Name: contrail-container-builder
Owner: Juniper Networks
Description: Build contrail networking control components as micro-services
Created: 2017-11-01 22:43:28.0
Updated: 2018-04-02 18:16:50.0
Pushed: 2018-04-02 23:28:10.0
Homepage:
null
Size: 10554
Language: Shell
GitHub Committers
User | Most Recent Commit | # Commits |
Other Committers
User | Email | Most Recent Commit | # Commits |
README
Contrail containers based on microservices
This is an beta version of Contrail containers based on microservices.
Checked on:
- Kubernetes with CNI
- Docker compose (via contrail-ansible-deployer)
- OpenStack Helm
Works with limitations and known issues.
Everything is tested in CentOS 7.4 / Ubuntu 16.04 for deployment to run on one/three machines.
Building containers
- Get Ubuntu 16 or Centos 7 with internet connection
- Get the project sources (e.g. with
`git clone
`)
- Run
`cd containers
`
- Configure
`common.env
(copy ``
common.env.sample``` for that and configure minimal set of parameters)
- Run
`setup-for-build.sh
`
- Add any number of .repo.template (for CentOS) or .list.template (for Ubuntu) to the root of repo. These files will be evaluated with current environment and will be placed to containers to yum or apt configuration.
- Run
`sudo build.sh
`
If you have a problems with resolving DNS names in build process then you to fix your docker like this - https://development.robinwinslow.uk/2016/06/23/fix-docker-networking-dns/
You'll get Docker registry running locally on port 5000 with the containers built.
You can check them here: `http://localhost:5000/v2/_catalog
or ``
sudo docker images```
Provisioning Kubernetes
Use this section if you want to deploy Contrail with Kubernetes without Helm
- Run on a single or master-node
`kubernetes/setup-k8s.sh
(don't forget to ``
cd ../` if you're in
containers``
)
For multi-node deployment on other kubernetes nodes:
- Set KUBERNETES_API_SERVER and CONTRAIL_REGISTRY in environment or in
`common.env
`
- Run
`kubernetes/setup-k8s.sh join-token=<token>
where token can be taken from output of setup-k8s.sh on master node or from ``
sudo kubeadm token list```
Provisioning Contrail and CNI in Kubernetes without Helm on a single node
You'll have Contrail deployed in Kubernetes. Check WebUI in https://localhost:8143 (login:admin password:contrail123)
This deployment will work with noauth authentication.
You can use `apply.sh
and ``
delete.sh` helper scripts from
kubernetes/manifests``
to apply and delete kubernetes deployments without manually using `resolve-manifest.sh
and ``
kubectl apply```.
Multi-node deployment
- Configure
`common.env
` to contain lists of nodes for your deployment for CONTROLLER_NODES, AGENT_NODES, etc before Contrail deployment
- Run
`kubernetes/manifest/set-node-labels.sh
to allow kubernetes to apply labels according to ``
common.env```.
- Deploy Contrail on master kubernetes node as decribed in “Provisioning Contrail and CNI in Kubernetes without Helm on a single node”
Multi-card deployment
- Configure
`common.env
` PHYSICAL_INTERFACE, VROUTER_GATEWAY and KUBERNETES_NODES_MAP parameters before Contrail deployment.
Provisioning Contrail in Helm OpenStack
Please refer to the README-HELM.md
Known issues
- “No route to host” or cannot access mirrors.centos.org errors during container build
- The reason: firewall
- To fix: Allow connectivity like
`add iptables -I INPUT -j ACCEPT
`
- “Connection refused” error during container build when accessing repodata/repomd.xml
- The reason: lighthttpd doesn't work properly
- To fix: bring up some other httpd server and allow visibility for the repo
- vrouter container in agent pod can fail when loading kernel module with “cannot allocate memory”.
- The reason: large driver memory appetites and probably significant memory fragmentation.
- To fix: reboot the machine and in the worst case insert the vrouter module manually right after the reboot.!~
- (Fixed). kube-dns and any application containers (if you run some later) can be stuck in “Container creating” state.
- The reason: Supposed race condition during start-up with Contrail DB. Will be fixed later
- To fix: manually restart all contrail-* and kube-manager containers. Probably by restart their pods (haven't tried yet). Restarting can be done by:
TODOs
- Refactoring - base and common split to specific modules
- ~~NodeManager - eliminate all, leave just one~~
- ~~Neutron, nova, heat - revisit pluginization mechanism~~
- ~~Kubeagent - create new one~~
- All scripts - move to root dir
- ~~Source rpm repo in setup, add parameter to take from non-S3~~
- ~~Rename contrail-micro.yaml to contrail-micro.yaml.sample~~
- ~~Create README~~
- ~~Remove firewall during setup~~
- Deal with ?cannot allocate memory? during kernel module loading
- Complete vrouter container - add DPDK, VLAN, etc.
- ~~Create initContainer for vrouter compilation~~
- Split charts to Contrail-only and the rest
- Remove all notions about OpenStack/Keystone/Kubernetes from Contrail containers and add separate containers (sidecars) bringing orchestrator-related functionality.
- ~~Kernel module compilation for Ubuntu~~
- Nested cni.conf (if needed)
- ~~/var/crashes folder should be created~~
- ~~Unnecessary packages should be removed from containers~~
- ~~Make DEBUG logging configurable~~
- ~~Multi-node deployment~~
- ~~Cluster-deployment for Contrail, Cassandra, etc~~
- Rework Helm charts to reuse third-party charts instead of built-in sections
- ~~Add yum clean at the end of containers~~
- ~~Rename kubernetes/kube-agent to kubernetes/vrouter-init~~
- ~~Move kube-manager to kubernetes folder~~
- ~~Add synchronization for containers (supposedly Cassandra and Zookeeper for controller should be run before contrail containers)~~
- ~~Remove contrail-config section from yaml and remove all its remaining usages~~
- Add comments to each entrypoint.sh for interface ENV variables
- ~~Rework configuration passing in charts~~
- ~~Improve provisioning scripts to work with existing docker repo and other features~~
- Nodemgr - rework to use single conf and no env variables (everything is taken from conf)
- Nodemgr - fix known bugs
- ~~Nodemgr - package correctly into rpm, now docker takes it by git clone~~
- Optimize size
- Make CNI plugin log level configurable.
- ~~Sort out with multiple NIC configiration - probably provision link local is needed since it set ip_fabric_ip.~~
- Consider to use K8S services to provide VIPs for Config, Analytics and WebUI.
- Split common.env to separate build.env and deployment.env
- Add switching off dhcp on phys_int after inserting vhost0
- Standardize configuration variables across all components in the system.
- ~~Add provision-alarm.py (https://bugs.launchpad.net/juniperopenstack/+bug/1736279)~~
- ~~Avoid changing /etc/hosts file (rabbitmq).~~
- ~~vrouter agent entrypoint: add ability to configure metadata_proxy_secret=contrail in [METADATA]~~
- Sort out with KUBERNETES_public_fip_pool
- ~~Ubuntu containers~~
- ~~Introduce base container for agent and move agent specific functions to it~~
- ~~Remove net-watchdog contrail as the problem with vhost0 rest by agent be solved (dpdk case)~~