Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Task 4: Simplify instance management using Contrail DNS servers

 

Goal

In this task, you use Contrail to assign hostnames to IP addresses using a virtual DNS manager so that the management of multiple instances is simplified by masking IP addresses.

Disclaimer: The steps in this task are only applicable to Juniper’s Cloud Software Trial tool.

Some values and/or information may vary for users executing this task using a non-Juniper trial tool.

 

Step-by-Step Procedure

If you have completed task 1 in this series, you can skip steps 1 through 7 below where you will setup the red and green instances and networks using OpenStack and Contrail. You can continue from Step 8 of setting up the logical router. If this is your first task, please start from Step 1 in this task.

  1. Open the Contrail web interface in the browser by navigating to https://192.168.250.1:8143.

    Then, login to the Contrail dashboard using the below credentials.

    Username: admin

    Password: contrail123

    Domain: (leave blank)

  2. Once you are in the dashboard, click the “Configure” tab (the purple wrench icon in the top left navigation panel).

    Click on Networking > Networks in the left navigation panel.

    1. Click on the (+) icon on the top right corner of the page to create a new virtual network. Name it “red-network” and choose a subnet range. Click “Save”.

      In the example given below, a virtual network called “red-network” and subnet “1.1.1.0/24” is created. The gateway will be automatically populated.

    2. Repeat step a above to create a second virtual network with the name “green-network” and a different subnet range. Click “Save”.

      In the example, a virtual network called “green network” and subnet “2.2.2.0/24” is created.

    3. Verify that both virtual networks, “red-network” and “green-network” are created.

  3. Now that the two virtual networks are created in Contrail, instances need to be attached to both the networks so that you can test the connectivity between the two instances. To create the instances, you need to go to the OpenStack dashboard.

    Open a new tab in the browser and point it to https://192.168.250.1/horizon.

    Use the below credentials to login.

    Username: admin

    Password: contrail123

  4. In your OpenStack dashboard, navigate to Project > Compute > Instances tab using the left navigation panel.

    At the top of the page, select the project as “admin” because you have created the Contrail virtual networks in the “admin” project in the previous step.

  5. In the Instances tab, click on the “Launch Instance” button on the right side of the page to create a new instance.

    1. Provide a name for the instance. In the example, the instance is called “red-instance”. Click Next.

    2. Under the “Images” tab, select an image source. Choose “cirros” from the list of available images, as shown below. Click Next.

    3. Under the “Flavor” tab, select a flavor of your choice. Choose “m1.tiny” from the list of available flavors. Click Next.

    4. Under the “Networks” tab, select the virtual network in which you want to launch the virtual machine. As this Instance is called “red-instance”, launch in the “red-network”.

    5. Click on the “Launch Instance” button and confirm that the VM was spawned without any errors.

      To confirm that IP address was properly assigned to the “red-instance”, click on the “red-instance” and navigate to the “console” tab.

      Use the following credentials to login:

      Username: cirros

      Password: cubswin:)

      After login, type the command “ifconfig” and hit enter.

      As you can see in the below screenshot, the “red-instance” got an IP address of 1.1.1.4 which is in the 1.1.1.0/24 subnet range assigned to “red-network”.

  6. Repeat the step 5 for creating a new instance called “green-instance” in the “green-network”. Verify that it was assigned an IP address from the “green-network”, that is, the 2.2.2.0/24 range.

  7. Once you verify that the two instances are created and assigned valid IPs, you can test the connectivity between them by logging into the “red-instance” console and pinging the “green-instance” IP address 2.2.2.3.

    In the “red-instance” console type the following command

    ping 2.2.2.3.

    The ping will not go through because these are two isolated virtual networks and the routes are not leaked between them. We will add connectivity between the two instances using Contrail.

  8. Now, login to the Contrail web interface and navigate to Configure > Networking > Routers.

    Click on the (+) icon on the right-most side under the “Routers” section to create a new logical router.

    Enter a “red-to-green-network” as the name of the router and add “red-network” and “green-network” under “Connected Networks” block and click save to create a logical router.

  9. Once the logical router is created, navigate to OpenStack web interface and navigate to the Topology view (Project > Other > Network Topology) and delete the interfaces associated. This step is necessary, since we assign custom IP addresses to the logical router interfaces

    NOTE: This step is not required if you are creating the instances for the first time in OpenStack

    Once the interfaces have been deleted, click on “Add Interface” button to add new router interfaces connecting to “red-network” and “green-network”.

    Now choose the virtual-network you want to connect and assign a custom IP address from the virtual-network CIDR for the logical router interface.

    NOTE: In this task, we chose 1.1.1.253 as the logical router interface connecting to “red-network” and the associated CIDR block is 1.1.1.0/24

    Verify that the network policy is attached to the “red-network” and “green-network” by looking at the “Attached Policies” column.

    Similarly create for “green-network” and verify the interfaces are in Active state.

  10. Once you have verified that the network policy is attached to the “red-network” and “green-network”, return to the OpenStack web interfaceand try the ping from “red-instance” towards “green-instance” again to test the connectivity. This time the ping should go through because the network policy leaks the ICMP routes between the two virtual networks.

  11. Now create a DNS server & a A record in Contrail, this way we can ping the instances through the fully qualified domain name. Navigate to Configure > DNS > Servers Click on (+) icon to create a new DNS server Provide a name, domain name for the instances (ex. juniper.net), associate the default IPAM & click save

  12. Once the server is created, now create a DNS record Navigate to Configure > DNS > Records Click on (+) icon to create a new DNS record Choose the type of DNS record (since we are using IPv4 address, choose A record), provide a user defined hostname for the instance (green-instance in this example), IPv4 address associated with the hostname & click save

  13. Now go back to horizon & initiate the ping from “red-instance” towards the “green-instance” using the hostname/domain name provided above (Ex. ping green-instance.test.net) The ping should go through, as vRouter looks up to the DNS server to find a match for the FQDN.

    Verify the active DNS records in the DNS server’s database

Related Documentation