OpenContrail Implementations

@tcpcloud

OpenContrail Meetup 2015 Vancouver

Agenda• About tcp cloud• What we have done since last meetup?

• References• OpenContrail Juno production experience

• Fixes, recommendations• Horizon modifications

• SaltStack announcements• OpenStack formulas• OpenContrail formulas• OpenContrail modules

About tcp cloud• ISO Certifications (ISO 9001, ISO 20000-1, ISO 27001)

• Certificated experts (cloud, hardware, virtualization, networks, OS, etc…)

• Active in global community (OpenStack, OpenContrail, SaltStack, etc…)

• Own Hi-Tech Datacenter (TIER III, 20kW per rack, hundreds 10Gbps ports, etc…)

• Focused on private open cloud solutions and services (since 2011)

• Maximum Openness

• Open source of course…

• But also technology like

• Hyper-V, VMware, PowerKVM, …

• Thomas-Krenn, IBM, HP, Dell, …• Juniper, Cisco, …

• Ubuntu, CentOS, Windows, …

What we have done on OpenContrail since last meetup

• 6 Proof of Concepts, 2 pilots, 4 prod environments• VMware integration testing (ESXi driver)• Experience with 1.2, 2.0 and 2.1• AVG Technologies, 100 Percentit IT, Czech IT, telco

customers world wide

OpenStack Juno/OpenContrail Integration

• We tested Contrail 1.2 with Icehouse• KVM• ESXi (see blog post)

• We have used Juno with Contrail 2.0 since January 2015• Reasons for Juno:

• Heat improvements• Cinder backend drivers• Live migrations for volume backed instances• Horizon improvements• It is newer :)

Integration issues with 2.0/2.1 and Juno

Nova VIF driver compatibility• monkey patching nova VIF drivers • Neutron API Class instead of nova vif...

Cannot attach multiple security groups• Except 4 parameters instead of 3 (nova - neutron) • nova/network/security_group/neutron_driver.py

Rebuild instances fails• https://review.opencontrail.org/#/c/7477/

Delete failed, when OS::Nova::FloatingIPAssociation cannot find server• https://bugs.launchpad.net/heat/+bug/1396982

Integration issues with 2.0/2.1 and Juno

Heat template is invalid• Increase python-neutronclient 2.3.6 (default 2.3.4.1) on heat-

engineNew Django URLs, neutron API client fixes

• Reflecting Django 1.5 and python-neutronclient changes Dealing with Floating IP associations

• Horizon does not allow provision floating IPs to networks without router

Eventually Contrail pushed Juno version of horizon cca 14 days ago

SaltStack based OpenStack deployment

• SaltStack has about 5% of OS deployment share• We use hierarchical database as system data model• Proper service (de)composition• Integrated monitoring, logging, firewalls

• similar to Example42 approach in Puppet • We are in process of cleaning and opensourcing our formulas• About 30 service formulas in a first wave• Will eventually become part of Big Tent

Please Contribute!

Creating new Salt OpenContrail module and state

• Utilises contrail-vnc python client• Declarative peering configuration• Declarative vrouter provisioning

System model implementation

• reclass - external node classification tool• Hiearchical database similar, but not same as Hiera• Basic concepts of hiera

• Nested, multiple class inheritance• Variable interpolation

Thank you!

Jakub Pavlikj.pavlik@tcpcloud.eu@JakubPav

Ales Komareka.komarek@tcpcloud.eu@ales_komarek

Backup Slides

@tcpcloud

OpenContrail Meetup 2015 Vancouver

Ideas

Fully L3 routing topology with OSPF at vRouter

AVG OpenStack Architecture