Welcome
CKA How to install K8S
openstack-helm pfSense-cloudinit
OpenVSwitch Base LinuxBridge Base Calico Base Instalation Base
pfSense-instance
About

Calico Base

To do this section is advise finalized or have enviroment equal the section bellow:

OpenStack/Base/Instalation_Base

ETCD

which_server

simplecontroller

Install the ETCD that will be used by Calico:

1
yum install etcd -y

Configure the ETCD:

1
2
3
4
5
6
7
8
9
10
11
cat << EOF > /etc/etcd/etcd.conf ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.88.7:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.88.7:2379" ETCD_NAME="simplecontroller" ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.88.7:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.88.7:2379" ETCD_INITIAL_CLUSTER="simplecontroller=http://192.168.88.7:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-calico" ETCD_INITIAL_CLUSTER_STATE="new" EOF

Enable and start the ETCD service:

1
2
systemctl enable etcd systemctl start etcd

Networking service (Neutron)

which_server

simplecontroller

1
2
3
4
5
6
7
8
9
10
cat <<'EOF'> /etc/yum.repos.d/calico.repo [calico] name=Calico Repository baseurl=https://binaries.projectcalico.org/rpm/calico-3.9/ enabled=1 skip_if_unavailable=0 gpgcheck=1 gpgkey=https://binaries.projectcalico.org/rpm/calico-3.9/key priority=97 EOF
1
yum install calico-control -y

First of all, create the Neutron database and set the password to enable the connection on this database with user neutron:

1
2
mysql -u root -e "CREATE DATABASE neutron" mysql -u root -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS'; flush privileges"

Now create the Neutron service as well add the your endpoints:

1
2
3
4
openstack service create --name neutron --description "OpenStack Networking" network openstack endpoint create --region EURegion network public http://simplecontroller:9696 openstack endpoint create --region EURegion network internal http://simplecontroller:9696 openstack endpoint create --region EURegion network admin http://simplecontroller:9696

Create the Neutron user also set the role admin on project service:

1
2
openstack user create --domain default --password NEUTRON_PASS neutron openstack role add --project service --user neutron admin

Install the Neutron packges:

1
yum install openstack-neutron -y

Set the database configurations created few steps above:

1
openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@simplecontroller/neutron

Set the RabbitMQ credentions also which server we will work:

1
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@simplecontroller

Determine the OpenStack credentials on the Neutron configuration file:

1
2
3
4
5
6
7
8
9
10
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://simplecontroller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://simplecontroller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers simplecontroller:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS

Enable the communication between Neutron and Nova, it is also used by Designate:

1
2
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true

Determine the OpenStack credentials for Nova service on the Neutron configuration file:

1
2
3
4
5
6
7
8
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://simplecontroller:5000 openstack-config --set /etc/neutron/neutron.conf nova auth_type password openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default openstack-config --set /etc/neutron/neutron.conf nova region_name EURegion openstack-config --set /etc/neutron/neutron.conf nova project_name service openstack-config --set /etc/neutron/neutron.conf nova username nova openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS

To manage external resources and with multi-thead and/or multi-process is necessary manage the lock where will determine who is doing what:

1
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Set here that our core_plugin will be the Calico:

1
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin calico
1
openstack-config --set /etc/neutron/neutron.conf calico etcd_host 192.168.88.7

Sync the database, it means create all tables also populate with the minimum iformation required:

1
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf upgrade head" neutron

Confirm looking if the tables are created:

1
mysql -uroot neutron -e "show tables"

The Neutron-server will look for this file, so just create a empty file:

1
touch /etc/neutron/plugin.ini

Enable and start the Neutron Server service:

1
2
systemctl enable neutron-server.service systemctl start neutron-server.service
1
openstack network agent list
1
2
3
4
5
6
7
8
9
10
11
openstack-config --set /etc/nova/nova.conf neutron url http://simplecontroller:9696 openstack-config --set /etc/nova/nova.conf neutron auth_url http://simplecontroller:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name EURegion openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
1
systemctl restart openstack-nova-api.service