Skip to content

OpenContrail bring up and provisioning

Jump to bottom
Raj Reddy edited this page May 23, 2014 · 67 revisions

The contrail software consists of multiple modules:

  • configuration
  • analytics
  • control plane
  • compute node
  • web-ui

Binaries built from source packages are available on https://launchpad.net/~opencontrail/+archive/ppa

Configuration

Services

  • zookeeper
  • cassandra
  • rabbitmq
  • ntp

Zookeeper: recommend odd number of nodes.

Cassandra: recommend a multi-node cluster configuration.

If rabbitmq is being used for openstack, we recommend that one uses the same service with a "vhost" for open contrail.

Servers running control-node components should be time synchronized.

Processes

api-server

Example: /etc/contrail/contrail-api.conf

[DEFAULTS]
log_file = /var/log/contrail/contrail-api.log
ifmap_username = api-server
ifmap_password = api-server
cassandra_server_list = x.x.x.x:9160
auth = keystone
multi_tenancy = True
disc_server_ip = x.x.x.x
zk_server_ip = x.x.x.x:2181
rabbit_server = x.x.x.x
rabbit_password = xxxxxxxxxxxxxxxxxxxx

[KEYSTONE]
auth_host = x.x.x.x
auth_port = 35357
auth_protocol = http
admin_user = neutron
admin_password = xxxxxxxxxxxxxxxxxxxx
admin_token = 
admin_tenant_name = service
  • disc_server_ip should be the load balancer address. The LB should front-end port 5998 which is served by the discovery process. Only a single discovery server answers requires (master election via zookeeper); defaults to localhost.
  • cassandra_server_list is a space separated list in the form: "x.x.x.x:9160 y.y.y.y:9160".
  • zk_server_ip is a comma separated list in the form "x.x.x.x:2181,y.y.y.y:2181" and defaults to localhost.

schema-transformer

  • Example: /etc/contrail/contrail-schema.conf
[DEFAULTS]
log_file = /var/log/contrail/contrail-schema.log
cassandra_server_list = x.x.x.x:9160
zk_server_ip = x.x.x.x
disc_server_ip = x.x.x.x

[KEYSTONE]
admin_user = neutron
admin_password = xxxxxxxxxxxxxxxxxxxx
admin_tenant_name = service

Parameters should be the same as api-server.conf.

  • Example: /etc/contrail/vnc_api_lib.ini
[auth]
AUTHN_TYPE = keystone
AUTHN_SERVER=x.x.x.x
AUTHN_PORT = 35357
AUTHN_URL = /v2.0/tokens

vnc_api_lib.ini is required in the systems that run schema-transformer and neutron-server plugin. It is accessed from the neutron process.

discovery

  • Example: /etc/contrail/contrail-discovery.conf
[DEFAULTS]
zk_server_ip = x.x.x.x

ifmap-server

  • The ifmap-server works with default config when running on all the nodes that api-server runs; the config examples above assume that.
  • Authentication is defined in /etc/irond/basicauthusers.properties Each ifmap client requires a different username; typically api-server connects to local ifmap-server but control-nodes default to connecting to ifmap-server via discovery; in this case all control-nodes should have unique if map client ids.

Load balanced services

  • api-server (port 8082).
  • discovery (port 5998).

Diagnostics

curl http://api-server-address:8082/projects | python -mjson.tool

When multi_tenancy is enabled the http request to the api server requires a keystone auth_token. The command should return a list of several projects, including the project that contrail creates internally as well as all projects currently visible in keystone tenant-list.

http://x.x.x.x:5998/services

Displays the services registered in the discovery server. Only one of the discovery servers will answer API requests in a multi node configuration. The others are in standby mode. The output should show one or more entries for: ApiServer, IfmapServer, Collector and xmpp-server.

Analytics

Services

cassandra

Cassandra cluster addresses can be provided as space separated list of :, e.g '10.10.10.10:9160 10.10.10.11:9160', to the analytics processes through the respective dot conf file.

redis (>= 2.6.13)

The redis-server version should be (>= 2.6.13). It is expected 2 instances of redis-server are instantiated on the local node that are used by analytics processes [this is done by creating redis-uve.conf and redis-query.conf with appropriate parameters]. The ports are configurable through dot conf file, with defaults being 6380 and 6381.

Processes

contrail-collector

contrail collector collects information across the system through sandesh protocol and stores them in analytics database

  • Example /etc/contrail/contrail-collector.conf
[DEFAULT]
# analytics_data_ttl=48
# cassandra_server_list=127.0.0.1:9160
# dup=0
# hostip= # Resolved IP of `hostname`
# hostname= # Retrieved as `hostname`
# http_server_port=8089
# log_category=
# log_disable=0
# log_file=<stdout>
# log_files_count=10
# log_file_size=1048576 # 1MB
# log_level=SYS_NOTICE
# log_local=0
# syslog_port=0
# test_mode=0

[COLLECTOR]
# port=8086
# server=0.0.0.0

[DISCOVERY]
# port=5998
# server=0.0.0.0

[REDIS]
# port=6381
# server=127.0.0.1

contrail-query-engine

contrail-query-engine is the helper process in the analytics node to do queries in an optimized way and return the results to contrail-analytics-api process

  • Example: /etc/contrail/contrail-query-engine.conf
[DEFAULT]
# analytics_data_ttl=48
# cassandra_server_list=127.0.0.1:9160
# collectors= # Provided by discovery server
# hostip= # Resolved IP of `hostname`
# hostname= # Retrieved as `hostname`
# http_server_port=8089
# log_category=
# log_disable=0
# log_file=<stdout>
# log_files_count=10
# log_file_size=1048576 # 1MB
# log_level=SYS_NOTICE
# log_local=0
# max_slice=100
# max_tasks=16
# start_time=0
# test_mode=0

[DISCOVERY]
# port=5998
# server=127.0.0.1 # discovery_server IP address

[REDIS]
# port=6380
# server=127.0.0.1

contrail-analytics-api

contrail-analytics-api is the operation REST API server and provides operational state and the historic data through REST API

  • Example: /etc/contrail/contrail-analytics-api.conf
[DEFAULTS]
#host_ip = 127.0.0.1
#collectors = 127.0.0.1:8086
#http_server_port = 8090
#rest_api_port = 8081
#rest_api_ip = 0.0.0.0
#log_local = 0
#log_level = SYS_DEBUG
#log_category =
#log_file = stdout

[DISCOVERY]
#disc_server_ip =
#disc_server_port = 5998

[REDIS]
#server=127.0.0.1
#redis_server_port=6381
#redis_query_port=6380

Diagnostics

  • Use "contrail-logs" to query the analytics api and verify that it answers correctly.
  • contrail-webui gets much of the info from contrail-analytics-api and hence can be used to verify analytics functionality

Contrail WebUI

Services

redis

It is expected an instance of redis-server is instantiated on the local node that is used by webui processes [this is done by creating redis-webui.conf with appropriate parameters]. The ports are configurable through the webui conf file - /etc/contrail/config.global.js, with default being 6383.

Processes

contrail-webui and contrail-webui-middleware

The configurable parameters for the webui processes are given through /etc/contrail/config.global.js And by default, the webui console is accessible through :8080

  • Example: /etc/contrail/config.global.js
var config = {};

config.orchestration = {};
config.orchestration.Manager = 'openstack'

...

config.networkManager = {};
config.networkManager.ip = '10.84.13.45';
config.networkManager.port = '9696'
config.networkManager.authProtocol = 'http';

...

/* Configure level of logs, supported log levels are:
   debug, info, notice, warning, error, crit, alert, emerg
 */
config.logs = {};
config.logs.level = 'debug';

// Export this as a module.
module.exports = config;

Control plane

Processes

control-node

Example: /etc/contrail/control-node.conf

[DISCOVERY]
server = x.x.x.x

[IFMAP]
user=control-node-<N>
password=control-node-<N>

Where N should be the instance-id (e.g. 1, 2, ...)

For diagnostics check whether the control-node process has an established TCP session to port 8443 using "netstat -ntap".

  • dns deamon

Recommendation: 2 control-nodes.

Compute node

  • vrouter agent
  • vrouter kernel module
modprobe vrouter
  • nova vif driver
  • /etc/nova/nova.conf
[DEFAULT]
network_api_class = nova.network.quantumv2.api.API
libvirt_vif_driver = nova_contrail_vif.contrailvif.VRouterVIFDriver
  • Example /etc/network/interfaces
auto eth1
iface eth1 inet static
      address 0.0.0.0
      up ifconfig $IFACE up
      down ifconfig $IFACE down

auto vhost0
iface vhost0 inet static
        pre-up vif --create vhost0 --mac $(cat /sys/class/net/eth1/address)
        pre-up vif --add vhost0 --mac $(cat /sys/class/net/eth1/address) --vrf 0 --mode x --type vhost
        address 192.168.2.252
        netmask 255.255.254.0

In the example above eth1 is used as VM data interface.

Neutron

  • neutron opencontrail plugin neutron-plugin-contrail package
  • Requires the following configuration in neutron.conf
core_plugin = neutron_plugin_contrail.plugins.opencontrail.contrailplugin.ContrailPlugin
api_extensions_path = extensions:/usr/lib/python2.7/dist-packages/neutron_plugin_contrail/extensions
  • /etc/neutron/plugins/opencontrail/ContrailPlugin.ini
[APISERVER]
multi_tenancy = True
[KEYSTONE]
admin_user = neutron
admin_password = 
admin_tenant_name = service
auth_url = http://x.x.x.x:35357/v2.0
Clone this wiki locally