[Contrail] How config-rules help prevent loss of BGP/XMPP sessions with downstream vrouters and BGP neighbors in the event of contrail-api process restart

  [KB34347] Show Article Properties


This article discusses contrail config rules and examine a condition where config rules help in preventing the loss of XMPP connections with downstream vrouter nodes in the event of contrail-api stop/restart.


  • For demonstration purposes, we are going to refer to the above contrail cluster topology with three HA nodes. All three nodes are running contrail-control and contrail-config services but for simplicity only Node1 is shown with contrail-config services.

  • Contrail-control services on Node2 and Node3 are having active sessions with IFMAP service running on Node1; and vrouter1 has established XMPP sessions with contrail-control service running on Node2 and Node3.

  • In this contrail environment, if contrail-api service on Node1 is stopped, the corresponding IFMAP service on that node detects the API failure and begins withdrawal of configuration from its clients which are contrail-control services running on Node2 and Node3.

  • The withdrawal configuration also includes withdrawal of all the BGP configuration which results in a tear down of all the established BPG sessions on the control nodes including the XMPP sessions with downstream vrouters.

  • In this case, the vrouter-agent on vrouter1 has XMPP sessions with contrail-control service on both the control nodes (Node2 and Node3) whose configurations are withdrawn by the IFMAP server running on Node1. Thus, the agent will lose the XMPP sessions and go into "initializing" state.

  • To prevent this behavior, contrail has built-in "CONFIG RULES" which ensure that whenever the API service is stopped or restarted, the corresponding config rules are triggered, which also restart IFMAP service running on that node.

  • Restart of the IFMAP service triggers a failover on the contrail-control, causing the control service nodes to initiate sessions with IFMAP server running on a different HA node, thus preventing any withdrawal of configuration and thereby prevent tear down of XMPP sessions.

  • The config rules in contrail are defined under the file, '/etc/contrail/supervisord_config_files/contrail-config.rules'

  • We can verify the trigger of config rules in the event of contrail-api stop/restart under, '/var/log/sudo.log' file.

Related Links: