-
Notifications
You must be signed in to change notification settings - Fork 25
Provisioning OpenStack cluster using openstack helm and contrail
Madhukar Nayakbomman edited this page Sep 6, 2017
·
9 revisions
Openstack-helm project greatly helps in enabling the user to easily manage the lifecycle of an OpenStack cluster. More info you can find it from this link
- MX/vMX gateway for connecting overlay pods to underlay pods
- Download contrail containers from this download site
Software version used in this installation guides are
| Software | Versions |
|---|---|
| Helm | v2.4.2 |
| Kubernetes | v1.7.0 |
| Docker | 1.11.2 |
| Contrail | 4.0.0.0-20 |
- Download kubectl, kubeadm, kubelet, kubernetes-cni, docker as instructed in the Installing kubeadm link
- Edit /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on all nodes. Replace default k8s dns ip 10.96.0.10 with your cluster dns ip. Cluster dns ip depends upon the service CIDR you are using. If my service CIDR is 10.87.116.0/26 then dns svc ip will be 10.87.116.10
- Run
systemctl daemon-reloadcommand on all nodes - Run below command to initialize the kubernetes cluster
kubeadm init --service-cidr 10.87.116.0/26 --kubernetes-version v1.6.7 ``` - Use kubeadm join command which is printed in the above commands output to join the cluster from all slave nodes
- Follow instructions from this wiki to install contrail charts
- Add the MX/vMX gateway as BGP peer for your controller
- Set up the route target and enable the external knob for the cluster-network in contrail
- Use
kubectl get pods -n kube-system -o wide | grep kube-dnscommand to get the kube-dns pod ip - You should successfully be able to ping the kube-dns pod ip
- Create a cluster-admin roles access using the below command
kubectl update -f https://raw.githubusercontent.com/openstack/openstack-helm/master/tools/kubeadm-aio/assets/opt/rbac/dev.yaml- Use the below command to label node, replace the node name according to your setup
kubectl label node 5b6s14 openstack-control-plane=enabled
kubectl label node 5b6s16 openstack-compute-node=enabled- Getting openstack-helm charts code
git clone https://github.com/madhukar32/openstack-helm.git
cd openstack-helm
git checkout newton- Edit
nova/values.yamlandneutron/values.yamlto replace dns IP with your cluster dns IP - Edit neutron/values.yaml to change the below values as per your setup
opencontrail:
apiserver:
api_server_ip: 10.87.65.151
api_server_port: 8082
collector:
analytics_api_ip: 10.87.65.151
analytics_api_port: 8081- On compute nodes execute the below command
mkdir -p /var/lib/nova/instances- Install sigil binary and generate the secret
curl -L https://github.com/gliderlabs/sigil/releases/download/v0.4.0/sigil_0.4.0_Linux_x86_64.tgz | sudo tar -zxC /usr/local/bin
cd helm-toolkit/utils/secret-generator
./generate_secrets.sh all `./generate_secrets.sh fsid`
cd ../../..- Start helm repo
helm serve &
helm repo add local http://localhost:8879/charts
Make - Install openstack-helm charts
helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack
helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack
helm install --name=keystone local/keystone --namespace=openstack
helm install --name=horizon local/horizon --namespace=openstack
helm install --name=cinder local/cinder --namespace=openstack
helm install --name=glance local/glance --namespace=openstack
helm install --name=nova local/nova --namespace=openstack
helm install --name=neutron local/neutron --namespace=openstack- kubectl get svc -n openstack. See, the output to understand the keystone service ip
- Use below command to go to enter the contrail containers
kubectl exec -it <contrail-controller-pod-name> bash- Update /etc/contrail/contrail-keystone-auth.conf with below values
[KEYSTONE]
auth_url=http://<keystone-svc-ip>:35357/v3
auth_host=<keystone-svc-ip>
auth_protocol=http
auth_port=35357
admin_user=admin
admin_password=password
admin_tenant_name=admin
admin_user_domain_name=Default
project_domain_name=Default
insecure=True- Use this command
service contrail-api restartto restart the contrail-api service
Copyright (c) 2018 Juniper Networks, Inc. All rights reserved