Tuesday, May 5, 2015

OpenContrail Vrouter Agent and Control Node introspect


I have created two networks "vn1-" and "public -".
Then, I created a VM in network "vn1" and VM got IP:

Introspect Doc:

Contrail Vrouter Agent Introspect:

List all VRFs (VRF of each Virtual Network) 
Vrouter Agent introspect.

You can click on link in "ucindex" to see routes of each VRF.
For Example, Clicked on ucindex 2.

List all interfaces in a Host machine using Vrouter Agent introspect.

Interfaces like vhost0, pkt0, tap interfaces created for VMs and eth0 or 1.

This shows:

* Type of the interfaces
* vrf_name of the interface.
    - For example, vrf_name of "vhost0" interface is "default-domain:default-project:ip-fabric:__default__".
    - vrf_name of tap interface "tapb6e27360-b6" is "default-domain:admin:vn1:vn1".
* Label number of the interface
* vn_name, name of the virtual network associated to tap interface.
    - For example, tap interface "tapb6e27360-b6" is associated to virtual network "default-domain:admin:vn1"
* vm_uuid, uuid of the virtual network associated to tap interface.
* Name, private ip, mac and policy status of the VMs attached to tap interfaces.
* Public/Floating IP attached to the VMs.
* vrf_name of Public/Floating virtual network (Example:"default-domain:admin:public:public") used to allocate Floating IP to the VM in the tap interface.
* mdata_ip_addr, link local address (Metadata IP Addess) attached to the VM in the tap interface.
* sg_uuid_list, Security groups attached to the VM in the tap interface.
* l2_label number of the interface.
* vxlan_id of the interface.
* l2_active status.
* vm_project_uuid, "ID" of the project/tenant. This id match with id in the "#neutron tenant-list".
* admin_state of the interface.

List all Security groups in a Host Machine using agent introspect.
* You can find all egress and ingress acl_list (Access control list like icmp, ssh, udp) defined in each security group.
* For example, egress and ingress acl_list security group "mysec".
    - default-domain:admin:mysec:egress-access-control-list
    - default-domain:admin:mysec:ingress-access-control-list
* Here "sg_uuid" of security groups match with the "id" of "#neutron security-group-list".

List all Virtual Networks in a Host Machine using agent introspect.

This shows:
* vrf_name of the virtual networks
* ipam_data of each virtual networks, like subnet, gateway and dhcp_enable.
* ipam_host_routes
* layer2_forwarding enabled or not
* ipv4_forwarding enabled or not
* admin_state enabled or not

List all Virtual Machines in a Host Machine using agent introspect.

List all Next Hops in a Host Machine using agent introspect.

This shows:
* type of next hop.
* policy is applied or not
* nh_index, Example of nect hop index are
    - vhost0,
    - pkt0
    - tap interfaces in the Hosts
        - tapb6e27360-b6
    - Virtual networks.
        - default-domain:admin:vn1:vn1
        - default-domain:admin:public:public

Contrail Control Node Introspect:

How to See "import route targets" each Virtual Network's routing_instance.

How to View the BGP Peer Status on the Control Node Using control-node introspect

* See the column named "import_targets" for import route targets of a Virtual Network's routing_instance.
* You can see something like
    - import_targets   
    - target:64512:10003
    - target:64512:8000001

Query Routes in the Public Virtual Network Using control-node introspect
On each control-node, a query on the routes in the public_vn lists the routes that are pushed by the MX gateway,


