Merge "Describes NSX+vCenter support"

pages/planning-guide/7000-nsx-plan.rst

@@ -10,6 +10,9 @@ VMware provides an NSX plug-in for OpenStack that enables the Neutron
 service to communicate and provision virtual networks in NSX that can
 manage Open vSwitches on controller and compute nodes.
 
+.. note: Fuel 6.0 supports NSX as an Experimental Feature.
+         See :ref:`experimental-features-op` for more information.
+
 This section summarizes the planning you should do
 and other steps that are required
 before you attempt to deploy Mirantis OpenStack
@@ -18,7 +21,7 @@ with NSX integration.
 For more information:
 
 - See :ref:`neutron-nsx-arch` for information about how NSX support
-  is implemented in Mirantis OpenStack;
+  is implemented in Mirantis OpenStack.
 
 - :ref:`nsx-deploy` gives instructions for creating and deploying
   a Mirantis OpenStack environment that is integrated
@@ -87,9 +90,9 @@ VMware NSX cluster configuration
 
 .. Attention::
 
-  You must specify the same transport type on the Settings tab in FUEL web UI.
+  You must specify the same transport type on the *Settings* tab in the Fuel web UI.
 
-* Obtain and put NSX specific packages on the Fuel Master node
+* Obtain and put NSX-specific packages on the Fuel Master node
 
         * Upload NSX package archives to the Fuel Master node which has IP
           address 10.20.0.2 in this example:
@@ -123,11 +126,263 @@ VMware NSX cluster configuration
    `NSX appliances installation  <https://www.edge-cloud.net/2013/12/openstack-with-vsphere-and-nsx-part1>`_ and `NSX cluster configuration <https://www.edge-cloud.net/2013/12/openstack-with-vsphere-and-nsx-part2>`_
    for details about the NSX cluster deployment process.
 
+Cleaning up the NSX cluster
+---------------------------
+
+To cleanup the NSX cluster, log into the NSX Manager,  follow these steps:
+
+#. Open the dashboard and click on numbered link in *Hypervisor Software Version Summary*:
+
+   .. image:: /_images/nsx-cleanup-1.png
+
+#. Tick all registered nodes and press *Delete Checked* button:
+
+   .. image:: /_images/nsx-cleanup-2.png
+     :width: 60%
+
+#. Click on *Logical Layer* in the *category* column. Tick all remaining
+   logical entities and remove them by pressing the corresponding *Delete
+   Checked* button:
+
+   .. image:: /_images/nsx-cleanup-3.png
+     :width: 60%
+
+
+Preparing for Neutron with VMware NSX plugin installation
+---------------------------------------------------------
+
+This section is dedicated to integration of Mirantis OpenStack with NSX as the networking option
+and vCenter as a hypervisor.
+
+To enable Neutron with VMware NSX plugin, you should have
+the NSX cluster configured.
+Once it is enabled, an NSX vSwitch should be
+configured inside the ESXi hosts.
+
+.. note:: To install NSX with KVM or QEMU hypervisor,
+          see :ref:`nsx-deploy` and :ref:`Select Hypervisor for NSX<select-hyperv-nsx>`.
+
+
+Installing NSX vSwitch
+~~~~~~~~~~~~~~~~~~~~~~
+
+The NSX vSwitch is a part of an SDN solution
+for the VMware vSphere platform,
+similar to the Standard
+vSwitch and the Virtual Distributed Switch.
+The NSX vSwitch needs a dedicated
+physical uplink (vmnic) to connect to the upstream network.
+Before proceeding to the actual installation,
+ensure that you have at least one unused vmnic
+interface available on all your ESXi hosts.
+The NSX vSwitch is provided as
+a vSphere Installation Bundle (VIB)
+that needs to be installed on each ESXi
+host that you plan on using.
+
+To install NSX vSwitch, follow these steps:
+
+#. Make sure VIB file is available to the ESXi hosts (for example, via a shared storage).
+
+   .. image:: /_images/nsx-vswitch1.png
+     :width: 50%
+
+
+#. Temporarily enable SSH access to the ESXi hosts.
+
+   .. image:: /_images/nsx-vswitch2.png
+     :width: 50%
+
+#. After you have enabled SSH access to the ESXi hosts, connect to your first ESXi host via SSH.
+   Start the installation of the NSX vSwitch VIB file with
+   the *esxcli software vib install --no-sig-check -v <path and filename>* command:
+
+  ::
+
+
+      ~ # esxcli software vib install --no-sig-check -v /vmfs/volumes/SiteA-IPv6-NFS/vmware-nsxvswitch-2.0.1-30494-release.vib
+      Installation Result
+      Message: Operation finished successfully.
+      Reboot Required: false
+      VIBs Installed: VMware_bootbank_vmware-nsxvswitch_2.0.1-30494
+      VIBs Removed:
+      VIBs Skipped:
+      ~ #
+
+4. The installation of VIB file is over. Do not shut down SSH.
+
+Configuring the NSX vSwitch
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In comparison to the Standard vSwitch and the virtual Distributed Switch installation procedure,
+done via vCenter, the NSX vSwitch is configured with the CLI.
+
+#. To configure the NSX vSwitch, connect an uplink to the switch:
+   this will create an NVS bridge.
+
+   ::
+
+       ~ # nsxcli uplink/connect vmnic4
+
+#. Configure the IP address for the transport endpoint. This transport
+   endpoint creates overlay tunnels with other transport endpoints,
+   such as Hypervisors, Gateway nodes and Service Nodes. The NSX
+   vSwitch uses a separate IP stack for this:
+   the VMware NSX transport endpoint has its own default gateway.
+   Set the IP address of the transport endpoint with the *nsxcli uplink/set-ip <interface> <ip address> <netmask>*
+   command.
+   VLAN tag can also be set by putting *<vlan_id>* as an additional parameter to the command (for example, *100*).
+
+   ::
+
+
+        ~ # nsxcli uplink/set-ip vmnic4 192.168.110.123 255.255.255.0
+
+#. Set the default gateway with the
+   *nsxcli gw/set tunneling <ip address of default gateway>* command.
+
+   ::
+
+
+      ~ # nsxcli gw/set tunneling 192.168.110.121
+      ~ #
+
+#. Create a Transport-Net Bridge to which Virtual Machines will later
+   connect to. The name of this bridge must be *br-int*.
+   Create the NSX bridge with the following command:
+
+   ::
+
+
+      ~ # nsxcli network/add br-int br-int nsx.network manual
+      success
+      ~ #
+
+#. Register the NSX vSwitch with the NSX controller.
+   First, use the *nsxcli manager/set ssl:<IP address of a NSX controller node>* command
+   to point the NSX vSwitch to the NSX controller. In
+   the case of an NSX controller cluster, you can specify any IP address of a cluster member.
+
+   ::
+
+
+       ~ # nsxcli manager/set ssl:192.168.110.101
+       ~ #
+
+
+#. Extract the SSL certificate from the NSX vSwitch with
+   *cat /etc/nsxvswitch/nsxvswitch-cert.pem.* command.
+   Copy the text including the * —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–* line.
+   You will need this text in the next step.
+
+   .. image:: /_images/nsx-vswitch3.png
+     :width: 50%
+
+#. Do not close the SSH session yet.
+   Return to the NSX Manager Dashboard.
+   Within the *Summary of Transport Components* section, click on
+   *Add within the Hypervisor* row.
+
+   .. image:: /_images/nsx-vswitch4.png
+     :width: 50%
+
+#. Confirm that the pre-selected transport type is Hypervisor.
+
+   .. image:: /_images/nsx-vswitch5.png
+     :width: 50%
+
+
+#. Give the hypervisor node a name; the hostname can be used here.
+
+   .. image:: /_images/nsx-vswitch6.png
+     :width: 50%
+
+#. As the *Integration Bridge Id*, specify *br-int*.
+   Leave the other values default.
+   The *Tunnel Keep-alive Spray* would randomize TCP source ports for STT tunnel keep-alives
+   for packet spray across active network path.
+
+   .. image:: /_images/nsx-vswitch7.png
+     :width: 50%
+
+#. Select the Credential Type of Security Certificate and paste the previously copied certificate
+   into the Security Certificate field.
+
+   .. image:: /_images/nsx-vswitch8.png
+     :width: 50%
+
+#. Create a transport connector for
+   the NSX vSwitch using STT as the transport type and the IP address that you configured a few steps earlier.
+
+   .. image:: /_images/nsx-vswitch9.png
+     :width: 50%
+
+#. Return to the NSX Manager Dashboard: you will see the new Hypervisor within
+   the *Summary of Transport Components* section on the *Hypervisors* row.
+   Click on the number for active hypervisors to see more details.
+
+   .. image:: /_images/nsx-vswitch10.png
+     :width: 50%
+
+#. You should see the ESXi host with the NSX vSwitch successfully added as a hypervisor with the Connection status as Up.
+
+   .. image:: /_images/nsx-vswitch11.png
+     :width: 50%
+
+#. Instruct VMware NSX to export the OpenStack virtual machine virtual interface
+   (*vif*) UUID as extra information besides the VMware vSphere one.
+   This is necessary as OpenStack uses a different UUID than VMware vSphere does.
+   Without this setting OpenStack will not recognize a virtual machine that it created for further operations via the Neutron API.
+   Instruct NSX to allow custom vifs with the *nsxd --allow-custom-vifs* command.
+   When asked for a username and password, enter the username and password for the ESXi host.
+
+   ::
+
+
+        ~ # nsxd --allow-custom-vifs
+        2013-12-18T19:50:15Z|00001|ovs_esxd|INFO|Normal operation
+        username : root
+        Password:
+        WARNING: can't open config file: /etc/pki/tls/openssl.cnf
+        nsxd: NSXD will be restarted now.
+        Killing nsxd (227588).
+        2013-12-18T19:50:21Z|00001|ovs_esxd|INFO|Normal operation
+        WARNING: can't open config file: /etc/pki/tls/openssl.cnf
+        Starting nsxd.
+        ~ #
+
+
+   .. note:: You can safely ignore the warning message about the */etc/pki/tls/openssl.cnf* configuration file.
+
+#.  Verify that the configuration change has been applied with the *nsxcli custom-vifs/show* command.
+    Repeat the above steps for any additional ESX host that you want to use with this setup.
+
+    ::
+
+
+       ~ # nsxcli custom-vifs/show
+      Custom-VIFs: Enabled
+      ~ #
+
+
+#. Return to the vSphere Web Client where you can see vmnic4 connected to the NSX vSwitch.
+
+   .. image:: /_images/nsx-vswitch12.png
+     :width: 50%
+
+#. After you have installed and configured the NSX vSwitch on
+   all Hypervisors, you can see the results in the NSX Manager Dashboard.
+
+   .. image:: /_images/nsx-vswitch13.png
+     :width: 50%
+
+
+For further instructions on configuring Neutron with VMware NSX plugin in the Fuel web UI, see :ref:`vcenter-deploy`.
+
 
 Limitations
-------------------------------
-- Only KVM or QEMU are supported as hypervisor options
-  when using VMware NSX.
+-----------
+
 - Only VMware NSX 4.0 is supported
 - Resetting or deleting the environment via "Reset" and "Delete" buttons
   on the Actions tab does not flush the entities (logical switches, routers,
@@ -135,21 +390,4 @@ Limitations
   Eventually, the cluster may run out of resources; it is up to the cloud
   operator to remove unneeded entities from the VMware NSX cluster. Each time
   the deployment fails or is interrupted; after solving the problem, restart
-  the deployment process.
-
-  To cleanup the NSX cluster, log into the NSX Manager, open the dashboard and
-  click on numbered link in "Hypervisor Software Version Summary":
-
-  .. image:: /_images/nsx-cleanup-1.png
-
-  Tick all registered nodes and press "Delete Checked" button:
-
-  .. image:: /_images/nsx-cleanup-2.png
-    :width: 60%
-
-  Then click on "Logical Layer" in the "category" column, tick all remaining
-  logical entities and remove them by pressing the corresponding "Delete
-  Checked" button:
-
-  .. image:: /_images/nsx-cleanup-3.png
-    :width: 60%
+  the deployment process.

pages/reference-architecture/neutron-intro/0270-nsx.rst

@@ -9,7 +9,7 @@ might look like this, it is assumed that the NSX nodes have L2 connectivity
 with OpenStack nodes:
 
 .. image:: /_images/Neutron_nsx_l2.png
-  :width: 80%
+  :width: 50%
 
 If your NSX cluster resides in its own network and you do not want to relocate
 you NSX nodes, it is possible to use L3 connectivity between the NSX network
@@ -22,8 +22,19 @@ Settings tab:
 Here is an example of how it will look:
 
 .. image:: /_images/Neutron_nsx_l3.png
-  :width: 80%
+  :width: 50%
 
 .. note:: You do not need a physically separate Private network for this
           setup.
 
+Neutron with VMware NSX and vCenter
+-----------------------------------
+
+In Mirantis OpenStack 6.0, Neutron with VMware NSX can be enabled
+with vCenter as a hypervisor.
+In this case, the following topology
+will be implemented:
+
+.. image:: /_images/nsx-vcenter-arch.png
+  :width: 80%
+

pages/terminology/e/experimental-features.rst

@@ -17,6 +17,7 @@ The following features are currently defined as experimental:
 - Zabbix integration; see :ref:`zabbix-plan`.
 - Ability to update 5.0 and 5.0.1 environments to 5.0.2;
   see :ref:`upgrade-patch-top-ug`.
+- NSX. See :ref:`nsx-plan` and :ref:`nsx-deploy`.
 
 Instructions for enabling experimental features
 on a running Fuel Master node are provided in

pages/user-guide/7310-nsx.rst

@@ -42,22 +42,24 @@ You can deploy Mirantis OpenStack with or without :ref:`ha-term`.
 
    PageBreak
 
+.. _select-hyperv-nsx:
+
 Select Hypervisor for NSX
 +++++++++++++++++++++++++
 
-Select either the KVM or QEMU :ref:`hypervisor<hypervisor-ug>`
+Select either the KVM, QEMU or vCenter :ref:`hypervisor<hypervisor-ug>`
 when you create your OpenStack Environment.
 After that, you need to fill in the corresponding fields.
-You can modify the NSX specific values on the Settings tab
+You can modify the NSX-specific values on the *Settings* tab
 after you create the environment.
 
 .. image:: /_images/user_screen_shots/nsx-hv.png
    :width: 50%
 
-Select Neutron VMware NSX plugin
-++++++++++++++++++++++++++++++++
+Select Neutron VMware NSX plug-in
++++++++++++++++++++++++++++++++++
 
-Choose the Neutron VMware NSX plugin on the Network settings page.
+Choose the Neutron VMware NSX plug-in on the *Network Setup* page.
 
 .. image:: /_images/user_screen_shots/nsx-networking.png
    :width: 50%
@@ -91,12 +93,12 @@ Complete the creation of your NSX environment
    :width: 50%
 
 
-Select "Create" and click on the icon for your named environment.
+Select *Create* and click on the icon for your named environment.
 
 Configuring your environment for NSX
 ------------------------------------
 
-After you exit from the "Create a New OpenStack Environment" wizard,
+After you exit from the *Create a New OpenStack Environment* wizard,
 Fuel displays a set of configuration tabs
 that you use to finish configuring your environment.
 
@@ -108,17 +110,22 @@ integrated with NSX.
 Network settings
 ++++++++++++++++
 
-This example screenshot illustrate the completed Network Settings page
-when using the Neutron VMware NSX plugin.
-
-.. image:: /_images/nsx-settings.png
-   :width: 80%
-
-Input the values you specified when did :ref:`nsx-plan`.
-Here is an example how filled NSX settings block might look:
+In *Network Settings* tab,
+specify the NSX and check vCenter
+credentials that you specified when performed
+steps described in :ref:`nsx-plan`
 
 .. image:: /_images/nsx-settings-filled.png
-   :width: 80%
+   :width: 50%
+
+Note that when you have deployed your Neutron with NSX plug-in
+environment and logged into the Horizon dashboard,
+external and internal networks are created with
+*net04_ext* and *net_04* names accordingly.
+
+For more information on configuring networks,
+see the blog post
+`Create virtual networks and launch a VM instance in OpenStack <https://www.edge-cloud.net/2014/01/openstack-vsphere-nsx-part5/>`_.
 
 For more information about how NSX support is implemented,
 see :ref:`neutron-nsx-arch`.