Contrail Node Roles, Processes, and Ports
This section describes processes that run on various Contrail nodes and the ports used by those processes.
Processes in Logical Roles and Nodes
The following are the processes in each of the logical roles or nodes in Contrail.
Node |
Processes |
|---|---|
OpenStack node |
This node runs non-Neutron OpenStack services, such as nova-api, nova-scheduler, nova-conductor, glance-api, and the like. |
Database node |
Every instance of a database node runs the following processes:
|
Config node |
Every instance of a config node runs the following processes:
|
Control node |
Every instance of a control node runs the following processes:
|
Compute node |
Every instance of a compute node runs the following processes:
|
Analytics node |
Every instance of an analytics node runs the following processes:
|
Web UI node |
Every instance of a Web UI node runs the following processes:
|
Roles and Ports
This section presents notes about processes and ports by roles and nodes.
- OpenStack Role
- Configuration Node
- Analytics Node
- Web UI Role
- Database Role
- Control Role
- vRouter Role
OpenStack Role
Nova
API
Ports
8773 - EC2 API
8774 - OpenStack API
8775 - Metadata port
nova-novncproxy
Ports
5999
Cinder
Ports
8776 - Cinder API
Glance
API
Ports
9292 Glance API
Registry
Ports
9191 - Glance API
Keystone
Ports
5000 - tenant port
35357 - administrative port
RabbitMQ
Ports
5672
MySQL
Ports
3306
Configuration Node
Neutron Server
The neutron-server process serves the Openstack Networking (Neutron) API. It connects to contrail-api server and uses that as the backend for serving neutron API. In works in Active/Active mode in multi-node deployments.
Service Name - neutron-server
Ports
9696 - public port (HAproxy front end port)
9697 - HAproxy back end port
API Server
The contrail-api process exposes a REST-based interface for Contrail API, and:
connects to Cassandra on database node(s) for persistence.
publishes to IFMAP server for consumption of config information by other nodes.
uses AMQP/rabbitmq to communicate with other API servers in multi-node deployment.
Service Name - contrail-api
Ports
8082 - public port, accessible with credentials in auth mode
8095 - debug port, accessible only on localhost in auth mode
8084 - HAproxy front end port
9100 - HAporoxy back end port
IFMAP Server
The IFMAP server process acts as a bulletin board for pubsub (publish-subscribe) purposes. The contrail-control, contrail-schema, and contrail-svc-monitor connect to IFMAP server and act upon configuration change published from the API server.
Ports
8443 - basic authentication port
Schema Transformer
The contrail-schema process listens to configuration changes done by user at higher-level constructs such as VirtualNetwork, and generates appropriate system configuration objects, lower-level construct such as RoutingInstance. The contrail-schema uses the REST interface of the API server to manipulate the system objects, and in multi-node deployments it works in Active/Backup mode.
Service Name - contrail-schema
Ports
8087 - Introspect port
Service Monitor
The contrail-service-monitor process listens to configuration changes in service-template and service-instance, and in response, spawns and monitors virtual machines for services such as firewall, analyzer, and the like, using Nova API to spawn the virtual machines. In multi-node deployments it works in Active/Backup mode. The contrail-service-monitor process also syncs the Keystone tenants to Contrail, and the tenants appear in http://<controller-ip>:8082/projects.
Service Name - contrail-svc-monitor
Ports
8088 - Introspect port
vCenter Plugin
The contrail-vcenter-plugin process integrates the Contrail controller with VMware vCenter as the orchestrator.
Service Name - contrail-vcenter-plugin
Ports
8234 - HTTP Introspect port
Analytics Node
Analytics REST API Server
Service name - contrail-analytics-api
Ports
8081 - public port
Collector
Service name - contrail-collector
Ports
8086 - public port
Query Engine
Service name - contrail-query-engine
Contrail SNMP Collector
Service name - contrail-snmp-collector
Contrail Topology
Service name - contrail-topology
Redis Server
Service name - redis
Web UI Role
webui
Service name - contrail-webui
Ports
8080 - http port redirects to https
8143 - https port
webui middleware
Service name - contrail-webui-middleware
Redis Server
Service name - redis
Database Role
Cassandra
Service name - contrail-database
Ports
9160 - thrift port
9042 - Cassandra Query Language (CQL) native port
Zookeeper
Service name - zookeeper
Ports
2181 - listen port
Control Role
control-node
Service name - contrail-control
Ports
8083 - Introspect
5269 - XMPP port
5222 - TLS-based XMPP port
Service name - contrail-dns
Ports
8092 - Introspect for DNS
8093 - XMPP for DNS
vRouter Role
vRouter Agent
Service name - contrail-vrouter
Ports
8085
9090 - port for communication between vRouter agent and nova-compute
Contrail ToR Agent
The contrail-tor-agent process runs the OVSDB protocol between a ToR and Contrail. Each contrail-tor-agent manages a single ToR, and multiple contrail-tor-agents can run on a single node. Each contrail-tor-agent service name is suffixed by a unique instance-id.
By default, the introspect service for the contrail-tor-agent is run on port 9009 + instance-id. The default port can be overridden in the fab file.
Service name - contrail-tor-agent
Ports
9009 + <instance id>