Installing Contrail with OpenStack by Using Juju Charms
You can deploy Contrail by using Juju Charms. Juju helps you deploy, configure, and efficiently manage applications on private clouds and public clouds. Juju accesses the cloud with the help of a Juju controller. A Charm is a module containing a collection of scripts and metadata and is used with Juju to deploy Contrail.
Starting in Contrail Networking Release 2011, Contrail Networking supports OpenStack Ussuri with Ubuntu version 18.04 (Bionic Beaver) and Ubuntu version 20.04 (Focal Fossa).
Contrail supports the following charms:
contrail-agent
contrail-analytics
contrail-analyticsdb
contrail-controller
contrail-keystone-auth
contrail-openstack
These topics describe how to deploy Contrail by using Juju Charms.
Preparing to Deploy Contrail by Using Juju Charms
Follow these steps to prepare for deployment:
Deploying Contrail Charms
You can deploy Contrail Charms in a bundle or manually.
Deploy Contrail Charms in a Bundle
Follow these steps to deploy Contrail Charms in a bundle.
Deploying Juju Charms with OpenStack Manually
Before you begin deployment, ensure that you have:
Installed and configured Juju
Created a Juju controller
Ubuntu 16.04 or Ubuntu 18.04 installed
Follow these steps to deploy Juju Charms manually:
Options for Juju Charms
Each Contrail Charm has a specific set of options. The options you choose depend on the charms you select. The following tables list the various options you can choose:
Options for contrail-agent Charms.
Table 1: Options for contrail-agent Option
Default option
Description
physical-interfaceSpecify the interface where you want to install vhost0 on. If you do not specify an interface, vhost0 is installed on the default gateway interface.
vhost-gatewayautoSpecify the gateway for vhost0. You can enter either an IP address or the keyword (
auto) to automatically set a gateway based on the existing vhost routes.remove-juju-bridgetrueTo install vhost0 directly on the interface, enable this option to remove any bridge created to deploy LXD/LXC and KVM workloads.
dpdkfalseSpecify DPDK vRouter.
dpdk-driveruio_pci_genericSpecify DPDK driver for the physical interface.
dpdk-hugepages70%Specify the percentage of huge pages reserved for DPDK vRouter and OpenStack instances.
dpdk-coremask1Specify the vRouter CPU affinity mask to determine on which CPU the DPDK vRouter will run.
dpdk-main-mempool-sizeSpecify the main packet pool size.
dpdk-pmd-txd-sizeSpecify the DPDK PMD Tx Descriptor size.
dpdk-pmd-rxd-sizeSpecify the DPDK PMD Rx Descriptor size.
docker-registryopencontrailnightlySpecify the URL of the docker-registry.
docker-registry-insecurefalseSpecify if the docker-registry should be configured.
docker-userLog in to the docker registry.
docker-passwordSpecify the docker-registry password.
image-taglatestSpecify the docker image tag.
log-levelSYS_NOTICESpecify the log level for Contrail services.
Options:
SYS_EMERG, SYS_ALERT, SYS_CRIT, SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO, SYS_DEBUGhttp_proxySpecify URL.
https_proxySpecify URL.
kernel-hugepages-1gParameter not enabled by default.
Note:2MB huge pages for kernel-mode vRouters are enabled by default.
Specify the number of 1G huge pages for use with vRouters in kernel mode.
You can enable huge pages to avoid compute node reboots during software upgrades.
This parameter must be specified at initial deployment. It cannot be modified in an active deployment. If you need to migrate to huge page usage in an active deployment, use 2MB huge pages if suitable for your environment.
We recommend allotting 2GB of memory—either using the default 1024x2MB huge page size setting or the 2x1GB size setting—for huge pages. Other huge page size settings should only be set by expert users in specialized circumstances.
1GB and 2MB huge pages cannot be enabled simultaneously in environments using Juju. If you are using this command parameter to enable 1GB huge pages, you must also disable 2MB huge pages. 2MB huge pages can be disabled by entering the juju config contrail-agent kernel-hugepages-2m=““ command with an empty value.
A compute node reboot is required to enable a huge page setting configuration change. After this initial reboot, compute nodes can complete software upgrades without a reboot.
Huge pages are disabled for kernel-mode vRouters if the
kernel-hugepages-1gand thekernel-hugepages-2moptions are not set.This parameter was introduced in Contrail Networking Release 2005.
kernel-hugepages-2m1024Specify the number of 2MB huge pages for use with vRouters in kernel mode. Huge pages in Contrail Networking are used primarily to allocate flow and bridge table memory within the vRouter. Huge pages for kernel-mode vRouters provide enough flow and bridge table memory to avoid compute node reboots to complete future Contrail Networking software upgrades.
1024x2MB huge pages are configured by default starting in Contrail Networking Release 2005. A compute node reboot is required to enable a kernel-mode vRouter huge page setting configuration change, however, so this huge page setting is not enabled on a compute node until the compute node is rebooted.
After a compute node is rebooted to enable a vRouter huge page setting, compute nodes can complete software upgrades without a reboot.
We recommend allotting 2GB of memory—either using the default 1024x2MB huge page size setting or the 2x1GB size setting—for kernel-mode vRouter huge pages. Other huge page size settings should only be set by expert users in specialized circumstances.
1GB and 2MB huge pages cannot be enabled simultaneously in environments using Juju. If you are using this command parameter to enable 2MB huge pages, you must also disable 1GB huge pages. 1GB huge pages are disabled by default and can also be disabled by entering the juju config contrail-agent kernel-hugepages-1g=““ command with an empty value. 1GB huge pages can only be enabled at initial deployment; you cannot initially enable 1GB huge pages in an active deployment.
Huge pages are disabled for kernel-mode vRouters if the
kernel-hugepages-1gand thekernel-hugepages-2moptions are not set.no_proxySpecify the list of destinations that must be directly accessed.
Options for contrail-analytics Charms.
Table 2: Options for contrail-analytics Option
Default option
Description
control-networkSpecify the IP address and network mask of the control network.
docker-registrySpecify the URL of the docker-registry.
docker-registry-insecurefalseSpecify if the docker-registry should be configured.
docker-userLog in to the docker registry.
docker-passwordSpecify the docker-registry password.
image-tagSpecify the docker image tag.
log-levelSYS_NOTICESpecify the log level for Contrail services.
Options:
SYS_EMERG, SYS_ALERT, SYS_CRIT, SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO, SYS_DEBUGhttp_proxySpecify URL.
https_proxySpecify URL.
no_proxySpecify the list of destinations that must be directly accessed.
Options for contrail-analyticsdb Charms.
Table 3: Options for contrail-analyticsdb Option
Default option
Description
control-networkSpecify the IP address and network mask of the control network.
cassandra-minimum-diskgb256Specify the minimum disk requirement.
cassandra-jvm-extra-optsSpecify the memory limit.
docker-registrySpecify the URL of the docker-registry.
docker-registry-insecurefalseSpecify if the docker-registry should be configured.
docker-userLog in to the docker registry.
docker-passwordSpecify the docker-registry password.
image-tagSpecify the docker image tag.
log-levelSYS_NOTICESpecify the log level for Contrail services.
Options:
SYS_EMERG, SYS_ALERT, SYS_CRIT, SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO, SYS_DEBUGhttp_proxySpecify URL.
https_proxySpecify URL.
no_proxySpecify the list of destinations that must be directly accessed.
Options for contrail-controller Charms.
Table 4: Options for contrail-controller Option
Default option
Description
control-networkSpecify the IP address and network mask of the control network.
auth-moderbacSpecify the authentication mode.
Options:
rbsc,cloud-admin,no-auth.For more information, see https://github.com/Juniper/contrail-controller/wiki/RBAC.
cassandra-minimum-diskgb20Specify the minimum disk requirement.
cassandra-jvm-extra-optsSpecify the memory limit.
cloud-admin-roleadminSpecify the role name in keystone for users who have admin-level access.
In environments using Canonical orchestration with Contrail Networking, you should change the cloud-admin-role to Admin with a capital A in most scenarios. The default cloud admin role in Contrail Networking is admin and the default cloud admin role in Canonical is Admin. These cloud admin role names must match to grant users admin-level access. You can ensure this matching by setting this field to Admin in environments using the default settings.
global-read-only-roleSpecify the role name in keystone for users who have read-only access.
vipSpecify if the Contrail API VIP is used for configuring client-side software. If not specified, private IP of the first Contrail API VIP unit will be used.
use-external-rabbitmqfalseTo enable the Charm to use the internal RabbitMQ server, set
use-external-rabbitmqtofalse.To use an external AMQP server, set
use-external-rabbitmqtotrue.Note:Do not change the flag after deployment.
flow-export-rate0Specify how many flow records are exported by vRouter agent to the Contrail Collector when a flow is created or deleted.
docker-registrySpecify the URL of the docker-registry.
docker-registry-insecurefalseSpecify if the docker-registry should be configured.
docker-userLog in to the docker registry.
docker-passwordSpecify the docker-registry password.
image-tagSpecify the docker image tag.
log-levelSYS_NOTICESpecify the log level for Contrail services.
Options:
SYS_EMERG, SYS_ALERT, SYS_CRIT, SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO, SYS_DEBUGhttp_proxySpecify URL.
https_proxySpecify URL.
no_proxySpecify the list of destinations that must be directly accessed.
Options for contrail-keystone-auth Charms.
Table 5: Options for contrail-keystone-auth Option
Default option
Description
ssl_caSpecify if the base64-encoded SSL CA certificate is provided to Contrail keystone clients.
Note:This certificate is required if you use a privately signed ssl_cert and ssl_key.
Options for contrail-openstack Charms.
Table 6: Options for contrail-controller Option
Default option
Description
enable-metadata-servertrueSet
enable-metadata-servertotrueto configure metadata and enable nova to run a local instance ofnova-api-metadatafor virtual machinesuse-internal-endpointsfalseSet
use-internal-endpointstotruefor OpenStack to configure services to use internal endpoints.heat-plugin-dirs/usr/lib64/heat,/usr /lib/heat/usr/lib/ python2.7/dist-packages/ vnc_api/gen/heat/ resourcesSpecify the heat plugin directories.
docker-registrySpecify the URL of the docker-registry.
docker-registry-insecurefalseSpecify if the docker-registry should be configured.
docker-userLog in to the docker registry.
docker-passwordSpecify the docker-registry password.
image-tagSpecify the docker image tag.
log-levelSYS_NOTICESpecify the log level for Contrail services.
Options:
SYS_EMERG, SYS_ALERT, SYS_CRIT, SYS_ERR, SYS_WARN, SYS_NOTICE, SYS_INFO, SYS_DEBUGhttp_proxySpecify URL.
https_proxySpecify URL.
no_proxySpecify the list of destinations that must be directly accessed.
Ironic Support with Juju
Contrail Networking Release 2011.L1 supports new charms for Ironic from OpenStack Train version 15.x.x. Ironic is an OpenStack project that manages Bare Metal Servers (BMS) as if they are virtual machines (VM)s. For more information about Contrail and BMS, see Bare Metal Server Management.
Contrail Networking Release 2011.L2 supports OpenStack Ussuri with Ironic deployed on Ubuntu version 20.04 (Focal Fossa).
The updated options are shown in the example bundle_yaml_file. Before deploying the updated yaml file, you should have Ceph installed.
If not, see Installing Ceph.
For information about deploying the bundle_yaml_file, see Deploying Contrail Charms.
Following is an example bundle_yaml_file with the additional options highlighted. ceph-radosgw and its related options are required to support the new Ironic charms.
series: bionic
applications:
barbican:
charm: cs:barbican-31
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
openstack-origin: cloud:bionic-train
region: RegionOne
use-internal-endpoints: true
vip: 10.92.76.133 192.168.2.11
worker-multiplier: 0.25
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
certificates: oam-space
cluster: oam-space
ha: oam-space
hsm: oam-space
identity-service: oam-space
internal: oam-space
public: public-space
secrets: oam-space
shared-db: oam-space
barbican-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
barbican-vault:
charm: cs:barbican-vault-12
bindings:
"": oam-space
certificates: oam-space
juju-info: oam-space
secrets: oam-space
secrets-storage: oam-space
ceph-mon:
charm: cs:ceph-mon-51
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
constraints: spaces=oam-space
bindings:
"": alpha
admin: alpha
bootstrap-source: alpha
client: alpha
cluster: oam-space
mds: alpha
mon: alpha
nrpe-external-master: alpha
osd: alpha
prometheus: alpha
public: oam-space
radosgw: alpha
rbd-mirror: alpha
ceph-osd:
charm: cs:ceph-osd-306
num_units: 3
to:
- "17"
- "21"
- "19"
options:
osd-devices: /dev/sdb
bindings:
"": alpha
cluster: oam-space
mon: alpha
nrpe-external-master: alpha
public: oam-space
secrets-storage: alpha
ceph-radosgw:
charm: cs:ceph-radosgw-292
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
admin-roles: admin
loglevel: 10
namespace-tenants: true
operator-roles: member
source: cloud:bionic-train/proposed
vip: 10.92.76.127 192.168.2.190
constraints: spaces=oam-space,public-space
bindings:
"": alpha
admin: alpha
certificates: alpha
cluster: alpha
gateway: alpha
ha: alpha
identity-service: alpha
internal: oam-space
master: alpha
mon: alpha
nrpe-external-master: alpha
object-store: alpha
public: public-space
slave: alpha
contrail-agent:
charm: local:bionic/contrail-agent-1
options:
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
image-tag: "2008.121"
log-level: SYS_INFO
physical-interface: bond0.4010
vhost-gateway: auto
bindings:
"": alpha
agent-cluster: alpha
contrail-controller: alpha
juju-info: alpha
nrpe-external-master: alpha
tls-certificates: alpha
vrouter-plugin: alpha
contrail-agent-csn:
charm: local:bionic/contrail-agent-3
options:
csn-mode: tsn-no-forwarding
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
image-tag: "2008.121"
physical-interface: bond0.4010
vhost-gateway: auto
bindings:
"": alpha
agent-cluster: alpha
contrail-controller: alpha
juju-info: alpha
nrpe-external-master: alpha
tls-certificates: alpha
vrouter-plugin: alpha
contrail-analytics:
charm: local:bionic/contrail-analytics-1
num_units: 4
to:
- kvm:0
- kvm:1
- kvm:2
- kvm:13
options:
control-network: 192.168.2.0/24
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
haproxy-http-mode: https
image-tag: "2008.121"
log-level: SYS_DEBUG
min-cluster-size: 3
vip: 10.92.77.18
constraints: cpu-cores=16 mem=32768 root-disk=102400 spaces=oam-space,overlay-space
bindings:
"": oam-space
analytics-cluster: oam-space
contrail-analytics: oam-space
contrail-analyticsdb: oam-space
http-services: oam-space
nrpe-external-master: oam-space
tls-certificates: oam-space
contrail-analyticsdb:
charm: local:bionic/contrail-analyticsdb-1
num_units: 4
to:
- kvm:0
- kvm:1
- kvm:2
- kvm:13
options:
cassandra-jvm-extra-opts: -Xms16g -Xmx24g
cassandra-minimum-diskgb: "4"
control-network: 192.168.2.0/24
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
image-tag: "2008.121"
log-level: SYS_DEBUG
min-cluster-size: 3
constraints: cpu-cores=16 mem=65536 root-disk=512000 spaces=oam-space,overlay-space
bindings:
"": oam-space
analyticsdb-cluster: oam-space
contrail-analyticsdb: oam-space
nrpe-external-master: oam-space
tls-certificates: oam-space
contrail-command:
charm: local:bionic/contrail-command-0
num_units: 1
to:
- "9"
options:
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-registry-insecure: true
docker-user: JNPR-FieldUser367
image-tag: "2008.121"
constraints: tags=command
bindings:
"": alpha
contrail-controller: alpha
contrail-controller:
charm: local:bionic/contrail-controller-1
num_units: 4
to:
- kvm:0
- kvm:2
- kvm:1
- kvm:13
options:
auth-mode: rbac
cassandra-jvm-extra-opts: -Xms16g -Xmx24g
cassandra-minimum-diskgb: "4"
control-network: 192.168.2.0/24
data-network: 172.30.0.0/16
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
haproxy-http-mode: https
haproxy-https-mode: http
image-tag: "2008.121"
local-rabbitmq-hostname-resolution: true
log-level: SYS_DEBUG
min-cluster-size: 3
vip: 10.92.77.18
constraints: cpu-cores=16 mem=65536 root-disk=102400 spaces=oam-space,overlay-space,public-space
bindings:
"": oam-space
contrail-analytics: oam-space
contrail-analyticsdb: oam-space
contrail-auth: oam-space
contrail-controller: oam-space
contrail-issu: oam-space
controller-cluster: oam-space
http-services: oam-space
https-services: oam-space
nrpe-external-master: oam-space
tls-certificates: oam-space
contrail-haproxy:
charm: cs:haproxy-55
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
default_timeouts: queue 60000, connect 5000, client 120000, server 120000
enable_monitoring: true
peering_mode: active-active
services: ""
source: backports
ssl_cert: SELFSIGNED
sysctl: '{fs.file-max: 10240}'
bindings:
"": oam-space
local-monitors: oam-space
munin: oam-space
nrpe-external-master: oam-space
peer: oam-space
public: public-space
reverseproxy: oam-space
statistics: oam-space
website: public-space
contrail-keepalived:
charm: cs:~containers/keepalived-28
options:
network_interface: eth0
port: 8143
virtual_ip: 10.92.77.18
bindings:
"": alpha
juju-info: alpha
lb-sink: alpha
loadbalancer: alpha
website: alpha
contrail-keystone-auth:
charm: local:bionic/contrail-keystone-auth-1
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
constraints: spaces=oam-space,overlay-space
bindings:
"": oam-space
contrail-auth: oam-space
identity-admin: oam-space
nrpe-external-master: oam-space
contrail-openstack:
charm: local:bionic/contrail-openstack-3
options:
docker-password: <docker password>
docker-registry: hub.juniper.net/contrail
docker-user: JNPR-FieldUser367
image-tag: "2008.121"
use-internal-endpoints: true
bindings:
"": alpha
cluster: alpha
contrail-controller: alpha
heat-plugin: alpha
juju-info: alpha
neutron-api: alpha
nova-compute: alpha
dashboard-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
easyrsa:
charm: cs:~containers/easyrsa-303
num_units: 1
to:
- lxd:0
bindings:
"": oam-space
client: oam-space
etcd:
charm: cs:etcd-521
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
channel: 3.1/stable
bindings:
"": oam-space
certificates: oam-space
cluster: oam-space
db: oam-space
nrpe-external-master: oam-space
proxy: oam-space
external-policy-routing:
charm: cs:~canonical-bootstack/policy-routing-3
options:
cidr: 10.92.76.0/23
gateway: 10.92.77.254
bindings:
"": alpha
juju-info: alpha
glance:
charm: cs:~openstack-charmers-next/glance-442
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
openstack-origin: cloud:bionic-train
region: RegionOne
restrict-ceph-pools: false
use-internal-endpoints: true
vip: 10.92.77.12 192.168.2.12
worker-multiplier: 0.25
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
ceph: oam-space
certificates: oam-space
cinder-volume-service: oam-space
cluster: oam-space
ha: oam-space
identity-service: oam-space
image-service: oam-space
internal: oam-space
nrpe-external-master: oam-space
object-store: oam-space
public: public-space
shared-db: oam-space
storage-backend: oam-space
glance-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
glance-simplestreams-sync:
charm: cs:glance-simplestreams-sync-33
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
source: ppa:simplestreams-dev/trunk
use_swift: false
bindings:
"": oam-space
amqp: oam-space
certificates: oam-space
identity-service: oam-space
image-modifier: oam-space
nrpe-external-master: oam-space
simplestreams-image-service: oam-space
heat:
charm: cs:heat-271
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
openstack-origin: cloud:bionic-train
region: RegionOne
use-internal-endpoints: true
vip: 10.92.77.13 192.168.2.13
worker-multiplier: 0.25
constraints: cpu-cores=6 mem=32768 root-disk=65536 spaces=oam-space,public-space,overlay-space
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
certificates: oam-space
cluster: oam-space
ha: oam-space
heat-plugin-subordinate: overlay-space
identity-service: oam-space
internal: oam-space
public: public-space
shared-db: oam-space
heat-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
ironic-api:
charm: cs:~openstack-charmers-next/ironic-api-8
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
openstack-origin: cloud:bionic-train/proposed
vip: 10.92.76.130 192.168.2.189
constraints: spaces=oam-space,public-space
bindings:
"": alpha
admin: alpha
amqp: alpha
certificates: alpha
cluster: alpha
ha: alpha
identity-service: alpha
internal: alpha
ironic-api: alpha
public: alpha
shared-db: oam-space
ironic-api-hacluster:
charm: cs:hacluster-72
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
ironic-conductor:
charm: cs:~openstack-charmers-next/ironic-conductor-5
num_units: 1
to:
- "14"
options:
cleaning-network: ironic
default-deploy-interface: direct
default-network-interface: neutron
disable-secure-erase: true
enabled-deploy-interfaces: direct
enabled-network-interfaces: noop,flat,neutron
max-tftp-block-size: 1418
openstack-origin: cloud:bionic-train/proposed
provisioning-network: ironic
use-ipxe: false
bindings:
"": alpha
amqp: alpha
certificates: alpha
cleaning: alpha
deployment: alpha
identity-credentials: alpha
internal: alpha
ironic-api: alpha
shared-db: alpha
keystone:
charm: cs:keystone-309
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
admin-password: c0ntrail123
admin-role: admin
openstack-origin: cloud:bionic-train
preferred-api-version: 3
region: RegionOne
token-provider: fernet
vip: 10.92.77.14 192.168.2.14
worker-multiplier: 0.25
bindings:
"": oam-space
admin: oam-space
certificates: oam-space
cluster: oam-space
domain-backend: oam-space
ha: oam-space
identity-admin: oam-space
identity-credentials: oam-space
identity-notifications: oam-space
identity-service: oam-space
internal: oam-space
keystone-fid-service-provider: oam-space
keystone-middleware: oam-space
nrpe-external-master: oam-space
public: public-space
shared-db: oam-space
websso-trusted-dashboard: oam-space
keystone-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
memcached:
charm: cs:memcached-26
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
allow-ufw-ip6-softfail: true
constraints: spaces=oam-space
bindings:
"": oam-space
cache: oam-space
cluster: oam-space
local-monitors: oam-space
monitors: oam-space
munin: oam-space
nrpe-external-master: oam-space
mysql:
charm: cs:percona-cluster-281
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
enable-binlogs: true
innodb-buffer-pool-size: 512M
max-connections: 2000
min-cluster-size: 3
performance-schema: true
source: cloud:bionic-train
tuning-level: safest
vip: 192.168.2.17
wait-timeout: 3600
wsrep-slave-threads: 48
bindings:
"": oam-space
access: oam-space
cluster: oam-space
db: oam-space
db-admin: oam-space
ha: oam-space
master: oam-space
nrpe-external-master: oam-space
shared-db: oam-space
slave: oam-space
mysql-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
ncc-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
neutron-api:
charm: cs:neutron-api-281
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
default-tenant-network-type: vlan
dhcp-agents-per-network: 2
enable-l3ha: true
enable-ml2-port-security: true
global-physnet-mtu: 9000
l2-population: true
manage-neutron-plugin-legacy-mode: false
neutron-security-groups: true
openstack-origin: cloud:bionic-train
overlay-network-type: ""
region: RegionOne
use-internal-endpoints: true
vip: 10.92.77.15 192.168.2.15
worker-multiplier: 0.25
constraints: cpu-cores=8 mem=32768 root-disk=262144 spaces=oam-space,public-space,overlay-space
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
certificates: oam-space
cluster: oam-space
etcd-proxy: oam-space
external-dns: oam-space
ha: oam-space
identity-service: oam-space
infoblox-neutron: oam-space
internal: oam-space
midonet: oam-space
neutron-api: oam-space
neutron-load-balancer: oam-space
neutron-plugin-api: oam-space
neutron-plugin-api-subordinate: overlay-space
nrpe-external-master: oam-space
public: public-space
shared-db: oam-space
vsd-rest-api: oam-space
neutron-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
nova-cloud-controller:
charm: cs:nova-cloud-controller-339
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
console-access-protocol: novnc
console-proxy-ip: local
cpu-allocation-ratio: 4
network-manager: Neutron
openstack-origin: cloud:bionic-train
ram-allocation-ratio: 0.999999
region: RegionOne
use-internal-endpoints: true
vip: 10.92.77.16 192.168.2.16
worker-multiplier: 0.25
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
amqp-cell: oam-space
certificates: oam-space
cinder-volume-service: oam-space
cloud-compute: oam-space
cloud-controller: oam-space
cluster: oam-space
ha: oam-space
identity-service: oam-space
image-service: oam-space
internal: oam-space
memcache: oam-space
neutron-api: oam-space
nova-cell-api: oam-space
nova-vmware: oam-space
nrpe-external-master: oam-space
placement: oam-space
public: public-space
quantum-network-service: oam-space
shared-db: oam-space
shared-db-cell: oam-space
nova-compute:
charm: cs:nova-compute-309
num_units: 5
to:
- "3"
- "4"
- "5"
- "6"
- "15"
options:
openstack-origin: cloud:bionic-train
os-internal-network: 192.168.2.0/24
bindings:
"": alpha
amqp: alpha
ceph: alpha
ceph-access: alpha
cloud-compute: alpha
cloud-credentials: alpha
compute-peer: alpha
ephemeral-backend: alpha
image-service: alpha
internal: alpha
lxd: alpha
neutron-plugin: alpha
nova-ceilometer: alpha
nrpe-external-master: alpha
secrets-storage: alpha
nova-ironic:
charm: cs:~openstack-charmers-next/nova-compute-524
num_units: 1
to:
- "22"
options:
enable-live-migration: false
enable-resize: false
openstack-origin: cloud:bionic-train/proposed
virt-type: ironic
bindings:
"": alpha
amqp: alpha
ceph: alpha
ceph-access: alpha
cloud-compute: alpha
cloud-credentials: alpha
compute-peer: alpha
ephemeral-backend: alpha
image-service: alpha
internal: alpha
ironic-api: alpha
lxd: alpha
migration: alpha
neutron-plugin: alpha
nova-ceilometer: alpha
nrpe-external-master: alpha
secrets-storage: alpha
ntp:
charm: cs:ntp-36
options:
source: ntp.juniper.net
bindings:
"": alpha
juju-info: alpha
master: alpha
nrpe-external-master: alpha
ntp-peers: alpha
ntpmaster: alpha
octavia:
charm: cs:~apavlov-e/octavia-3
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
amp-ssh-key-name: octavia
amp-ssh-pub-key: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDa0N0SzJCWk01TC90VGdoM3J3L2FpR2ZEQzlzOEI4alFiS2VzQzJqTHRWcFNYbGlFellqQTNGNjEyalpwdERjOXdhOEF3eStxbEl0L1Frak5TVjhPMVpvNXZlc2RMREhvQjJrMzV5ZEFvMXhQRkFmV3lsSjh6VnJrd0U5aU1tWEVYZTd1VjdDdkgyZmdmSnlGeXJKaFR2ZjBWdTZGK1M5RHl1MnkxMUdXWEsrSDAyR3ZneHVzamZ3QlhoZ3IxNU1kZCt4RkJsbkpYRGtkQjVYVit4azZhYkJsRVJUc0N6c09EdXVOQTg4aVhqeHkvZzJpb2NtNWhtcVhUeDRMT2gzam9NbEFHUW5RQ2FXdFNSenpWM3dKT3JLeW5zU1pObVRmUnluRDdaaGl1WlZLNUZURWhQaXZUaVAwaHdLeTRMZGZUM0NsSkJSWmdMVVJZYUtSYlFwYkQgdWJ1bnR1QGp1bXBob3N0Cg==
create-mgmt-network: false
lb-mgmt-controller-cacert: |-
<certificate>
lb-mgmt-controller-cert: |-
<certificate>
lb-mgmt-issuing-ca-key-passphrase: <passphrase>
lb-mgmt-issuing-ca-private-key: |-
<private key>
lb-mgmt-issuing-cacert: |-
<certificate>
loadbalancer-topology: ACTIVE_STANDBY
openstack-origin: cloud:bionic-train
region: RegionOne
use-internal-endpoints: true
vip: 10.92.76.135 192.168.2.18
worker-multiplier: 0.25
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
certificates: oam-space
cluster: oam-space
ha: oam-space
identity-service: oam-space
internal: oam-space
neutron-api: oam-space
neutron-openvswitch: oam-space
ovsdb-cms: oam-space
ovsdb-subordinate: oam-space
public: public-space
shared-db: oam-space
octavia-dashboard:
charm: cs:octavia-dashboard-17
bindings:
"": alpha
certificates: alpha
dashboard: alpha
octavia-diskimage-retrofit:
charm: cs:octavia-diskimage-retrofit-12
options:
amp-image-tag: octavia-amphora
retrofit-uca-pocket: train
bindings:
"": oam-space
certificates: oam-space
identity-credentials: oam-space
juju-info: oam-space
octavia-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
openstack-dashboard:
charm: cs:openstack-dashboard-295
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
cinder-backup: false
endpoint-type: publicURL
neutron-network-firewall: false
neutron-network-l3ha: true
neutron-network-lb: true
openstack-origin: cloud:bionic-train
password-retrieve: true
secret: encryptcookieswithme
vip: 10.92.77.11
webroot: /
constraints: spaces=oam-space
bindings:
"": public-space
certificates: public-space
cluster: public-space
dashboard-plugin: public-space
ha: public-space
identity-service: public-space
nrpe-external-master: public-space
public: public-space
shared-db: oam-space
website: public-space
websso-fid-service-provider: public-space
websso-trusted-dashboard: public-space
placement:
charm: cs:placement-11
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
openstack-origin: cloud:bionic-train
region: RegionOne
use-internal-endpoints: true
vip: 10.92.77.19 192.168.2.19
bindings:
"": oam-space
admin: oam-space
amqp: oam-space
certificates: oam-space
cluster: oam-space
ha: oam-space
identity-service: oam-space
internal: oam-space
placement: oam-space
public: public-space
shared-db: oam-space
placement-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
rabbitmq-server:
charm: cs:rabbitmq-server-97
num_units: 4
to:
- lxd:0
- lxd:1
- lxd:2
- lxd:13
options:
min-cluster-size: 3
source: cloud:bionic-train
bindings:
"": oam-space
amqp: oam-space
ceph: oam-space
certificates: oam-space
cluster: oam-space
ha: oam-space
nrpe-external-master: oam-space
radosgw-hacluster:
charm: cs:hacluster-72
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
ubuntu:
charm: cs:ubuntu-15
num_units: 4
to:
- "0"
- "1"
- "2"
- "13"
bindings:
"": alpha
vault:
charm: cs:vault-39
num_units: 3
to:
- lxd:0
- lxd:1
- lxd:2
options:
vip: 192.168.2.20
bindings:
"": oam-space
access: oam-space
certificates: oam-space
cluster: oam-space
db: oam-space
etcd: oam-space
external: oam-space
ha: oam-space
nrpe-external-master: oam-space
secrets: oam-space
shared-db: oam-space
vault-hacluster:
charm: cs:hacluster-62
options:
cluster_count: 3
bindings:
"": alpha
ha: alpha
hanode: alpha
juju-info: alpha
nrpe-external-master: alpha
pacemaker-remote: alpha
peer-availability: alpha
machines:
"0":
constraints: tags=controller1
"1":
constraints: tags=controller2
"2":
constraints: tags=controller3
"3":
constraints: tags=compute1
"4":
constraints: tags=compute2
"5":
constraints: tags=compute3
"6":
constraints: tags=compute4
"9":
constraints: tags=command
"13":
constraints: tags=controller4
"14":
constraints: tags=controller5
"15":
constraints: tags=compute5
"17":
constraints: tags=CEPH
"19":
constraints: tags=CEPH
"21":
constraints: tags=CEPH
"22":
constraints: tags=CSN
relations:
- - ubuntu:juju-info
- ntp:juju-info
- - mysql:ha
- mysql-hacluster:ha
- - keystone:shared-db
- mysql:shared-db
- - keystone:ha
- keystone-hacluster:ha
- - glance:shared-db
- mysql:shared-db
- - glance:identity-service
- keystone:identity-service
- - nova-cloud-controller:shared-db
- mysql:shared-db
- - nova-cloud-controller:identity-service
- keystone:identity-service
- - nova-cloud-controller:image-service
- glance:image-service
- - nova-cloud-controller:ha
- ncc-hacluster:ha
- - neutron-api:shared-db
- mysql:shared-db
- - neutron-api:neutron-api
- nova-cloud-controller:neutron-api
- - neutron-api:identity-service
- keystone:identity-service
- - neutron-api:ha
- neutron-hacluster:ha
- - nova-compute:image-service
- glance:image-service
- - nova-compute:cloud-compute
- nova-cloud-controller:cloud-compute
- - nova-compute:juju-info
- ntp:juju-info
- - openstack-dashboard:identity-service
- keystone:identity-service
- - openstack-dashboard:ha
- dashboard-hacluster:ha
- - heat:shared-db
- mysql:shared-db
- - heat:identity-service
- keystone:identity-service
- - heat:ha
- heat-hacluster:ha
- - placement:shared-db
- mysql:shared-db
- - placement:identity-service
- keystone:identity-service
- - placement:placement
- nova-cloud-controller:placement
- - contrail-controller:contrail-controller
- contrail-agent:contrail-controller
- - contrail-agent:juju-info
- nova-compute:juju-info
- - contrail-analytics:contrail-analyticsdb
- contrail-analyticsdb:contrail-analyticsdb
- - contrail-analytics:contrail-analytics
- contrail-controller:contrail-analytics
- - contrail-analytics:http-services
- contrail-haproxy:reverseproxy
- - contrail-analyticsdb:contrail-analyticsdb
- contrail-controller:contrail-analyticsdb
- - contrail-controller:contrail-auth
- contrail-keystone-auth:contrail-auth
- - contrail-controller:http-services
- contrail-haproxy:reverseproxy
- - contrail-controller:https-services
- contrail-haproxy:reverseproxy
- - contrail-keystone-auth:identity-admin
- keystone:identity-admin
- - contrail-openstack:nova-compute
- nova-compute:neutron-plugin
- - contrail-openstack:neutron-api
- neutron-api:neutron-plugin-api-subordinate
- - contrail-openstack:heat-plugin
- heat:heat-plugin-subordinate
- - contrail-openstack:contrail-controller
- contrail-controller:contrail-controller
- - contrail-haproxy:juju-info
- contrail-keepalived:juju-info
- - nova-cloud-controller:memcache
- memcached:cache
- - external-policy-routing:juju-info
- openstack-dashboard:juju-info
- - external-policy-routing:juju-info
- glance:juju-info
- - external-policy-routing:juju-info
- heat:juju-info
- - external-policy-routing:juju-info
- keystone:juju-info
- - external-policy-routing:juju-info
- neutron-api:juju-info
- - external-policy-routing:juju-info
- nova-cloud-controller:juju-info
- - external-policy-routing:juju-info
- contrail-haproxy:juju-info
- - ntp:juju-info
- contrail-controller:juju-info
- - ntp:juju-info
- contrail-analytics:juju-info
- - ntp:juju-info
- contrail-analyticsdb:juju-info
- - ntp:juju-info
- neutron-api:juju-info
- - ntp:juju-info
- heat:juju-info
- - contrail-command:contrail-controller
- contrail-controller:contrail-controller
- - glance:ha
- glance-hacluster:ha
- - placement:ha
- placement-hacluster:ha
- - mysql:shared-db
- octavia:shared-db
- - mysql:shared-db
- barbican:shared-db
- - mysql:shared-db
- vault:shared-db
- - keystone:identity-service
- octavia:identity-service
- - keystone:identity-service
- barbican:identity-service
- - neutron-api:neutron-load-balancer
- octavia:neutron-api
- - openstack-dashboard:dashboard-plugin
- octavia-dashboard:dashboard
- - barbican-vault:secrets
- barbican:secrets
- - vault:secrets
- barbican-vault:secrets-storage
- - glance-simplestreams-sync:juju-info
- octavia-diskimage-retrofit:juju-info
- - keystone:identity-service
- glance-simplestreams-sync:identity-service
- - keystone:identity-credentials
- octavia-diskimage-retrofit:identity-credentials
- - contrail-openstack:nova-compute
- octavia:neutron-openvswitch
- - vault:ha
- vault-hacluster:ha
- - etcd:certificates
- easyrsa:client
- - etcd:db
- vault:etcd
- - barbican:ha
- barbican-hacluster:ha
- - octavia:ha
- octavia-hacluster:ha
- - rabbitmq-server:amqp
- barbican:amqp
- - rabbitmq-server:amqp
- glance-simplestreams-sync:amqp
- - rabbitmq-server:amqp
- heat:amqp
- - rabbitmq-server:amqp
- neutron-api:amqp
- - rabbitmq-server:amqp
- nova-cloud-controller:amqp
- - rabbitmq-server:amqp
- nova-compute:amqp
- - rabbitmq-server:amqp
- octavia:amqp
- - ceph-mon:osd
- ceph-osd:mon
- - ceph-radosgw:juju-info
- external-policy-routing:juju-info
- - ceph-radosgw:ha
- radosgw-hacluster:ha
- - ceph-radosgw:mon
- ceph-mon:radosgw
- - ceph-radosgw:identity-service
- keystone:identity-service
- - vault:certificates
- ceph-radosgw:certificates
- - ceph-radosgw:object-store
- glance:object-store
- - ceph-mon:client
- glance:ceph
- - ironic-conductor:amqp
- rabbitmq-server:amqp
- - ironic-conductor:identity-credentials
- keystone:identity-credentials
- - ironic-conductor:shared-db
- mysql:shared-db
- - vault:certificates
- ironic-conductor:certificates
- - nova-ironic:amqp
- rabbitmq-server:amqp
- - nova-ironic:image-service
- glance:image-service
- - nova-ironic:cloud-credentials
- keystone:identity-credentials
- - nova-ironic:cloud-compute
- nova-cloud-controller:cloud-compute
- - ceph-mon:client
- nova-ironic:ceph
- - nova-ironic:juju-info
- ntp:juju-info
- - contrail-agent-csn:juju-info
- nova-ironic:juju-info
- - contrail-agent-csn:contrail-controller
- contrail-controller:contrail-controller
- - ironic-api:ha
- ironic-api-hacluster:ha
- - ironic-conductor:ironic-api
- ironic-api:ironic-api
- - ironic-api:amqp
- rabbitmq-server:amqp
- - ironic-api:identity-service
- keystone:identity-service
- - ironic-api:shared-db
- mysql:shared-db
- - vault:certificates
- ironic-api:certificates
- - nova-ironic:ironic-api
- ironic-api:ironic-api
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.