openstack/openstack-ansible
Code Issues Proposed changes
openstack-ansible/deploy-guide/source/app-config-pod.rst
Jimmy McCrory 9cd42929c3 Support cidr_networks in L3 network environments 
In some environments, a single container, storage, or tunnel network may
not be applicable to every host. Each configured provider_network would
need to be limited to a particular subset of hosts and the host var keys
within the inventory for container_address, storage_address, and
tunnel_address will need to be maintained since they're specifically
required by various playbooks.

Add two new options for configuring provider_networks, 'reference_group'
and 'address_prefix'.

'reference_group' for providing a group name that any host must
be a member of, in addition to any of the groups listed in
'group_binds', for the network to be applied.

'address_prefix' for overriding the name of the key created for each IP
address allocated by a cidr_network. By default, this key is named
'cidr_network'_address, where 'cidr_network' is the given 'ip_from_q'
option for a provider network.

Closes-Bug: 1650356

Change-Id: Ia7f3119f0affc4fb6be97ca788ca3b46096b82a8
2017-07-31 22:14:25 +00:00

160 lines
6.7 KiB
ReStructuredText
Raw Blame History

.. _pod-environment-config:
============================================================
Appendix C: Example layer 3 routed environment configuration
============================================================
Introduction
~~~~~~~~~~~~
This appendix describes an example production environment for a working
OpenStack-Ansible (OSA) deployment with high availability services where
provider networks and connectivity between physical machines are routed
(layer 3).
This example environment has the following characteristics:
* Three infrastructure (control plane) hosts
* Two compute hosts
* One NFS storage device
* One log aggregation host
* Multiple Network Interface Cards (NIC) configured as bonded pairs for each
host
* Full compute kit with the Telemetry service (ceilometer) included,
with NFS configured as a storage backend for the Image (glance), and Block
Storage (cinder) services
* Static routes are added to allow communication between the Management,
Tunnel, and Storage Networks of each pod. The gateway address is the first
usable address within each network's subnet.
.. image:: figures/arch-layout-production.png
:width: 100%
Network configuration
~~~~~~~~~~~~~~~~~~~~~
Network CIDR/VLAN assignments
-----------------------------
The following CIDR assignments are used for this environment.
+-----------------------------+-----------------+------+
| Network | CIDR | VLAN |
+=============================+=================+======+
| POD 1 Management Network | 172.29.236.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 1 Tunnel (VXLAN) Network| 172.29.237.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 1 Storage Network | 172.29.238.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 2 Management Network | 172.29.239.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 2 Tunnel (VXLAN) Network| 172.29.240.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 2 Storage Network | 172.29.241.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 3 Management Network | 172.29.242.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 3 Tunnel (VXLAN) Network| 172.29.243.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 3 Storage Network | 172.29.244.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 4 Management Network | 172.29.245.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 4 Tunnel (VXLAN) Network| 172.29.246.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 4 Storage Network | 172.29.247.0/24 | 20 |
+-----------------------------+-----------------+------+
IP assignments
--------------
The following host name and IP address assignments are used for this
environment.
+------------------+----------------+-------------------+----------------+
| Host name | Management IP | Tunnel (VxLAN) IP | Storage IP |
+==================+================+===================+================+
| lb_vip_address | 172.29.236.9 | | |
+------------------+----------------+-------------------+----------------+
| infra1 | 172.29.236.10 | | |
+------------------+----------------+-------------------+----------------+
| infra2 | 172.29.239.10 | | |
+------------------+----------------+-------------------+----------------+
| infra3 | 172.29.242.10 | | |
+------------------+----------------+-------------------+----------------+
| log1 | 172.29.236.11 | | |
+------------------+----------------+-------------------+----------------+
| NFS Storage | | | 172.29.244.15 |
+------------------+----------------+-------------------+----------------+
| compute1 | 172.29.245.10 | 172.29.246.10 | 172.29.247.10 |
+------------------+----------------+-------------------+----------------+
| compute2 | 172.29.245.11 | 172.29.246.11 | 172.29.247.11 |
+------------------+----------------+-------------------+----------------+
Host network configuration
--------------------------
Each host will require the correct network bridges to be implemented. The
following is the ``/etc/network/interfaces`` file for ``infra1``.
.. note::
If your environment does not have ``eth0``, but instead has ``p1p1`` or
some other interface name, ensure that all references to ``eth0`` in all
configuration files are replaced with the appropriate name. The same
applies to additional network interfaces.
.. literalinclude:: ../../etc/network/interfaces.d/openstack_interface.cfg.pod.example
Deployment configuration
~~~~~~~~~~~~~~~~~~~~~~~~
Environment layout
------------------
The ``/etc/openstack_deploy/openstack_user_config.yml`` file defines the
environment layout.
For each pod, a group will need to be defined containing all hosts within that
pod.
Within defined provider networks, ``address_prefix`` is used to override the
prefix of the key added to each host that contains IP address information. This
should usually be one of either ``container``, ``tunnel``, or ``storage``.
``reference_group`` contains the name of a defined pod group and is used to
limit the scope of each provider network to that group.
Static routes are added to allow communication of provider networks between
pods.
The following configuration describes the layout for this environment.
.. literalinclude:: ../../etc/openstack_deploy/openstack_user_config.yml.pod.example
Environment customizations
--------------------------
The optionally deployed files in ``/etc/openstack_deploy/env.d`` allow the
customization of Ansible groups. This allows the deployer to set whether
the services will run in a container (the default), or on the host (on
metal).
For this environment, the ``cinder-volume`` runs in a container on the
infrastructure hosts. To achieve this, implement
``/etc/openstack_deploy/env.d/cinder.yml`` with the following content:
.. literalinclude:: ../../etc/openstack_deploy/env.d/cinder-volume.yml.container.example
User variables
--------------
The ``/etc/openstack_deploy/user_variables.yml`` file defines the global
overrides for the default variables.
For this environment, implement the load balancer on the infrastructure
hosts. Ensure that keepalived is also configured with HAProxy in
``/etc/openstack_deploy/user_variables.yml`` with the following content.
.. literalinclude:: ../../etc/openstack_deploy/user_variables.yml.prod.example
View Git Blame Copy Permalink