Deploying Contrail Charms
You can deploy Contrail Charms in a bundle or manually.
Deploy Contrail Charms in a Bundle
Follow these steps to deploy Contrail Charms in a bundle.
- Deploy Contrail Charms.
To deploy Contrail Charms in a bundle, use the
juju deploy <bundle_yaml_file>
command.The following example shows you how to use
bundle_yaml_file
to deploy Contrail on Amazon Web Services (AWS) Cloud.series: bionic variables: openstack-origin: &openstack-origin distro #vhost-gateway: &vhost-gateway "192.x.40.254" data-network: &data-network "192.x.40.0/24" control-network: &control-network "192.x.30.0/24" virtioforwarder-coremask: &virtioforwarder-coremask "1,2" agilio-registry: &agilio-registry "netronomesystems" agilio-image-tag: &agilio-image-tag "latest-ubuntu-queens" agilio-user: &agilio-user "<agilio-username>" agilio-password: &agilio-password "<agilio-password>" agilio-insecure: &agilio-insecure false agilio-phy: &agilio-phy "nfp_p0" docker-registry: &docker-registry "<registry-directory>" #docker-user: &docker-user "<docker_username>" #docker-password: &docker-password "<docker_password>" image-tag: &image-tag "2008.121" docker-registry-insecure: &docker-registry-insecure "true" dockerhub-registry: &dockerhub-registry "https://index.docker.io/v1/" machines: "1": constraints: tags=controller series: bionic "2": constraints: tags=compute series: bionic "3": constraints: tags=neutron series: bionic services: ubuntu: charm: cs:ubuntu num_units: 1 to: [ "1" ] ntp: charm: cs:ntp num_units: 0 options: #source: ntp.ubuntu.com source: 10.204.217.158 mysql: charm: cs:percona-cluster num_units: 1 options: dataset-size: 15% max-connections: 10000 root-password: <password> sst-password: <password> min-cluster-size: 1 to: [ "lxd:1" ] rabbitmq-server: num_units: 1 options: min-cluster-size: 1 to: [ "lxd:1" ] heat: charm: cs:heat num_units: 1 expose: true options: debug: true openstack-origin: *openstack-origin to: [ "lxd:1" ] keystone: charm: cs:keystone expose: true num_units: 1 options: admin-password: <password> admin-role: admin openstack-origin: *openstack-origin preferred-api-version: 3 nova-cloud-controller: charm: cs:nova-cloud-controller num_units: 1 expose: true options: network-manager: Neutron openstack-origin: *openstack-origin to: [ "lxd:1" ] neutron-api: charm: cs:neutron-api expose: true num_units: 1 series: bionic options: manage-neutron-plugin-legacy-mode: false openstack-origin: *openstack-origin to: [ "3" ] glance: charm: cs:glance expose: true num_units: 1 options: openstack-origin: *openstack-origin to: [ "lxd:1" ] openstack-dashboard: charm: cs:openstack-dashboard expose: true num_units: 1 options: openstack-origin: *openstack-origin to: [ "lxd:1" ] nova-compute: charm: cs:nova-compute num_units: 0 expose: true options: openstack-origin: *openstack-origin nova-compute-dpdk: charm: cs:nova-compute num_units: 0 expose: true options: openstack-origin: *openstack-origin nova-compute-accel: charm: cs:nova-compute num_units: 2 expose: true options: openstack-origin: *openstack-origin to: [ "2" ] contrail-openstack: charm: ./tf-charms/contrail-openstack series: bionic expose: true num_units: 0 options: docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag docker-registry-insecure: *docker-registry-insecure contrail-agent: charm: ./tf-charms/contrail-agent num_units: 0 series: bionic expose: true options: log-level: "SYS_DEBUG" docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag docker-registry-insecure: *docker-registry-insecure #vhost-gateway: *vhost-gateway physical-interface: *agilio-phy contrail-agent-dpdk: charm: ./tf-charms/contrail-agent num_units: 0 series: bionic expose: true options: log-level: "SYS_DEBUG" docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag docker-registry-insecure: *docker-registry-insecure dpdk: true dpdk-main-mempool-size: "65536" dpdk-pmd-txd-size: "2048" dpdk-pmd-rxd-size: "2048" dpdk-driver: "" dpdk-coremask: "1-4" #vhost-gateway: *vhost-gateway physical-interface: "nfp_p0" contrail-analytics: charm: ./tf-charms/contrail-analytics num_units: 1 series: bionic expose: true options: log-level: "SYS_DEBUG" docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag control-network: *control-network docker-registry-insecure: *docker-registry-insecure to: [ "1" ] contrail-analyticsdb: charm: ./tf-charms/contrail-analyticsdb num_units: 1 series: bionic expose: true options: log-level: "SYS_DEBUG" cassandra-minimum-diskgb: "4" cassandra-jvm-extra-opts: "-Xms8g -Xmx8g" docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag control-network: *control-network docker-registry-insecure: *docker-registry-insecure to: [ "1" ] contrail-controller: charm: ./tf-charms/contrail-controller series: bionic expose: true num_units: 1 options: log-level: "SYS_DEBUG" cassandra-minimum-diskgb: "4" cassandra-jvm-extra-opts: "-Xms8g -Xmx8g" docker-registry: *docker-registry #docker-user: *docker-user #docker-password: *docker-password image-tag: *image-tag docker-registry-insecure: *docker-registry-insecure control-network: *control-network data-network: *data-network auth-mode: no-auth to: [ "1" ] contrail-keystone-auth: charm: ./tf-charms/contrail-keystone-auth series: bionic expose: true num_units: 1 to: [ "lxd:1" ] agilio-vrouter5: charm: ./charm-agilio-vrt-5-37 expose: true options: virtioforwarder-coremask: *virtioforwarder-coremask agilio-registry: *agilio-registry agilio-insecure: *agilio-insecure agilio-image-tag: *agilio-image-tag agilio-user: *agilio-user agilio-password: *agilio-password relations: - [ "ubuntu", "ntp" ] - [ "neutron-api", "ntp" ] - [ "keystone", "mysql" ] - [ "glance", "mysql" ] - [ "glance", "keystone" ] - [ "nova-cloud-controller:shared-db", "mysql:shared-db" ] - [ "nova-cloud-controller:amqp", "rabbitmq-server:amqp" ] - [ "nova-cloud-controller", "keystone" ] - [ "nova-cloud-controller", "glance" ] - [ "neutron-api", "mysql" ] - [ "neutron-api", "rabbitmq-server" ] - [ "neutron-api", "nova-cloud-controller" ] - [ "neutron-api", "keystone" ] - [ "nova-compute:amqp", "rabbitmq-server:amqp" ] - [ "nova-compute", "glance" ] - [ "nova-compute", "nova-cloud-controller" ] - [ "nova-compute", "ntp" ] - [ "openstack-dashboard:identity-service", "keystone" ] - [ "contrail-keystone-auth", "keystone" ] - [ "contrail-controller", "contrail-keystone-auth" ] - [ "contrail-analytics", "contrail-analyticsdb" ] - [ "contrail-controller", "contrail-analytics" ] - [ "contrail-controller", "contrail-analyticsdb" ] - [ "contrail-openstack", "nova-compute" ] - [ "contrail-openstack", "neutron-api" ] - [ "contrail-openstack", "contrail-controller" ] - [ "contrail-agent:juju-info", "nova-compute:juju-info" ] - [ "contrail-agent", "contrail-controller"] - [ "contrail-agent-dpdk:juju-info", "nova-compute-dpdk:juju-info" ] - [ "contrail-agent-dpdk", "contrail-controller"] - [ "nova-compute-dpdk:amqp", "rabbitmq-server:amqp" ] - [ "nova-compute-dpdk", "glance" ] - [ "nova-compute-dpdk", "nova-cloud-controller" ] - [ "nova-compute-dpdk", "ntp" ] - [ "contrail-openstack", "nova-compute-dpdk" ] - [ "contrail-agent:juju-info", "nova-compute-accel:juju-info" ] - [ "nova-compute-accel:amqp", "rabbitmq-server:amqp" ] - [ "nova-compute-accel", "glance" ] - [ "nova-compute-accel", "nova-cloud-controller" ] - [ "nova-compute-accel", "ntp" ] - [ "contrail-openstack", "nova-compute-accel" ] - [ "agilio-vrouter5:juju-info", "nova-compute-accel:juju-info" ]
You can create or modify the Contrail Charm deployment bundle YAML file to:
Point to machines or instances where the Contrail Charms must be deployed.
Include the options you need.
Each Contrail Charm has a specific set of options. The options you choose depend on the charms you select. For more information on the options that are available, see Options for Juju Charms.
- (Optional) Check the status of deployment.
You can check the status of the deployment by using the
juju status
command. - Enable configuration statements.
Based on your deployment requirements, you can enable the following configuration statements:
contrail-agent
For more information, see https://jaas.ai/u/juniper-os-software/contrail-agent/.
contrail-analytics
For more information, see https://jaas.ai/u/juniper-os-software/contrail-analytics.
contrail-analyticsdb
For more information, see https://jaas.ai/u/juniper-os-software/contrail-analyticsdb.
contrail-controller
For more information, see https://jaas.ai/u/juniper-os-software/contrail-controller.
contrail-keystone-auth
For more information, see https://jaas.ai/u/juniper-os-software/contrail-keystone-auth.
contrail-openstack
For more information see, https://jaas.ai/u/juniper-os-software/contrail-openstack.
Deploying Juju Charms with OpenStack Manually
Before you begin deployment, ensure that you have:
Installed and configured Juju
Created a Juju controller
Ubuntu 16.04 or Ubuntu 18.04 installed
Follow these steps to deploy Juju Charms manually:
- Create machine instances for OpenStack, compute, and Contrail.
juju add-machine --constraints mem=8G cores=2 root-disk=40G --series=xenial #for openstack machine(s) 0
juju add-machine --constraints mem=7G cores=4 root-disk=40G --series=xenial #for compute machine(s) 1,(3)
juju add-machine --constraints mem=15G cores=2 root-disk=300G --series=xenial #for contrail machine 2
- Deploy OpenStack services.
You can deploy OpenStack services by using any one of the following methods:
By specifying the OpenStack parameters in a YAML file
The following is an example of a YAML-formatted (
nova-compute-config.yaml
) file.nova-compute: openstack-origin: cloud:xenial-ocata virt-type: qemu enable-resize: True enable-live-migration: True migration-auth-type: ssh
Use this command to deploy OpenStack services by using a YAML-formatted file:
juju deploy cs:xenial/nova-compute --config ./nova-compute-config.yaml
By using CLI
To deploy OpenStack services through the CLI:
juju deploy cs:xenial/nova-cloud-controller --config console-access-protocol=novnc --config openstack-origin=cloud:xenial-ocata
By using a combination of YAML-formatted file and CLI
To deploy OpenStack services by using a combination of YAML-formatted file and CLI:
Note Use the
--to <machine number>
command to point to a machine or container where you want the application to be deployed.juju deploy cs:xenial/ntp juju deploy cs:xenial/rabbitmq-server --to lxd:0 juju deploy cs:xenial/percona-cluster mysql --config root-password=<root-password> --config max-connections=1500 --to lxd:0 juju deploy cs:xenial/openstack-dashboard --config openstack-origin=cloud:xenial-ocata --to lxd:0 juju deploy cs:xenial/nova-cloud-controller --config console-access-protocol=novnc --config openstack-origin=cloud:xenial-ocata --config network-manager=Neutron --to lxd:0 juju deploy cs:xenial/neutron-api --config manage-neutron-plugin-legacy-mode=false --config openstack-origin=cloud:xenial-ocata --config neutron-security-groups=true --to lxd:0 juju deploy cs:xenial/glance --config openstack-origin=cloud:xenial-ocata --to lxd:0 juju deploy cs:xenial/keystone --config admin-password=<admin-password> --config admin-role=admin --config openstack-origin=cloud:xenial-ocata --to lxd:0
Note You set OpenStack services on different machines or on different containers to prevent HAProxy conflicts from applications.
- Deploy and configure nova-compute.
juju deploy cs:xenial/nova-compute --config ./nova-compute-config.yaml --to 1
Note You can deploy nova-compute to more than one compute machine.
(Optional) To add additional computes:
juju add-unit nova-compute --to 3 # Add one more unit
- Deploy and configure Contrail services.
juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-keystone-auth --to 2 juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-controller --config auth-mode=rbac --config cassandra-minimum-diskgb=4 --config cassandra-jvm-extra-opts="-Xms1g -Xmx2g" --to 2 juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-analyticsdb cassandra-minimum-diskgb=4 --config cassandra-jvm-extra-opts="-Xms1g -Xmx2g" --to 2 juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-analytics --to 2 juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-openstack juju deploy --series=xenial $CHARMS_DIRECTORY/contrail-charms/contrail-agent
- Enable applications to be available to external traffic:
juju expose openstack-dashboard juju expose nova-cloud-controller juju expose neutron-api juju expose glance juju expose keystone
- Enable contrail-controller
and contrail-analytics services to be available to external traffic
if you do not use HAProxy.
juju expose contrail-controller juju expose contrail-analytics
- Apply SSL.
You can apply SSL if needed. To use SSL with Contrail services, deploy easy-rsa service and
add-relation
command to create relations to contrail-controller service and contrail-agent services.juju deploy cs:~containers/xenial/easyrsa --to 0 juju add-relation easyrsa contrail-controller juju add-relation easyrsa contrail-agent
- (Optional) HA configuration.
If you use more than one controller, follow the HA solution given below:
- Deploy HAProxy and Keepalived services.
HAProxy charm is deployed on machines with Contrail controllers. HAProxy charm must have
peering_mode
set toactive-active
. Ifpeering_mode
is set toactive-passive
, HAProxy creates additional listeners on the same ports as other Contrail services. This leads to port conflicts.Keepalived charm does not require
to
option.juju deploy cs:xenial/haproxy --to <first contrail-controller machine> --config peering_mode=active-active juju add-unit haproxy --to <another contrail-controller machine> juju deploy cs:~boucherv29/keepalived-19 --config virtual_ip=<vip>
- Enable HAProxy to be available to external traffic.
juju expose haproxy
Note If you enable HAProxy to be available to external traffic, do not follow step 6.
- Add HAProxy and Keepalived relations.
juju add-relation haproxy:juju-info keepalived:juju-info juju add-relation contrail-analytics:http-services haproxy juju add-relation contrail-controller:http-services haproxy juju add-relation contrail-controller:https-services haproxy
- Configure contrail-controller service with VIP.
juju set contrail-controller vip=<vip>
- Deploy HAProxy and Keepalived services.
- Add other necessary relations.
juju add-relation keystone:shared-db mysql:shared-db juju add-relation glance:shared-db mysql:shared-db juju add-relation keystone:identity-service glance:identity-service juju add-relation nova-cloud-controller:image-service glance:image-service juju add-relation nova-cloud-controller:identity-service keystone:identity-service juju add-relation nova-cloud-controller:cloud-compute nova-compute:cloud-compute juju add-relation nova-compute:image-service glance:image-service juju add-relation nova-compute:amqp rabbitmq-server:amqp juju add-relation nova-cloud-controller:shared-db mysql:shared-db juju add-relation nova-cloud-controller:amqp rabbitmq-server:amqp juju add-relation openstack-dashboard:identity-service keystone juju add-relation neutron-api:shared-db mysql:shared-db juju add-relation neutron-api:neutron-api nova-cloud-controller:neutron-api juju add-relation neutron-api:identity-service keystone:identity-service juju add-relation neutron-api:amqp rabbitmq-server:amqp juju add-relation contrail-controller ntp juju add-relation nova-compute:juju info ntp:juju info juju add-relation contrail-controller contrail-keystone-auth juju add-relation contrail-keystone-auth keystone juju add-relation contrail-controller contrail-analytics juju add-relation contrail-controller contrail-analyticsdb juju add-relation contrail-analytics contrail-analyticsdb juju add-relation contrail-openstack neutron-api juju add-relation contrail-openstack nova-compute juju add-relation contrail-openstack contrail-controller juju add-relation contrail-agent:juju info nova-compute:juju info juju add-relation contrail-agent contrail-controller