## This Playbook is intended to Automate brining up Versa Head End<br/> with a single pair of Active Active spokes in an Openstack environment.
VLAN5 is a provider network intended for all Eth0 management interfaces so that you
can ssh to all nodes for debug or script purposes.
The other networks are just Openstack Tenant Networks to simulate the various Networks
needed in the Versa environment.
The playbook with create a security group so that Openstack filtering is wide open
and will allow transit traffic as Openstack as default anti spoofing filters that must
be updated with the allowed-ip-pairs set to 0.0.0.0/0.
The playbook will also create networks and ports for each node on the network with
static IP addressing to make it easy to identify the nodes. You can look at the
roles/create-networks/vars/main.yaml and roles/create-ports/vars/main.yaml to change
the IP addressing to your liking.
Once the security, networks and ports are created the playbook will upload the qcow2 create
the flavor and launch each VNF.
** Note: This playbook setups a acitve active spoke and Openstack Neutron VLAN Trunking is required.
Please read openstack-trunks-cli.txt. You must build trunk ports by Openstack CLI as Ansible at the time of writing this playbook did not have trunk support. See Example CLI section**
You can build the trunk networks by running the playbook with tags. "ansible-playbook site.yaml --tags="trunk""
Then build the trunk ports and sub ports by using the CLI example in openstack-trunks-cli.txt in this repository.
Once you have validated the trunk ports and names you can run the playbook.
```ansible-playbook site.yaml ```
Example section below, spoke-1-trunk port is built before launching the playbook using the openstack-trunks-cli.txt.
Below is the section of the playbook where Ansible launches spoke-1 with specific NICs:
```
- name: Launch versa spoke-1 on specific Openstack ports
os_server:
cloud: "{{ cloud_name }}"
state: present
name: versa-spoke-1
image: "{{ images.flex.name }}"
key_name: versa
timeout: 200
flavor: "{{ flavors.flex.name }}"
nics:
- port-name: spoke-1-mgmt
- port-name: spoke-1-lan
- port-name: spoke-1-trunk
- port-name: spoke-1-mpls-1
```
** Note change the image location and name under the roles/x/vars/main.yaml to your location
and file names. **
Example main.yaml under roles/x/vars/
```
images:
dir:
name: versa-director-16.1R1S2
filename: versa-director-dbac9be-16.1R1.qcow2
disk_format: qcow2
container_format: bare
ana:
name: versa-analytics-16.1R1S2
filename: versa-analytics-0ffd71e-16.1R1.qcow2
disk_format: qcow2
container_format: bare
flex:
name: versa-flexvnf-16.1R1S2
filename: versa-flexvnf-0ffd71e-16.1R1.qcow2
disk_format: qcow2
container_format: bare
flavors:
dir:
name: versa-director-default
ram: 32768
disk: 0
vcpus: 8
#extra_specs: # needed for huge_mem pages
# hw:mem_page_size: 2048
# hw:numa_nodes: 1
ana:
name: versa-analytics-default
ram: 8192
disk: 0
vcpus: 4
#extra_specs: # needed for huge_mem pages
# hw:mem_page_size: 2048
# hw:numa_nodes: 1
flex:
name: versa-flexvnf-default
ram: 8192
disk: 0
vcpus: 2
#extra_specs: # needed for huge_mem pages
# hw:mem_page_size: 2048
# hw:numa_nodes: 1
file_path: "/Users/brendan/Downloads/"
```
** Example openstack CLI creating trunk ports: **
```
Example output:
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-trunk spoke-1-trunk --mac-address fa:16:3e:4b:15:c1 --fixed-ip subnet=spoke-1-2-cross-connect-trunk-sub,ip-address=172.16.255.1
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:00:27Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.1', subnet_id='7221cf47-d422-49c9-940e-8a8cd46f8417' |
| id | 0473a00c-d961-4242-af5b-342a89d5fc0a |
| ip_address | None |
| mac_address | fa:16:3e:4b:15:c1 |
| name | spoke-1-trunk |
| network_id | a069f778-31d8-464d-83ca-acf957b10ad5 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:00:27Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-trunk spoke-2-trunk --mac-address fa:16:3e:79:fc:b2 --fixed-ip subnet=spoke-1-2-cross-connect-trunk-sub,ip-address=172.16.255.2
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:00:29Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.2', subnet_id='7221cf47-d422-49c9-940e-8a8cd46f8417' |
| id | 3c8f68e6-05e0-4b02-9cf8-1a1530e23653 |
| ip_address | None |
| mac_address | fa:16:3e:79:fc:b2 |
| name | spoke-2-trunk |
| network_id | a069f778-31d8-464d-83ca-acf957b10ad5 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:00:29Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-vlan-1 spoke-1-vlan-1 --mac-address fa:16:3e:4b:15:c1 --fixed-ip subnet=spoke-1-2-cross-connect-vlan-1-sub,ip-address=172.16.255.1
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:01:11Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.1', subnet_id='f09dc7b3-5999-4fe1-8c5e-7a0d524c2685' |
| id | b5174e57-f614-4fb0-847d-7a70d73e4568 |
| ip_address | None |
| mac_address | fa:16:3e:4b:15:c1 |
| name | spoke-1-vlan-1 |
| network_id | 90ff48a4-cda6-4bc9-a01c-413c979ef821 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:01:11Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-vlan-1 spoke-2-vlan-1 --mac-address fa:16:3e:79:fc:b2 --fixed-ip subnet=spoke-1-2-cross-connect-vlan-1-sub,ip-address=172.16.255.2
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:01:13Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.2', subnet_id='f09dc7b3-5999-4fe1-8c5e-7a0d524c2685' |
| id | 450dc611-dfee-4203-9b0a-c0335206aeae |
| ip_address | None |
| mac_address | fa:16:3e:79:fc:b2 |
| name | spoke-2-vlan-1 |
| network_id | 90ff48a4-cda6-4bc9-a01c-413c979ef821 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:01:13Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-vlan-2 spoke-1-vlan-2 --mac-address fa:16:3e:4b:15:c1 --fixed-ip subnet=spoke-1-2-cross-connect-vlan-2-sub,ip-address=172.16.255.1
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:02:12Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.1', subnet_id='70672696-82ba-41fe-b9f3-41bfc39c75bb' |
| id | 6bea8850-a2b7-4b40-93be-bed2901d4ea6 |
| ip_address | None |
| mac_address | fa:16:3e:4b:15:c1 |
| name | spoke-1-vlan-2 |
| network_id | b49ce72f-388a-4696-a24a-779f1f27a261 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:02:12Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack port create --network spoke-1-2-cross-connect-vlan-2 spoke-2-vlan-2 --mac-address fa:16:3e:79:fc:b2 --fixed-ip subnet=spoke-1-2-cross-connect-vlan-2-sub,ip-address=172.16.255.2
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | |
| binding_host_id | |
| binding_profile | |
| binding_vif_details | |
| binding_vif_type | unbound |
| binding_vnic_type | normal |
| created_at | 2017-12-08T15:02:14Z |
| description | |
| device_id | |
| device_owner | |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='172.16.255.2', subnet_id='70672696-82ba-41fe-b9f3-41bfc39c75bb' |
| id | e67725db-8811-4a65-adc4-7f190a2a3b5a |
| ip_address | None |
| mac_address | fa:16:3e:79:fc:b2 |
| name | spoke-2-vlan-2 |
| network_id | b49ce72f-388a-4696-a24a-779f1f27a261 |
| option_name | None |
| option_value | None |
| port_security_enabled | False |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| qos_policy_id | None |
| revision_number | 4 |
| security_groups | 6382a7dc-7a6d-4310-8f6c-529979ed0fa5 |
| status | DOWN |
| subnet_id | None |
| updated_at | 2017-12-08T15:02:15Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack network trunk create --parent-port spoke-1-trunk --subport port=spoke-1-vlan-1,segmentation-type=vlan,segmentation-id=1 trunk1
+-----------------+-----------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-----------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| created_at | 2017-12-08T15:02:31Z |
| description | |
| id | 0f069810-a753-4ac7-9255-6e1daa064224 |
| name | trunk1 |
| port_id | 0473a00c-d961-4242-af5b-342a89d5fc0a |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| revision_number | 1 |
| status | DOWN |
| sub_ports | port_id='b5174e57-f614-4fb0-847d-7a70d73e4568', segmentation_id='1', segmentation_type='vlan' |
| tenant_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| updated_at | 2017-12-08T15:02:31Z |
+-----------------+-----------------------------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack network trunk create --parent-port spoke-2-trunk --subport port=spoke-2-vlan-1,segmentation-type=vlan,segmentation-id=1 trunk2
+-----------------+-----------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-----------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| created_at | 2017-12-08T15:02:32Z |
| description | |
| id | b69ed1cb-3923-4223-9bed-86302d652150 |
| name | trunk2 |
| port_id | 3c8f68e6-05e0-4b02-9cf8-1a1530e23653 |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| revision_number | 1 |
| status | DOWN |
| sub_ports | port_id='450dc611-dfee-4203-9b0a-c0335206aeae', segmentation_id='1', segmentation_type='vlan' |
| tenant_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| updated_at | 2017-12-08T15:02:32Z |
+-----------------+-----------------------------------------------------------------------------------------------+
[root@rh2 ~(keystone_admin)]# openstack network trunk set --subport port=spoke-1-vlan-2,segmentation-type=vlan,segmentation-id=2 trunk1
[root@rh2 ~(keystone_admin)]# openstack network trunk set --subport port=spoke-2-vlan-2,segmentation-type=vlan,segmentation-id=2 trunk2
[root@rh2 ~(keystone_admin)]# openstack network trunk list
+--------------------------------------+--------+--------------------------------------+-------------+
| ID | Name | Parent Port | Description |
+--------------------------------------+--------+--------------------------------------+-------------+
| 0f069810-a753-4ac7-9255-6e1daa064224 | trunk1 | 0473a00c-d961-4242-af5b-342a89d5fc0a | |
| b69ed1cb-3923-4223-9bed-86302d652150 | trunk2 | 3c8f68e6-05e0-4b02-9cf8-1a1530e23653 | |
+--------------------------------------+--------+--------------------------------------+-------------+
[root@rh2 ~(keystone_admin)]# openstack network trunk show trunk1
+-----------------+-----------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-----------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| created_at | 2017-12-08T15:02:31Z |
| description | |
| id | 0f069810-a753-4ac7-9255-6e1daa064224 |
| name | trunk1 |
| port_id | 0473a00c-d961-4242-af5b-342a89d5fc0a |
| project_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| revision_number | 2 |
| status | DOWN |
| sub_ports | port_id='b5174e57-f614-4fb0-847d-7a70d73e4568', segmentation_id='1', segmentation_type='vlan' |
| | port_id='6bea8850-a2b7-4b40-93be-bed2901d4ea6', segmentation_id='2', segmentation_type='vlan' |
| tenant_id | 307ff0f49a1c495d8a2ea874a9d39294 |
| updated_at | 2017-12-08T15:02:51Z |
+-----------------+-----------------------------------------------------------------------------------------------+
```