Understanding contrail-ansible-deployer used in Contrail Command
This topic provides an overview of contrail-ansible-deployer
used by Contrail
Command tool. It is used for installing Contrail Networking
with microservices architecture.
To understand Contrail microservices, refer to Understanding Contrail Microservices Architecture. For step by step procedure on how to install Contrail using Contrail Command deployer, refer to Installing a Contrail Cluster using Contrail Command and instances.yml.
What is the contrail-ansible-deployer?
The contrail-ansible-deployer
is
a set of Ansible playbooks designed to deploy Contrail Networking
with microservices architecture.
The contrail-ansible-deployer
contains three playbooks:
provision_instances.yml
This playbook provisions the operating system instances for hosting the containers. It supports the following infrastructure providers:
kvm.
gce.
aws.
configure_instances.yml
This playbook configures the provisioned instances. The playbook installs software and configures the operating system to meet the required prerequisite standards. This is applicable to all providers.
install_contrail.yml
This playbook pulls, configures, and starts the Contrail containers.
Preparing to Install with Contrail Command
This section helps you prepare your system before installing
Contrail Networking using contrail-command-deployer
.
Prerequisites
Make sure your system meets the following requirements before
running contrail-command-deployer
.
Confirm that you are running compatible versions of CentOS, Ansible, Docker, and any other software component for your system in your environment. See Contrail Networking Supported Platforms List.
Name resolution is operational for long and short host names of the cluster nodes, through either DNS or the host file.
For high availability (HA), confirm that the time is in sync between the cluster nodes.
The time must be synchronized between the cluster nodes using Network Time Protocol (ntp).
Supported Providers
The playbooks support installing Contrail Networking on the following providers:
bms—bare metal server.
kvm—kernel-based virtual machine (KVM)-hosted virtual machines.
gce—Google compute engine (GCE)-hosted virtual machines.
aws—Amazon Web Services (AWS)-hosted virtual machines.
Configure the instances.yaml File for Your Environment
The configuration for all three playbooks is contained in a single file,
config/instances.yaml
.
The configuration has multiple main sections, including:
The main sections of the instances.yaml
file are described in this
section. Using the sections that are appropriate for your system, configure each with
parameters specific to your environment.
- Provider Configuration
- Global Services Configuration
- Contrail Services Configuration
- Kolla Services Configuration
Provider Configuration
The section provider_config
configures provider-specific settings.
KVM Provider Example
Use this example if you are in a kernel-based virtual machine (kvm) hosted environment.
Passwords are provided in this output for illustrative purposes only. We suggest using unique passwords in accordance with your organization’s security guidelines in your environment.
provider_config: # the provider section contains all provider relevant configuration kvm: # Mandatory. image: CentOS-7-x86_64-GenericCloud-1710.qcow2.xz # Mandatory for provision play. Image to be deployed. image_url: https://cloud.centos.org/centos/7/images/ # Mandatory for provision play. Path/url to image. ssh_pwd: contrail123 # Mandatory for provision/configuration/install play. Ssh password set/used. ssh_user: centos # Mandatory for provision/configuration/install play. Ssh user set/used. ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional for provision/configuration/install play. ssh_private_key: /home/centos/.ssh/id_rsa # Optional for provision/configuration/install play. vcpu: 12 # Mandatory for provision play. vram: 64000 # Mandatory for provision play. vdisk: 100G # Mandatory for provision play. subnet_prefix: ip-address # Mandatory for provision play. subnet_netmask: subnet-mask # Mandatory for provision play. gateway: gateway-ip-address # Mandatory for provision play. nameserver: dns-ip-address # Mandatory for provision play. ntpserver: ntp-server-ip-address # Mandatory for provision/configuration play. domainsuffix: local # Mandatory for provision play.
BMS Provider Example
Use this example if you are in a bare metal server (bms) environment.
Passwords are provided in this output for illustrative purposes only. We suggest using unique passwords in accordance with your organization’s security guidelines in your environment.
provider_config: bms: # Mandatory. ssh_pwd: contrail123 # Optional. Not needed if ssh keys are used. ssh_user: centos # Mandatory. ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional. Not needed if ssh password is used. ssh_private_key: /home/centos/.ssh/id_rsa # Optional. Not needed if ssh password is used. ntpserver: ntp-server-ip-address # Optional. Needed if ntp server should be configured. domainsuffix: local # Optional. Needed if configuration play should configure /etc/hosts
SSH Host Identity Keys must be accepted or installed on the Deployer node before proceeding with Contrail installation.
To do so:
-
Make SSH connection to each target machine from the Deployer VM using Deployer user credentials and click Yes to accept the SSH Host Key.
or
-
Set the environmental variable ANSIBLE_HOST_KEY_CHECKING value to False.
ANSIBLE_HOST_KEY_CHECKING=false
or
-
Set [defaults] host_key_checking value to False in ansible.cfg file.
[defaults] host_key_checking=false
AWS Provider Example
Use this example if you are in an Amazon Web Services (AWS) environment.
provider_config: aws: # Mandatory. ec2_access_key: THIS_IS_YOUR_ACCESS_KEY # Mandatory. ec2_secret_key: THIS_IS_YOUR_SECRET_KEY # Mandatory. ssh_public_key: /home/centos/.ssh/id_rsa.pub # Optional. ssh_private_key: /home/centos/.ssh/id_rsa # Optional. ssh_user: centos # Mandatory. instance_type: t2.xlarge # Mandatory. image: ami-337be65c # Mandatory. region: eu-central-1 # Mandatory. security_group: SECURITY_GROUP_ID # Mandatory. vpc_subnet_id: VPC_SUBNET_ID # Mandatory. assign_public_ip: yes # Mandatory. volume_size: 50 # Mandatory. key_pair: KEYPAIR_NAME # Mandatory.
GCE Provider Example
Use this example if you are in a Google Cloud environment.
provider_config: gce: # Mandatory. service_account_email: # Mandatory. GCE service account email address. credentials_file: # Mandatory. Path to GCE account json file. project_id: # Mandatory. GCE project name. ssh_user: # Mandatory. Ssh user for GCE instances. ssh_pwd: # Optional. Ssh password used by ssh user, not needed when public is used ssh_private_key: # Optional. Path to private SSH key, used by by ssh user, not needed when ssh-agent loaded private key machine_type: n1-standard-4 # Mandatory. Default is too small image: centos-7 # Mandatory. For provisioning and configuration only centos-7 is currently supported. network: microservice-vn # Optional. Defaults to default subnetwork: microservice-sn # Optional. Defaults to default zone: us-west1-aA # Optional. Defaults to ? disk_size: 50 # Mandatory. Default is too small
Global Services Configuration
This section sets global service parameters. All parameters are optional.
global_configuration: CONTAINER_REGISTRY: hub.juniper.net/contrail REGISTRY_PRIVATE_INSECURE: True CONTAINER_REGISTRY_USERNAME: YourRegistryUser CONTAINER_REGISTRY_PASSWORD: YourRegistryPassword
Contrail Services Configuration
This section sets global Contrail service parameters. All parameters are optional.
contrail_configuration: # Contrail service configuration section CONTRAIL_VERSION: latest UPGRADE_KERNEL: true
For a complete list of parameters available for contrail_configuration.md, see Contrail Configuration Parameters for Ansible Deployer.
Kolla Services Configuration
If OpenStack Kolla is deployed, this section defines the parameters for Kolla.
kolla_config:
Instances Configuration
Instances are the operating systems on which the containers will be launched. The instance configuration has a few provider-specific parameters. The instance configuration specifies which roles are installed on which instance. Additionally, instance-wide and role-specific Contrail and Kolla configurations can be specified, overwriting the parameters from the global Contrail and Kolla configuration settings.
- KVM Contrail Plane Instance
- GCE Default All-in-One Instance
- AWS Default Three Node HA Instance
- More Examples
KVM Contrail Plane Instance
The following example is a KVM-based instance only, installing Contrail control plane containers.
instances: kvm1: provider: kvm roles: config_database: config: control: analytics_database: analytics: webui: kubemanager: k8s_master:
GCE Default All-in-One Instance
The following example is a very simple all-in-one GCE instance. It will install all Contrail roles and the Kubernetes master and node, using the default configuration.
instances: gce1: # Mandatory. Instance name provider: gce # Mandatory. Instance runs on GCE
AWS Default Three Node HA Instance
The following example uses three AWS EC2 instances to deploy a three node high availability setup with all roles and default parameters.
instances: aws1: provider: aws aws2: provider: aws aws3: provider: aws
More Examples
Refer to the following for more configuration examples for instances.
Installing a Contrail System
To perform a full installation of a Contrail system, refer to the installation instructions in: Installing a Contrail Cluster using Contrail Command and instances.yaml.