In Chapter 7, Getting Started with OpenContrail, we introduced OpenContrail as an open source controller for SDN and NFV implementations. With its own virtual networking element (vRouter) and a powerful architecture, OpenContrail is among the most popular SDN platforms for OpenStack.
We covered an introduction to OpenContrail and OpenStack briefly in the previous chapter. In this chapter, we will go through this integration in more detail. Starting with a step-by-step guide for the integration, we will take you through the basic capabilities of OpenContrail. We will use the OpenContrail GUI and CLI to get a better understanding of the virtual networking capabilities. We will then look at the advanced networking services that can be realized using OpenContrail and OpenStack.
We will cover the following topics in this chapter:
While OpenContrail is a powerful SDN solution by itself, it is designed to work seamlessly with the OpenStack cloud platform. OpenContrail not only integrates with Neutron using a plugin, but it also relies on other OpenStack services, such as Keystone, Glance, and Nova. First, we will show you how to integrate OpenStack with OpenContrail. We will then show you the interaction with various OpenStack services.
In Chapter 7, Getting Started with OpenContrail, we showed the steps to install OpenContrail directly from the source code. In order to learn OpenContrail integration with OpenStack, we will use DevStack to perform the OpenStack installation and configuration. DevStack is a set of scripts that installs OpenStack for learning, development, and experimentation. It is important to note that DevStack installation will be performed on the same setup where OpenContrail is already installed, as shown in Chapter 7, Getting Started with OpenContrail. The following steps show how to install and configure OpenStack for OpenContrail using DevStack:
home
directory of your Ubuntu server, execute the git
command, as shown here: git clone https://github.com/openstack-dev/devstack -b stable/liberty
export CONTRAIL_DIR=/home/openstack/contrail-installer export DEVSTACK_DIR=/home/openstack/devstack
We will use the contrail-status
utility to check for the status of all the OpenContrail services, as shown in the following screenshot. Ensure that all OpenContrail services' statuses are ACTIVE
. If any of the services have any issues, the output will show ERROR
against the service and will also display the error details:
localrc
file for DevStack using the samples that come with the OpenContrail installer:
localrc
file using a text editor of your choice. Note that the SERVICE_HOST
attribute's value may vary based on your setup:
stack.sh
program to start the OpenStack installation and configuration process.By default, DevStack creates an OpenStack account with the username admin
and a password
as specified in the localrc
file, which in our case is contrail123
. Once the stack.sh
program completes successfully, you should be able to log into OpenContrail and see the main Monitor view of OpenContrail:
The OpenContrail UI is categorized into four navigation groups. These groups are indicated by the icon on the top navigation bar, as shown in the following screenshot:
We will be covering the configure-related actions in a bit more detail in the following sections.
We have emphasized that OpenContrail is an SDN platform that integrates closely with cloud orchestration platforms such as OpenStack. Let us now look at the integration in a bit more detail. The following diagram will be used to describe the interaction between OpenStack and OpenContrail components:
OpenStack services and their interaction with OpenContrail
When we log into OpenContrail, it redirects the authentication requests to the Keystone service in OpenStack. In addition to validating the credentials, OpenContrail also uses the user and project information stored in OpenStack to enforce appropriate access control on its user interface.
OpenContrail also communicates with Glance for fetching VM images. It is important to note that OpenContrail does not provide capabilities to start arbitrary VM instances. It uses Glance to populate and create Service Templates and Service Instances that allow users to chain networking services. We will cover this in detail in the following section.
The integration with Nova addresses two important features in OpenContrail. First, when an end-user VM instance is started, Nova invokes the OpenContrail Virtual Interface Driver (VIF Driver) to provide connectivity between the VM instance and the vRouter on the compute node. The second aspect of OpenContrail and Nova integration comes into the picture when you create Service Instances in OpenStack. As part of service chaining, virtual network functions are started using Nova APIs.
Finally, the most important and deepest integration between OpenStack and OpenContrail happens with the Neutron service. OpenContrail acts as the core plugin for Neutron and thereby handles all the networking API calls made to Neutron. Whether the end user is using the OpenStack GUI or CLI or OpenContrail GUI, all the networking-related requests are processed by OpenContrail. The translation between the OpenStack networking object model (high-level model) to the internal model of OpenContrail is performed by the configuration node within the OpenContrail controller.
All the API requests coming into OpenContrail and the ones made to OpenStack from OpenContrail are processed by an OpenContrail API server process.
13.59.248.75