Configuring Contrail Command
The Contrail Command user interface (UI) is supported starting with Contrail Release 5.0.1. Contrail Command is an intuitive, wizard-based UI which provides automated work flows such as the following:
Contrail cluster deployment (Kolla-based OpenStack cluster)
Automating the data center IP fabric
Orchestrating virtual machines and bare metal servers
Requirements
The system requirements to install the Contrail Command server are:
A VM or physical server with:
8 vCPUs
64 GB RAM
300 GB disk out of which 256 GB is allocated to /root directory.
Internet access to and from the physical server, hereafter referred to as the Contrail Command server
(Recommended) x86 server with CentOS 7.5 as the base OS to install Contrail Command
Overview
Contrail Command is an intuitive, wizard-based user interface (UI) to manage private and public clouds, physical and virtual workloads and devices.
Configuration
Prerequisite
docker-py
is obsolete in Contrail Release 5.0.2.
You must remove docker-py
and docker
Python
packages from all the nodes where you want to install the Contrail
Command UI.
pip uninstall docker-py docker
Procedure
Step-by-Step Procedure
Perform the following steps to configure and install Contrail Command.
Install Docker on the Contrail Command server. These packages are necessary to automate the deployment of Contrail Command software.
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce
systemctl start docker
Download the contrail-command-deployer Docker container image to deploy contrail-command (contrail_command, contrail_mysql containers) from hub.juniper.net. Allow Docker to connect to the private secure registry.
docker login hub.juniper.net --username <container_registry_username> --password <container_registry_password>
Pull Contrail-Command-Deployer Container from the private secure registry.
docker pull hub.juniper.net/contrail/contrail-command-deployer:<container_tag>
Example, for container_tag: 5.0.1-0.214, use the following command:
docker pull hub.juniper.net/contrail/contrail-command-deployer:5.0.1-0.214
Create the input configuration command_servers.yml file.
Use the Sample command_servers.yml File to create the command_servers.yml file.
Start the Contrail_Command_Deployer container to deploy the Contrail-Command server.
docker run -t --net host -v ABSOLUTE_PATH_TO_COMMAND_SERVERS_FILE:/command_servers.yml -d --privileged --name contrail_command_deployer hub.juniper.net/contrail/contrail-command-deployer:<container_tag>
ABSOLUTE_PATH_TO_COMMAND_SERVERS_FILE
—path to the command_servers.yml file that you created in step 3.Example, for container_tag: 5.0.1-0.214, use the following command:
docker run -t --net host -v /root/command_servers.yml:/command_servers.yml -d --privileged --name contrail_command_deployer hub.juniper.net/contrail/contrail-command-deployer:5.0.1-0.214
The
contrail_command
andcontrail_mysq
Contrail Command containers are deployed.(Optional) You can also upgrade Contrail-Command UI without deleting existing database information. To update contrail_command container and not make changes to the database container, use the following command.
docker run -t --net host -e delete_db=no -v <ABSOLUTE_PATH_TO_COMMAND_SERVERS_FILE>:/command_servers.yml -d --privileged --name contrail_command_deployer hub.juniper.net/contrail/contrail-command-deployer:<container_tag>
Note:Code changes that involve schema modifications require updating the database container as well. Step 5 is recommended only if the UI application requires an update.
(Optional) Track the progress of Step 4.
docker logs -f contrail_command_deployer
Once the playbook execution completes, log in to Contrail Command using https://Contrail-Command-Server-IP-Address:9091. Use the same user name and password that was entered in 3. Default username is admin and password is contrail123.
Sample command_servers.yml File
--- command_servers: server1: ip: <IP Address> connection: ssh ssh_user: root ssh_pass: <contrail command server password> sudo_pass: <contrail command server root password> ntpserver: <NTP Server address> # Specify either container_path #container_path: /root/contrail-command-051618.tar # or registry details and container_name # registry_insecure: true # container_registry: ci-repo.englab.juniper.net:5010 registry_insecure: false container_registry: hub.juniper.net/contrail container_name: contrail-command container_tag: 5.0.2-0.349 container_registry_username: <registry username> container_registry_password: <registry password> config_dir: /etc/contrail # contrail command container configurations given here go to /etc/contrail/contrail.yml contrail_config: # Database configuration. MySQL/PostgreSQL supported database: # MySQL example type: mysql dialect: mysql host: localhost user: root password: contrail123 name: contrail_test # Postgres example #connection: "user=root dbname=contrail_test sslmode=disable" #type: postgres #dialect: postgres # Max Open Connections for DB Server max_open_conn: 100 connection_retries: 10 retry_period: 3s # Log Level log_level: debug # Server configuration server: enabled: true read_timeout: 10 write_timeout: 5 log_api: true address: ":9091" # TLS Configuration tls: enabled: true key_file: /usr/share/contrail/ssl/cs-key.pem cert_file: /usr/share/contrail/ssl/cs-cert.pem # Enable GRPC or not enable_grpc: false # Static file config # key: URL path # value: file path. (absolute path recommended in production) static_files: /: /usr/share/contrail/public # API Proxy configuration # key: URL path # value: String list of backend host #proxy: # /contrail: # - http://localhost:8082 notify_etcd: false # Keystone configuration keystone: local: true assignment: type: static data: domains: default: &default id: default name: default projects: admin: &admin id: admin name: admin domain: *default demo: &demo id: demo name: demo domain: *default users: admin: id: admin name: Admin domain: *default password: contrail123 email: admin@juniper.nets roles: - id: admin name: Admin project: *admin bob: id: bob name: Bob domain: *default password: bob_password email: bob@juniper.net roles: - id: Member name: Member project: *demo store: type: memory expire: 36000 insecure: true authurl: https://localhost:9091/keystone/v3 # disable authentication with no_auth true and comment out keystone configuraion. #no_auth: true insecure: true etcd: endpoints: - localhost:2379 username: "" password: "" path: contrail watcher: enabled: false storage: json client: id: admin password: contrail123 project_name: admin domain_id: default schema_root: / endpoint: https://localhost:9091 compilation: enabled: false # Global configuration plugin_directory: 'etc/plugins/' number_of_workers: 4 max_job_queue_len: 5 msg_queue_lock_time: 30 msg_index_string: 'MsgIndex' read_lock_string: "MsgReadLock" master_election: true # Plugin configuration plugin: handlers: create_handler: 'HandleCreate' update_handler: 'HandleUpdate' delete_handler: 'HandleDelete' agent: enabled: true backend: file watcher: polling log_level: debug # The following are optional parameters used to patch/cherrypick # revisions into the contrail-ansible-deployer sandbox. These configs # go into the /etc/contrail/contrail-cluster.tmpl file # cluster_config: # ansible_fetch_url: "https://review.opencontrail.org/Juniper/contrail-ansible-deployer refs/changes/80/40780/20" # ansible_cherry_pick_revision: FETCH_HEAD # ansible_revision: GIT_COMMIT_HASH