Openstack Base Spaces - Focal

Hi,

I’m new to Juju and MaaS. I’m trying to deploy an openstack-base-70 (Ussury on Ubuntu Focal) using network spaces. The bundle installation without network spaces was OK but I want to separate the traffic using the following spaces:

  • admin-api
  • internal-api
  • public-api
  • storage-data
  • compute-data
  • storage-cluster
  • compute-external
    The issue is that I don’t know how to bind all these networks to services. I found this but is for xenial. For example, ceph-radosgw. How do I know to bind all of these? Are these things explained somewhere?
    ceph-radosgw:
    annotations:
    gui-x: ‘1000’
    gui-y: ‘250’
    charm: cs:~openstack-charmers-next/xenial/ceph-radosgw
    num_units: 1
    bindings:
    public: public
    admin: admin
    internal: internal
    mon: internal
    identity-service: internal
    gateway: public

Hi ,

There is an example openstack bundle employing spaces here: openstack base spaces | Juju

Note the use of the “bindings” section on each application’s definition in the bundle.yaml which defines which network space each application should use for given relations on those bound interfaces.

If you are using a MAAS provider, spaces are managed in the Network tab of MAAS, and can be refreshed with juju reload-spaces .

You can find more information on network spaces support in juju here: Juju | Network spaces

Hi,
Yes, I’m using MAAS deployed on a KVM. It has 3 fabrics:

  • 1st is connected to KVM-bond0 to communicate with bond0 on the baremetal blade servers
  • 2nd is connected to KVM-bond1 to communicate with bond1 on the baremetal blade servers
  • 3rd is connected to external network to be able to SSH to MAAS.

Each server has 4 interfaces bonded 2 by 2 (bond0 - interfaces 1 and 3, bond1 - interfaces 2 and 4). These interfaces are connected to DELL MXL blade switches with VLT enabled. So 3 spaces are configured on bond0 and 4 on bond1. I want to use these networks to carry the Openstack traffic between its components and without route the traffic via MAAS between the bonds. I want that the same type of traffic to stay inside the same pair of switches, MAAS not to act as a router on stick. Not sure if you understand what I want. My experience with Openstack is also limited. But all I want to do is to bind the components using admin, internal and public api on one bond and the others on another bond if possible.
Below my spaces and server config.

Hi ,
After 2 months deploy openstack using space i merge some network to 1 for simple spaces as.


and using command to deploy 1 by 1. Not sure why bundle show up no space as defined but manual is okie.
Here is sample.
juju deploy -n 3 --to 3,4,5 --config ceph-osd.yaml --constraints tags=compute ceph-osd --series focal --bind “public=internal-space cluster=internal-space”
juju deploy -n 3 --to 3,4,5 --config nova-compute.yaml nova-compute --series focal --bind “internal=internal-space migration=internal-space”
juju deploy -n 3 --to lxd:0,lxd:1,lxd:2 mysql-innodb-cluster --series focal
juju deploy --to lxd:0 vault --series focal
juju deploy mysql-router vault-mysql-router --series focal

juju add-relation vault-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation vault-mysql-router:shared-db vault:shared-db

juju deploy -n 3 --to lxd:0,lxd:1,lxd:2 --config neutron.yaml ovn-central --series focal --bind “’’=internal-space ovsdb=internal-space”
juju deploy --to lxd:0 --config neutron.yaml neutron-api --series focal --bind “public=public-space internal=internal-space admin=internal-space shared-db=internal-space”
juju deploy neutron-api-plugin-ovn --series focal
juju deploy --config neutron.yaml ovn-chassis --series focal
juju add-relation neutron-api-plugin-ovn:neutron-plugin neutron-api:neutron-plugin-api-subordinate
juju add-relation neutron-api-plugin-ovn:ovsdb-cms ovn-central:ovsdb-cms
juju add-relation ovn-chassis:ovsdb ovn-central:ovsdb
juju add-relation ovn-chassis:nova-compute nova-compute:neutron-plugin
juju add-relation neutron-api:certificates vault:certificates
juju add-relation neutron-api-plugin-ovn:certificates vault:certificates
juju add-relation ovn-central:certificates vault:certificates
juju add-relation ovn-chassis:certificates vault:certificates
juju deploy mysql-router neutron-api-mysql-router
juju add-relation neutron-api-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation neutron-api-mysql-router:shared-db neutron-api:shared-db

juju deploy --to lxd:0 keystone --series focal --bind “public=public-space internal=internal-space admin=internal-space shared-db=internal-space”
juju deploy mysql-router keystone-mysql-router
juju add-relation keystone-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation keystone-mysql-router:shared-db keystone:shared-db
juju add-relation keystone:identity-service neutron-api:identity-service
juju add-relation keystone:certificates vault:certificates

juju deploy -n 3 --to lxd:0,lxd:1,lxd:2 --config min-cluster-size=3 rabbitmq-server --series focal
juju add-relation rabbitmq-server:amqp neutron-api:amqp
juju add-relation rabbitmq-server:amqp nova-compute:amqp

juju deploy --to lxd:0 --config nova-cloud-controller.yaml nova-cloud-controller --series focal --bind “public=public-space internal=internal-space admin=internal-space shared-db=internal-space”
juju deploy mysql-router ncc-mysql-router
juju add-relation ncc-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation ncc-mysql-router:shared-db nova-cloud-controller:shared-db
juju add-relation nova-cloud-controller:identity-service keystone:identity-service
juju add-relation nova-cloud-controller:amqp rabbitmq-server:amqp
juju add-relation nova-cloud-controller:neutron-api neutron-api:neutron-api
juju add-relation nova-cloud-controller:cloud-compute nova-compute:cloud-compute
juju add-relation nova-cloud-controller:certificates vault:certificates

juju deploy --to lxd:0 --config openstack-origin=distro placement --series focal
juju deploy mysql-router placement-mysql-router
juju add-relation placement-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation placement-mysql-router:shared-db placement:shared-db
juju add-relation placement:identity-service keystone:identity-service
juju add-relation placement:placement nova-cloud-controller:placement
juju add-relation placement:certificates vault:certificates

juju deploy --to lxd:0 --config openstack-origin=distro openstack-dashboard --series focal
juju deploy mysql-router dashboard-mysql-router
juju add-relation dashboard-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation dashboard-mysql-router:shared-db openstack-dashboard:shared-db
juju add-relation openstack-dashboard:identity-service keystone:identity-service
juju add-relation openstack-dashboard:certificates vault:certificates

juju deploy --to lxd:0 --config openstack-origin=distro glance --series focal --bind “public=public-space internal=internal-space admin=internal-space shared-db=internal-space ceph=internal-space”
juju deploy mysql-router glance-mysql-router
juju add-relation glance-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation glance-mysql-router:shared-db glance:shared-db
juju add-relation glance:image-service nova-cloud-controller:image-service
juju add-relation glance:image-service nova-compute:image-service
juju add-relation glance:identity-service keystone:identity-service
juju add-relation glance:certificates vault:certificates

juju deploy -n 3 --to lxd:3,lxd:4,lxd:5 --config source=distro ceph-mon --series focal --bind “public=internal-space cluster=internal-space”
juju add-relation ceph-mon:osd ceph-osd:mon
juju add-relation ceph-mon:client nova-compute:ceph
juju add-relation ceph-mon:client glance:ceph

juju deploy --to lxd:1 --config cinder.yaml cinder --series focal --bind “public=public-space internal=internal-space admin=internal-space shared-db=internal-space”
juju deploy mysql-router cinder-mysql-router
juju add-relation cinder-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation cinder-mysql-router:shared-db cinder:shared-db
juju add-relation cinder:cinder-volume-service nova-cloud-controller:cinder-volume-service
juju add-relation cinder:identity-service keystone:identity-service
juju add-relation cinder:amqp rabbitmq-server:amqp
juju add-relation cinder:image-service glance:image-service

juju deploy cinder-ceph --series focal
juju add-relation cinder-ceph:storage-backend cinder:storage-backend
juju add-relation cinder-ceph:ceph ceph-mon:client
juju add-relation cinder-ceph:ceph-access nova-compute:ceph-access
juju add-relation cinder:certificates vault:certificates

juju deploy ntp --series focal

juju deploy ceilometer --series focal --to lxd:0 --bind “public=public-space internal=internal-space admin=internal-space”
juju deploy gnocchi --series focal --to lxd:0 --bind “public=public-space internal=internal-space admin=internal-space”

Thank you very much, I’ll try this way.

Unfortunately didn’t worked. I tried putting all of this in a bundle but a few components screamed that there is no obvious network to deploy on (mysql, vault, openstack-dashboard, placement and rabbitmq-server). None have bindings in your config. What I succeded was to deploy the Openstack with the default bundle (br-ex mapped on bond1) and no network spaces. Only 2 bonds on baremetal. All the APIs are on the pxe network on bond0 and br-ex was mapped on bond1. Any attempt to use spaces failed - vault and mysql especially.

Something that’s helped me get around the ‘no obvious space’ issue was setting a default space on the model itself.

juju model-config default-space=admin-network

1 Like

Yes, I’m using a default space to get rid of the “alpha space” error when spawning the containers. The problem is that maybe some relations are not Ok because mysql master return an error state “db-relation-changed” and vault-mysql-router is not installing. Right now this working setup is enough for me to have an overview on juju & maas. Thank you very much.