Installing the Virtual Route Reflector Image Using OpenStack

 

OpenStack is a free, open-source cloud computing platform that supports creation and management of virtual Route Reflectors (vRR). OpenStack allows you to:

  • Attach a VNIC to a physical NIC

  • Display a graphical representation of the virtual machine

  • Allocate a specific amount of disk space for the virtual machine

  • Take a snapshot of a running virtual machine

  • Create a new virtual machine from a snapshot

The physical and virtual machines are connected using OpenvSwitch, which eliminates the need to configure tunnels and overlays, such as MPLS over GRE and MPLS over UDP. OpenvSwitch also provides better performance than other methods, because the physical NICs are dedicated to specific VNICs.

This topic includes the following tasks:

Composing User Authentication Credentials

Appropriate user credentials are required for authentication to succeed for every OpenStack command. You can compose credentials with either of the following two methods:

Exporting User Credentials Once

To avoid passing user credentials every time you use the OpenStack command line, export the credentials:

  1. Create a keystonerc file with the following contents:

    where

    • token—Authorization token

    • username—OpenStack user name

    • tenant-name—Tenant name

    • password—Password for OpenStack user

    • ip_address_of_keystone:portNumber—IP address of the keystone authentication server and its port number

  2. Perform a sourcing of the keystonerc file:

Passing User Credentials Each Time You Use a Command

To pass credentials on the command line every time you execute an OpenStack command:

  • Enter the following in the OpenStack command line:

    where

    • username—OpenStack user name

    • tenant-name—Tenant name

    • password—Password for OpenStack user

    • ip_address_of_keystone:portNumber—IP address of the keystone authentication server and its port number

Registering an Image

Before the vRR image can be used to create a vRR instance, the image must be brought into the glance directory.

To bring the vRR image into the glance directory:

  • Enter the following in the OpenStack command line:

    where

    • image-name—A name for the image. This name is used later when creating the vRR instance.

    • image-location—The location of the vRR image.

Updating the Disk, CD-ROM, and VIF Settings for the Image

By default, OpenStack uses virtio for disk, CDROM, and VIF (NIC) models, but Junos-based images do not support virtio drivers. You must update the image to change these settings.

  1. Enter the following in the OpenStack command line:

    The image-name is the name of the image you used in Registering an Image.

  2. Verify that the image was brought into the glance directory by entering the following in the OpenStack command line:

    The image that you used in Registering an Image should be in the list of images that is displayed.

Creating a Virtual Hardware Template

A virtual hardware template in OpenStack is called a flavor. A flavor defines a set of hardware parameters, and is later applied to the vRR instance.

To create a flavor for a vRR instance:

  1. Enter the following in the OpenStack command line:

    This makes the flavor available to the public, sets the flavor ID to 6, sets the memory size to 16384 GB, sets the disk size to 10 GB, and sets the number of virtual CPUs to one.

    The flavor-name is the name of the flavor, for example VRR-flavor.

  2. Verify that the flavor was created by entering the following in the OpenStack command line:

    The flavor that you configured in Step 1 should be in the list of flavors that is displayed.

Creating Networks and Subnets

Create networks and subnets for internal and external communication. The virtual NICs of the vRR instances can later be attached to the subnets.

  1. To create a private network, enter the following in the OpenStack command line:

    The private-network-name is the name of the private network.

    For example:

  2. To create a subnet for a private network, enter the following in the OpenStack command line:

    where

    • private-subnet-name—Name of the subnet

    • private-network-name—Name of the private network to which the subnet belongs

    • subnet-cidr—CIDR of the subnet

    For example:

  3. To create a public network, enter the following in the OpenStack command line:

    The public-network-name is the name of the public network.

    For example:

  4. To create a subnet for a public network, enter the following in the OpenStack command line:

    where

    • public-network-name—Name of the public network to which the subnet belongs

    • subnet-cidr—CIDR of the subnet

    • public-subnet-name—Name of the subnet

    • start_ip_address—Lowest IP address in the allocated address range

    • end_ip_address—Highest IP address in the allocated address range

    • gateway_ip_address—Gateway IP address for the host machine

    For example:

  5. Verify that the networks were created by entering the following in the OpenStack command line:

    The networks that you configured should be in the list that is displayed.

    For example:

  6. Verify that the subnets were created by entering the following in the OpenStack command line:

    The subnets that you configured should be in the list that is displayed.

    For example:

Creating a vRR Instance

An instance is a virtual machine on which the vRR runs. To create the instance, you provide the image name, the flavor, the network ID for the virtual NIC, and a name for the instance.

To create a vRR instance:

  1. Display the ID of the network that you want to associate with the vRR instance virtual NIC by entering the following in the OpenStack command line:

    For example:

  2. Record the ID of the network.
  3. Enter the following in the OpenStack command line:

    where

    • image-name—Image name that you used in Registering an Image

    • net-id—ID of the network that you want to associate with the vRR instance virtual NIC

    • instance-name—The name for the vRR instance

    For example:

  4. Verify that the vRR instance has been created by entering the following in the OpenStack command line:

    The instance that you created should be in the list that is displayed.

Creating a Router

An OpenStack router is a logical entity that routes packets among internal subnets, forwards packets from internal networks to external networks, and accesses the vRR instances from external networks. You must create a router and create an interface on the router for each subnet with which it communicates.

Note

The em0 interface can only function as a management interface. You cannot use the em0 interface for routing configurations.

  1. To create a router, enter the following in the OpenStack command line:

    The router-name is the name for the router.

    The ID of the router is displayed.

    For example:

  2. Record the ID of the router.
  3. Display the ID of the subnet with which the router should communicate by entering the following in the OpenStack command line:

    For example:

  4. Record the ID of the subnet.
  5. Create an interface on the router for the subnet with which it communicates by entering the following in the OpenStack command line.

    where

    • router-id—ID of the router

    • subnet-id—ID of the subnet

    For example:

  6. Display the networks.

    For example:

  7. Record the ID of the public network that should serve as the gateway for the router.
  8. Configure the router as an external gateway by entering the following in the OpenStack command line.

    where

    • router-id—ID of the router

    • net-id—ID of the public network that serves as the gateway for the router

    For example:

Assigning a Floating IP to a vRR Instance

A floating IP represents an external IP address, and provides access to the vRR instance from an external network. A floating IP can only be created for a network that has the router:external attribute.

  1. Create a floating IP for the public network by entering the following in the OpenStack command line.

    The public-network-name is the name of the public network.

    For example:

    Information for the floating IP appears.

    For example:

  2. Record the address of the floating IP.
  3. Assign the floating IP to the vRR instance by entering the following in the OpenStack command line.

    where

    • instance-name—Instance name that you used in Creating a vRR Instance

    • floating-ip-address— IP address you recorded in Step 2

    For example:

  4. Verify that the floating IP has been created by entering the following in the OpenStack command line:

    The floating IP that you created should be in the list that is displayed.

Configuring Security Group Rules

To allow access to the vRR instance via SSH and ping, you must create security rules.

  1. Create a security rule for TCP traffic and assign it to the default security group by entering the following in the OpenStack command line.

    where

    • start-port-range—Lowest port number in the allowed port range. To allow any port, use -1 -1 for the port range.

    • end-port-range—Highest port number in the allowed port range.

    • cidr-address-range—CIDR of the allowed address range.

    For example:

  2. Create a security rule for ICMP traffic and assign it to the default security group by entering the following in the OpenStack command line.

    For example: