Apr 19, 2016

Contrail R3.0 Manual installation on ubuntu(6)

Install Contrail Config Node

Contrail Node consists of contrail-api, contrail-device-manager, contrail-discovery, contrail-schema, contrail-svc-monitor, ifmap.
**Target Server: Contrail1-3

1.Set variables
HOST=10.84.50.131  ## Set IP address of an Installation server
OPENSTACK=10.84.50.134  ## Set IP address of Openstack server
IVIP=10.84.50.139  ## Set Virtual IP address of Control/Data
host1=10.84.50.131  ## Physical IP address for Control/Data of Contrail1
host2=10.84.50.132  ## Physical IP address for Control/Data of Contrail2
host3=10.84.50.133  ## Physical IP address for Control/Data of Contrail3
2.Modify /etc/security/limits.conf
echo 'root soft nofile 65535' >> /etc/security/limits.conf 
echo 'root hard nofile 65535' >> /etc/security/limits.conf 
echo '* hard nofile 65535' >> /etc/security/limits.conf 
echo '* soft nofile 65535' >> /etc/security/limits.conf 
echo '* hard nproc 65535' >> /etc/security/limits.conf 

3.Modify /etc/contrail/contrail-keystone-auth.conf
echo "
[KEYSTONE]
auth_host=$OPENSTACK
auth_protocol=http
auth_port=35357
admin_user=admin
admin_password=password
admin_tenant_name=admin
insecure=False
memcache_servers=127.0.0.1:11211" > /etc/contrail/contrail-keystone-auth.conf

4.Modify /etc/ifmap-server/log4j.properties
sed -i 's/log4j.rootLogger=INFO/log4j.rootLogger=TRACE, CONSOLE/g' /etc/ifmap-server/log4j.properties
sed -i 's/log4j.logger.de.fhhannover.inform.irond.proc=INFO, A1/log4j.logger.de.fhhannover.inform.irond.proc=TRACE, A1, A2/g' /etc/ifmap-server/log4j.properties
sed -i 's/log4j.appender.A1=org.apache.log4j.FileAppender/log4j.appender.A1=org.apache.log4j.ConsoleAppender/g' /etc/ifmap-server/log4j.properties
sed -i -e '/log4j.appender.A1.File=\/var\/log\/contrail\/ifmap-server.log/d'  /etc/ifmap-server/log4j.properties

echo '
log4j.appender.A2=org.apache.log4j.FileAppender
log4j.appender.A2.File=/var/log/contrail/ifmap-server.log
log4j.appender.A2.layout=org.apache.log4j.PatternLayout
log4j.appender.A2.layout.ConversionPattern=%d [%t] %-5p %x - %m%n

log4j.logger.de.fhhannover.inform.irond.rawrequests=TRACE, A3
log4j.additivity.de.fhhannover.inform.irond.rawrequests=false
log4j.appender.A3=org.apache.log4j.FileAppender
log4j.appender.A3.file=irond_raw.log
log4j.appender.A3.layout=org.apache.log4j.PatternLayout
log4j.appender.A3.layout.ConversionPattern=%d %-5p %x - %m%n

log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern=%-8r [%t] %-5p %C{1} %x - %m%n' >> /etc/ifmap-server/log4j.properties

5.Modify /etc/ifmap-server/basicauthusers.properties
User name might be changed due to bug. https://bugs.launchpad.net/juniperopenstack/+bug/1499206
echo "
api-server:api-server
schema-transformer:schema-transformer
svc-monitor:svc-monitor

# This is a read-only MAPC
reader:reader
$host1:$host1
$host1.dns:$host1.dns
$host2:$host2
$host2.dns:$host2.dns
$host3:$host3
$host3.dns:$host3.dns" > /etc/ifmap-server/basicauthusers.properties

echo 'api-server=api-server-1--0000000001-1' > /etc/ifmap-server/publisher.properties

6.Modify /etc/contrail/contrail-api.conf
sed -i -e '/^\#/d' /etc/contrail/contrail-api.conf 
sed -i -e '/^$/d' /etc/contrail/contrail-api.conf 
sed -i "s/cassandra_server_list = .*/cassandra_server_list=$host1:9160 $host2:9160 $host3:9160/g" /etc/contrail/contrail-api.conf
sed -i "s/disc_server_ip = .*/disc_server_ip=$IVIP/g" /etc/contrail/contrail-api.conf
sed -i 's/ = /=/g' /etc/contrail/contrail-api.conf

echo "ifmap_server_ip=$HOST
ifmap_server_port=8443
listen_ip_addr=0.0.0.0
listen_port=9100
disc_server_ip=$IVIP
disc_server_port=5998
zk_server_ip=$host1:2181,$host2:2181,$host3:2181
rabbit_server=$IVIP:5673
list_optimization_enabled=True
auth = keystone
multi_tenancy=True

[SECURITY]
use_certs=False
keyfile=/etc/contrail/ssl/private_keys/apiserver_key.pem
certfile=/etc/contrail/ssl/certs/apiserver.pem
ca_certs=/etc/contrail/ssl/certs/ca.pem" >> /etc/contrail/contrail-api.conf

7.Modify /etc/init.d/contrail-api
echo '#!/bin/sh

# chkconfig: 2345 99 01
# description: Juniper Network Virtualization API

supervisorctl -s unix:///tmp/supervisord_config.sock ${1} `basename ${0}:0`' > /etc/init.d/contrail-api

8.Modify /etc/contrail/contrail-schema.conf
sed -i "s/disc_server_ip = .*/disc_server_ip=$IVIP/g" /etc/contrail/contrail-schema.conf
sed -i 's/ = /=/g' /etc/contrail/contrail-schema.conf

echo "ifmap_server_ip=$HOST
ifmap_server_port=8443
ifmap_username=schema-transformer
ifmap_password=schema-transformer
api_server_ip=$IVIP
api_server_port=8082
api_server_use_ssl=False
zk_server_ip=$host1:2181,$host2:2181,$host3:2181
cassandra_server_list=$host1:9160 $host2:9160 $host3:9160
rabbit_server=$IVIP:5673

[SECURITY]
use_certs=False
keyfile=/etc/contrail/ssl/private_keys/schema_xfer_key.pem
certfile=/etc/contrail/ssl/certs/schema_xfer.pem
ca_certs=/etc/contrail/ssl/certs/ca.pem" >> /etc/contrail/contrail-schema.conf

9.Modify /etc/contrail/contrail-device-manager.conf
sed -i "s/disc_server_ip = .*/disc_server_ip=$IVIP/g" /etc/contrail/contrail-device-manager.conf
sed -i 's/ = /=/g' /etc/contrail/contrail-device-manager.conf

echo "api_server_ip=$IVIP
api_server_port=8082
api_server_use_ssl=False
zk_server_ip=$host1:2181,$host2:2181,$host3:2181
cassandra_server_list=$host1:9160 $host2:9160 $host3:9160
rabbit_server=$IVIP:5673" >> /etc/contrail/contrail-device-manager.conf

10.Modify /etc/contrail/contrail-svc-monitor.conf
echo "[DEFAULTS]
ifmap_server_ip=$HOST
ifmap_server_port=8443
ifmap_username=svc-monitor
ifmap_password=svc-monitor
api_server_ip=$IVIP
api_server_port=8082
api_server_use_ssl=False
zk_server_ip=$host1:2181,$host2:2181,$host3:2181
log_file=/var/log/contrail/contrail-svc-monitor.log
cassandra_server_list=$host1:9160 $host2:9160 $host3:9160
disc_server_ip=$IVIP
disc_server_port=5998
region_name=RegionOne
log_local=1
log_level=SYS_NOTICE
rabbit_server=$IVIP:5673

[SECURITY]
use_certs=False
keyfile=/etc/contrail/ssl/private_keys/svc_monitor_key.pem
certfile=/etc/contrail/ssl/certs/svc_monitor.pem
ca_certs=/etc/contrail/ssl/certs/ca.pem

[SCHEDULER]
analytics_server_ip=$IVIP
analytics_server_port=8081" > /etc/contrail/contrail-svc-monitor.conf

11.Modify /etc/contrail/contrail-discovery.conf
sed -i "s/zk_server_ip=.*/zk_server_ip=$host1,$host2,$host3/g" /etc/contrail/contrail-discovery.conf
sed -i 's/listen_port=.*/listen_port=9110/g' /etc/contrail/contrail-discovery.conf
sed -i "s/cassandra_server_list.*/cassandra_server_list=$host1:9160 $host2:9160 $host3:9160/g" /etc/contrail/contrail-discovery.conf


echo '[DNS-SERVER]
policy=fixed ' >> /etc/contrail/contrail-discovery.conf

#"modify contrail discovery init script"
echo '#!/bin/sh

# chkconfig: 2345 99 01
# description: Juniper Network Virtualization API

supervisorctl -s unix:///tmp/supervisord_config.sock ${1} `basename ${0}:0`' >  /etc/init.d/contrail-discovery

12.Modify /etc/contrail/contrail-discovery.conf
sed -i 's/;AUTHN_TYPE =.*/AUTHN_TYPE=keystone/g' /etc/contrail/vnc_api_lib.ini
sed -i 's/;AUTHN_PROTOCOL =.*/AUTHN_PROTOCOL=http/g' /etc/contrail/vnc_api_lib.ini
sed -i "s/;AUTHN_SERVER =.*/AUTHN_SERVER=$OPENSTACK/g" /etc/contrail/vnc_api_lib.ini
sed -i 's/;AUTHN_PORT =.*/AUTHN_PORT=35357/g' /etc/contrail/vnc_api_lib.ini
sed -i 's/;AUTHN_URL =.*/AUTHN_URL=\/v2.0\/tokens/g' /etc/contrail/vnc_api_lib.ini

13.Modify /etc/contrail/contrail-config-nodemgr.conf
sed -i "s/server=.*/server=$IVIP/g" /etc/contrail/contrail-config-nodemgr.conf

14.Modify /etc/sudoers.d/contrail_sudoers
echo 'Defaults:contrail !requiretty

Cmnd_Alias CONFIGRESTART = /usr/sbin/service supervisor-config restart

contrail ALL = (root) NOPASSWD:CONFIGRESTART' > /etc/sudoers.d/contrail_sudoers

15.Modify /etc/neutron/plugins/opencontrail/ContrailPlugin.ini
echo "[APISERVER]
api_server_ip = $IVIP
api_server_port = 8082
multi_tenancy = True
contrail_extensions = ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None

[COLLECTOR]
analytics_api_ip = $IVIP
analytics_api_port = 8081

[KEYSTONE]
auth_url = http://$OPENSTACK:35357/v2.0
admin_user=admin
admin_password=password
admin_tenant_name=admin" > /etc/neutron/plugins/opencontrail/ContrailPlugin.ini

16.Modify /etc/default/neutron-server
sed -i 's/NEUTRON_PLUGIN_CONFIG=.*/NEUTRON_PLUGIN_CONFIG="\/etc\/neutron\/plugins\/opencontrail\/ContrailPlugin.ini"/g' /etc/default/neutron-server

set values to neutron config
sed -i 's/^core_plugin = .*/core_plugin = neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2/g' /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a log_format = %(asctime)s.%(msecs)d %(levelname)8s [%(name)s] %(message)s/' /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a service_plugins = neutron_plugin_contrail.plugins.opencontrail.loadbalancer.plugin.LoadBalancerPlugin' /etc/neutron/neutron.conf
sed -i -e "/^core_plugin/a rabbit_hosts = $IVIP:5673" /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a api_extensions_path = extensions:\/usr\/lib\/python2.7\/dist-packages\/neutron_plugin_contrail\/extensions' /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a allow_overlapping_ips = True' /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a auth_strategy = keystone' /etc/neutron/neutron.conf
sed -i -e '/^core_plugin/a bind_port = 9697' /etc/neutron/neutron.conf

sed -i -e "/^\[quotas\]/a quota_driver = neutron_plugin_contrail.plugins.opencontrail.quota.driver.QuotaDriver" /etc/neutron/neutron.conf

sed -i "s/auth_uri = .*/auth_uri = http:\/\/$OPENSTACK:35357\/v2.0\//g" /etc/neutron/neutron.conf
sed -i "s/identity_uri = .*/identity_uri = http:\/\/$IVIP:5000/g" /etc/neutron/neutron.conf
sed -i "s/admin_tenant_name = .*/admin_tenant_name = service/g" /etc/neutron/neutron.conf
sed -i "s/admin_user = .*/admin_user = neutron/g" /etc/neutron/neutron.conf
sed -i "s/admin_password = .*/admin_password = password/g"  /etc/neutron/neutron.conf
sed -i -e '/^admin_password/a auth_protocol = http' /etc/neutron/neutron.conf
sed -i -e "/^admin_password/a auth_host = $OPENSTACK" /etc/neutron/neutron.conf

echo '[QUOTAS]
quota_network = -1
quota_subnet = -1
quota_port = -1

[service_providers]
service_provider = LOADBALANCER:Opencontrail:neutron_plugin_contrail.plugins.opencontrail.loadbalancer.driver.OpencontrailLoadbalancerDriver:default' >> /etc/neutron/neutron.conf

17.Restart process
service neutron-server restart
service supervisor-config restart

Next topic is "Install Contrail Control Node".

No comments:

Post a Comment