Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Setting Up the Overcloud for RHOSP 17.1

Use this procedure to set up the overcloud for a Contrail Networking deployment on RHOSP 17.1.

Download Heat Templates

  1. SSH into the undercloud as the stack user.
  2. Source the stackrc undercloud credential file.
  3. Put all the heat templates into a new ~/tripleo-heat-templates directory.
    1. Copy the Red Hat TripleO heat templates to the ~/tripleo-heat-templates directory.
    2. Download the Contrail Networking RHEL 9 + RHOSP17 OOO Heat Templates release 21.4.L4.1 from the Juniper Networks software download site and copy them to the same ~/tripleo-heat-templates directory.

Upload Container Images to the Undercloud Registry

Use this example procedure on the undercloud to upload overcloud container images to the undercloud registry.

  1. SSH into the undercloud as the stack user.
  2. Source the stackrc undercloud credential file.
  3. Create a ~/tripleo-heat-templates/environments/contrail/rhsm.yaml file with your Red Hat credentials.
    Here is an example of the one we're using.
  4. Pull container images from remote registries and push them to the undercloud registry.
    OpenStack container images are available from the Red Hat registry and Contrail container images are available from the Juniper Networks registry.
    1. Pull the Red Hat OpenStack container images from registry.redhat.io and push them to the undercloud registry.

      1. Create the OpenStack container file.

        This produces the ~/tripleo-heat-templates/environments/contrail/overcloud-containers.yaml file.

      2. Pull the container images and push them to the undercloud registry.

    2. Pull the Contrail container images from enterprise-hub.juniper.net.

      Edit the ~/tripleo-heat-templates/tools/contrail/import_contrail_container.sh with the appropriate push destination for your deployment. Look for the push destination line and change the IP address. For example:

      Pull the Contrail containers:where <username> and <password> are your login credentials to the enterprise-hub.juniper.net registry.
    3. Push the container images to the undercloud registry.
    4. List the uploaded containers.
      The container images are served from the /var/lib/image-serve directory.

Provision Overcloud Networks

  1. SSH into the undercloud as the stack user.
  2. Source the stackrc undercloud credential file.
  3. Create the network definition file network_data.yaml that describes our networks.
    Table 1 shows the network configuration that corresponds to Figure 1 and Figure 2 in our example.
    Table 1: Network Configuration
    Network VLAN Subnet Gateway
    internal_api 710 192.168.4.0/24 192.168.4.1
    management 10.102.70.0/24 10.102.70.1
    storage 740 192.168.2.0/24 192.168.2.1
    storage_mgmt 750 192.168.3.0/24 192.168.3.1
    tenant 192.168.33.0/24 192.168.33.1
    external 720 10.204.17.0/24 10.204.17.1

    Here is the resulting network_data.yaml.

  4. Place the network definition file in ~/tripleo-heat-templates/environments/contrail/network_data.yaml and apply it.
    This produces the ~/tripleo-heat-templates/environments/contrail/overcloud-networks-deployed.yaml file.
  5. Create the network VIP definition file vip_data.yaml that describes the network VIPs in our network.

    Here is the vip_data.yaml for our example.

  6. Place the VIP definition file in ~/tripleo-heat-templates/environments/contrail/vip_data.yaml and apply it.
    This produces the ~/tripleo-heat-templates/environments/contrail/overcloud-vip-deployed.yaml file.
  7. Check the created networks and subnets.

Provision Bare Metal Overcloud Nodes

  1. SSH into the undercloud as the stack user.
  2. Source the stackrc undercloud credential file.
  3. Create the overcloud node definition file ~/nodes.json that describes the nodes in our overcloud network.

    • Three OpenStack controller nodes (controller-0, controller-1, controller-2)

    • Three Contrail controller nodes (contrail-controller-0, contrail-controller-1, contrail-controller-2)

    • One Compute node (compute-0)

    This file is specific to your deployment. See Red Hat documentation for information on how to create and populate this file.
  4. Import the nodes to the director.
    List the nodes to make sure they've been imported:
  5. Introspect the nodes.
    Introspection collects hardware information from each node.After the introspection completes, all nodes change to an available state.
  6. Create the overcloud-baremetal-deploy.yaml node definition file and set the node count for each role that you want to provision. Place the file in ~/tripleo-heat-templates/environments/contrail/overcloud-baremetal-deploy.yaml.
    Here is the node definition file for our example:
  7. Provision the overcloud nodes.
    This produces the ~/tripleo-heat-templates/environments/contrail/overcloud-baremetal-deployed.yaml file.
  8. Check that the node state is active.
  9. Find the IP address of every overcloud node.
  10. Register each overcloud node.
    1. SSH into an overcloud node from the undercloud.
      where <overcloud-node-ip> is the IP address of one of the overcloud nodes.
    2. Register the node.
      Enter your Red Hat user name and password when prompted.
    3. Set the release to RHEL 9.2.
    4. Disable all default repositories, and enable the required RHEL 9.2 repositories.
      Note: You might need to manually attach a pool before you can run this command if your license doesn't allow automatic entitlement. See Red Hat documentation.
    5. Repeat on all overcloud nodes.
  11. Install the ansible community.general collection on every overcloud node.
    1. SSH into an overcloud node from the undercloud.
      where <overcloud-node-ip> is the IP address of one of the overcloud nodes.
    2. Install the ansible community.general collection as a sudo user and a regular user.
    3. Repeat on all overcloud nodes.

Configure Contrail

We provide various configuration files in the Contrail Networking Heat Templates package for you to customize your overcloud deployment. Table 2 describes the files that you need to configure in our example.

Table 2: Configuration Files
File Description
roles_data.yaml Description of the different node roles
contrail-nic-config-Controller.j2 Description of the interfaces on the OpenStack Controllers
contrail-nic-config-ContrailController.j2 Description of the interfaces on the Contrail Controllers
contrail-nic-config-ComputeKernel.j2 Description of the interfaces on the Compute node running in kernel mode
contrail-net.yaml Description of various Contrail network settings
contrail-services.yaml Description of the Contrail services
contrail-plugins.yaml Miscellaneous settings
Note: You can find samples of the above files under comparable names in the Contrail Networking Heat Templates package that you downloaded. Our example, however, assumes that you'll be using the filenames as shown above.

Roles Configuration (roles_data.yaml)

The roles configuration file contains definitions for the various node roles. You can find sample Contrail roles files in ~/tripleo-heat-templates and in ~/tripleo-heat-templates/roles.

We define three roles in our example. Put all three roles into the roles_data.yaml file and place the file at ~/tripleo-heat-templates/environments/contrail/roles_data.yaml.

OpenStack Controller Role

In our example, we have three nodes for the OpenStack controller. Each of these nodes connects to the Management, Internal API, Management, Storage, Storage Management, and External networks, as shown below:

Contrail Controller Role

We also have three nodes for the Contrail controller. Each of these nodes connects to the Management, Internal API, External, and tenant networks, as shown below:

Compute Node Role

We have one Compute node. The compute node connects to the Management, Internal API, Storage, and tenant networks, as shown below.

Network Interface Configuration (*-nic-*.j2)

NIC configuration files describe the interfaces for each role. You can find sample NIC configuration files in ~/tripleo-heat-templates/network/config/contrail and ~/tripleo-heat-templates/network/config/contrail/examples.

Note: NIC configuration files are referred to in overcloud-baremetal-deploy.yaml. Be sure to name the configuration files properly and place them in ~/tripleo-heat-templates/environments/contrail.

We define three NICs (one for each role) in our example as shown in Table 3.

Table 3: NIC Mapping
Nodes Interfaces Networks
OpenStack Controller enp1s0 management
enp2s0 control plane

  • external

  • internal_api

  • storage_mgmt

  • storage
Contrail Controller enp1s0 management
enp2s0 control plane

  • external

  • internal_api
enp3s0 tenant
Compute enp1s0 management
enp2s0 control plane

  • internal_api

  • storage
enp3s0 tenant

OpenStack Controller NIC (contrail-nic-config-Controller.j2)

Contrail Controller NIC (contrail-nic-config-ContrailController.j2)

Compute Node NIC (contrail-nic-config-Compute.j2)

Network Parameter Configuration (contrail-net.yaml)

Customize Contrail network parameters by modifying the contrail-net.yaml file. We provide a sample at ~/tripleo-heat-templates/environments/contrail/contrail-net.yaml. Look through that file for explanations of the parameters.

Here is the contrail-net.yaml for our example.

Contrail Service with Templates (contrail-services.yaml)

Customize Contrail services for your network by modifying the contrail-services.yaml file. We provide a sample at ~/tripleo-heat-templates/environments/contrail/contrail-services.yaml. Look through that file for explanations of the parameters.

Here is the contrail-services.yaml for our example.

Note: APPLY_DEFAULTS

When Contrail is deployed for the first time, the default value of APPLY_DEFAULTS parameter in the ContrailDefaults section needs to be set to 'True'. This enables provisioning parameters present inside the template to use day0 configuration whenever a config provisioning container is restarted. Thus, the provisioning parameters are template driven and any changes to Contrail settings should be done through TripleO templates.

Contrail Networking allows you to configure some global configuration parameters like VXLAN network id mode, linklocal configuration, IBGP auto mesh configuration, enabling 4byte_AS, and changing BGP Global ASN through its web user interface. If you want to manage your cluster through web user interface, then you need to set APPLY_DEFAULTS=False in ContrailDefaults section and deploy your cluster again by running openstack overcloud deploy. This additional step is required because when you have changed Contrail global configuration parameters through web user interface, then there is a possibility for these global configuration parameters to be overwritten if any config provisioner container is restarted. In order to avoid these values to be overwritten, set APPLY_DEFAULTS as 'False' and deploy Contrail again by running openstack overcloud deploy command. As a result, the global configuration parameters remain unchanged as provisioning is not executed again.

For example, if you set APPLY_DEFAULTS=False through TripleO template, deploy your Contrail cluster, set VxLAN Identifier Mode to 'User Configured' from web user interface, and restart config provisioner container, then VxLAN Identifier Mode remains 'User Configured' after the restart of config provisioner container. On the contrary, if APPLY_DEFAULTS is set to True, then after the restart of config provisioner container, VxLAN Identifier Mode will change to its default value, which is Automatic.

For example, if you set APPLY_DEFAULTS=False through TripleO template, deploy your Contrail cluster, set VxLAN Identifier Mode to 'User Configured' from web user interface, and restart config provisioner container, then VxLAN Identifier Mode remains 'User Configured' after the restart of config provisioner container. On the contrary, if APPLY_DEFAULTS is set to True, then after the restart of config provisioner container, VxLAN Identifier Mode changes to its default value, which is Automatic.

Contrail Plugins (contrail-plugins.yaml)

The Contrail plugins file contains various settings and refers to many other files used by Contrail. It is located at ~/tripleo-heat-templates/environments/contrail/contrail-plugins.yaml.

Don't change this file or change the location of any of the files referenced.

Create the Overcloud

  1. Locate the environment files you created in the previous procedures.
  2. Deploy the overcloud.
    Double check to make sure the referenced files below are at the locations specified.
You've now installed Contrail in RHOSP 17.1 in our example deployment.

Advanced Configuration

Contrail Networking provides a rich set of capabilities that go beyond our basic example. The following sections contain additional example YAML configuration that might apply to your deployment. This additional configuration is unrelated to our example.

Before using, convert these YAML examples to Jinja2 format. See Red Hat documentation for information on how to do this.

Advanced vRouter Kernel Mode Configuration

In addition to the standard NIC configuration, the vRouter kernel mode supports VLAN, Bond, and Bond + VLAN modes. The configuration snippets below only show the relevant section of the NIC template configuration for each mode.

Table 4: Advanced Interface Types (Kernel Mode)
Interface Types Example Configuration
VLAN 
- name: enp2s0
  type: interface
  use_dhcp: false
- type: vlan
  device: enp2s0
  vlan_id: {{ tenant_vlan_id }}
  use_dhcp: false
- name: vhost0
  type: contrail_vrouter
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: vlan{{ tenant_vlan_id }}
    type: interface
    use_dhcp: false
  mtu: 1500
  use_dhcp: false
Bond 
- name: bond0
  type: linux_bond
  bonding_options: mode=4 xmit_hash_policy=layer2+3
  use_dhcp: false
  members:
  - type: interface
    name: enp2s0
  - type: interface
    name: enp3s0
- name: vhost0
  type: contrail_vrouter
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: bond0
    type: interface
    use_dhcp: false
Bond + VLAN 
- name: bond0
  type: linux_bond
  bonding_options: mode=4 xmit_hash_policy=layer2+3
  use_dhcp: false
  members:
  - type: interface
    name: enp2s0
  - type: interface
    name: enp3s0
- device: bond0
  type: vlan
  vlan_id: {{ tenant_vlan_id }}
  use_dhcp: false
- name: vhost0
  type: contrail_vrouter
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: vlan{{ tenant_vlan_id }}
    type: interface
    use_dhcp: false

Advanced vRouter DPDK Mode Configuration

In addition to the standard NIC configuration, the vRouter DPDK mode supports Standard, VLAN, Bond, and Bond + VLAN modes.

Network Environment Configuration:

Enable the number of hugepages:

See the following NIC template configurations for vRouter DPDK mode. The configuration snippets below only show the relevant section of the NIC configuration for each mode.

Table 5: Advanced Interface Types (DPDK)
Interface Types Example Configuration
Standard 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: enp2s0
    type: interface
    use_dhcp: false
VLAN 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  vlan_id: {{ tenant_vlan_id }}
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: enp2s0
    type: interface
    use_dhcp: false
Bond 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  bond_mode: 4
  bond_policy: layer2+3
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: enp2s0
    type: interface
    use_dhcp: false
  - name: enp3s0
    type: interface
    use_dhcp: false
Bond + VLAN 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  bond_mode: 4
  bond_policy: layer2+3
  vlan_id: {{ tenant_vlan_id }}
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: enp2s0
    type: interface
    use_dhcp: false
  - name: enp3s0
    type: interface
    use_dhcp: false

Advanced vRouter SRIOV + Kernel Mode Configuration

vRouter SRIOV + Kernel mode can be used in the following combinations:

  • Standard

  • VLAN

  • Bond

  • Bond + VLAN

Network environment configuration:

Enable the number of hugepages:

SRIOV PF/VF settings:

The SRIOV NICs are not configured in the NIC templates. However, vRouter NICs must still be configured. See the following NIC template configurations for vRouter kernel mode. The configuration snippets below only show the relevant section of the NIC configuration for each mode.

Table 6: Interface Types (SR-IOV + Kernel Mode)
Interface Types Example Configuration
   
VLAN 
- name: ens2f1
  type: interface
  use_dhcp: false
- type: vlan
  device: ens2f1
  vlan_id: {{ tenant_vlan_id }}
  use_dhcp: false
- name: vhost0
  type: contrail_vrouter
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: vlan{{ tenant_vlan_id }}
    type: interface
    use_dhcp: false
  mtu: 1500
  use_dhcp: false
Bond 
- name: bond0
  type: linux_bond
  bonding_options: mode=4 xmit_hash_policy=layer2+3
  use_dhcp: false
  members:
  - type: interface
    name: ens2f1
  - type: interface
    name: ens3f1
- name: vhost0
  type: contrail_vrouter
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: bond0
    type: interface
    use_dhcp: false
Bond + VLAN 
- name: bond0
  type: linux_bond
  bonding_options: mode=4 xmit_hash_policy=layer2+3
  use_dhcp: false
  members:
  - type: interface
    name: ens2f1
  - type: interface
    name: ens3f1
- device: bond0
  type: vlan
  vlan_id: {{ tenant_vlan_id }}
  use_dhcp: false
- name: vhost0
  type: contrail_vrouter
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: vlan{{ tenant_vlan_id }}
    type: interface
    use_dhcp: false

Advanced vRouter SRIOV + DPDK Mode Configuration

Use vRouter SRIOV + DPDK in the following combinations:

  • Standard

  • VLAN

  • Bond

  • Bond + VLAN

Network environment configuration:

Enable the number of hugepages

SRIOV PF/VF settings

The SRIOV NICs are not configured in the NIC templates. However, vRouter NICs must still be configured. See the following NIC template configurations for vRouter DPDK mode. The configuration snippets below only show the relevant section of the NIC configuration for each mode.

Table 7: Interface Types (SR-IOV + DPDK)
Interface Types Example Configuration
Standard 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: ens2f1
    type: interface
    use_dhcp: false
VLAN 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  vlan_id: {{ tenant_vlan_id }}
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: ens2f1
    type: interface
    use_dhcp: false
Bond 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  bond_mode: 4
  bond_policy: layer2+3
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: ens2f1
    type: interface
    use_dhcp: false
  - name: ens2f1
    type: interface
    use_dhcp: false
Bond + VLAN 
- name: vhost0
  type: contrail_vrouter_dpdk
  driver: uio_pci_generic
  cpu_list: 0x01
  mtu: 1500
  use_dhcp: false
  bond_mode: 4
  bond_policy: layer2+3
  vlan_id: {{ tenant_vlan_id }}
  addresses:
  - ip_netmask: {{ tenant_ip }}/{{ tenant_cidr }}
  members:
  - name: ens2f1
    type: interface
    use_dhcp: false
  - name: ens3f1
    type: interface
    use_dhcp: false