[Docs] Complete the example file

Host bind override, static routes, and default gateway were not
explained in our example file.

Change-Id: Id41fdf0981a9491c590063f9852bd377c0de8b3d
Signed-off-by: Jean-Philippe Evrard <jean-philippe@evrard.me>

deploy-guide/source/app-networking.rst

@@ -58,17 +58,37 @@ connected to the host's bridges and physical network interfaces:
 Network diagrams
 ~~~~~~~~~~~~~~~~
 
+Hosts with services running in containers
+-----------------------------------------
+
 The following diagram shows how all of the interfaces and bridges interconnect
 to provide network connectivity to the OpenStack deployment:
 
 .. image:: figures/networkarch-container-external.png
 
+The interface ``lxcbr0`` provides connectivity for the containers to the
+outside world, thanks to dnsmasq (dhcp/dns) + NAT.
+
+.. note::
+
+   If you require additional network configuration for your container interfaces
+   (like changing the routes on eth1 for routes on the management network),
+   please adapt your ``openstack_user_config.yml`` file, with the help of the
+   heavily documented ``openstack_user_config.yml.example`` file.
+
+
+Services running "on metal" (deploying directly on the physical hosts)
+----------------------------------------------------------------------
+
 OpenStack-Ansible deploys the Compute service on the physical host rather than
 in a container. The following diagram shows how to use bridges for
 network connectivity:
 
 .. image:: figures/networkarch-bare-external.png
 
+Neutron traffic
+---------------
+
 The following diagram shows how the Networking service (neutron) agents
 work with the ``br-vlan`` and ``br-vxlan`` bridges. Neutron is configured to
 use a DHCP agent, an L3 agent, and a Linux Bridge agent within a

etc/openstack_deploy/openstack_user_config.yml.example

@@ -150,6 +150,17 @@
 #       Name of mechanism that connects interfaces in containers to the bridge
 #       on target hosts for this network. Typically 'veth'.
 #
+#       Option: host_bind_override (optional, string)
+#       Name of the physical network interface on the same L2 network being
+#       used with the br-vlan device. This host_bind_override should only
+#       be set for the ' container_bridge: "br-vlan" '.
+#       This interface is optional but highly recommended for vlan based
+#       OpenStack networking.
+#       If no additional network interface is available, a deployer can create
+#       a veth pair, and plug it into the the br-vlan bridge to provide
+#       this interface. An example could be found in the aio_interfaces.cfg
+#       file.
+#
 #       Option: container_mtu (optional, string)
 #       Sets the MTU within LXC for a given network type.
 #
@@ -179,6 +190,18 @@
 #       more than one range of VLANs on a particular network. Coincides with
 #       ML2 plug-in configuration options.
 #
+#       Option: static_routes (optional, list)
+#       List of additional routes to give to the container interface.
+#       Each item is composed of cidr and gateway. The items will be
+#       translated into the container network interfaces configuration
+#       as a `post-up ip route add <cidr> via <gateway> || true`.
+#
+#       Option: gateway (optional, string)
+#       String containing the IP of the default gateway used by the
+#       container. Generally not needed: the containers will have
+#       their default gateway set with dnsmasq, poitining to the host
+#       which does natting for container connectivity.
+#
 #   Example:
 #
 #   Define a typical network architecture: