Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Deploying Red Hat Openstack with Contrail Control Plane Managed by Tungsten Fabric Operator

This document provides steps needed to use the Operator Framework for Contrail Networking deployment that is using Red Hat Openstack version 16.1 (RHOSP16.1) as it’s orchestration platform.

Figure 1 shows the difference between the classic deployment of RHOSP16.1 and the Tungsten Fabric (TF) Operator based deployment.

Figure 1: Difference Between RHOSP16.1 Classic Deployment and TF-Operator Difference Between RHOSP16.1 Classic Deployment and TF-Operator

  • RHOSP does not deploy ContrailController, ContrailAnalytics, and ContrailAnalyticsDatabase Overcloud roles.

  • Compute nodes are deployed and managed by RHOSP.

  • Contrail Control plane is deployed separately on top of Kubernetes or OpenShift cluster.

  • Contrail Control plane nodes require access to RHOSP networks such as Internal API and Tenant. Administrator must configure the Internal API and Tenant, if Kubernetes or OpenShift cluster is deployed outside of the RHOSP networks.

To deploy RHOSP based on TF-Operator:

  1. Deploy Kubernetes or OpenShift cluster with Contrail Control plane without the keystone options.

    1. Generate a self-signed CA certificate and key and provide their content in the environmental variables.

      If Red Hat IdM is used for RHOSP, the RHOSP must bundle its own CA and IPA CA.

    2. To know more about Kubernetes procedure, see here.

    3. To know more about OpenShift procedure, see here.

  2. Deploy RHOSP16 without the Contrail Control plane roles.

    Follow the deployment procedure provided here.

    1. Do not create virtual machines (VMs) for Control Plane and skip any related steps.

    2. For Transport Layer Security (TLS), use the self-signed certificates. The Kubernetes or OpenShift is not integrated with Red Hat IdM.

      Use the generated CA and SSH key in Step1 to prepare environments/contrail/contrail-tls.yaml.

    3. Set the counters to zero for ContrailController, Analytics, and database roles.

      For example, ContrailControllerCount: 0.

    4. Provide the heat parameters addresses to Contrail Control plane deployed by Kubernetes or OpenShift.

  3. Ensure that Contrail Control plane deployed by Kubernetes or OpenShift has connectivity to RHOSP InternalAPI and tenant networks.
  4. Ensure that Contrail Control plane nodes deployed by Kubernetes or OpenShift are able to resolve RHOSP FQDNs for Internal API and Control Plane networks. For example, add names to /etc/hosts on Contrail Control plane nodes.
  5. Connect Contrail Control plane to RHOSP keystone.
  6. Wait until contrail-status shows active for Control plane and for RHOSP computes.