Release candidate updates for Networking chapter

As part of the installation guide improvement project, I performed
the following operations on the Networking chapter:

1) Moved Neutron ML2 sections before OVS sections and updated
   associated notes to steer users toward ML2.
2) Removed database population steps because Neutron populates the
   database at first run.
3) Moved 'enable_security_group' key to [securitygroup] section.
4) Removed extraneous colons from procedure titles.
5) Added command output to Neutron initial networks section.
6) Added command output to Nova initial networks section.

Change-Id: Ie677d199d2c64ef2a564eaa551295e1a321db02c
Partial-Bug: #1291071
Implements: blueprint networking-install-guide-improvements
This commit is contained in:
Matt Kassawara 2014-04-10 19:18:20 -06:00
parent b41966416f
commit 17fc8c8a8b
10 changed files with 164 additions and 95 deletions

View File

@ -19,7 +19,7 @@
</warning> </warning>
<para>Configuring networking in OpenStack can be a bewildering <para>Configuring networking in OpenStack can be a bewildering
experience. This guide provides step-by-step instructions for both experience. This guide provides step-by-step instructions for both
OpenStack Networking (neutron) and the legacy (nova) networking OpenStack Networking (neutron) and the legacy networking (nova-network)
service. If you are unsure which to use, we recommend trying service. If you are unsure which to use, we recommend trying
OpenStack Networking because it offers a considerable number of OpenStack Networking because it offers a considerable number of
features and flexibility including <glossterm baseform="plug-in" features and flexibility including <glossterm baseform="plug-in"
@ -32,26 +32,28 @@
<section xml:id="section_neutron-networking"> <section xml:id="section_neutron-networking">
<title>Networking (neutron)</title> <title>Networking (neutron)</title>
<xi:include href="section_neutron-concepts.xml"/> <xi:include href="section_neutron-concepts.xml"/>
<section xml:id="section_neutron-networking-ovs">
<title>Open vSwitch (OVS) plug-in</title>
<note>
<para>We recommend using the Open vSwitch (OVS) plug-in until we
complete documentation for the Modular Layer 2 (ML2) plug-in.</para>
</note>
<xi:include href="section_neutron-controller-node.xml"/>
<xi:include href="section_neutron-network-node.xml"/>
<xi:include href="section_neutron-compute-node.xml"/>
</section>
<section xml:id="section_neutron-networking-ml2"> <section xml:id="section_neutron-networking-ml2">
<title>Modular Layer 2 (ML2) plug-in</title> <title>Modular Layer 2 (ML2) plug-in</title>
<warning> <note>
<para>We are adding this documentation for Icehouse. Until complete, <para>We primarily tested the Modular Layer 2 (ML2) plug-in on
we recommend using the Open vSwitch (OVS) plug-in.</para> Icehouse and suggest that you implement it instead of the
</warning> traditional Open vSwitch (OVS) plug-in.</para>
</note>
<xi:include href="section_neutron-ml2-controller-node.xml"/> <xi:include href="section_neutron-ml2-controller-node.xml"/>
<xi:include href="section_neutron-ml2-network-node.xml"/> <xi:include href="section_neutron-ml2-network-node.xml"/>
<xi:include href="section_neutron-ml2-compute-node.xml"/> <xi:include href="section_neutron-ml2-compute-node.xml"/>
</section> </section>
<section xml:id="section_neutron-networking-ovs">
<title>Open vSwitch (OVS) plug-in</title>
<warning>
<para>We suggest that you implement the Modular Layer 2 (ML2) plug-in
on Icehouse until we completely test the traditional Open vSwitch
(OVS) plug-in.</para>
</warning>
<xi:include href="section_neutron-ovs-controller-node.xml"/>
<xi:include href="section_neutron-ovs-network-node.xml"/>
<xi:include href="section_neutron-ovs-compute-node.xml"/>
</section>
<xi:include href="section_neutron-initial-networks.xml"/> <xi:include href="section_neutron-initial-networks.xml"/>
</section> </section>
<section xml:id="section_nova-networking"> <section xml:id="section_nova-networking">

View File

@ -42,14 +42,30 @@
<para>Perform these commands on the controller node.</para> <para>Perform these commands on the controller node.</para>
</note> </note>
<procedure> <procedure>
<title>To create the external network:</title> <title>To create the external network</title>
<step> <step>
<para>Source the <literal>admin</literal> tenant credentials:</para> <para>Source the <literal>admin</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen> <screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen>
</step> </step>
<step> <step>
<para>Create the network:</para> <para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --shared --router:external=True</userinput></screen> <screen><prompt>$</prompt> <userinput>neutron net-create ext-net --shared --router:external=True</userinput>
<computeroutput>Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 893aebb9-1c1e-48be-8908-6b947f3237b3 |
| name | ext-net |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 1 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | 54cd044c64d5408b83f843d63624e0d8 |
+---------------------------+--------------------------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
<para>Like a physical network, a virtual network requires a <para>Like a physical network, a virtual network requires a
@ -70,7 +86,7 @@
instances do not connect directly to the external network and floating instances do not connect directly to the external network and floating
IP addresses require manual assignment.</para> IP addresses require manual assignment.</para>
<procedure> <procedure>
<title>To create a subnet on the external network:</title> <title>To create a subnet on the external network</title>
<step> <step>
<para>Create the subnet:</para> <para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \ <screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
@ -81,7 +97,25 @@
<literal>203.0.113.200</literal>:</para> <literal>203.0.113.200</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \ <screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=203.0.113.101,end=203.0.113.200 \ --allocation-pool start=203.0.113.101,end=203.0.113.200 \
--disable-dhcp --gateway 203.0.113.1 203.0.113.0/24</userinput></screen> --disable-dhcp --gateway 203.0.113.1 203.0.113.0/24</userinput>
<computeroutput>Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "203.0.113.101", "end": "203.0.113.200"} |
| cidr | 203.0.113.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 203.0.113.1 |
| host_routes | |
| id | 9159f0dc-2b63-41cf-bd7a-289309da1391 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | ext-subnet |
| network_id | 893aebb9-1c1e-48be-8908-6b947f3237b3 |
| tenant_id | 54cd044c64d5408b83f843d63624e0d8 |
+-------------------+------------------------------------------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
</section> </section>
@ -95,14 +129,26 @@
<para>Perform these commands on the controller node.</para> <para>Perform these commands on the controller node.</para>
</note> </note>
<procedure> <procedure>
<title>To create the tenant network:</title> <title>To create the tenant network</title>
<step> <step>
<para>Source the <literal>demo</literal> tenant credentials:</para> <para>Source the <literal>demo</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source demo-openrc.sh</userinput></screen> <screen><prompt>$</prompt> <userinput>source demo-openrc.sh</userinput></screen>
</step> </step>
<step> <step>
<para>Create the network:</para> <para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create demo-net</userinput></screen> <screen><prompt>$</prompt> <userinput>neutron net-create demo-net</userinput>
<computeroutput>Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | ac108952-6096-4243-adf4-bb6615b3de28 |
| name | demo-net |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+----------------+--------------------------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
<para>Like the external network, your tenant network also requires <para>Like the external network, your tenant network also requires
@ -115,14 +161,32 @@
default, this subnet will use DHCP so your instances can obtain IP default, this subnet will use DHCP so your instances can obtain IP
addresses.</para> addresses.</para>
<procedure> <procedure>
<title>To create a subnet on the tenant network:</title> <title>To create a subnet on the tenant network</title>
<step> <step>
<para>Create the subnet:</para> <para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \ <screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway <replaceable>TENANT_NETWORK_GATEWAY</replaceable> <replaceable>TENANT_NETWORK_CIDR</replaceable></userinput></screen> --gateway <replaceable>TENANT_NETWORK_GATEWAY</replaceable> <replaceable>TENANT_NETWORK_CIDR</replaceable></userinput></screen>
<para>Example using <literal>192.168.1.0/24</literal>:</para> <para>Example using <literal>192.168.1.0/24</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \ <screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway 192.168.1.1 192.168.1.0/24</userinput></screen> --gateway 192.168.1.1 192.168.1.0/24</userinput>
<computeroutput>Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.1.2", "end": "192.168.1.254"} |
| cidr | 192.168.1.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.1.1 |
| host_routes | |
| id | 69d38773-794a-4e49-b887-6de6734e792d |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | demo-subnet |
| network_id | ac108952-6096-4243-adf4-bb6615b3de28 |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+-------------------+------------------------------------------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
<para>A virtual router passes network traffic between two or more virtual <para>A virtual router passes network traffic between two or more virtual
@ -132,20 +196,33 @@
a router and attach your tenant and external networks to it.</para> a router and attach your tenant and external networks to it.</para>
<procedure> <procedure>
<title>To create a router on the tenant network and attach the external <title>To create a router on the tenant network and attach the external
and tenant networks to it:</title> and tenant networks to it</title>
<step> <step>
<para>Create the router:</para> <para>Create the router:</para>
<screen><prompt>$</prompt> <userinput>neutron router-create demo-router</userinput></screen> <screen><prompt>$</prompt> <userinput>neutron router-create demo-router</userinput>
<computeroutput>Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 635660ae-a254-4feb-8993-295aa9ec6418 |
| name | demo-router |
| status | ACTIVE |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+-----------------------+--------------------------------------+</computeroutput></screen>
</step> </step>
<step> <step>
<para>Attach the router to the <literal>demo</literal> tenant <para>Attach the router to the <literal>demo</literal> tenant
subnet:</para> subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron router-interface-add demo-router demo-subnet</userinput></screen> <screen><prompt>$</prompt> <userinput>neutron router-interface-add demo-router demo-subnet</userinput>
<computeroutput>Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router.</computeroutput></screen>
</step> </step>
<step> <step>
<para>Attach the router to the external network by setting it as <para>Attach the router to the external network by setting it as
the gateway:</para> the gateway:</para>
<screen><prompt>$</prompt> <userinput>neutron router-gateway-set demo-router ext-net</userinput></screen> <screen><prompt>$</prompt> <userinput>neutron router-gateway-set demo-router ext-net</userinput>
<computeroutput>Set gateway for router demo-router</computeroutput></screen>
</step> </step>
</procedure> </procedure>
</section> </section>
@ -165,7 +242,7 @@
external network.</para> external network.</para>
</note> </note>
<procedure> <procedure>
<title>To verify network connectivity:</title> <title>To verify network connectivity</title>
<step> <step>
<para>Ping the tenant router gateway:</para> <para>Ping the tenant router gateway:</para>
<screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput> <screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput>

View File

@ -22,7 +22,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To install the Networking components:</title> <title>To install the Networking components</title>
<step> <step>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-common neutron-plugin-ml2 neutron-plugin-openvswitch-agent \ <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-common neutron-plugin-ml2 neutron-plugin-openvswitch-agent \
openvswitch-datapath-dkms</userinput></screen> openvswitch-datapath-dkms</userinput></screen>
@ -39,9 +39,9 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Networking common components:</title> <title>To configure the Networking common components</title>
<para>The Networking common component configuration includes the <para>The Networking common component configuration includes the
authentication mechanism, messaging service, and plug-in.</para> authentication mechanism, message broker, and plug-in.</para>
<step os="debian"> <step os="debian">
<para>Respond to prompts for <para>Respond to prompts for
<link linkend="debconf-dbconfig-common">database management</link>, <link linkend="debconf-dbconfig-common">database management</link>,
@ -49,7 +49,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
credentials</link>, credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint <link linkend="debconf-api-endpoints">service endpoint
registration</link>, and registration</link>, and
<link linkend="debconf-rabbitqm">messaging service <link linkend="debconf-rabbitqm">message broker
credentials</link>.</para> credentials</link>.</para>
</step> </step>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -104,7 +104,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
</substeps> </substeps>
</step> </step>
<step os="opensuse;sles"> <step os="opensuse;sles">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the password <para>Replace <replaceable>RABBIT_PASS</replaceable> with the password
you chose for the <literal>guest</literal> account in you chose for the <literal>guest</literal> account in
<application>RabbitMQ</application>.</para> <application>RabbitMQ</application>.</para>
@ -118,7 +118,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen> rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step> </step>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput> rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
@ -131,7 +131,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
qpid_password <replaceable>guest</replaceable></userinput></screen> qpid_password <replaceable>guest</replaceable></userinput></screen>
</step> </step>
<step os="ubuntu"> <step os="ubuntu">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<substeps> <substeps>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
@ -152,9 +152,9 @@ rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Configure Networking to use the Modular Layer 2 (ML2) plug-in <para>Configure Networking to use the Modular Layer 2 (ML2) plug-in
and associated services:</para> and associated services:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin neutron.plugins.ml2.plugin.Ml2Plugin</userinput> core_plugin ml2</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin</userinput></screen> service_plugins router</userinput></screen>
<warning> <warning>
<para>You must comment out any lines in the <para>You must comment out any lines in the
<literal>[service_providers]</literal> section.</para> <literal>[service_providers]</literal> section.</para>
@ -194,7 +194,7 @@ allow_overlapping_ips = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Modular Layer 2 (ML2) plug-in:</title> <title>To configure the Modular Layer 2 (ML2) plug-in</title>
<para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to <para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to
build the virtual networking framework for instances.</para> build the virtual networking framework for instances.</para>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -253,16 +253,12 @@ enable_tunneling = True</programlisting>
following keys to it:</para> following keys to it:</para>
<programlisting language="ini">[securitygroup] <programlisting language="ini">[securitygroup]
... ...
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting> firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
<para>Add the following key to the
<literal>[securitygroup]</literal> section:</para>
<programlisting language="ini">[securitygroup]
...
enable_security_group = True</programlisting> enable_security_group = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Open vSwitch (OVS) service:</title> <title>To configure the Open vSwitch (OVS) service</title>
<para>The OVS service provides the underlying virtual networking framework <para>The OVS service provides the underlying virtual networking framework
for instances. The integration bridge <literal>br-int</literal> handles for instances. The integration bridge <literal>br-int</literal> handles
internal instance network traffic within OVS.</para> internal instance network traffic within OVS.</para>
@ -292,7 +288,7 @@ enable_security_group = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure Compute to use Networking:</title> <title>To configure Compute to use Networking</title>
<para>By default, most distributions configure Compute to use legacy <para>By default, most distributions configure Compute to use legacy
networking. You must reconfigure Compute to manage networks through networking. You must reconfigure Compute to manage networks through
OpenStack Networking.</para> OpenStack Networking.</para>
@ -357,7 +353,7 @@ security_group_api = neutron</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To finalize the installation:</title> <title>To finalize the installation</title>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>The Networking service initialization scripts expect a symbolic <para>The Networking service initialization scripts expect a symbolic
link <filename>/etc/neutron/plugin.ini</filename> pointing to the link <filename>/etc/neutron/plugin.ini</filename> pointing to the

View File

@ -59,7 +59,7 @@ IDENTIFIED BY '<replaceable>NEUTRON_DBPASS</replaceable>';</userinput></screen>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To install the Networking components:</title> <title>To install the Networking components</title>
<step> <step>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-server neutron-plugin-ml2</userinput></screen> <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-server neutron-plugin-ml2</userinput></screen>
<screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-neutron openstack-neutron-ml2</userinput></screen> <screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-neutron openstack-neutron-ml2</userinput></screen>
@ -70,9 +70,9 @@ IDENTIFIED BY '<replaceable>NEUTRON_DBPASS</replaceable>';</userinput></screen>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Networking server component:</title> <title>To configure the Networking server component</title>
<para>The Networking server component configuration includes the database, <para>The Networking server component configuration includes the database,
authentication mechanism, messaging service, topology change notifier, authentication mechanism, message broker, topology change notifier,
and plug-in.</para> and plug-in.</para>
<step os="debian"> <step os="debian">
<para>Respond to prompts for <para>Respond to prompts for
@ -81,7 +81,7 @@ IDENTIFIED BY '<replaceable>NEUTRON_DBPASS</replaceable>';</userinput></screen>
credentials</link>, credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint <link linkend="debconf-api-endpoints">service endpoint
registration</link>, and registration</link>, and
<link linkend="debconf-rabbitqm">messaging service <link linkend="debconf-rabbitqm">message broker
credentials</link>.</para> credentials</link>.</para>
</step> </step>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -158,7 +158,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
</substeps> </substeps>
</step> </step>
<step os="sles;opensuse"> <step os="sles;opensuse">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the password <para>Replace <replaceable>RABBIT_PASS</replaceable> with the password
you chose for the <literal>guest</literal> account in you chose for the <literal>guest</literal> account in
<application>RabbitMQ</application>.</para> <application>RabbitMQ</application>.</para>
@ -172,7 +172,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen> rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step> </step>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput> rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
@ -185,7 +185,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
qpid_password <replaceable>guest</replaceable></userinput></screen> qpid_password <replaceable>guest</replaceable></userinput></screen>
</step> </step>
<step os="ubuntu"> <step os="ubuntu">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<substeps> <substeps>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
@ -282,9 +282,9 @@ nova_admin_auth_url = http://<replaceable>controller</replaceable>:35357/v2.0</p
<para>Configure Networking to use the Modular Layer 2 (ML2) plug-in <para>Configure Networking to use the Modular Layer 2 (ML2) plug-in
and associated services:</para> and associated services:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin neutron.plugins.ml2.plugin.Ml2Plugin</userinput> core_plugin ml2</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin</userinput></screen> service_plugins router</userinput></screen>
<warning> <warning>
<para>You must comment out any lines in the <para>You must comment out any lines in the
<literal>[service_providers]</literal> section.</para> <literal>[service_providers]</literal> section.</para>
@ -324,7 +324,7 @@ allow_overlapping_ips = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Modular Layer 2 (ML2) plug-in:</title> <title>To configure the Modular Layer 2 (ML2) plug-in</title>
<para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to <para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to
build the virtual networking framework for instances. However, the build the virtual networking framework for instances. However, the
controller node does not need the OVS agent or service because it controller node does not need the OVS agent or service because it
@ -364,16 +364,12 @@ tunnel_id_ranges = 1:1000</programlisting>
following keys to it:</para> following keys to it:</para>
<programlisting language="ini">[securitygroup] <programlisting language="ini">[securitygroup]
... ...
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting> firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
<para>Add the following key to the
<literal>[security_group]</literal> section:</para>
<programlisting language="ini">[security_group]
...
enable_security_group = True</programlisting> enable_security_group = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure Compute to use Networking:</title> <title>To configure Compute to use Networking</title>
<para>By default, most distributions configure Compute to use legacy <para>By default, most distributions configure Compute to use legacy
networking. You must reconfigure Compute to manage networks through networking. You must reconfigure Compute to manage networks through
OpenStack Networking.</para> OpenStack Networking.</para>
@ -438,7 +434,7 @@ security_group_api = neutron</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To finalize installation:</title> <title>To finalize installation</title>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>The Networking service initialization scripts expect a symbolic <para>The Networking service initialization scripts expect a symbolic
link <filename>/etc/neutron/plugin.ini</filename> pointing to the link <filename>/etc/neutron/plugin.ini</filename> pointing to the
@ -460,16 +456,6 @@ security_group_api = neutron</programlisting>
following:</para> following:</para>
<programlisting>NEUTRON_PLUGIN_CONF="/etc/neutron/plugins/ml2/ml2_conf.ini"</programlisting> <programlisting>NEUTRON_PLUGIN_CONF="/etc/neutron/plugins/ml2/ml2_conf.ini"</programlisting>
</step> </step>
<step os="rhel;centos;fedora;sles;opensuse">
<para>Populate the Networking database:</para>
<para>Replace <replaceable>NEUTRON_DBPASS</replaceable> with the
password you chose for the database.</para>
<screen><prompt>#</prompt> <userinput>openstack-db --init --service neutron --password <replaceable>NEUTRON_DBPASS</replaceable></userinput></screen>
<!--
<screen><prompt>#</prompt> <userinput>neutron-db-manage \-\-config-file /etc/neutron/neutron.conf \
\-\-config-file /etc/neutron/plugin.ini upgrade head</userinput></screen>
-->
</step>
<step> <step>
<para>Restart the Compute services:</para> <para>Restart the Compute services:</para>
<screen os="rhel;centos;fedora;sles;opensuse"><prompt>#</prompt> <userinput>service openstack-nova-api restart</userinput> <screen os="rhel;centos;fedora;sles;opensuse"><prompt>#</prompt> <userinput>service openstack-nova-api restart</userinput>

View File

@ -23,7 +23,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To install the Networking components:</title> <title>To install the Networking components</title>
<step> <step>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-plugin-ml2 neutron-plugin-openvswitch-agent openvswitch-datapath-dkms \ <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-plugin-ml2 neutron-plugin-openvswitch-agent openvswitch-datapath-dkms \
neutron-l3-agent neutron-dhcp-agent</userinput></screen> neutron-l3-agent neutron-dhcp-agent</userinput></screen>
@ -41,9 +41,9 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Networking common components:</title> <title>To configure the Networking common components</title>
<para>The Networking common component configuration includes the <para>The Networking common component configuration includes the
authentication mechanism, messaging service, and plug-in.</para> authentication mechanism, message broker, and plug-in.</para>
<step os="debian"> <step os="debian">
<para>Respond to prompts for <para>Respond to prompts for
<link linkend="debconf-dbconfig-common">database management</link>, <link linkend="debconf-dbconfig-common">database management</link>,
@ -51,7 +51,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
credentials</link>, credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint <link linkend="debconf-api-endpoints">service endpoint
registration</link>, and registration</link>, and
<link linkend="debconf-rabbitqm">messaging service <link linkend="debconf-rabbitqm">message broker
credentials</link>.</para> credentials</link>.</para>
</step> </step>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -106,7 +106,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
</substeps> </substeps>
</step> </step>
<step os="sles;opensuse"> <step os="sles;opensuse">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the password <para>Replace <replaceable>RABBIT_PASS</replaceable> with the password
you chose for the <literal>guest</literal> account in you chose for the <literal>guest</literal> account in
<application>RabbitMQ</application>.</para> <application>RabbitMQ</application>.</para>
@ -120,7 +120,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen> rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step> </step>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput> rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
@ -133,7 +133,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
qpid_password <replaceable>guest</replaceable></userinput></screen> qpid_password <replaceable>guest</replaceable></userinput></screen>
</step> </step>
<step os="ubuntu"> <step os="ubuntu">
<para>Configure Networking to use the messaging service:</para> <para>Configure Networking to use the message broker:</para>
<substeps> <substeps>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
@ -154,9 +154,9 @@ rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Configure Networking to use the Modular Layer 2 (ML2) plug-in <para>Configure Networking to use the Modular Layer 2 (ML2) plug-in
and associated services:</para> and associated services:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin neutron.plugins.ml2.plugin.Ml2Plugin</userinput> core_plugin ml2</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \ <prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin</userinput></screen> service_plugins router</userinput></screen>
<warning> <warning>
<para>You must comment any lines in the <para>You must comment any lines in the
<literal>[service_providers]</literal> section.</para> <literal>[service_providers]</literal> section.</para>
@ -196,7 +196,7 @@ allow_overlapping_ips = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Layer-3 (L3) agent:</title> <title>To configure the Layer-3 (L3) agent</title>
<para>The <glossterm>Layer-3 (L3) agent</glossterm> provides routing <para>The <glossterm>Layer-3 (L3) agent</glossterm> provides routing
services for instance virtual networks.</para> services for instance virtual networks.</para>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -229,7 +229,7 @@ use_namespaces = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the DHCP agent:</title> <title>To configure the DHCP agent</title>
<para>The <glossterm>DHCP agent</glossterm> provides <para>The <glossterm>DHCP agent</glossterm> provides
<glossterm>DHCP</glossterm> services for instance virtual <glossterm>DHCP</glossterm> services for instance virtual
networks.</para> networks.</para>
@ -266,7 +266,7 @@ use_namespaces = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the metadata agent:</title> <title>To configure the metadata agent</title>
<para>The <glossterm>metadata agent</glossterm> provides configuration <para>The <glossterm>metadata agent</glossterm> provides configuration
information such as credentials for remote access to instances.</para> information such as credentials for remote access to instances.</para>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -353,7 +353,7 @@ neutron_metadata_proxy_shared_secret = <replaceable>METADATA_SECRET</replaceable
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Modular Layer 2 (ML2) plug-in:</title> <title>To configure the Modular Layer 2 (ML2) plug-in</title>
<para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to <para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to
build virtual networking framework for instances.</para> build virtual networking framework for instances.</para>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
@ -412,16 +412,12 @@ enable_tunneling = True</programlisting>
following keys to it:</para> following keys to it:</para>
<programlisting language="ini">[securitygroup] <programlisting language="ini">[securitygroup]
... ...
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting> firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
<para>Add the following key to the
<literal>[securitygroup]</literal> section:</para>
<programlisting language="ini">[security_group]
...
enable_security_group = True</programlisting> enable_security_group = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To configure the Open vSwitch (OVS) service:</title> <title>To configure the Open vSwitch (OVS) service</title>
<para>The OVS service provides the underlying virtual networking framework <para>The OVS service provides the underlying virtual networking framework
for instances. The integration bridge <literal>br-int</literal> handles for instances. The integration bridge <literal>br-int</literal> handles
internal instance network traffic within OVS. The external bridge internal instance network traffic within OVS. The external bridge
@ -474,7 +470,7 @@ enable_security_group = True</programlisting>
</step> </step>
</procedure> </procedure>
<procedure> <procedure>
<title>To finalize the installation:</title> <title>To finalize the installation</title>
<step os="rhel;centos;fedora"> <step os="rhel;centos;fedora">
<para>The Networking service initialization scripts expect a symbolic <para>The Networking service initialization scripts expect a symbolic
link <filename>/etc/neutron/plugin.ini</filename> pointing to the link <filename>/etc/neutron/plugin.ini</filename> pointing to the

View File

@ -10,7 +10,7 @@
<glossterm>multi-host</glossterm> feature provides redundancy by spreading <glossterm>multi-host</glossterm> feature provides redundancy by spreading
network functions across compute nodes.</para> network functions across compute nodes.</para>
<procedure> <procedure>
<title>To use legacy networking:</title> <title>To use legacy networking</title>
<step> <step>
<para>Install the packages:</para> <para>Install the packages:</para>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install nova-network nova-api-metadata</userinput></screen> <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install nova-network nova-api-metadata</userinput></screen>

View File

@ -21,7 +21,7 @@
<para>Perform these commands on the controller node.</para> <para>Perform these commands on the controller node.</para>
</note> </note>
<procedure> <procedure>
<title>To create the network:</title> <title>To create the network</title>
<step> <step>
<para>Source the <literal>admin</literal> tenant credentials:</para> <para>Source the <literal>admin</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen> <screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen>
@ -38,6 +38,18 @@
</para> </para>
<screen><prompt>$</prompt> <userinput>nova network-create demo-net --bridge br100 --multi-host T \ <screen><prompt>$</prompt> <userinput>nova network-create demo-net --bridge br100 --multi-host T \
--fixed-range-v4 203.0.113.24/29</userinput></screen> --fixed-range-v4 203.0.113.24/29</userinput></screen>
<note>
<para>This command provides no output.</para>
</note>
</step>
<step>
<para>Verify creation of the network:</para>
<screen><prompt>$</prompt> <userinput>nova net-list</userinput>
<computeroutput>+--------------------------------------+----------+------------------+
| ID | Label | CIDR |
+--------------------------------------+----------+------------------+
| 84b34a65-a762-44d6-8b5e-3b461a53f513 | demo-net | 203.0.113.24/29 |
+--------------------------------------+----------+------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
</section> </section>