diff --git a/doc/install-guide/ch_networking.xml b/doc/install-guide/ch_networking.xml index d52880f8c4..5f9f985657 100644 --- a/doc/install-guide/ch_networking.xml +++ b/doc/install-guide/ch_networking.xml @@ -19,7 +19,7 @@ Configuring networking in OpenStack can be a bewildering experience. This guide provides step-by-step instructions for both - OpenStack Networking (neutron) and the legacy (nova) networking + OpenStack Networking (neutron) and the legacy networking (nova-network) service. If you are unsure which to use, we recommend trying OpenStack Networking because it offers a considerable number of features and flexibility including Networking (neutron) -
- Open vSwitch (OVS) plug-in - - We recommend using the Open vSwitch (OVS) plug-in until we - complete documentation for the Modular Layer 2 (ML2) plug-in. - - - - -
Modular Layer 2 (ML2) plug-in - - We are adding this documentation for Icehouse. Until complete, - we recommend using the Open vSwitch (OVS) plug-in. - + + We primarily tested the Modular Layer 2 (ML2) plug-in on + Icehouse and suggest that you implement it instead of the + traditional Open vSwitch (OVS) plug-in. +
+
+ Open vSwitch (OVS) plug-in + + We suggest that you implement the Modular Layer 2 (ML2) plug-in + on Icehouse until we completely test the traditional Open vSwitch + (OVS) plug-in. + + + + +
diff --git a/doc/install-guide/section_neutron-initial-networks.xml b/doc/install-guide/section_neutron-initial-networks.xml index 9a5b3b2dba..12ebd089c3 100644 --- a/doc/install-guide/section_neutron-initial-networks.xml +++ b/doc/install-guide/section_neutron-initial-networks.xml @@ -42,14 +42,30 @@ Perform these commands on the controller node. - To create the external network: + To create the external network Source the admin tenant credentials: $ source admin-openrc.sh Create the network: - $ neutron net-create ext-net --shared --router:external=True + $ neutron net-create ext-net --shared --router:external=True +Created a new network: ++---------------------------+--------------------------------------+ +| Field | Value | ++---------------------------+--------------------------------------+ +| admin_state_up | True | +| id | 893aebb9-1c1e-48be-8908-6b947f3237b3 | +| name | ext-net | +| provider:network_type | gre | +| provider:physical_network | | +| provider:segmentation_id | 1 | +| router:external | True | +| shared | True | +| status | ACTIVE | +| subnets | | +| tenant_id | 54cd044c64d5408b83f843d63624e0d8 | ++---------------------------+--------------------------------------+ Like a physical network, a virtual network requires a @@ -70,7 +86,7 @@ instances do not connect directly to the external network and floating IP addresses require manual assignment. - To create a subnet on the external network: + To create a subnet on the external network Create the subnet: $ neutron subnet-create ext-net --name ext-subnet \ @@ -81,7 +97,25 @@ 203.0.113.200: $ neutron subnet-create ext-net --name ext-subnet \ --allocation-pool start=203.0.113.101,end=203.0.113.200 \ - --disable-dhcp --gateway 203.0.113.1 203.0.113.0/24 + --disable-dhcp --gateway 203.0.113.1 203.0.113.0/24 +Created a new subnet: ++-------------------+------------------------------------------------------+ +| Field | Value | ++-------------------+------------------------------------------------------+ +| allocation_pools | {"start": "203.0.113.101", "end": "203.0.113.200"} | +| cidr | 203.0.113.0/24 | +| dns_nameservers | | +| enable_dhcp | False | +| gateway_ip | 203.0.113.1 | +| host_routes | | +| id | 9159f0dc-2b63-41cf-bd7a-289309da1391 | +| ip_version | 4 | +| ipv6_address_mode | | +| ipv6_ra_mode | | +| name | ext-subnet | +| network_id | 893aebb9-1c1e-48be-8908-6b947f3237b3 | +| tenant_id | 54cd044c64d5408b83f843d63624e0d8 | ++-------------------+------------------------------------------------------+
@@ -95,14 +129,26 @@ Perform these commands on the controller node. - To create the tenant network: + To create the tenant network Source the demo tenant credentials: $ source demo-openrc.sh Create the network: - $ neutron net-create demo-net + $ neutron net-create demo-net +Created a new network: ++----------------+--------------------------------------+ +| Field | Value | ++----------------+--------------------------------------+ +| admin_state_up | True | +| id | ac108952-6096-4243-adf4-bb6615b3de28 | +| name | demo-net | +| shared | False | +| status | ACTIVE | +| subnets | | +| tenant_id | cdef0071a0194d19ac6bb63802dc9bae | ++----------------+--------------------------------------+ Like the external network, your tenant network also requires @@ -115,14 +161,32 @@ default, this subnet will use DHCP so your instances can obtain IP addresses. - To create a subnet on the tenant network: + To create a subnet on the tenant network Create the subnet: $ neutron subnet-create demo-net --name demo-subnet \ --gateway TENANT_NETWORK_GATEWAY TENANT_NETWORK_CIDR Example using 192.168.1.0/24: $ neutron subnet-create demo-net --name demo-subnet \ - --gateway 192.168.1.1 192.168.1.0/24 + --gateway 192.168.1.1 192.168.1.0/24 +Created a new subnet: ++-------------------+------------------------------------------------------+ +| Field | Value | ++-------------------+------------------------------------------------------+ +| allocation_pools | {"start": "192.168.1.2", "end": "192.168.1.254"} | +| cidr | 192.168.1.0/24 | +| dns_nameservers | | +| enable_dhcp | True | +| gateway_ip | 192.168.1.1 | +| host_routes | | +| id | 69d38773-794a-4e49-b887-6de6734e792d | +| ip_version | 4 | +| ipv6_address_mode | | +| ipv6_ra_mode | | +| name | demo-subnet | +| network_id | ac108952-6096-4243-adf4-bb6615b3de28 | +| tenant_id | cdef0071a0194d19ac6bb63802dc9bae | ++-------------------+------------------------------------------------------+ A virtual router passes network traffic between two or more virtual @@ -132,20 +196,33 @@ a router and attach your tenant and external networks to it. To create a router on the tenant network and attach the external - and tenant networks to it: + and tenant networks to it Create the router: - $ neutron router-create demo-router + $ neutron router-create demo-router +Created a new router: ++-----------------------+--------------------------------------+ +| Field | Value | ++-----------------------+--------------------------------------+ +| admin_state_up | True | +| external_gateway_info | | +| id | 635660ae-a254-4feb-8993-295aa9ec6418 | +| name | demo-router | +| status | ACTIVE | +| tenant_id | cdef0071a0194d19ac6bb63802dc9bae | ++-----------------------+--------------------------------------+ Attach the router to the demo tenant subnet: - $ neutron router-interface-add demo-router demo-subnet + $ neutron router-interface-add demo-router demo-subnet +Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router. Attach the router to the external network by setting it as the gateway: - $ neutron router-gateway-set demo-router ext-net + $ neutron router-gateway-set demo-router ext-net +Set gateway for router demo-router @@ -165,7 +242,7 @@ external network. - To verify network connectivity: + To verify network connectivity Ping the tenant router gateway: $ ping -c 4 203.0.113.101 diff --git a/doc/install-guide/section_neutron-ml2-compute-node.xml b/doc/install-guide/section_neutron-ml2-compute-node.xml index a485294f9d..2e0f8ef5e8 100644 --- a/doc/install-guide/section_neutron-ml2-compute-node.xml +++ b/doc/install-guide/section_neutron-ml2-compute-node.xml @@ -22,7 +22,7 @@ net.ipv4.conf.default.rp_filter=0 - To install the Networking components: + To install the Networking components # apt-get install neutron-common neutron-plugin-ml2 neutron-plugin-openvswitch-agent \ openvswitch-datapath-dkms @@ -39,9 +39,9 @@ net.ipv4.conf.default.rp_filter=0 - To configure the Networking common components: + To configure the Networking common components The Networking common component configuration includes the - authentication mechanism, messaging service, and plug-in. + authentication mechanism, message broker, and plug-in. Respond to prompts for database management, @@ -49,7 +49,7 @@ net.ipv4.conf.default.rp_filter=0 credentials, service endpoint registration, and - messaging service + message broker credentials. @@ -104,7 +104,7 @@ admin_password = NEUTRON_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Replace RABBIT_PASS with the password you chose for the guest account in RabbitMQ. @@ -118,7 +118,7 @@ admin_password = NEUTRON_PASS rabbit_password RABBIT_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ rpc_backend neutron.openstack.common.rpc.impl_qpid # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ @@ -131,7 +131,7 @@ admin_password = NEUTRON_PASS qpid_password guest - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Edit the /etc/neutron/neutron.conf file @@ -152,9 +152,9 @@ rabbit_password = RABBIT_PASS Configure Networking to use the Modular Layer 2 (ML2) plug-in and associated services: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - core_plugin neutron.plugins.ml2.plugin.Ml2Plugin + core_plugin ml2 # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + service_plugins router You must comment out any lines in the [service_providers] section. @@ -194,7 +194,7 @@ allow_overlapping_ips = True - To configure the Modular Layer 2 (ML2) plug-in: + To configure the Modular Layer 2 (ML2) plug-in The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances. @@ -253,16 +253,12 @@ enable_tunneling = True following keys to it: [securitygroup] ... -firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver - Add the following key to the - [securitygroup] section: - [securitygroup] -... +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = True - To configure the Open vSwitch (OVS) service: + To configure the Open vSwitch (OVS) service The OVS service provides the underlying virtual networking framework for instances. The integration bridge br-int handles internal instance network traffic within OVS. @@ -292,7 +288,7 @@ enable_security_group = True - To configure Compute to use Networking: + To configure Compute to use Networking By default, most distributions configure Compute to use legacy networking. You must reconfigure Compute to manage networks through OpenStack Networking. @@ -357,7 +353,7 @@ security_group_api = neutron - To finalize the installation: + To finalize the installation The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the diff --git a/doc/install-guide/section_neutron-ml2-controller-node.xml b/doc/install-guide/section_neutron-ml2-controller-node.xml index 67f9e87ada..4ef4d4ac64 100644 --- a/doc/install-guide/section_neutron-ml2-controller-node.xml +++ b/doc/install-guide/section_neutron-ml2-controller-node.xml @@ -59,7 +59,7 @@ IDENTIFIED BY 'NEUTRON_DBPASS'; - To install the Networking components: + To install the Networking components # apt-get install neutron-server neutron-plugin-ml2 # yum install openstack-neutron openstack-neutron-ml2 @@ -70,9 +70,9 @@ IDENTIFIED BY 'NEUTRON_DBPASS'; - To configure the Networking server component: + To configure the Networking server component The Networking server component configuration includes the database, - authentication mechanism, messaging service, topology change notifier, + authentication mechanism, message broker, topology change notifier, and plug-in. Respond to prompts for @@ -81,7 +81,7 @@ IDENTIFIED BY 'NEUTRON_DBPASS'; credentials, service endpoint registration, and - messaging service + message broker credentials. @@ -158,7 +158,7 @@ admin_password = NEUTRON_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Replace RABBIT_PASS with the password you chose for the guest account in RabbitMQ. @@ -172,7 +172,7 @@ admin_password = NEUTRON_PASS rabbit_password RABBIT_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ rpc_backend neutron.openstack.common.rpc.impl_qpid # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ @@ -185,7 +185,7 @@ admin_password = NEUTRON_PASS qpid_password guest - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Edit the /etc/neutron/neutron.conf file @@ -282,9 +282,9 @@ nova_admin_auth_url = http://controller:35357/v2.0

Configure Networking to use the Modular Layer 2 (ML2) plug-in and associated services: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - core_plugin neutron.plugins.ml2.plugin.Ml2Plugin + core_plugin ml2 # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + service_plugins router You must comment out any lines in the [service_providers] section. @@ -324,7 +324,7 @@ allow_overlapping_ips = True - To configure the Modular Layer 2 (ML2) plug-in: + To configure the Modular Layer 2 (ML2) plug-in The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances. However, the controller node does not need the OVS agent or service because it @@ -364,16 +364,12 @@ tunnel_id_ranges = 1:1000 following keys to it: [securitygroup] ... -firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver - Add the following key to the - [security_group] section: - [security_group] -... +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = True - To configure Compute to use Networking: + To configure Compute to use Networking By default, most distributions configure Compute to use legacy networking. You must reconfigure Compute to manage networks through OpenStack Networking. @@ -438,7 +434,7 @@ security_group_api = neutron - To finalize installation: + To finalize installation The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the @@ -460,16 +456,6 @@ security_group_api = neutron following: NEUTRON_PLUGIN_CONF="/etc/neutron/plugins/ml2/ml2_conf.ini" - - Populate the Networking database: - Replace NEUTRON_DBPASS with the - password you chose for the database. - # openstack-db --init --service neutron --password NEUTRON_DBPASS - - Restart the Compute services: # service openstack-nova-api restart diff --git a/doc/install-guide/section_neutron-ml2-network-node.xml b/doc/install-guide/section_neutron-ml2-network-node.xml index f40a15444c..046591ac16 100644 --- a/doc/install-guide/section_neutron-ml2-network-node.xml +++ b/doc/install-guide/section_neutron-ml2-network-node.xml @@ -23,7 +23,7 @@ net.ipv4.conf.default.rp_filter=0 - To install the Networking components: + To install the Networking components # apt-get install neutron-plugin-ml2 neutron-plugin-openvswitch-agent openvswitch-datapath-dkms \ neutron-l3-agent neutron-dhcp-agent @@ -41,9 +41,9 @@ net.ipv4.conf.default.rp_filter=0 - To configure the Networking common components: + To configure the Networking common components The Networking common component configuration includes the - authentication mechanism, messaging service, and plug-in. + authentication mechanism, message broker, and plug-in. Respond to prompts for database management, @@ -51,7 +51,7 @@ net.ipv4.conf.default.rp_filter=0 credentials, service endpoint registration, and - messaging service + message broker credentials. @@ -106,7 +106,7 @@ admin_password = NEUTRON_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Replace RABBIT_PASS with the password you chose for the guest account in RabbitMQ. @@ -120,7 +120,7 @@ admin_password = NEUTRON_PASS rabbit_password RABBIT_PASS - Configure Networking to use the messaging service: + Configure Networking to use the message broker: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ rpc_backend neutron.openstack.common.rpc.impl_qpid # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ @@ -133,7 +133,7 @@ admin_password = NEUTRON_PASS qpid_password guest - Configure Networking to use the messaging service: + Configure Networking to use the message broker: Edit the /etc/neutron/neutron.conf file @@ -154,9 +154,9 @@ rabbit_password = RABBIT_PASS Configure Networking to use the Modular Layer 2 (ML2) plug-in and associated services: # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - core_plugin neutron.plugins.ml2.plugin.Ml2Plugin + core_plugin ml2 # openstack-config --set /etc/neutron/neutron.conf DEFAULT \ - service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + service_plugins router You must comment any lines in the [service_providers] section. @@ -196,7 +196,7 @@ allow_overlapping_ips = True - To configure the Layer-3 (L3) agent: + To configure the Layer-3 (L3) agent The Layer-3 (L3) agent provides routing services for instance virtual networks. @@ -229,7 +229,7 @@ use_namespaces = True - To configure the DHCP agent: + To configure the DHCP agent The DHCP agent provides DHCP services for instance virtual networks. @@ -266,7 +266,7 @@ use_namespaces = True - To configure the metadata agent: + To configure the metadata agent The metadata agent provides configuration information such as credentials for remote access to instances. @@ -353,7 +353,7 @@ neutron_metadata_proxy_shared_secret = METADATA_SECRET - To configure the Modular Layer 2 (ML2) plug-in: + To configure the Modular Layer 2 (ML2) plug-in The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build virtual networking framework for instances. @@ -412,16 +412,12 @@ enable_tunneling = True following keys to it: [securitygroup] ... -firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver - Add the following key to the - [securitygroup] section: - [security_group] -... +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = True - To configure the Open vSwitch (OVS) service: + To configure the Open vSwitch (OVS) service The OVS service provides the underlying virtual networking framework for instances. The integration bridge br-int handles internal instance network traffic within OVS. The external bridge @@ -474,7 +470,7 @@ enable_security_group = True - To finalize the installation: + To finalize the installation The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the diff --git a/doc/install-guide/section_neutron-compute-node.xml b/doc/install-guide/section_neutron-ovs-compute-node.xml similarity index 100% rename from doc/install-guide/section_neutron-compute-node.xml rename to doc/install-guide/section_neutron-ovs-compute-node.xml diff --git a/doc/install-guide/section_neutron-controller-node.xml b/doc/install-guide/section_neutron-ovs-controller-node.xml similarity index 100% rename from doc/install-guide/section_neutron-controller-node.xml rename to doc/install-guide/section_neutron-ovs-controller-node.xml diff --git a/doc/install-guide/section_neutron-network-node.xml b/doc/install-guide/section_neutron-ovs-network-node.xml similarity index 100% rename from doc/install-guide/section_neutron-network-node.xml rename to doc/install-guide/section_neutron-ovs-network-node.xml diff --git a/doc/install-guide/section_nova-networking-compute-node.xml b/doc/install-guide/section_nova-networking-compute-node.xml index 96c64494e2..2571a9516e 100644 --- a/doc/install-guide/section_nova-networking-compute-node.xml +++ b/doc/install-guide/section_nova-networking-compute-node.xml @@ -10,7 +10,7 @@ multi-host feature provides redundancy by spreading network functions across compute nodes. - To use legacy networking: + To use legacy networking Install the packages: # apt-get install nova-network nova-api-metadata diff --git a/doc/install-guide/section_nova-networking-initial-network.xml b/doc/install-guide/section_nova-networking-initial-network.xml index f240d5fe08..59c6f47142 100644 --- a/doc/install-guide/section_nova-networking-initial-network.xml +++ b/doc/install-guide/section_nova-networking-initial-network.xml @@ -21,7 +21,7 @@ Perform these commands on the controller node. - To create the network: + To create the network Source the admin tenant credentials: $ source admin-openrc.sh @@ -38,6 +38,18 @@ $ nova network-create demo-net --bridge br100 --multi-host T \ --fixed-range-v4 203.0.113.24/29 + + This command provides no output. + + + + Verify creation of the network: + $ nova net-list ++--------------------------------------+----------+------------------+ +| ID | Label | CIDR | ++--------------------------------------+----------+------------------+ +| 84b34a65-a762-44d6-8b5e-3b461a53f513 | demo-net | 203.0.113.24/29 | ++--------------------------------------+----------+------------------+