openstack/openstack-ansible
Code Issues Proposed changes
d4853793fc
openstack-ansible/doc/source/user/l3pods/example.rst
Jonathan Rosser 55e8240b86 Add IP addresses to infra node br-vxlan in the examples 
The layer 3 agent is no longer containerised by default so the bare
metal host requires an IP to be assigned to br-vxlan

Change-Id: If3e1511546c6192f11ef1702d09772643b4fe9b7
Closes-Bug: #1761715
2018-04-09 15:54:59 +00:00

157 lines
6.6 KiB
ReStructuredText
Raw Blame History

.. _pod-environment-config:
==========================
Routed environment example
==========================
This section describes an example production environment for a working
OpenStack-Ansible (OSA) deployment with high availability services where
provider networks and connectivity between physical machines are routed
(layer 3).
This example environment has the following characteristics:
* Three infrastructure (control plane) hosts
* Two compute hosts
* One NFS storage device
* One log aggregation host
* Multiple Network Interface Cards (NIC) configured as bonded pairs for each
host
* Full compute kit with the Telemetry service (ceilometer) included,
with NFS configured as a storage backend for the Image (glance), and Block
Storage (cinder) services
* Static routes are added to allow communication between the Management,
Tunnel, and Storage Networks of each pod. The gateway address is the first
usable address within each network's subnet.
.. image:: ../figures/arch-layout-production.png
:width: 100%
Network configuration
~~~~~~~~~~~~~~~~~~~~~
Network CIDR/VLAN assignments
-----------------------------
The following CIDR assignments are used for this environment.
+-----------------------------+-----------------+------+
| Network | CIDR | VLAN |
+=============================+=================+======+
| POD 1 Management Network | 172.29.236.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 1 Tunnel (VXLAN) Network| 172.29.237.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 1 Storage Network | 172.29.238.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 2 Management Network | 172.29.239.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 2 Tunnel (VXLAN) Network| 172.29.240.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 2 Storage Network | 172.29.241.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 3 Management Network | 172.29.242.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 3 Tunnel (VXLAN) Network| 172.29.243.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 3 Storage Network | 172.29.244.0/24 | 20 |
+-----------------------------+-----------------+------+
| POD 4 Management Network | 172.29.245.0/24 | 10 |
+-----------------------------+-----------------+------+
| POD 4 Tunnel (VXLAN) Network| 172.29.246.0/24 | 30 |
+-----------------------------+-----------------+------+
| POD 4 Storage Network | 172.29.247.0/24 | 20 |
+-----------------------------+-----------------+------+
IP assignments
--------------
The following host name and IP address assignments are used for this
environment.
+------------------+----------------+-------------------+----------------+
| Host name | Management IP | Tunnel (VxLAN) IP | Storage IP |
+==================+================+===================+================+
| lb_vip_address | 172.29.236.9 | | |
+------------------+----------------+-------------------+----------------+
| infra1 | 172.29.236.10 | 172.29.237.10 | |
+------------------+----------------+-------------------+----------------+
| infra2 | 172.29.239.10 | 172.29.240.10 | |
+------------------+----------------+-------------------+----------------+
| infra3 | 172.29.242.10 | 172.29.243.10 | |
+------------------+----------------+-------------------+----------------+
| log1 | 172.29.236.11 | | |
+------------------+----------------+-------------------+----------------+
| NFS Storage | | | 172.29.244.15 |
+------------------+----------------+-------------------+----------------+
| compute1 | 172.29.245.10 | 172.29.246.10 | 172.29.247.10 |
+------------------+----------------+-------------------+----------------+
| compute2 | 172.29.245.11 | 172.29.246.11 | 172.29.247.11 |
+------------------+----------------+-------------------+----------------+
Host network configuration
--------------------------
Each host will require the correct network bridges to be implemented. The
following is the ``/etc/network/interfaces`` file for ``infra1``.
.. note::
If your environment does not have ``eth0``, but instead has ``p1p1`` or
some other interface name, ensure that all references to ``eth0`` in all
configuration files are replaced with the appropriate name. The same
applies to additional network interfaces.
.. literalinclude:: ../../../../etc/network/interfaces.d/openstack_interface.cfg.pod.example
Deployment configuration
~~~~~~~~~~~~~~~~~~~~~~~~
Environment layout
------------------
The ``/etc/openstack_deploy/openstack_user_config.yml`` file defines the
environment layout.
For each pod, a group will need to be defined containing all hosts within that
pod.
Within defined provider networks, ``address_prefix`` is used to override the
prefix of the key added to each host that contains IP address information. This
should usually be one of either ``container``, ``tunnel``, or ``storage``.
``reference_group`` contains the name of a defined pod group and is used to
limit the scope of each provider network to that group.
Static routes are added to allow communication of provider networks between
pods.
The following configuration describes the layout for this environment.
.. literalinclude:: ../../../../etc/openstack_deploy/openstack_user_config.yml.pod.example
Environment customizations
--------------------------
The optionally deployed files in ``/etc/openstack_deploy/env.d`` allow the
customization of Ansible groups. This allows the deployer to set whether
the services will run in a container (the default), or on the host (on
metal).
For this environment, the ``cinder-volume`` runs in a container on the
infrastructure hosts. To achieve this, implement
``/etc/openstack_deploy/env.d/cinder.yml`` with the following content:
.. literalinclude:: ../../../../etc/openstack_deploy/env.d/cinder-volume.yml.container.example
User variables
--------------
The ``/etc/openstack_deploy/user_variables.yml`` file defines the global
overrides for the default variables.
For this environment, implement the load balancer on the infrastructure
hosts. Ensure that keepalived is also configured with HAProxy in
``/etc/openstack_deploy/user_variables.yml`` with the following content.
.. literalinclude:: ../../../../etc/openstack_deploy/user_variables.yml.prod.example
View Git Blame Copy Permalink