Contrail Insights MultiCluster Proxy
Overview
With the MultiCluster Proxy feature, the primary Contrail Insights Platform is capable of redirecting requests through a proxy container so that requests to different clusters in the MultiCluster environment can be made through the primary cluster.
The use case for this MultiCluster Proxy mode is when not all
clusters in the MultiCluster environment can be accessed by the user
directly. This mode can be enabled so that all requests go through
a proxy container exposed on the primary appformix_controller
node. This proxy container will then reroute the request to the
appropriate cluster and deliver back the response to the client.
The default MultiCluster View does not support this proxy behavior and can only be used in situations where the client/browser have access to all clusters in the MultiCluster environment. MultiCluster Proxy is a second mode of MultiCluster that allows this limited connectivity to work where the client only needs access to the primary cluster.
Requirements
Contrail Insights installed on all of the clusters.
Deploy Primary Contrail Insights Platform node(s) with a
MultiClusterProxy
enabled license.Primary Contrail Insights Platform node(s) must have connectivity to all of the clusters that are a part of the MultiCluster environment.
If the primary cluster is a high availability (HA) setup then port 27000 must be open on all of the Platform nodes.
Ansible
Configuring MultiClusterProxy on an HA setup through Ansible is deprecated starting with AppFormix version 3.2. Use the Contrail Insights Dashboard to configure clusters by selecting Settings > AppFormix Settings > Add Clusters.
Ansible Playbooks
appformix_proxy_add_cluster.yml
Playbook to add cluster to the MultiCluster Proxy enabled Contrail Insights.
Gets the
appformix_master_auth
token to POST to/cluster_definition
. This role takes the setup from theinventory/group_vars/all
for the new cluster that is being added. See “MultiCluster Proxy Deployment Workflow.”Executes
appformix_docker_images
role to load haproxy container for the first time.Runs scripts to add required entries into
haproxy.cfg
for each cluster that is added.
If the primary cluster is an HA setup then use the playbook appformix_proxy_add_cluster_ha.yml
.
appformix_proxy_delete_cluster.yml
Playbook to delete cluster from the MultiCluster Proxy enabled Contrail Insights.
Does DELETE to
/cluster_definition
usingmaster_auth_token
.Runs scripts to remove entries from
haproxy.cfg
for each cluster that is removed.When primary cluster is removed, haproxy container is also deleted.
If the primary cluster is an HA setup then use the playbook appformix_proxy_delete_cluster_ha.yml
.
Ansible Roles
appformix_multicluster_config
Role to add or remove clusters from appformix_controller.
Does POST/DELETE to
/cluster_definition
end point depending on whether the action isadd
ordelete
.The
cluster_username
andcluster_password
can not be set concurrently withcluster_token
. If the license for a cluster supports authentication with username and password, thencluster_username
andcluster_password
can be set.If
cluster_username
andcluster_password
are set, setcluster_token
to empty string (“”).If
cluster_token
is set, set bothcluster_username
andcluster_password
to empty string (“”).
The appformix_multicluster_config
requires the following variables be defined:
cluster_name
cluster_controller_host
cluster_controller_port
cluster_auth_type
cluster_username
cluster_password
cluster_token
is_master_cluster
Example:
cluster_name: <name of cluster> cluster_controller_host: <hostname or ip> cluster_controller_port: 9000 #(unless configured) cluster_auth_type: appformix cluster_token: <appformix_token> #(can be found in controller_node: #/opt/appformix/etc/appformix_token.rst) is_master_cluster: <True/False> #(True for adding master node only)
MultiCluster Proxy Deployment Workflow
Deploying the MultiCluster Proxy feature consists of the following steps:
Install Contrail Insights on all the clusters.
We recommend installing the same Contrail Insights version on all clusters.
Primary cluster is required to be deployed with a
MultiClusterProxy
enabled software license.
In
inventory/group_vars/all
, provide the information for primary node first. Refer to Ansible Roles for the sample inventory entry. Confirm thatis_master_cluster
is set to True.Run the playbook
appformix_proxy_add_cluster.yml
to add this cluster as primary cluster. Refer to Ansible Playbooks.For adding other clusters, make an inventory entry as shown in Ansible Roles (with
is_master_cluster
set to False). After each entry, run the playbookappformix_proxy_add_cluster.yml
to add this cluster. Refer to Ansible Playbooks.Open the Dashboard for the MultiCluster setup in a Web browser. For example:
http://<master-cluster-IP>:18081
Note that after AppFormix release 3.2.0, in HA setups, the Dashboard should be accessed on port 9000 and clusters should be added through the UI.
To delete a cluster:
Keep the inventory entry of the cluster that needs to be deleted, having the other clusters’ inventory entry commented out.
Run the playbook
appformix_proxy_delete_cluster.yml
to delete the cluster. See Ansible Playbooks.Note:Removing the primary cluster, removes the proxy container as well, if the primary cluster is a single node installation.
Use the playbooks
appformix_proxy_add_cluster_ha.yml
orappformix_proxy_delete_cluster_ha.yml
if the primary cluster is an HA setup.
Overview of v2 API URLS
GET /appformix/analytics/v2.0/cluster_stats |
Returns cluster statistics for the cluster. |
GET /appformix/controller/v2.0/clusters |
Returns a list of all clusters added to the Contrail Insights primary cluster. |
GET /appformix/controller/v2.0/clusters/<cluster_id> |
Returns information of a cluster added to Contrail Insights
primary cluster with |
Make GET Query with Contrail Insights MultiCluster Proxy
Call GET /appformix/controller/v2.0/clusters
to identify which cluster you would like to query. Take note of
the ClusterId
.
Make the GET queries by entering the following commands:
URL format:
http://<appformix_controller_primary_proxy_node>:18081/clusters/cluster_Id/<any_appformix_v2_endpoint>
Then run the following command to get the response with appropriate headers:
curl -X GET -H 'Content-Type: application/json' -H 'X-Auth-Type: appformix' -H 'X-Auth-Token: appformix_master_auth_token_for_cluster1' http://<master-cluster-IP>:18081/cluster/<cluster_Id>/appformix/controller/v2.0/<any_v2_end_point>
Above port 18081
should be replaced
with 9000
in HA deployments starting with
AppFormix release 3.2.
Example:
To get hosts from a cluster with ID b50adf04-4c07-11e9-b016-0242ac120005
, whose Contrail Insights master_auth_token
is d90f9d18-4c07-11e9-9545-0242ac120005
, with a MultiCluster primary IP as 10.1.1.2, run the following:
curl -X GET -H 'Content-Type: application/json' -H 'X-Auth-Type: appformix' -H 'X-Auth-Token: d90f9d18-4c07-11e9-9545-0242ac120005' http://10.1.1.2:18081/cluster/b50adf04-4c07-11e9-b016-0242ac120005/appformix/controller/v2.0/hosts
Verify that you use the correct Contrail Insights token for
corresponding clusters. The Contrail Insights token can be found at /opt/appformix/etc/appformix_token.rst
in the Contrail
Insights Platform node of that cluster.
Testing the MultiCluster Proxy
To test the MultiClusterProxy feature:
Select Settings > API Documentation > Link to AppFormix Documentation.
Use the following API:
GET /appformix/controller/v2.0/cluster_haproxy_output/{cluster_id}
Provide the following arguments:
Argument
Description
id
Id of the cluster.
X-Auth-Type
Authentication Type for Contrail Insights of cluster with id.
X-Auth-Token
Authentication Token for Contrail Insights of cluster with id.
component
API component.
endpoint
GET Endpoint to forward.
id The cluster id can be obtained by these commands:
GET
/appformix/controller/v2.0/clusters
Returns a list of all clusters added to the Contrail Insights primary cluster.
GET
/appformix/controller/v2.0/clusters/<cluster_id>
Returns information of a cluster added to Contrail Insights primary cluster with
cluster_id
.
X-Auth-Type, X-Auth-Token Authentication type and token of Contrail Insights Platform on the cluster to forward to.
component Either
controller
oranalytics
, depending on the endpoint you want to forward to.endpoint Any available v2 GET endpoint.
Note:For endpoints that require query or string arguments, for example
controller/data/metrics
, you need to construct the argument in the endpoint with standard format:<endpoint>?arg1=val1&arg2=val2 ...