The levels of integration between OpenStack and Tungsten Fabric (TF) include:
The integration between the OpenStack and TF controllers is
implemented through the shared Kubernetes openstack-tf-shared namespace.
Both controllers have access to this namespace to read and write the Kubernetes
kind: Secret objects.
The OpenStack controller posts the data into the openstack-tf-shared
namespace required by the TF services. The TF controller watches this
namespace. Once an appropriate secret is created, the TF controller obtains it
into the internal data structures for further processing.
The OpenStack controller includes the following data for the TF controller:
tunnel_intefaceName of the network interface for the TF data plane. This interface is used by TF for the encapsulated traffic for overlay networks.
Keystone Administrator credentials and an up-and-running IAM service are required for the TF controller to initiate the deployment process.
Required for the TF vRrouter agent service.
Also, the OpenStack Controller watches the openstack-tf-shared namespace
for the vrouter_port parameter that defines the vRouter port number and
passes it to the nova-compute pod.
The list of the OpenStack services that are integrated with TF through their API include:
neutron-server - integration is provided by the
contrail-neutron-plugin component that is used by the neutron-server
service for transformation of the API calls to the TF API compatible
requests.
nova-compute - integration is provided by the
contrail-nova-vif-driver and contrail-vrouter-api packages used
by the nova-compute service for interaction with the TF vRouter to
the network ports.
octavia-api - integration is provided by the Octavia TF Driver that
enables you to use OpenStack CLI and Horizon for operations with load
balancers. See Tungsten Fabric integration with OpenStack Octavia for details.
Warning
TF is not integrated with the following OpenStack services:
DNS service (Designate)
Key management (Barbican)