OpenContrail and DevStack

Update (01/05/2015) : Since this blog was last published, there has been an update in the process for Installing OpenContrail. For the latest instructions check: https://github.com/juniper/contrail-installer

1.     Introduction

OpenStack is a global collaboration of developers and cloud computing technologists working to develop an open source cloud computing platform for public and private clouds. It consists of a series of interrelated projects delivering various components for a cloud infrastructure solution.

OpenContrail is a great fundamental network component for a cloud infrastructure which is built using standard based protocols and provides network virtualization, network programmability and automation. OpenContrail is modular and integrates into open cloud orchestration platforms such as OpenStack, CloudStack and is currently supported across multiple Linux distributions and hypervisors.

DevStack is great way to get started with OpenStack. It is a repository of code which will install and start an OpenStack development and testing environment.

This blog post gives detailed instructions on how to install DevStack along with OpenContrail.

Who would install DevStack?

DevStack is installed generally by those who wish to contribute to OpenStack code. Those wishing to install OpenStack for production should install OpenStack from distribution packages or a tarball. DevStack is not recommended for production.

What do you need?

An isolated environment is needed to install DevStack with OpenContrail – a VM or a separate physical server – an environment that can be setup, taken down, overwritten and reinstalled without affecting the regular development environment.

Setup Requirements
  • Linux distribution – Ubuntu 12.04.
  • Size – 4Gb RAM

Note: You would also need login credential in github.com for DevStack.

2.     Installation of DevStack with OpenContrail

We know that DevStack is set of scripts that downloads and installs Openstack development and testing environment. The OpenContrail team has created a github fork of the DevStack repository that also downloads and installs various components of OpenContrail.

As a part of this article, I am going to cover the installation steps to be followed for setting up DevStack with OpenContrail and then show how this setup can be used to test/validate Openstack integration with OpenContrail.

To have a basic working setup, there are two simple topologies in which we can DevStack + OpenContrail environment.

  1. A single node setup where both Openstack controller and compute reside in a single physical host or VM.
  2. A multi-node setup where there is one physical host or VM as Openstack controller and one or more physical hosts or VMs as compute.

Note: These installation steps are for Ubuntu based installations.

2.1 Single Node DevStack Setup

1. Login to Ubuntu machine (VM or physical machine).
Note: You need to create a user – “ubuntu” and add it to sudoers list.

2. Add the following line to /etc/hosts
127.0.1.1 ubuntu

3. Update all the packages in Ubuntu
sudo apt-get update

4. Install the following packages for ubuntu

  • git-core
              sudo apt-get install git-core
  • ant
              sudo apt-get install ant
  • build-essential
              sudo aptitude install build-essential
  • pkg-config
              sudo apt-get install pkg-config
  • linux kernel headers
              sudo apt-get install linux-headers-3.2.0-35-virtual

5. Download DevStack

a. Verify SSH to github is working correctly in your setup
ssh -T  git@github.com

b. Checkout source from github
git clone git@github.com:dsetia/devstack.git

6. Edit localrc and change PHYSICAL_INTERFACE to match your setup

           cd devstack
           cp contrail/localrc-single localrc
           vi localrc  # edit PHYSICAL_INTERFACE

7. Run stack.sh script. Stack.sh is an opinionated OpenStack developer installation. It installs and configures various combinations of Glance, Nova, Horizon, Keystone, Cinder and OpenContrail as neutron plugin in our case.
./stack.sh

This could be also called as DevStack-in-a-box setup.

2.2 Multi-Node DevStack Setup

A multi-node DevStack setup has one physical host or VM as controller/master node and one or more physical host or VMs as compute nodes. The controller node and the one or more compute nodes needed to be connected to each other on an IP capable physical network. There is no specific physical network topology needed for this setup to work seamlessly.

3. Physical Network Topology

ranjani_blogpost_image1

3.1 Steps for Master/Controller Host

1. Login to Master or Controller Host (VM or physical machine).
Note: You need to create a user – “ubuntu” and add it to sudoers list.

2. Add the following line to /etc/hosts
127.0.1.1 ubuntu

3. Update all the packages in Ubuntu
sudo apt-get update
4. Install the following packages for ubuntu

  • git-core
              sudo apt-get install git-core
  • ant
              sudo apt-get install ant
  • build-essential
              sudo aptitude install build-essential
  • pkg-config
              sudo apt-get install pkg-config
  • linux kernel headers
              sudo apt-get install linux-headers-3.2.0-35-virtual

5. Download DevStack
a.Verify SSH to github is working correctly in your setup
ssh -T  git@github.com

b. Checkout source from github
git clone git@github.com:dsetia/devstack.git

6. Edit localrc as shown below

           cd devstack
           cp contrail/localrc-multinode-server localrc
           vi localrc  # edit PHYSICAL_INTERFACE
           edit HOST_IP=<IP address of Master/Controller Host>

7. Run stack.sh script. Stack.sh is an opinionated OpenStack developer installation. It installs and configures various combinations of Glance, Nova, Horizon, Keystone, Cinder and OpenContrail as neutron plugin in our case.
./stack.sh

3.2 Steps for Compute Host

There could be one or more compute hosts. These steps given below need to be executed individually on each compute host.

1. Login to Compute Host (VM or physical machine).
Note: You need to create a user – “ubuntu” and add it to sudoers list.

2. Add the following line to /etc/hosts
127.0.1.1 ubuntu

3. Update all the packages in Ubuntu
sudo apt-get update

4. Install the following packages for ubuntu

  • git-core
              sudo apt-get install git-core
  • ant
              sudo apt-get install ant
  • build-essential
              sudo aptitude install build-essential
  • pkg-config
              sudo apt-get install pkg-config
  • linux kernel headers
              sudo apt-get install linux-headers-3.2.0-35-virtual

5. Download DevStack

a. Verify SSH to github is working correctly in your setup

ssh -T  git@github.com

b. Checkout source from github
git clone git@github.com:dsetia/devstack.git

6. Edit localrc as shown below

           cd devstack
           cp contrail/localrc-multinode-compute localrc
           vi localrc  # edit PHYSICAL_INTERFACE
           edit SERVICE_HOST=<IP address of Master/Controller Host>

7. Run stack.sh script. Stack.sh is an opinionated Openstack developer installation. It installs and configures various combinations of Glance, Nova, Horizon, Keystone, Cinder and OpenContrail as neutron plugin in our case. On a compute host, it would install only nova, neutron and OpenContrail and its dependencies.
./stack.sh

4.  Verify the installation

Once the stack.sh has completed its execution successfully, you can check to make sure the services show smiley faces ranjani_blogpost_image11 and not XXX with ‘nova-manage service list’ command on each node of your setup.

ranjani_blogpost_image2

Now you have OpenContrail with latest release of Openstack running in your environment. You can access the Openstack horizon dashboard of this version using http://<IP-Address-of-Master-Node>. The foundation has now been laid for you to develop and test OpenContrail with Openstack. You can now explore the power of network programmability and automation using the APIs that OpenContrail provides.

5. Using DevStack to explore OpenContrail

Now that we have a working setup of DevStack + OpenContrail, lets start exploring the various capabilities that OpenContrail has to offer.

5.1 Openstack Glance Guest VMs Images

DevStack by default downloads CirrOS but in case you want to install another image like Ubuntu cloud image, you can follow the steps below:

  1. Download the Ubuntu cloud image using wgetranjani_blogpost_image3
  2. Add this image to the glance repository of your setupranjani_blogpost_image4
5.2 Using OpenContrail for Networking

OpenContrail is a plugin for Openstack Neutron that enables to dynamically define and configure logical network connectivity between devices from other Openstack services (e.g. vNICs from Nova) and switches/routers. It provides us a set of APIs called VNC APIs that we would be leveraging to create virtual networks and define network connectivity between the virtual machines.

As an example, I am going to create two different virtual networks – Red-VN and Blue-VN having two different IP Address range. Blue-VN is having IP subnet 192.168.1.0/24 and Red-VN is having subnet 192.168.2.0/24. Then two virtual machines each are spawned on Blue and Red VNs. Once these VMs are up, we will do a ping between VMs in the same VN and also between VMs in different VNs.

Virtual Network Topology

ranjani_blogpost_image5

Below are the steps and code snippets showing how to deploy the above scenario using Openstack Neutron APIs

1. As part of DevStack + OpenContrail installation, a project (aka tenant) called ‘demo’ is created. Before starting to use neutron APIs, we need to initialize neutron client object

 import neutronclient.v2_0.client
 neutron = neutronclient.v2_0.client.Client(
               username = 'admin',
               password = 'contrail123',
               tenant_name = 'demo',
               auth_url = 'http://10.84.18.1:35357/v2.0')
 
2. Create the ‘Blue-VN’ network
 
 # Create Blue virtual network.
 blue_vn = {
         'name': 'Blue-VN',
         'admin_state_up': True,
         'shared' : False
       }
 blue_vn = neutron.create_network({'network': blue_vn}

3. Create a subnet IP address range and associate it with this Blue Network

blue_subnet = {
         'ip_version': 4,
         'cidr': '192.168.1.0/24',
         'gateway_ip': '192.168.1.253',
       }
 blue_subnet.update({'network_id': blue_vn['network']['id']})
 neutron.create_subnet({'subnet': blue_subnet})
 

4. Create the ‘Red-VN’ network

# Create Red virtual network.
 red_vn = {
         'name': 'Red-VN',
         'admin_state_up': True,
         'shared' : False
       }
 red_vn = neutron.create_network({'network': red_vn})
 
5. Create a subnet IP address range and associate it with this Red Network
 red_subnet = {
         'ip_version': 4,
         'cidr': '192.168.2.0/24',
         'gateway_ip': '192.168.2.253',
       }
 red_subnet.update({'network_id': red_vn['network']['id']})
 neutron.create_subnet({'subnet': red_subnet})
 

6. Launch two VMs each in Blue-VN and Red-VN.

# Create a Nova Client
 nova = novaclient.v1_1.client.Client(
               username = 'admin',
               api_key = 'contrail123',
               project_id = 'demo',
               auth_url = 'http://10.84.18.1:35357/v2.0')
 # Launch 2 VMs - each in Blue VN and Red VN
 blue_vm1 = nova.servers.create(
               name = 'Blue-VM1',
               image = nova.images.find(name = 'ubuntu'),
               flavor = nova.flavors.find(name = 'm1.small'),
               nics = [{'net-id': blue_vn.uuid}])
 red_vm1 = nova.servers.create(
               name = 'Red-VM1',
               image = nova.images.find(name = 'ubuntu'),
               flavor = nova.flavors.find(name = 'm1.small'),
               nics = [{'net-id': red_vn.uuid}])
 blue_vm2 = nova.servers.create(
               name = 'Blue-VM2',
               image = nova.images.find(name = 'ubuntu'),
               flavor = nova.flavors.find(name = 'm1.small'),
               nics = [{'net-id': blue_vn.uuid}])
 red_vm2 = nova.servers.create(
               name = 'Red-VM2',
               image = nova.images.find(name = 'ubuntu'),
               flavor = nova.flavors.find(name = 'm1.small'),
               nics = [{'net-id': red_vn.uuid}])

7. Check if all the VMs are in active state

ranjani_blogpost_image6

8. Log in to ‘Blue-VM1’ and ping the ‘Blue-VM2’. To login into VM from the host, run the command ‘netstat-rn’ and then ssh into link-local address.

ranjani_blogpost_image7

Now ssh to IP address 169.254.0.4 and check the IP address

ranjani_blogpost_image8

Now ping ‘Blue-VM2’ having the IP address 192.168.1.252

ranjani_blogpost_image9

9. Ping to ‘Red-VM1’ having IP address 192.168.2.253 from ‘Blue-VM1’

ranjani_blogpost_image10

6. Summary

With a very limited amount of hardware, one can create a DevStack with OpenContrail setup. There is so much more that OpenContrail has to offer than what is covered here but this lays the foundation for building simple networks to connect instances.