Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


On-Premise and Azure Multicloud Deployment

This topic describes the steps involved in deploying an on premise setup and extending it to Microsoft Azure cloud in two different availability zones. This topic also displays examples of the files involved in configuring the setup.

Installing On-Premise Contrail

Before you begin

You must configure VLANs referringthe irb interface units so that nodes are reachable to each other. Also, you must set static routes to the public cloud private network (here 17x.xx.1.0/24 and 17x.xx.3.0/24) on the switch to go through the gateway node ( Also, routes for the 17x.xx.0.0 network must be set on the controllers and computes to go out through the interface connected to the switch to the irb interface IP.

In real-time deployment scenarios, the controller nodes, compute nodes, and the gateway nodes are in different subnets in a data center. This example on-premise setup topology consists of one controller node, two compute nodes, and one multicloud gateway node.


The following steps describe how to bring up on-premise Contrail setup using contrail-ansible-deployer.

  1. Ensure that the source files are available and that the ubuntu-16.04.3 installation is operational.
  2. Run an update after changing the sources files.

    >> apt-get update

  3. Install the dependent packages needed for the contrail-ansible-deployer to bring up the on-premise setup.

    >> apt-get install git ansible vim screen net-tools python-pip

  4. To download the Ansible Deployer package file, follow these steps:
    1. Select Contrail version from the Version list in the Juniper Networks Software Downloads page.

    2. In the Application Tools section, click the Ansible Deployer tgz file.

      You are now redirected to the Software Download page.

    3. Log in to the download page.

      A End User License Agreement is displayed. Select I Agree and click on Proceed.

    4. Download the file on your localhost or on your device.

    5. Follow the Usage Instructions on the download page to install the file.

  5. Create the instances.yaml file for Contrail deployment with OpenStack as orchestrator for on-premise deployments. Create instances.yaml under the contrail-ansible-deployer/config/ directory as shown in the example below:
  6. Navigate to the contrail-ansible-deployer directory to run the required Ansible playbooks for OpenStack and Contrail installation.

    >> cd contrail-ansible-deployer/

  7. Set up basic packages and check out Kolla Ansible for OpenStack installation.

    >> ansible-playbook -i inventory/ -e orchestrator=openstack playbooks/configure_instances.yml

  8. Provision Openstack.

    >> ansible-playbook -i inventory/ playbooks/install_openstack.yml

  9. Provision Contrail.

    >> ansible-playbook -i inventory/ -e orchestrator=openstack playbooks/install_contrail.yml

Extending On-Premise Contrail To Microsoft Azure

Before you begin

You need a deployer node from where to orchestrate the bringing up of the cloud setup on Azure and on-premise gateways. Ensure that you have Git access from the deployer node and also that you have Docker containers on the node.

The Azure cloud setup described in this example consists of two availability zones. Each availability zone has two multicloud gateway nodes in HA and two compute nodes. To bring up the Azure setup you need an Azure account with login credentials.


The following steps describe how to bring up of the cloud setup on Azure and on-premise gateways using contrail-multi-cloud deployer.

  1. Use one of the following methods to download the deployer package.
    • Untar the deployer package.

      >> tar -xzvf contrail-multicloud-deployer-5.0.2-0.XXX.tgz

    • Git clone the contrail-multi-cloud.git repository.

      >> git clone -b R5.0

  2. Navigate to the deployer directory.

    >> cd contrail-multi-cloud/

  3. Start the ssh agent if it is not already running.

    >> ssh-add -l

    The agent has no identities.

  4. Edit the topology.yml topology file under the contrail-multi-cloud/ directory.
  5. Edit the following common.yml Ansible files.
    • contrail common yaml file

    • gateway common yaml file

  6. Log in to the Docker repository to check out the contrail-multi-cloud deployer container.

    >> docker login -u XXX -p xxx

  7. Start the deployer container and mount the deployer files to the container.

    >> ./ -r -t 5.0.2-0.349 -v $PWD:/root/multicloud -k

  8. Check if the generated key file is added to the ssh agent. If the key file has not been added, add it manually.

    >> ssh-add -l

    >> ssh-add keys/<keyfile>

  9. Log in to the container with default multicloud password.

    >> ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no -A root@ -p 2222

  10. Ensure that the ssh agent is running and contains the correct key file. Else, start the agent and add the keyfile.

    >> ssh-add -l

  11. Check if the ssh-keys are added to all the on-premise nodes for Ansible playbooks to succeed.

    >> sshpass -p \"c0ntrail123\" ssh-copy-id -o StrictHostKeyChecking=no -i /root/multicloud/keys/ root@<OnPrem nodes mgmt IP>

  12. (Optional) If step 11 fails, use the following command to add keys to all four on-premise nodes.

    >> ssh-copy-id root@<OnPrem nodes mgmt IP>

  13. Register your device and log in to Azure.

    Using the az login command displays a secure link to the Azure portal and a code for device authentication.

    Upon successful sign-in, your device and session is authenticated and you are logged into Azure.

  14. Navigate to the one-click-deployer directory in the container and use the deploy script to bring up the setup on Azure.

    >> cd multicloud/one-click-deployer/

    >> ./

You can now log in to the Azure portal and view your resources. You can also use the following ssh key file and log in to the Azure VMs from the on-premise machines or to the public IP addresses on Azure from any server.

  • ssh -i contrail-multicloud-key-11513 ubuntu@17x.xx.1.5

  • ssh -i contrail-multicloud-key-11513 ubuntu@<public-ip-of-Azure-GW-VM>