Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Deploying Contrail Multicloud with Contrail Command

 
Note

The Infrastructure: Multicloud tab was removed from Contrail Command in Contrail Release 1912.L1. The Infrastructure: Multicloud tab remains available in all other Contrail Release 19 and Contrail Release 20 releases.

You can provision Contrail Multicloud with the Contrail Command UI.

Contrail supports provisioning of Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Multicloud gateway (MC-GW) node interconnects different Virtual Private Cloud (VPC)/Virtual Networks (VNets) in cloud. Additionally, MC-GW extends on-premise resources to cloud.

This topic provides steps to configure Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) with the Contrail Command UI.

Prerequisites:

  • Contrail Multicloud is currently supported for deployments using Kubernetes as the orchestration platform only. See Installing Standalone Kubernetes Contrail Cluster using the Contrail Command UI.

  • All the on-premise nodes except the management IPs must have private IPs.

  • It is recommended to add static routes on all the control nodes towards the private subnets on the cloud.

  • Control nodes and compute nodes must be on the same subnet and MC-GW must be on a different subnet.

  • MC-GW node must be provisioned on RHEL 7.7.

  • Compute nodes on the public cloud must be provisioned on RHEL 7.7.

  • Instance type:

    • Azure—Standard_F2.

    • AWS—c4.xlarge or t2.xlarge.

    • Google Cloud Platform(GCP)—n1-standard-2

  • Red Hat subscription with enabled packages must be available for on-premise MC-GW nodes.

  • Time must be synchronized on all the nodes with NTP.

  • contrail-command node must have connectivity to ToRs.

  • You must enable NETCONF on ToRs connected to the on-premise MC-GW nodes.

  • You must configure IPTABLES on the on-premise MC-GW nodes with INPUT and FORWARD and default ACCEPT policy.

  • For Azure deployment, you must have subscription and resource group.

    For details, refer to Creating a Resource Group.

  • For provisioning Microsoft Azure with Contrail Command, you must have Azure account. For details, refer to https://docs.microsoft.com/en-us/learn/modules/create-an-azure-account/.

    For provisioning Amazon Web Services (AWS) with Contrail Command, you must have AWS account. For details, refer to https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/.

  • For provisioning Google Cloud Platform (GCP) with Contrail Command, you must have a GCP account. For details, see Creating and managing service accounts within the Cloud Identity and Access Management documentation for GCP.

Sample Topology:

Deploying Microsoft Azure with Contrail Command

To provision Microsoft Azure:

  1. Login to the desired cluster from the Contrail Command UI.
    • Select the desired cluster from the Selected Cluster drop down list.

    • Enter the Username and Password for the cluster.

  2. Click Multi Cloud.
  3. Click Add.
    1. Select Azure from the drop down list of Type of Cloud.

      Enter Cloud Name and Organization Name.

      Click Expand All

    2. Enter the required details including Cloud Name, Region Details, VNET Details, Security Groups, Instances.

      Enter the Resource Group which was created earlier by following Creating a Resource Group procedure.

      Add Subnet for Compute node and Controller node.

      Add Subnet for on-premise gateway nodes.

      Keypair Name and SSH Key Directory Path are not required for Azure deployment. Azure generates these values in the back-end.

    3. Click Create.

    You can access the logs at logs/var/log/contrail/cloud.log on the Contrail Command server.

  4. Click Multi Cloud.

    You must see your multi clouds listed here with the Status as color Green.

  5. Click Servers.
    1. Click Create.
      1. Enter the required details for the on-premise gateway nodes.
      2. Click Create.

    You can access the logs at logs/var/log/contrail/cloud.log.

  6. Click Cluster.
    1. Click Subcluster.
    2. Click Add Subcluster.
    3. Click Add Existing VPC.
      1. Add the required details.
      2. Select the created Azure cloud from the drop down list of Select Existing Cloud.
      3. The Public MultiCloud GW Role must be the name of the earlier created Azure GW.

        From the drop down list, select User Credentials of the on-premise private cloud.

      4. Check the deployment logs at /var/log/contrail/cloud.log and /var/log/contrail/deploy.log on the Contrail Command server.
      5. Click Create.

    You can access the logs at logs/var/log/contrail/cloud.log and logs/var/log/contrail/deploy.log on the Contrail Command server.

Deploying Amazon Web Services with Contrail Command

To provision Amazon Web Services (AWS):

  1. Login to the desired cluster from the Contrail Command UI.
    • Select the desired cluster from the Selected Cluster drop down list.

    • Enter the Username and Password for the cluster.

  2. Click Multi Cloud.
  3. Click Add.
    1. Select AWS from the drop down list of Type of Cloud.
    2. Enter the required details including SSH User, Cloud Name, AWS Credentials, Region Details, VPC Details, Security Groups, Instances.
    3. Click Create.
  4. Assign private Multicloud Gateway nodes.
  5. Add Gateways BGP Peer.
  6. Click Multi Cloud.

    You must see your multi clouds listed here with the Status as color Green.

  7. Click Cluster.
    1. Click Subcluster.
    2. Click Add Subcluster.
    3. Click Add Existing VPC.
      1. Add the required details.
      2. Select the created AWS cloud from the drop down list of Select Existing Cloud
      3. The Public MultiCloud GW Role must be the name of the earlier created AWS GW.
      4. Click Create.

Deploying Google Cloud Platform (GCP) with Contrail Command

Starting with Contrail Networking Release 1911, you can provision Google Cloud Platform (GCP) cloud networks within Contrail Command.

To provision Google Cloud Platform (GCP):

  1. Login to the desired cluster from the Contrail Command UI.
    • Select the desired cluster from the Selected Cluster drop down list.

    • Enter the Username and Password for the cluster.

  2. Click Multi Cloud.
  3. Click Create.
  4. Select GCP from the Type of Cloud dropdown list.
  5. Enter a Cloud Name, Organization Name, Version ID, and Project:
  6. Upload the GCP credentials file (google-account.json).

    GCP credentials files are created from Google Cloud. See Creating and managing service account keys in the Cloud Identity and Access Management documentation for the Google Cloud Platform.

  7. Enter required Region Details and VPC Details.
  8. Enter required Firewall Rules, and Instances. One instance must include the Gateway role.
  9. Click Create.
  10. You are returned to the main Multi Cloud page after the GCP instance is created. Click Multi Cloud if you are not moved to this page.

    Confirm that your GCP instance is created and that the Status is Green.

  11. Click Cluster.
  12. Click Subcluster.
  13. Click Add Subclusters.
  14. Click Add Existing VPC.
  15. Add the required details.
  16. Select the created GCP cloud from the Select Existing Cloud drop-down list.
  17. Upload the GCP credentials file (google-account.json).

    GCP credentials files are created from Google Cloud. See Creating and managing service account keys in the Cloud Identity and Access Management documentation for the Google Cloud Platform.

  18. The Public MultiCloud GW Role must be the name of the earlier created GCP GW.
Release History Table
Release
Description
Starting with Contrail Networking Release 1911, you can provision Google Cloud Platform (GCP) cloud networks within Contrail Command.