Skip to content

Deployment Example: Contrail and Kubernetes and Openstack

ato edited this page Apr 14, 2018 · 42 revisions

Introduction

This document contains instructions to deploy a Contrail cluster that interconnects two types of workloads:

  • VMs orchestrated by Openstack
  • PODs orchestrated by Kubernetes

The scripts also deploy Openstack and Kubernetes functions from scratch.

Requirements

The example setup consists of a single bare metal server with KVM. After deployment with the instructions in its page, the server ends up running three base VMs:

  • 1 controller VM, with the following functions: Contrail controller, Openstack controller, and Kubernetes master.
  • 2 compute VMs, each of which has the following functions: Contrail vRouter, Openstack compute, and Kubernetes node.

You don't need to create the VMs. Instead, the deployment scripts will do it for you.

Each VM has the following resources:

vcpu: 4 vram: 16000 vdisk: 100G

NOTE: This is just an example deployment for simple test purposes. It is NOT a sizing recommendation or specification.

A similar procedure exists for a setup where functions run directly on BMS, or on public cloud infrastructure (AWS, GCP, Azure). The corresponding examples will be added.

Preparing the BMS

The server is installed with Centos 7.4. Here are some preparation steps:

yum install -y epel-release
yum install -y python-urllib3 libguestfs-tools libvirt-python virt-install libvirt git ansible python-pip
service libvirtd start

Next, clone the contrail-ansible-deployer repo and populate the configuration:

git clone https://github.com/Juniper/contrail-ansible-deployer
cd contrail-ansible-deployer
> config/instances.yaml
vi config/instances.yaml

Here is an instances.yaml example for a server with one NIC, whose IP address is 172.16.10.1:

provider_config:
  kvm:
    image: CentOS-7-x86_64-GenericCloud-1710.qcow2.xz
    image_url: https://cloud.centos.org/centos/7/images/
    ssh_pwd: c0ntrail123
    ssh_user: root
    ssh_public_key:
    ssh_private_key:
    vcpu: 12
    vram: 64000
    vdisk: 100G
    subnet_prefix: 192.168.122.0
    subnet_netmask: 255.255.255.0
    gateway: 192.168.122.1
    nameserver: 10.84.5.100
    ntpserver: 192.168.122.1
    domainsuffix: local
instances:
  kvm101:
    provider: kvm
    host: 10.87.64.23
    bridge: default
    ip: 192.168.122.100
    roles:
        config_database:
        config:
        control:
        analytics_database:
        analytics:
        webui:
        k8s_master:
        kubemanager:
        openstack:
  kvm102:
    provider: kvm
    host: 10.87.64.23
    bridge: default
    ip: 192.168.122.101
    roles:
        vrouter:
        k8s_node:
        openstack_compute:
  kvm103:
    provider: kvm
    host: 10.87.64.23
    bridge: default
    ip: 192.168.122.102
    roles:
        vrouter:
        k8s_node:
        openstack_compute:
contrail_configuration:
  CONTRAIL_VERSION: latest
  UPGRADE_KERNEL: true
  RABBITMQ_NODE_PORT: 5673
  AUTH_MODE: keystone
  KEYSTONE_AUTH_URL_VERSION: /v3
  KEYSTONE_AUTH_ADMIN_PASSWORD: contrail123
  CLOUD_ORCHESTRATOR: openstack

kolla_config:
  customize:
    nova.conf: |
      [libvirt]
      virt_type=qemu
      cpu_mode=none
  kolla_globals:
    network_interface: "eth0"
    kolla_internal_vip_address: "192.168.122.100"
    kolla_external_vip_address: "192.168.122.100"
    enable_haproxy: "no"
    enable_ironic: "no"
    enable_swift: "no"

Deploying the Cluster

The deployment takes just three steps:

ansible-playbook -i inventory/ playbooks/provision_instances.yml
ansible-playbook -i inventory/ playbooks/configure_instances.yml
ansible-playbook -i inventory/ -e orchestrator=openstack playbooks/install_contrail.yml

TIP: Empty the /root/.ssh/known_hosts if you need to redeploy.

After the first step completes you can SSH from the server to the three VMs 192.168.122.10x (x=0,1,2), with credentials root/c0ntrail123 .

At the end of the procedure you should also be able to connect to the Contrail webUI, in two steps:

  1. From your computer terminal, create SSH forwarding tunnel. Assuming the IP addresses in the example:

spawn ssh -L 8143:192.168.122.100:8143 [email protected]

  1. At your web browser, connect to URL http://localhost:8143 , user admin , password c0ntrail123 . There is currently an issue by which you may need to refresh the browser after authentication.

Working around a current provisioning issue (to be fixed):

  • On the webUI, go to Configure > Networking > Ports > default-domain > default-project
  • Edit the vhost0 interfaces and under Advanced Options uncheck Packet Mode.
  • Restart the kube-dns PODs:

kubectl get pods -n kube-system | grep kube-dns | awk '{print $1}' | xargs kubectl delete -n kube-system pod

Launching & Interconnecting Tenant PODs and VMs

# We are seeing issues with python client packages. Follow the solution on this URL: 
# https://ask.openstack.org/en/question/110437/importerror-cannot-import-name-unrewindablebodyerror/

yum install -y gcc python-devel wget
pip install python-openstackclient
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
source /etc/kolla/admin-openrc.sh
openstack image create cirros --disk-format qcow2 --public --container-format bare --file cirros-0.4.0-x86_64-disk.img
nova flavor-create m1.tiny auto 512 1 1
openstack network create net1
openstack subnet create --subnet-range 10.1.1.0/24 --network net1 mysubnet1
nova boot --image cirros --flavor m1.tiny --nic net-id=<UUID> VM1
nova boot --image cirros --flavor m1.tiny --nic net-id=<UUID> VM2

git clone https://github.com/virtualhops/k8s-demo
kubectl create -f k8s-demo/po-ubuntuapp.yml
kubectl create -f k8s-demo/rc-frontend.yml