2.2
192 source:
193 engine: pkg
194 address: http://mirror.robotice.cz/contrail-havana/
195 identity:
196 engine: keystone
197 host: 127.0.0.1
198 port: 35357
199 token: token
200 password: password
201 network:
202 engine: neutron
203 host: 127.0.0.1
204 port: 9696
205 config:
206 version: 2.2
207 enabled: true
208 network:
209 engine: neutron
210 host: 127.0.0.1
211 port: 9696
212 discovery:
213 host: 127.0.0.1
214 analytics:
215 host: 127.0.0.1
216 bind:
217 address: 127.0.0.1
218 message_queue:
219 engine: rabbitmq
220 host: 127.0.0.1
221 port: 5672
222 database:
223 members:
224 - host: 127.0.0.1
225 port: 9160
226 - host: 127.0.0.1
227 port: 9160
228 - host: 127.0.0.1
229 port: 9160
230 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]231 members:
232 - host: 127.0.0.1
233 port: 11211
234 - host: 127.0.0.1
235 port: 11211
236 - host: 127.0.0.1
237 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]238 identity:
239 engine: keystone
240 version: '2.0'
241 region: RegionOne
242 host: 127.0.0.1
243 port: 35357
244 user: admin
245 password: password
246 token: token
247 tenant: admin
248 members:
249 - host: 127.0.0.1
250 id: 1
251 - host: 127.0.0.1
252 id: 2
253 - host: 127.0.0.1
254 id: 3
255 control:
256 version: 2.2
257 enabled: true
258 bind:
259 address: 127.0.0.1
260 discovery:
261 host: 127.0.0.1
262 master:
263 host: 127.0.0.1
264 members:
265 - host: 127.0.0.1
266 id: 1
267 - host: 127.0.0.1
268 id: 2
269 - host: 127.0.0.1
270 id: 3
271 collector:
272 version: 2.2
273 enabled: true
274 bind:
275 address: 127.0.0.1
276 master:
277 host: 127.0.0.1
278 discovery:
279 host: 127.0.0.1
280 data_ttl: 1
281 database:
282 members:
283 - host: 127.0.0.1
284 port: 9160
285 - host: 127.0.0.1
286 port: 9160
287 - host: 127.0.0.1
288 port: 9160
289 database:
290 version: 2.2
291 cassandra:
292 version: 2
293 enabled: true
294 name: 'Contrail'
295 minimum_disk: 10
296 original_token: 0
297 data_dirs:
298 - /var/lib/cassandra
299 id: 1
300 discovery:
301 host: 127.0.0.1
302 bind:
303 host: 127.0.0.1
304 port: 9042
305 rpc_port: 9160
306 members:
307 - host: 127.0.0.1
308 id: 1
309 - host: 127.0.0.1
310 id: 2
311 - host: 127.0.0.1
312 id: 3
313 web:
314 version: 2.2
315 enabled: True
316 bind:
317 address: 127.0.0.1
318 master:
319 host: 127.0.0.1
320 analytics:
321 host: 127.0.0.1
322 cache:
323 engine: redis
324 host: 127.0.0.1
325 port: 6379
326 members:
327 - host: 127.0.0.1
328 id: 1
329 - host: 127.0.0.1
330 id: 2
331 - host: 127.0.0.1
332 id: 3
333 identity:
334 engine: keystone
335 version: '2.0'
336 host: 127.0.0.1
337 port: 35357
338 user: admin
339 password: password
340 token: token
341 tenant: admin
342
343
344Separated analytics from control and config
345~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
346
347Config, control, database, web.
348
349.. code-block:: yaml
350
351 opencontrail:
352 common:
353 version: 2.2
354 identity:
355 engine: keystone
356 host: 127.0.0.1
357 port: 35357
358 token: token
359 password: password
360 network:
361 engine: neutron
362 host: 127.0.0.1
363 port: 9696
364 config:
365 version: 2.2
366 enabled: true
367 network:
368 engine: neutron
369 host: 127.0.0.1
370 port: 9696
371 discovery:
372 host: 127.0.0.1
373 analytics:
374 host: 127.0.0.1
375 bind:
376 address: 127.0.0.1
377 message_queue:
378 engine: rabbitmq
379 host: 127.0.0.1
380 port: 5672
381 database:
382 members:
383 - host: 127.0.0.1
384 port: 9160
385 - host: 127.0.0.1
386 port: 9160
387 - host: 127.0.0.1
388 port: 9160
389 cache:
Jakub Pavlikd1a059e2016-07-13 23:08:33 +0200[diff] [blame]390 members:
391 - host: 127.0.0.1
392 port: 11211
393 - host: 127.0.0.1
394 port: 11211
395 - host: 127.0.0.1
396 port: 11211
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]397 identity:
398 engine: keystone
399 version: '2.0'
400 region: RegionOne
401 host: 127.0.0.1
402 port: 35357
403 user: admin
404 password: password
405 token: token
406 tenant: admin
407 members:
408 - host: 127.0.0.1
409 id: 1
410 - host: 127.0.0.1
411 id: 2
412 - host: 127.0.0.1
413 id: 3
414 control:
415 version: 2.2
416 enabled: true
417 bind:
418 address: 127.0.0.1
419 discovery:
420 host: 127.0.0.1
421 master:
422 host: 127.0.0.1
423 members:
424 - host: 127.0.0.1
425 id: 1
426 - host: 127.0.0.1
427 id: 2
428 - host: 127.0.0.1
429 id: 3
430 database:
431 version: 127.0.0.1
432 cassandra:
433 version: 2
434 enabled: true
435 name: 'Contrail'
436 minimum_disk: 10
437 original_token: 0
438 data_dirs:
439 - /var/lib/cassandra
440 id: 1
441 discovery:
442 host: 127.0.0.1
443 bind:
444 host: 127.0.0.1
445 port: 9042
446 rpc_port: 9160
447 members:
448 - host: 127.0.0.1
449 id: 1
450 - host: 127.0.0.1
451 id: 2
452 - host: 127.0.0.1
453 id: 3
454 web:
455 version: 2.2
456 enabled: True
457 bind:
458 address: 127.0.0.1
459 analytics:
460 host: 127.0.0.1
461 master:
462 host: 127.0.0.1
463 cache:
464 engine: redis
465 host: 127.0.0.1
466 port: 6379
467 members:
468 - host: 127.0.0.1
469 id: 1
470 - host: 127.0.0.1
471 id: 2
472 - host: 127.0.0.1
473 id: 3
474 identity:
475 engine: keystone
476 version: '2.0'
477 host: 127.0.0.1
478 port: 35357
479 user: admin
480 password: password
481 token: token
482 tenant: admin
483
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]484Analytic nodes
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]485
486Analytics and database on an analytic node(s)
487
488.. code-block:: yaml
489
490 opencontrail:
491 common:
492 version: 2.2
493 identity:
494 engine: keystone
495 host: 127.0.0.1
496 port: 35357
497 token: token
498 password: password
499 network:
500 engine: neutron
501 host: 127.0.0.1
502 port: 9696
503 collector:
504 version: 2.2
505 enabled: true
506 bind:
507 address: 127.0.0.1
508 master:
509 host: 127.0.0.1
510 discovery:
511 host: 127.0.0.1
512 data_ttl: 1
513 database:
514 members:
515 - host: 127.0.0.1
516 port: 9160
517 - host: 127.0.0.1
518 port: 9160
519 - host: 127.0.0.1
520 port: 9160
521 database:
522 version: 2.2
523 cassandra:
524 version: 2
525 enabled: true
526 name: 'Contrail'
527 minimum_disk: 10
528 original_token: 0
529 data_dirs:
530 - /var/lib/cassandra
531 id: 1
532 discovery:
533 host: 127.0.0.1
534 bind:
535 host: 127.0.0.1
536 port: 9042
537 rpc_port: 9160
538 members:
539 - host: 127.0.0.1
540 id: 1
541 - host: 127.0.0.1
542 id: 2
543 - host: 127.0.0.1
544 id: 3
545
546
547Compute nodes
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]548-------------
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]549
550Vrouter configuration on a compute node(s)
551
552.. code-block:: yaml
553
554 opencontrail:
555 common:
556 version: 2.2
557 identity:
558 engine: keystone
559 host: 127.0.0.1
560 port: 35357
561 token: token
562 password: password
563 network:
564 engine: neutron
565 host: 127.0.0.1
566 port: 9696
567 compute:
568 version: 2.2
569 enabled: True
Dmitry Stremkovskiy0cb5c562017-07-26 00:32:51 +0300[diff] [blame]570 hostname: node-12.domain.tld
Jiri Konecny463dee52016-03-03 11:08:46 +0100[diff] [blame]571 discovery:
572 host: 127.0.0.1
573 interface:
574 address: 127.0.0.1
575 dev: eth0
576 gateway: 127.0.0.1
577 mask: /24
578 dns: 127.0.0.1
579 mtu: 9000
580
Petr Jediný5f3008a2017-07-31 15:04:05 +0200[diff] [blame]581
582Compute nodes with gateway_mode
583-------------------------------
584
585Gateway mode: can be server/ vcpe (default is none)
586
587.. code-block:: yaml
588
589 opencontrail:
590 compute:
591 gateway_mode: server
592
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]593TSN nodes
594---------
595
596Configure TSN nodes
597
598.. code-block:: yaml
599
600 opencontrail:
601 compute:
602 enabled: true
603 tor:
604 enabled: true
605 bind:
606 port: 8086
607 agent:
608 tor01:
609 id: 0
610 port: 6632
611 host: 127.0.0.1
612 address: 127.0.0.1
613
Petr Jediný5f3008a2017-07-31 15:04:05 +0200[diff] [blame]614
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]615Set up metadata secret for the Vrouter
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]616--------------------------------------
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]617
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]618In order to get cloud-init within the instance to properly fetch
Andreyeff77ac2017-08-25 12:14:06 -0500[diff] [blame]619instance metadata, metadata_proxy_secret in the Vrouter agent config
620should match the value in nova.conf. The administrator should define
621it in the pillar:
622
623.. code-block:: yaml
624
625 opencontrail:
626 compute:
627 metadata:
628 secret: opencontrail
629
Petr Jedinýfe51c6a2017-09-05 18:30:31 +0200[diff] [blame]630Add auth info for Barbican on compute nodes
631-------------------------------------------
632
633.. code-block:: yaml
634
635 opencontrail:
636 compute:
637 lbaas:
638 enabled: true
639 secret_manager:
640 engine: barbican
641 identity:
642 user: admin
643 password: "supersecretpassword123"
644 tenant: admin
645
646
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]647Keystone v3
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]648-----------
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]649
Jakub Pavlik01fe5372016-05-20 11:23:28 +0200[diff] [blame]650To enable support for keystone v3 in opencontrail, there must be defined
651version for config and web role.
Jakub Pavlik735005f2016-02-26 15:54:53 +0100[diff] [blame]652
653.. code-block:: yaml
654
655 opencontrail:
656 config:
657 version: 2.2
658 enabled: true
659 ...
660 identity:
661 engine: keystone
662 version: '3'
663 ...
664
665 opencontrail:
666 web:
667 version: 2.2
668 enabled: true
669 ...
670 identity:
671 engine: keystone
672 version: '3'
673 ...
674
marco10cc2212016-04-03 14:21:54 +0200[diff] [blame]675Without Keystone
676----------------
677
678.. code-block:: yaml
679
680 opencontrail:
681 ...
682 common:
683 ...
684 identity:
685 engine: none
686 token: none
687 password: none
688 ...
689 config:
690 ...
691 identity:
692 engine: none
693 password: none
694 token: none
695 ...
696 web:
697 ...
698 identity:
699 engine: none
700 password: none
701 token: none
702 ...
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]703
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]704Kubernetes support
705------------------
706
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]707Kubernetes vrouter nodes
marcof5461712016-04-04 20:49:36 +0200[diff] [blame]708
709Vrouter configuration on a kubernetes node(s)
710
711.. code-block:: yaml
712
713 opencontrail:
714 ...
715 compute:
716 engine: kubernetes
717 ...
718
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100[diff] [blame]719vRouter with separated control plane
Jakub Pavlik0d1f67e2016-11-30 10:04:13 +0100[diff] [blame]720
721Separate XMPP traffic from dataplane interface.
722
723.. code-block:: yaml
724
725 opencontrail:
726 compute:
727 bind:
728 address: 172.16.0.50
729 ...
730
Petr Jediný439fab32017-07-10 14:33:09 +0200[diff] [blame]731Override RPF default in Contrail API
732------------------------------------
733
734From MCP1.1 with OpenContrail >= 3.1.1 you can override RPF default for newly
735created virtual networks. This can be useful for usecases like running
736Calico and K8S in overlay. The `override_rpf_default_by` has valid values
737`disable`, `enable`. If not defined, the configuration fallbacks to Contrail
738default - currently `enable`.
739
740.. code-block:: yaml
741
742 opencontrail:
743 ...
744 config:
745 override_rpf_default_by: 'disable'
746 ...
747
Petr Jediný01c18822017-11-15 12:30:53 +0100[diff] [blame]748Cassandra GC logging
749--------------------
750
751From Contrail version 3 you can set a way you want to handle Cassandra GC logs.
752The behavior is controlled by `cassandra_gc_logging`. Valid values are
753'rotation' (default), 'legacy' and false.
754
755- 'rotation' is supported by JDK 6u34 7u2 or later and handles rotation of log
756files automatically.
757- 'legacy' is a way to support older JDKs and you will need to handle logs by
758other means. This can be handled for example by using
759`- service.opencontrail.database.cassandra_log_cleanup` in your reclass model.
760- false will disable the cassandra gc logging
761
762.. code-block:: yaml
763
764 opencontrail:
765 ...
766 database:
767 cassandra_gc_logging: false
768 ...
769
Petr Jediný439fab32017-07-10 14:33:09 +0200[diff] [blame]770
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]771Disable Contrail API authentication
772-----------------------------------
773
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]774Contrail version must >= 3.0. It is useful especially for Keystone v3.
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]775
776.. code-block:: yaml
777
778 opencontrail:
779 ...
780 config:
781 multi_tenancy: false
782 ...
783
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]784Switch from on demand to periodic keystone sync
785-----------------------------------------------
786
787This can be useful when you want to sync projects from OpenStack to Contrail
788automatically. The period of sync is 60s.
789
790.. code-block:: yaml
791
792 opencontrail:
793 ...
794 config:
795 identity:
796 sync_on_demand: false
797 ...
798
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]799Cassandra listen interface
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]800--------------------------
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]801
802.. code-block:: yaml
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]803
marco2502e052016-05-31 22:53:54 +0200[diff] [blame]804 database:
805 ....
806 bind:
807 interface: eth0
808 port: 9042
809 rpc_port: 9160
810 ....
Jakub Pavlik6d90f362016-04-19 20:34:37 +0200[diff] [blame]811
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]812OpenContrail WebUI version >= 3.1.1
813-----------------------------------
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]814For OpenContrail version >= 3.1.1 and Cassandra >= 2.1 we should override WebUI's cassandra port from 9160 to 9042.
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]815
816For appropriate node at class level:
817
818.. code-block:: yaml
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]819
Petr Jedinýffbe2082017-03-07 00:56:47 +0100[diff] [blame]820 opencontrail:
821 ....
822 web:
823 database:
824 port: 9042
825 ....
826
827
Jakub Pavlik9a4de012016-12-14 13:23:55 +0100[diff] [blame]828RabbitMQ HA hosts
829------------------
830
831.. code-block:: yaml
832
833 opencontrail:
834 config:
835 message_queue:
836 engine: rabbitmq
837 members:
838 - host: 10.0.16.1
839 - host: 10.0.16.2
840 - host: 10.0.16.3
841 port: 5672
842
843.. code-block:: yaml
844
845 database:
846 ....
847 bind:
848 interface: eth0
849 port: 9042
850 rpc_port: 9160
851 ....
852
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]853DPDK vRouter
854-------------
855
856.. code-block:: yaml
857
858 opencontrail:
859 compute:
860 dpdk:
861 enabled: true
Jakub Pavlik54761d82017-03-08 11:22:37 +0100[diff] [blame]862 taskset: "0x0000003C00003C"
863 socket_mem: "1024,1024"
Jakub Pavlike3590062017-02-20 23:32:57 +0100[diff] [blame]864 interface:
865 mac_address: 90:e2:ba:7c:22:e1
866 pci: 0000:81:00.1
867 ...
868
Marek Celouddbba7ed2017-12-07 10:36:24 +0100[diff] [blame^]869Increase number of alarm-gen workers
870------------------------------------
871
872Port prefix will increment used ports by workers starting with 5901.
873
874.. code-block:: yaml
875
876 collector:
877 alarm_gen:
878 workers: 1
879 port_prefix: 59
880
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]881Contrail client
882---------------
883
884Basic parameters with identity and host configs
885
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]886.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]887
888 opencontrail:
889 client:
890 identity:
891 user: admin
892 project: admin
893 password: adminpass
894 host: keystone_host
895 config:
896 host: contrail_api_host
897 port: contrail_api_ort
898
899Enforcing virtual routers
900
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]901.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]902
903 opencontrail:
904 client:
905 ...
906 virtual_router:
907 cmp01:
908 ip_address: 172.16.0.11
909 dpdk_enabled: True
910 cmp02:
911 ip_address: 172.16.0.12
912 dpdk_enabled: True
913
Pavel Svimbersky13cda442017-09-14 14:46:13 +0200[diff] [blame]914Enforcing global vrouter config
915
916.. code-block:: yaml
917
918 opencontrail:
919 client:
920 ...
921 global_vrouter_config:
922 name: global-vrouter-config
923 parent_type: global-system-config
924 encap_priority: "MPLSoUDP,MPLSoGRE"
925 vxlan_vn_id_mode: automatic
926 fq_names:
927 - 'default-global-system-config'
928 - 'default-global-vrouter-config'
929
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]930Enforcing control nodes
931
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]932.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]933
934 opencontrail:
935 client:
936 ...
937 bgp_router:
938 ntw01:
939 type: control-node
940 ip_address: 172.16.0.11
941 nwt02:
942 type: control-node
943 ip_address: 172.16.0.12
944 nwt03:
945 type: control-node
946 ip_address: 172.16.0.13
947
948
949Enforcing edge BGP routers
950
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]951.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]952
953 opencontrail:
954 client:
955 ...
956 bgp_router:
957 mx01:
958 type: router
959 ip_address: 172.16.0.21
960 asn: 64512
961 mx02:
962 type: router
963 ip_address: 172.16.0.22
964 asn: 64512
965
966Enforcing config nodes
967
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]968.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]969
970 opencontrail:
971 client:
972 ...
973 config_node:
974 ctl01:
975 ip_address: 172.16.0.21
976 ctl02:
977 ip_address: 172.16.0.22
978
979Enforcing database nodes
980
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]981.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]982
983 opencontrail:
984 client:
985 ...
986 database_node:
987 ntw01:
988 ip_address: 172.16.0.21
989 ntw02:
990 ip_address: 172.16.0.22
991
992Enforcing analytics nodes
993
Petr Jediný78e6f422017-06-01 13:24:49 +0200[diff] [blame]994.. code-block:: yaml
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]995
996 opencontrail:
997 client:
998 ...
999 analytics_node:
1000 nal01:
1001 ip_address: 172.16.0.31
1002 nal02:
1003 ip_address: 172.16.0.32
1004
Petr Jediný5f3efe32017-05-26 17:55:09 +0200[diff] [blame]1005Enforcing Link Local Services
1006
1007.. code-block:: yaml
1008
1009 opencontrail:
1010 client:
1011 ...
1012 linklocal_service:
1013 # example with dns name address (only one permited)
1014 meta1:
1015 lls_ip: 10.0.0.23
1016 lls_port: 80
1017 ipf_addresses: "meta.example.com"
1018 ipf_port: 80
1019 # example with multiple ip addresses
1020 meta2:
1021 lls_ip: 10.0.0.23
1022 lls_port: 80
1023 ipf_addresses:
1024 - 10.10.10.10
1025 - 10.20.20.20
1026 - 10.30.30.30
1027 ipf_port: 80
1028 # example with one ip address
1029 meta3:
1030 lls_ip: 10.0.0.23
1031 lls_port: 80
1032 ipf_addresses:
1033 - 10.10.10.10
1034 ipf_port: 80
1035 # example with name override
1036 lls_meta4:
1037 name: meta4
1038 lls_ip: 10.0.0.23
1039 lls_port: 80
1040 ipf_addresses:
1041 - 10.10.10.10
1042 ipf_port: 80
1043
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1044
Michel Nederloff5bccda2017-11-20 13:31:38 +0100[diff] [blame]1045Configuring OpenStack default quotasx
1046
1047.. code-block:: yaml
1048 config:
1049 quota:
1050 network: 5
1051 subnet: 10
1052 router: 10
1053 floating_ip: 100
1054 secgroup: 1000
1055 secgroup_rule: 1000
1056 port: 1000
1057 pool: -1
1058 member: -1
1059 health_monitor: -1
1060 vip: -1
1061
1062Enforcing physical routers
1063h
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1064.. code-block:: yaml
1065
1066 opencontrail:
1067 client:
1068 ...
1069 physical_router:
1070 router1:
1071 name: router1
1072 dataplane_ip: 1.2.3.4
1073 management_ip: 1.2.3.4
1074 vendor_name: ovs
1075 product_name: ovs
1076 agents:
1077 - tsn0-0
1078 - tsn0
1079
1080Enforcing physical/logical interfaces for routers
1081
1082
1083.. code-block:: yaml
1084
1085 opencontrail
1086 client:
1087 ...
1088 physical_router:
1089 router1:
1090 ...
1091 interface:
1092 port1:
1093 name: port1
1094 logical_interface:
1095 port1_l:
1096 name: 'port1.0'
1097 vlan_tag: 0
1098 interface_type: L2
1099 virtual_machine_interface:
1100 port1_port:
1101 name: port1_port
1102 ip_address: 192.168.90.107
1103 mac_address: '2e:92:a8:af:c2:21'
1104 security_group: 'default'
1105 virtual_network: 'virtual-network'
1106
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1107
Michel Nederloff5bccda2017-11-20 13:31:38 +0100[diff] [blame]1108
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1109Usage
1110=====
1111
1112Basic installation
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1113------------------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1114
1115Add control BGP
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1116
1117.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1118
1119 python /etc/contrail/provision_control.py --api_server_ip 192.168.1.11 --api_server_port 8082 --host_name network1.contrail.domain.com --host_ip 192.168.1.11 --router_asn 64512
1120
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1121Install compute node
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1122
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1123.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1124
1125 yum install contrail-vrouter contrail-openstack-vrouter
1126
1127 salt-call state.sls nova,opencontrail
1128
1129Add virtual router
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1130
Ales Komarekad46d2e2017-03-09 17:16:38 +0100[diff] [blame]1131.. code-block:: bash
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1132
1133 python /etc/contrail/provision_vrouter.py --host_name hostnode1.intra.domain.com --host_ip 10.0.100.101 --api_server_ip 10.0.100.30 --oper add --admin_user admin --admin_password cloudlab --admin_tenant_name admin
1134
1135 /etc/sysconfig/network-scripts/ifcfg-bond0 -- comment GATEWAY,NETMASK,IPADDR
1136
1137 reboot
1138
Aleš Komáreka3314b22017-04-11 13:46:06 +0200[diff] [blame]1139Debugging
1140---------
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1141
1142Display vhost XMPP connection status
1143
1144You should see the correct controller_ip and state should be established.
1145
1146 http://<compute-node>:8085/Snh_AgentXmppConnectionStatusReq?
1147
1148Display vrouter interface status
1149
1150When vrf_name = ---ERROR--- then something goes wrong
1151
1152 http://<compute-node>:8085/Snh_ItfReq?name=
1153
1154Display IF MAP table
1155
Vasyl Saienkob10b7202017-09-05 14:19:03 +0300[diff] [blame]1156Look for neighbours, if VM has 2, it's ok
Filip Pytloun27930402015-10-06 16:28:32 +0200[diff] [blame]1157
1158 http://<control-node>:8083/Snh_IFMapTableShowReq?table_name=
1159
1160Trace XMPP requests
1161
1162 http://<compute-node>:8085/Snh_SandeshTraceRequest?x=XmppMessageTrace
1163
Filip Pytlounf6b79d42017-02-02 13:02:03 +0100[diff] [blame]1164
1165Documentation and Bugs
1166======================
1167
1168To learn how to install and update salt-formulas, consult the documentation
1169available online at:
1170
1171 http://salt-formulas.readthedocs.io/
1172
1173In the unfortunate event that bugs are discovered, they should be reported to
1174the appropriate issue tracker. Use Github issue tracker for specific salt
1175formula:
1176
1177 https://github.com/salt-formulas/salt-formula-opencontrail/issues
1178
1179For feature requests, bug reports or blueprints affecting entire ecosystem,
1180use Launchpad salt-formulas project:
1181
1182 https://launchpad.net/salt-formulas
1183
1184You can also join salt-formulas-users team and subscribe to mailing list:
1185
1186 https://launchpad.net/~salt-formulas-users
1187
1188Developers wishing to work on the salt-formulas projects should always base
1189their work on master branch and submit pull request against specific formula.
1190
1191 https://github.com/salt-formulas/salt-formula-opencontrail
1192
1193Any questions or feedback is always welcome so feel free to join our IRC
1194channel:
1195
1196 #salt-formulas @ irc.freenode.net