Understanding contrail-ansible-deployer used in Contrail Command
This topic provides an overview of contrail-ansible-deployer used by Contrail
Command tool. It is used for installing Contrail Networking
with microservices architecture.
To understand Contrail microservices, refer to Understanding Contrail Microservices Architecture. For step by step procedure on how to install Contrail using Contrail Command deployer, refer to Installing a Contrail Cluster using Contrail Command and instances.yml.
What is the contrail-ansible-deployer?
The contrail-ansible-deployer is
a set of Ansible playbooks designed to deploy Contrail Networking
with microservices architecture.
The contrail-ansible-deployer contains three playbooks:
provision_instances.yml
This playbook provisions the operating system instances for hosting the containers. It supports the following infrastructure providers:
kvm.
gce.
aws.
configure_instances.yml
This playbook configures the provisioned instances. The playbook installs software and configures the operating system to meet the required prerequisite standards. This is applicable to all providers.
install_contrail.yml
This playbook pulls, configures, and starts the Contrail containers.
Preparing to Install with Contrail Command
This section helps you prepare your system before installing
Contrail Networking using contrail-command-deployer.
Prerequisites
Make sure your system meets the following requirements before
running contrail-command-deployer.
Confirm that you are running compatible versions of CentOS, Ansible, Docker, and any other software component for your system in your environment. See Contrail Networking Supported Platforms List.
Name resolution is operational for long and short host names of the cluster nodes, through either DNS or the host file.
For high availability (HA), confirm that the time is in sync between the cluster nodes.
The time must be synchronized between the cluster nodes using Network Time Protocol (ntp).
Supported Providers
The playbooks support installing Contrail Networking on the following providers:
bms—bare metal server.
kvm—kernel-based virtual machine (KVM)-hosted virtual machines.
gce—Google compute engine (GCE)-hosted virtual machines.
aws—Amazon Web Services (AWS)-hosted virtual machines.
Configure the instances.yaml File for Your Environment
The configuration for all three playbooks is contained in a single file,
config/instances.yaml.
The configuration has multiple main sections, including:
The main sections of the instances.yaml file are described in this
section. Using the sections that are appropriate for your system, configure each with
parameters specific to your environment.
- Provider Configuration
- Global Services Configuration
- Contrail Services Configuration
- Kolla Services Configuration
Provider Configuration
The section provider_config configures provider-specific settings.
KVM Provider Example
Use this example if you are in a kernel-based virtual machine (kvm) hosted environment.
Passwords are provided in this output for illustrative purposes only. We suggest using unique passwords in accordance with your organization’s security guidelines in your environment.
provider_config: # the provider section contains all provider relevant configuration
kvm: # Mandatory.
image: CentOS-7-x86_64-GenericCloud-1710.qcow2.xz # Mandatory for provision play. Image to be deployed.
image_url: https://cloud.centos.org/centos/7/images/ # Mandatory for provision play. Path/url to image.
ssh_pwd: contrail123 # Mandatory for provision/configuration/install play. Ssh password set/used.
ssh_user: centos # Mandatory for provision/configuration/install play. Ssh user set/used.
ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional for provision/configuration/install play.
ssh_private_key: /home/centos/.ssh/id_rsa # Optional for provision/configuration/install play.
vcpu: 12 # Mandatory for provision play.
vram: 64000 # Mandatory for provision play.
vdisk: 100G # Mandatory for provision play.
subnet_prefix: ip-address # Mandatory for provision play.
subnet_netmask: subnet-mask # Mandatory for provision play.
gateway: gateway-ip-address # Mandatory for provision play.
nameserver: dns-ip-address # Mandatory for provision play.
ntpserver: ntp-server-ip-address # Mandatory for provision/configuration play.
domainsuffix: local # Mandatory for provision play.BMS Provider Example
Use this example if you are in a bare metal server (bms) environment.
Passwords are provided in this output for illustrative purposes only. We suggest using unique passwords in accordance with your organization’s security guidelines in your environment.
provider_config:
bms: # Mandatory.
ssh_pwd: contrail123 # Optional. Not needed if ssh keys are used.
ssh_user: centos # Mandatory.
ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional. Not needed if ssh password is used.
ssh_private_key: /home/centos/.ssh/id_rsa # Optional. Not needed if ssh password is used.
ntpserver: ntp-server-ip-address # Optional. Needed if ntp server should be configured.
domainsuffix: local # Optional. Needed if configuration play should configure /etc/hostsSSH Host Identity Keys must be accepted or installed on the Deployer node before proceeding with Contrail installation.
To do so:
-
Make SSH connection to each target machine from the Deployer VM using Deployer user credentials and click Yes to accept the SSH Host Key.
or
-
Set the environmental variable ANSIBLE_HOST_KEY_CHECKING value to False.
ANSIBLE_HOST_KEY_CHECKING=false
or
-
Set [defaults] host_key_checking value to False in ansible.cfg file.
[defaults] host_key_checking=false
AWS Provider Example
Use this example if you are in an Amazon Web Services (AWS) environment.
provider_config:
aws: # Mandatory.
ec2_access_key: THIS_IS_YOUR_ACCESS_KEY # Mandatory.
ec2_secret_key: THIS_IS_YOUR_SECRET_KEY # Mandatory.
ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional.
ssh_private_key: /home/centos/.ssh/id_rsa # Optional.
ssh_user: centos # Mandatory.
instance_type: t2.xlarge # Mandatory.
image: ami-337be65c # Mandatory.
region: eu-central-1 # Mandatory.
security_group: SECURITY_GROUP_ID # Mandatory.
vpc_subnet_id: VPC_SUBNET_ID # Mandatory.
assign_public_ip: yes # Mandatory.
volume_size: 50 # Mandatory.
key_pair: KEYPAIR_NAME # Mandatory.GCE Provider Example
Use this example if you are in a Google Cloud environment.
provider_config:
gce: # Mandatory.
service_account_email: # Mandatory. GCE service account email address.
credentials_file: # Mandatory. Path to GCE account json file.
project_id: # Mandatory. GCE project name.
ssh_user: # Mandatory. Ssh user for GCE instances.
ssh_pwd: # Optional. Ssh password used by ssh user, not needed when public is used
ssh_private_key: # Optional. Path to private SSH key, used by by ssh user, not needed when ssh-agent loaded private key
machine_type: n1-standard-4 # Mandatory. Default is too small
image: centos-7 # Mandatory. For provisioning and configuration only centos-7 is currently supported.
network: microservice-vn # Optional. Defaults to default
subnetwork: microservice-sn # Optional. Defaults to default
zone: us-west1-aA # Optional. Defaults to ?
disk_size: 50 # Mandatory. Default is too smallGlobal Services Configuration
This section sets global service parameters. All parameters are optional.
global_configuration: CONTAINER_REGISTRY: hub.juniper.net/contrail REGISTRY_PRIVATE_INSECURE: True CONTAINER_REGISTRY_USERNAME: YourRegistryUser CONTAINER_REGISTRY_PASSWORD: YourRegistryPassword
Contrail Services Configuration
This section sets global Contrail service parameters. All parameters are optional.
contrail_configuration: # Contrail service configuration section CONTRAIL_VERSION: latest UPGRADE_KERNEL: true
For a complete list of parameters available for contrail_configuration.md, see Contrail Configuration Parameters for Ansible Deployer.
Kolla Services Configuration
If OpenStack Kolla is deployed, this section defines the parameters for Kolla.
kolla_config:
Instances Configuration
Instances are the operating systems on which the containers will be launched. The instance configuration has a few provider-specific parameters. The instance configuration specifies which roles are installed on which instance. Additionally, instance-wide and role-specific Contrail and Kolla configurations can be specified, overwriting the parameters from the global Contrail and Kolla configuration settings.
- KVM Contrail Plane Instance
- GCE Default All-in-One Instance
- AWS Default Three Node HA Instance
- More Examples
KVM Contrail Plane Instance
The following example is a KVM-based instance only, installing Contrail control plane containers.
instances:
kvm1:
provider: kvm
roles:
config_database:
config:
control:
analytics_database:
analytics:
webui:
kubemanager:
k8s_master:GCE Default All-in-One Instance
The following example is a very simple all-in-one GCE instance. It will install all Contrail roles and the Kubernetes master and node, using the default configuration.
instances:
gce1: # Mandatory. Instance name
provider: gce # Mandatory. Instance runs on GCEAWS Default Three Node HA Instance
The following example uses three AWS EC2 instances to deploy a three node high availability setup with all roles and default parameters.
instances:
aws1:
provider: aws
aws2:
provider: aws
aws3:
provider: awsMore Examples
Refer to the following for more configuration examples for instances.
Installing a Contrail System
To perform a full installation of a Contrail system, refer to the installation instructions in: Installing a Contrail Cluster using Contrail Command and instances.yaml.