Tungsten Fabric入门宝典丨关于安装的那些事(下)



  • 作者:Tatsuya Naganawa 译者:TF编译组

    Tungsten Fabric入门宝典系列文章,来自技术大牛倾囊相授的实践经验,由TF中文社区为您编译呈现,旨在帮助新手深入理解TF的运行、安装、集成、调试等全流程。如果您有相关经验或疑问,欢迎与我们互动,并与社区极客们进一步交流。更多TF技术文章,请点击公号底部按钮>学习>文章合集。
    

    (编者按:在上一篇文章中,我们聊了关于TF组件安装中的HA行为、多NIC安装、集群规模等问题,以及如何安装具有Tungsten Fabric CNI的Kubernetes HA环境。)

    OpenStack

    Openstack HA的安装可以由anstack-deployer直接完成。

    对于此示例的设置,我使用了5个EC2实例(AMI相同,ami-3185744e),每个实例具有2个vCPU、8 GB内存、20 GB磁盘空间。VPC的CIDR为172.31.0.0/16。

    yum -y install epel-release
    yum -y install git ansible-2.4.2.0
    ssh-keygen
    cd .ssh/
    cat id_rsa.pub >> authorized_keys
    cd
    git clone http://github.com/Juniper/contrail-ansible-deployer
    cd contrail-ansible-deployer
    vi config/instances.yaml
    (replace contents with this)
    provider_config:
      bms:
       ssh_user: root
       ssh_public_key: /root/.ssh/id_rsa.pub
       ssh_private_key: /root/.ssh/id_rsa
       domainsuffix: local
       ntpserver: 0.centos.pool.ntp.org
    instances:
      bms1:
        provider: bms
        ip: 172.31.6.90 # controller1's ip
        roles:
          config_database:
          config:
          control:
          analytics:
          webui:
          openstack:
      bms2:
        provider: bms
        ip: 172.31.25.90 # controller2's ip
        roles:
          config_database:
          config:
          control:
          analytics:
          webui:
          openstack:
      bms3:
        provider: bms
        ip: 172.31.31.242 # controller3's ip
        roles:
          config_database:
          config:
          control:
          analytics:
          webui:
          openstack:
      bms11:
        provider: bms
        ip: 172.31.42.209 # compute1's ip
        roles:
          vrouter:
          openstack_compute:
      bms12:
        provider: bms
        ip: 172.31.15.199 # compute2's ip
        roles:
          vrouter:
          openstack_compute:
    contrail_configuration:
      RABBITMQ_NODE_PORT: 5673
      AUTH_MODE: keystone
      KEYSTONE_AUTH_URL_VERSION: /v3
      JVM_EXTRA_OPTS: "-Xms128m -Xmx1g"
    kolla_config:
      kolla_globals:
        kolla_internal_vip_address: 172.31.0.11 ## kolla-ansible will deploy haproxy to serve HA vip
      kolla_passwords:
        keystone_admin_password: contrail123 # admin user's password
    global_configuration:
    
    
    ## if previously described AMI is used, it uses cloud-init packages whose rpm dependency is not compatible with ansible-deployer in R5.1 and later. To workaroud this, I used these commands.
    yum -y remove PyYAML python-requests
    easy_install pip
    pip install PyYAML requests
    pip install ansible
    
    
    ansible-playbook -e orchestrator=openstack -i inventory/ playbooks/configure_instances.yml
     - it takes about 10 minutes
    ansible-playbook -e orchestrator=openstack -i inventory/ playbooks/install_openstack.yml
     - it takes about 40 minutes
    ansible-playbook -e orchestrator=openstack -i inventory/ playbooks/install_contrail.yml
     - it takes about 20 minutes
    
    
    
    [root@ip-172-31-6-90 ~]# contrail-status 
    Pod              Service         Original Name                          State    Id            Status         
                     redis           contrail-external-redis                running  23ef79b48ae8  Up 41 minutes  
    analytics        api             contrail-analytics-api                 running  3139f5fd9256  Up 36 minutes  
    analytics        collector       contrail-analytics-collector           running  89c9e02fb551  Up 36 minutes  
    analytics        nodemgr         contrail-nodemgr                       running  5eecb461f95c  Up 36 minutes  
    config           api             contrail-controller-config-api         running  fb0dc55f76c7  Up 39 minutes  
    config           device-manager  contrail-controller-config-devicemgr   running  8dbff58776a2  Up 39 minutes  
    config           nodemgr         contrail-nodemgr                       running  b64af838545d  Up 39 minutes  
    config           schema          contrail-controller-config-schema      running  83e0acf17e39  Up 39 minutes  
    config           svc-monitor     contrail-controller-config-svcmonitor  running  623e17e8e74e  Up 39 minutes  
    config-database  cassandra       contrail-external-cassandra            running  db30d874dce3  Up 40 minutes  
    config-database  nodemgr         contrail-nodemgr                       running  590463f627f6  Up 38 minutes  
    config-database  rabbitmq        contrail-external-rabbitmq             running  712ee26dda64  Up 40 minutes  
    config-database  zookeeper       contrail-external-zookeeper            running  46dbdec00e46  Up 40 minutes  
    control          control         contrail-controller-control-control    running  3e0e653d1588  Up 37 minutes  
    control          dns             contrail-controller-control-dns        running  2cebc37c18cf  Up 37 minutes  
    control          named           contrail-controller-control-named      running  112bd2d8ed5f  Up 37 minutes  
    control          nodemgr         contrail-nodemgr                       running  f2e0fdc4bfb2  Up 37 minutes  
    device-manager   dnsmasq         contrail-external-dnsmasq              running  f84b45234d70  Up 39 minutes  
    webui            job             contrail-controller-webui-job          running  3dece86513a1  Up 38 minutes  
    webui            web             contrail-controller-webui-web          running  408c772b1628  Up 38 minutes  
    
    == Contrail control ==
    control: active
    nodemgr: active
    named: active
    dns: active
    
    == Contrail config-database ==
    nodemgr: initializing (Disk for DB is too low. )
    zookeeper: active
    rabbitmq: active
    cassandra: active
    
    == Contrail analytics ==
    nodemgr: active
    api: active
    collector: active
    
    == Contrail webui ==
    web: active
    job: active
    
    == Contrail device-manager ==
    
    == Contrail config ==
    svc-monitor: backup
    nodemgr: active
    device-manager: backup
    api: active
    schema: backup
    
    
    [root@ip-172-31-25-90 ~]# contrail-status 
    Pod              Service         Original Name                          State    Id            Status         
                     redis           contrail-external-redis                running  1ed7e967085e  Up 41 minutes  
    analytics        api             contrail-analytics-api                 running  7392ea345e83  Up 36 minutes  
    analytics        collector       contrail-analytics-collector           running  82332a53a566  Up 36 minutes  
    analytics        nodemgr         contrail-nodemgr                       running  89141bb180cd  Up 36 minutes  
    config           api             contrail-controller-config-api         running  b2af8bc8a6d7  Up 38 minutes  
    config           device-manager  contrail-controller-config-devicemgr   running  d8ed77431dfa  Up 39 minutes  
    config           nodemgr         contrail-nodemgr                       running  8c7f3d5f05e4  Up 39 minutes  
    config           schema          contrail-controller-config-schema      running  4a6099aaea2a  Up 39 minutes  
    config           svc-monitor     contrail-controller-config-svcmonitor  running  3a3e6d37b30e  Up 39 minutes  
    config-database  cassandra       contrail-external-cassandra            running  0b05e121c017  Up 40 minutes  
    config-database  nodemgr         contrail-nodemgr                       running  fb4857fe16c1  Up 39 minutes  
    config-database  rabbitmq        contrail-external-rabbitmq             running  a8137277a40f  Up 40 minutes  
    config-database  zookeeper       contrail-external-zookeeper            running  9571f4d9fde2  Up 40 minutes  
    control          control         contrail-controller-control-control    running  5460dc02cc03  Up 37 minutes  
    control          dns             contrail-controller-control-dns        running  17b27877ef6e  Up 37 minutes  
    control          named           contrail-controller-control-named      running  cdbe1bae4c40  Up 37 minutes  
    control          nodemgr         contrail-nodemgr                       running  cb36c2b4625a  Up 37 minutes  
    device-manager   dnsmasq         contrail-external-dnsmasq              running  dd9002e6f58d  Up 39 minutes  
    webui            job             contrail-controller-webui-job          running  60dc895d439e  Up 38 minutes  
    webui            web             contrail-controller-webui-web          running  3ddfb5e2e851  Up 38 minutes  
    
    == Contrail control ==
    control: active
    nodemgr: active
    named: active
    dns: active
    
    == Contrail config-database ==
    nodemgr: initializing (Disk for DB is too low. )
    zookeeper: active
    rabbitmq: active
    cassandra: active
    
    == Contrail analytics ==
    nodemgr: active
    api: active
    collector: active
    
    == Contrail webui ==
    web: active
    job: active
    
    == Contrail device-manager ==
    
    == Contrail config ==
    svc-monitor: backup
    nodemgr: active
    device-manager: active
    api: active
    schema: backup
    
    
    [root@ip-172-31-31-242 ~]# contrail-status 
    Pod              Service         Original Name                          State    Id            Status         
                     redis           contrail-external-redis                running  172e35daca5a  Up 42 minutes  
    analytics        api             contrail-analytics-api                 running  2edf90837a43  Up 36 minutes  
    analytics        collector       contrail-analytics-collector           running  812d4c190841  Up 36 minutes  
    analytics        nodemgr         contrail-nodemgr                       running  d0eafce0d49d  Up 36 minutes  
    config           api             contrail-controller-config-api         running  7819c7792960  Up 39 minutes  
    config           device-manager  contrail-controller-config-devicemgr   running  c22addf8f1f1  Up 38 minutes  
    config           nodemgr         contrail-nodemgr                       running  bd742928f26e  Up 39 minutes  
    config           schema          contrail-controller-config-schema      running  8ad72d0a2c12  Up 39 minutes  
    config           svc-monitor     contrail-controller-config-svcmonitor  running  86283bfc21dc  Up 39 minutes  
    config-database  cassandra       contrail-external-cassandra            running  315d17494665  Up 41 minutes  
    config-database  nodemgr         contrail-nodemgr                       running  a78521b2b940  Up 39 minutes  
    config-database  rabbitmq        contrail-external-rabbitmq             running  dfefb054808b  Up 41 minutes  
    config-database  zookeeper       contrail-external-zookeeper            running  a16d1a2d259b  Up 41 minutes  
    control          control         contrail-controller-control-control    running  bc9ecb41131c  Up 37 minutes  
    control          dns             contrail-controller-control-dns        running  beff8cf11fdd  Up 37 minutes  
    control          named           contrail-controller-control-named      running  2322d5598a24  Up 37 minutes  
    control          nodemgr         contrail-nodemgr                       running  32b611d85d19  Up 37 minutes  
    device-manager   dnsmasq         contrail-external-dnsmasq              running  a0b3dd0ad254  Up 39 minutes  
    webui            job             contrail-controller-webui-job          running  257721b46207  Up 38 minutes  
    webui            web             contrail-controller-webui-web          running  c2e7b95e7321  Up 38 minutes  
    
    == Contrail control ==
    control: active
    nodemgr: active
    named: active
    dns: active
    
    == Contrail config-database ==
    nodemgr: initializing (Disk for DB is too low. )
    zookeeper: active
    rabbitmq: active
    cassandra: active
    
    == Contrail analytics ==
    nodemgr: active
    api: active
    collector: active
    
    == Contrail webui ==
    web: active
    job: active
    
    == Contrail device-manager ==
    
    == Contrail config ==
    svc-monitor: active
    nodemgr: active
    device-manager: backup
    api: active
    schema: active
    
    
    [root@ip-172-31-42-209 ~]# contrail-status 
    Pod      Service  Original Name           State    Id            Status         
    vrouter  agent    contrail-vrouter-agent  running  a17883037f12  Up 36 minutes  
    vrouter  nodemgr  contrail-nodemgr        running  6dc2258ac4f6  Up 36 minutes  
    
    vrouter kernel module is PRESENT
    == Contrail vrouter ==
    nodemgr: active
    agent: active
    
    
    [root@ip-172-31-15-199 ~]# contrail-status 
    Pod      Service  Original Name           State    Id            Status         
    vrouter  agent    contrail-vrouter-agent  running  a1e7767b3302  Up 36 minutes  
    vrouter  nodemgr  contrail-nodemgr        running  40d5613fec21  Up 36 minutes  
    
    vrouter kernel module is PRESENT
    == Contrail vrouter ==
    nodemgr: active
    agent: active
    

    然后,可以使用openstack命令创建实例。

    docker cp /etc/kolla/kolla-toolbox/admin-openrc.sh kolla_toolbox:/var/tmp
    docker exec -it kolla_toolbox bash
      source /var/tmp/admin-openrc.sh
      cd /var/tmp
      curl -O -L http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
      openstack image create cirros --disk-format qcow2 --public --container-format bare --file cirros-0.4.0-x86_64-disk.img
      openstack flavor create --ram 512 --disk 1 --vcpus 1 m1.tiny
      openstack network create testvn
      openstack subnet create --subnet-range 192.168.100.0/24 --network testvn subnet1
      NET_ID=`openstack network list | grep testvn | awk -F '|' '{print $2}' | tr -d ' '`
      openstack server create --flavor m1.tiny --image cirros --nic net-id=${NET_ID} vm1
      openstack server create --flavor m1.tiny --image cirros --nic net-id=${NET_ID} vm2
      exit
    
    (on compute nodes)
    ip route ## check metadata ip of two instances
    ssh cirros@169.254.0.x
      ping 192.168.100.4
    
    
    (kolla-toolbox)[ansible@ip-172-31-6-90 /]$ openstack server list
    +--------------------------------------+------+--------+----------------------+--------+---------+
    | ID                                   | Name | Status | Networks             | Image  | Flavor  |
    +--------------------------------------+------+--------+----------------------+--------+---------+
    | 9d66f0ed-d7d5-4a53-983d-dfba0385bd22 | vm2  | ACTIVE | testvn=192.168.100.4 | cirros | m1.tiny |
    | 6595b4c1-1e6f-4f02-8f66-83b6355065b2 | vm1  | ACTIVE | testvn=192.168.100.3 | cirros | m1.tiny |
    +--------------------------------------+------+--------+----------------------+--------+---------+
    (kolla-toolbox)[ansible@ip-172-31-6-90 /]$ 
    
    [root@ip-172-31-42-209 ~]# ip route
    default via 172.31.32.1 dev vhost0 
    169.254.0.1 dev vhost0 proto 109 scope link 
    169.254.0.3 dev vhost0 proto 109 scope link 
    172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
    172.31.32.0/20 dev vhost0 proto kernel scope link src 172.31.42.209 
    [root@ip-172-31-42-209 ~]# ssh cirros@169.254.0.3
    cirros@169.254.0.3's password: 
    $ ip -o a
    1: lo:  mtu 65536 qdisc noqueue qlen 1\    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    1: lo    inet 127.0.0.1/8 scope host lo\       valid_lft forever preferred_lft forever
    1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
    2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000\    link/ether 02:79:59:ea:d4:17 brd ff:ff:ff:ff:ff:ff
    2: eth0    inet 192.168.100.3/24 brd 192.168.100.255 scope global eth0\       valid_lft forever preferred_lft forever
    2: eth0    inet6 fe80::79:59ff:feea:d417/64 scope link \       valid_lft forever preferred_lft forever
    $ 
    $ ping 192.168.100.4
    PING 192.168.100.4 (192.168.100.4): 56 data bytes
    64 bytes from 192.168.100.4: seq=0 ttl=64 time=13.876 ms
    64 bytes from 192.168.100.4: seq=1 ttl=64 time=2.417 ms
    64 bytes from 192.168.100.4: seq=2 ttl=64 time=2.375 ms
    ^C
    --- 192.168.100.4 ping statistics ---
    3 packets transmitted, 3 packets received, 0% packet loss
    round-trip min/avg/max = 2.375/6.222/13.876 ms
    $ 
    $
    
    
    [root@ip-172-31-15-199 ~]# ip route
    default via 172.31.0.1 dev vhost0 
    169.254.0.1 dev vhost0 proto 109 scope link 
    169.254.0.3 dev vhost0 proto 109 scope link 
    172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
    172.31.0.0/20 dev vhost0 proto kernel scope link src 172.31.15.199 
    [root@ip-172-31-15-199 ~]# ssh cirros@169.254.0.3
    cirros@169.254.0.3's password: 
    $ ip -o a
    1: lo:  mtu 65536 qdisc noqueue qlen 1\    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    1: lo    inet 127.0.0.1/8 scope host lo\       valid_lft forever preferred_lft forever
    1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
    2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000\    link/ether 02:08:e6:0d:1e:3b brd ff:ff:ff:ff:ff:ff
    2: eth0    inet 192.168.100.4/24 brd 192.168.100.255 scope global eth0\       valid_lft forever preferred_lft forever
    2: eth0    inet6 fe80::8:e6ff:fe0d:1e3b/64 scope link \       valid_lft forever preferred_lft forever
    $ 
    

    注意:如果计算节点不支持kvm,则可能需要添加此设置。

    cab12aa3-8253-4622-bc0d-814c3e5872d2-image.png

    注意:如果是使用AWS,则还需要从EC2实例的右键菜单中设置网络>管理IP地址,以允许从其它节点访问haproxy VIP。

    这样,控制器之间的HA和2个计算节点之间的overlay都完全配置好了!

    有些要点本文档没有覆盖,例如某些控制节点宕机时的行为,或在计算节点之间执行实时迁移。上次我尝试实时迁移时,发现有大约1秒钟的报文丢包,但是请注意自己的设置,因为有很多要注意的地方(例如前缀将在实时迁移完成后更新)。

    查看每个控制器的邻居状态和路由表,您会发现它们之间的有趣之处。

    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py ctr nei
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | peer                   | peer_address  | peer_asn | encoding | peer_type | state       | send_state | flap_count | flap_time |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | ip-172-31-25-90.local  | 172.31.25.90  | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-31-242.local | 172.31.31.242 | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-42-209.local | 172.31.42.209 | 0        | XMPP     | internal  | Established | in sync    | 0          | n/a       |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.25.90 ctr nei
    Introspect Host: 172.31.25.90
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | peer                   | peer_address  | peer_asn | encoding | peer_type | state       | send_state | flap_count | flap_time |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | ip-172-31-31-242.local | 172.31.31.242 | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-6-90.local   | 172.31.6.90   | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-15-199.local | 172.31.15.199 | 0        | XMPP     | internal  | Established | in sync    | 0          | n/a       |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    [root@ip-172-31-6-90 ~]# 
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.31.242 ctr nei
    Introspect Host: 172.31.31.242
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | peer                   | peer_address  | peer_asn | encoding | peer_type | state       | send_state | flap_count | flap_time |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    | ip-172-31-25-90.local  | 172.31.25.90  | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-6-90.local   | 172.31.6.90   | 64512    | BGP      | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-15-199.local | 172.31.15.199 | 0        | XMPP     | internal  | Established | in sync    | 0          | n/a       |
    | ip-172-31-42-209.local | 172.31.42.209 | 0        | XMPP     | internal  | Established | in sync    | 0          | n/a       |
    +------------------------+---------------+----------+----------+-----------+-------------+------------+------------+-----------+
    [root@ip-172-31-6-90 ~]#
    [root@ip-172-31-6-90 ~]#
    
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py ctr route summary
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | name                                               | prefixes | paths | primary_paths | secondary_paths | infeasible_paths |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | default-domain:admin:testvn:testvn.inet.0          | 2        | 4     | 1             | 3               | 0                |
    | default-domain:default-                            | 0        | 0     | 0             | 0               | 0                |
    | project:__link_local__:__link_local__.inet.0       |          |       |               |                 |                  |
    | default-domain:default-project:dci-                | 0        | 0     | 0             | 0               | 0                |
    | network:__default__.inet.0                         |          |       |               |                 |                  |
    | default-domain:default-project:dci-network:dci-    | 0        | 0     | 0             | 0               | 0                |
    | network.inet.0                                     |          |       |               |                 |                  |
    | default-domain:default-project:default-virtual-    | 0        | 0     | 0             | 0               | 0                |
    | network:default-virtual-network.inet.0             |          |       |               |                 |                  |
    | inet.0                                             | 0        | 0     | 0             | 0               | 0                |
    | default-domain:default-project:ip-fabric:ip-       | 1        | 1     | 1             | 0               | 0                |
    | fabric.inet.0                                      |          |       |               |                 |                  |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.25.90 ctr route summary
    Introspect Host: 172.31.25.90
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | name                                               | prefixes | paths | primary_paths | secondary_paths | infeasible_paths |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | default-domain:admin:testvn:testvn.inet.0          | 2        | 4     | 1             | 3               | 0                |
    | default-domain:default-                            | 0        | 0     | 0             | 0               | 0                |
    | project:__link_local__:__link_local__.inet.0       |          |       |               |                 |                  |
    | default-domain:default-project:dci-                | 0        | 0     | 0             | 0               | 0                |
    | network:__default__.inet.0                         |          |       |               |                 |                  |
    | default-domain:default-project:dci-network:dci-    | 0        | 0     | 0             | 0               | 0                |
    | network.inet.0                                     |          |       |               |                 |                  |
    | default-domain:default-project:default-virtual-    | 0        | 0     | 0             | 0               | 0                |
    | network:default-virtual-network.inet.0             |          |       |               |                 |                  |
    | inet.0                                             | 0        | 0     | 0             | 0               | 0                |
    | default-domain:default-project:ip-fabric:ip-       | 1        | 1     | 1             | 0               | 0                |
    | fabric.inet.0                                      |          |       |               |                 |                  |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.31.242 ctr route summary
    Introspect Host: 172.31.31.242
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | name                                               | prefixes | paths | primary_paths | secondary_paths | infeasible_paths |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    | default-domain:admin:testvn:testvn.inet.0          | 2        | 4     | 2             | 2               | 0                |
    | default-domain:default-                            | 0        | 0     | 0             | 0               | 0                |
    | project:__link_local__:__link_local__.inet.0       |          |       |               |                 |                  |
    | default-domain:default-project:dci-                | 0        | 0     | 0             | 0               | 0                |
    | network:__default__.inet.0                         |          |       |               |                 |                  |
    | default-domain:default-project:dci-network:dci-    | 0        | 0     | 0             | 0               | 0                |
    | network.inet.0                                     |          |       |               |                 |                  |
    | default-domain:default-project:default-virtual-    | 0        | 0     | 0             | 0               | 0                |
    | network:default-virtual-network.inet.0             |          |       |               |                 |                  |
    | inet.0                                             | 0        | 0     | 0             | 0               | 0                |
    | default-domain:default-project:ip-fabric:ip-       | 2        | 2     | 2             | 0               | 0                |
    | fabric.inet.0                                      |          |       |               |                 |                  |
    +----------------------------------------------------+----------+-------+---------------+-----------------+------------------+
    [root@ip-172-31-6-90 ~]#
    
     
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.31.242 ctr route show 192.168.100.3
    Introspect Host: 172.31.31.242
    
    default-domain:admin:testvn:testvn.inet.0: 2 destinations, 4 routes (2 primary, 2 secondary, 0 infeasible)
    
    192.168.100.3/32, age: 0:01:18.234010, last_modified: 2019-Apr-27 14:03:19.075046
        [XMPP (interface)|ip-172-31-42-209.local] age: 0:01:18.239011, localpref: 200, nh: 172.31.42.209, encap: ['gre', 'udp'], label: 25, AS path: None
        [BGP|172.31.6.90] age: 0:01:18.230559, localpref: 200, nh: 172.31.42.209, encap: ['gre', 'udp'], label: 25, AS path: None
    
    
    [root@ip-172-31-6-90 ~]# ./contrail-introspect-cli/ist.py --host 172.31.31.242 ctr route show 192.168.100.4
    Introspect Host: 172.31.31.242
    
    default-domain:admin:testvn:testvn.inet.0: 2 destinations, 4 routes (2 primary, 2 secondary, 0 infeasible)
    
    192.168.100.4/32, age: 0:00:52.035230, last_modified: 2019-Apr-27 14:03:47.460835
        [XMPP (interface)|ip-172-31-15-199.local] age: 0:00:52.039485, localpref: 200, nh: 172.31.15.199, encap: ['gre', 'udp'], label: 25, AS path: None
        [BGP|172.31.25.90] age: 0:00:51.996464, localpref: 200, nh: 172.31.15.199, encap: ['gre', 'udp'], label: 25, AS path: None
    [root@ip-172-31-6-90 ~]# 
    

    由于vRouter始终具有2个XMPP连接,所以当存在3个控制器时,XMPP的连接状态在控制器之间是不同的,并且它们之间的路由表也可能有所不同。考虑到路由目标过滤,如果某些控制器未从XMPP接收到某些特定的路由目标,则它们甚至可能具有完全不同的路由表。

    这就是由于Tungsten Fabric的横向扩展行为带来的结果。

    有关ansible-ployer的更详细的配置(包括多NIC示例),您可以看看这些文档。

    vCenter

    Tungsten Fabric可以很好地与vCenter集成在一起,我们在“编排器集成”的部分有所描述。

    要尝试此功能,可以按照以下说明进行操作。

    由于Tungsten Fabric的HA行为与Kubernetes和OpenStack安装中的行为完全相同,因此我将不对其进行详细描述。

    对于编排器端的HA,vCenter HA是完全可用的。

    • 我尚未尝试过这种组合,但是由于vCenter HA将使用与vCenter服务相同的IP,因此我认为vcenter-plugin与vCenter HA一起使用的可能性很高。

    多vCenter或跨vCenter(使用链接模式时)将是一个很有趣的主题。我将在附录部分进一步讨论它们。

    容器标签的使用

    容器注册表docker.io/opencontrailnight具有各种各样的标签。

    关于在新的安装中选择什么样的标签,我有一些考虑。

    我经常使用的是三个标签:latest,5.1.0-latest,5.0-latest。它们位于每个Tungsten Fabric分支的头部(master/R5.1/R5.0),并且每个分支中都包含各种错误修复。因此,您可以为用例选择其中的标签。如果需要R5.1中的新功能(例如可选的analytics组件),那么你可以选择5.1.0-latest标签。

    由于latest是真正的开发分支,因此我不建议您将它们作为常规使用的标签,因为在某些情况下,此版本已被“破坏”以添加新的功能。

    其它发行版本的分支更加稳定,因为在大多数情况下,它们只是进行了错误修复,尽管在创建新的分支后的某些特定时期内,发行版本的分支似乎也具有新的功能。

    要指定标签,您可以使用这些参数,并且当针对ansible-deployer和conutil-container-builder输入git clone时,还需要指定同一分支。

    149567a2-2858-4fb5-8866-aa15c7d37503-image.png

    需要注意的一点是,由于与OpenStack一起使用的容器(例如nova-init、neutron-init、heat-init等)具有OpenStack发行版的版本依赖性,因此标记可能需要更改为5.1.0-latest-queens、5.1.0-latest-rocky等。

    由于安装了一些带有特定版本的OpenStack模块,因此,如果标签不同,则OpenStack容器将无法正常工作。

    Tungsten Fabric入门宝典系列文章——

    首次启动和运行指南
    TF组件的七种“武器”
    编排器集成
    关于安装的那些事(上)

    Tungsten Fabric 架构解析系列文章——

    第一篇:TF主要特点和用例
    第二篇:TF怎么运作
    第三篇:详解vRouter体系结构
    第四篇:TF的服务链
    第五篇:vRouter的部署选项
    第六篇:TF如何收集、分析、部署?
    第七篇:TF如何编排
    第八篇:TF支持API一览
    第九篇:TF如何连接到物理网络?
    第十篇:TF基于应用程序的安全策略


Log in to reply