openstack/openstack-manuals
Code Issues Proposed changes

additional clean-up for quantum admin guide.

Browse Source 
trying to eliminate clearly internal comment, extra spaces, and
sections that we no longer plan to create.

Change-Id: I8c3e94d3a5340896ed11df473c5cee2a8a5a9e77
This commit is contained in:
Dan Wendlandt
2012-09-27 10:07:40 -07:00
parent a451f96711
commit 26f001897e
6 changed files with 49 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/src/docbkx/openstack-network-connectivity-admin/bk-quantum-admin-guide.xml
View File

@@ -68,7 +68,6 @@
<xi:include href="ch_adv_features.xml"/>
<xi:include href="ch_adv_config.xml"/>
<xi:include href="ch_auth.xml"/>
<xi:include href="ch_security.xml"/>
<xi:include href="ch_adv_operational_features.xml"/>
<xi:include href="ch_high_avail.xml"/>
<xi:include href="ch_limitations.xml"/>

17
doc/src/docbkx/openstack-network-connectivity-admin/ch_adv_config.xml
View File

@@ -45,7 +45,7 @@ format="PNG" />
After installing from packages, $QUANTUM_CONF_DIR is
<filename>/etc/quantum</filename>.</para>
<section xml:id="quantum_server">
<title>Quantum Server</title>
<title>Quantum Server with Plugin</title>
<para>This is the Quantum service that runs the Quantum API
Web Server. It is responsible for loading a plugin and
passing the API calls to the plugin for processing. The
@@ -62,13 +62,8 @@ format="PNG" />
that performs the actual networking. Specific
configuration details can be seen in the Appendix -
Configuration File Options. </para>
</section>
<section xml:id="core_plugins">
<title>Core Plugins</title>
<para>This section will describe the OpenvSwitch and
LinuxBridge plugin configurations. The plugins require a
database. Quantum makes use of MYSQL by default. After
installing and starting the SQL server, set a password for
<para>Most plugins require a SQL database. After
installing and starting the database server, set a password for
the root account and delete the anonymous accounts: </para>
<screen><computeroutput>$&gt; mysql -u root
mysql&gt; update mysql.user set password = password('iamroot') where user = 'root';
@@ -83,7 +78,7 @@ mysql&gt; grant all on &lt;database-name&gt;.* to '&lt;user-name&gt;'@'%';</comp
the relevant plugin configuration files. The plugin
specific configuration files can be found at
$QUANTUM_CONF_DIR/plugins.</para>
<para>Each plugin has a L2 agent that performs the actual
<para>Some plugins have a L2 agent that performs the actual
networking. That is, the agent will attach the virtual
machine NIC to the Quantum network. Each node should have
a Quantum agent running on it. Note that the agent
@@ -248,4 +243,8 @@ admin_password $SERVICE_PASSWORD</computeroutput></screen>
</listitem>
</orderedlist></para>
</section>
<section xml:id="l3_agent_detail">
<title>L3 Agent</title>
<para>[Content to be added]</para>
</section>
</chapter>

12
doc/src/docbkx/openstack-network-connectivity-admin/ch_config.xml
View File

@@ -68,12 +68,10 @@ keystone endpoint-create --region $REGION --service-id quantum --publicurl
<para>With the template driver, for a given region ($REGION) and IP
address of the Quantum server ($IP), add the following content to
your keystone catalog template file (default_catalog.templates):</para>
<screen><computeroutput>
catalog.$Region.network.publicURL = http://$IP:9696
<screen><computeroutput>catalog.$Region.network.publicURL = http://$IP:9696
catalog.$Region.network.adminURL = http://$IP:9696
catalog.$Region.network.internalURL = http://$IP:9696
catalog.$Region.network.name = Network Service
</computeroutput></screen>
catalog.$Region.network.name = Network Service </computeroutput></screen>
</step>
<step>
<title>Create Quantum Service User</title>
@@ -192,8 +190,10 @@ quantum_admin_tenant_name=service
quantum_admin_username=quantum
quantum_admin_password=password
quantum_admin_auth_url=http://192.168.1.2:35357/v2.0
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtOpenVswitchDriver # needed only for nova-compute
libvirt_use_virtio_for_bridges=True # needed only for nova-compute</computeroutput> </screen>
# needed only for nova-compute
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtOpenVswitchDriver
libvirt_use_virtio_for_bridges=True </computeroutput> </screen>
</section>
</section>
</chapter>

8
doc/src/docbkx/openstack-network-connectivity-admin/ch_high_avail.xml
View File

@@ -36,6 +36,13 @@ format="PNG" />
]>
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="ch_high_avail">
<title>High Availability</title>
<para>Several aspects of a Quantum deployment benefit from high-availabilty
to withstand individual node failures. In general, quantum-server and
quantum-dhcp-agent can be run in an active-active fashion.
quantum-l3-agent can be run only as active/passive, to avoid IP conflicts
with respect to gateway IP addresses.</para>
<section xml:id="ha_pacemaker">
<title>Quantum High Availability with Pacemaker</title>
<para>You can run some Quantum services into a cluster (Active / Passive or Active / Active for
Quantum Server only) with Pacemaker.</para>
<para>Here you can download the latest Resources Agents :<itemizedlist>
@@ -57,4 +64,5 @@ format="PNG" />
cluster</emphasis>", please refer to <link
xlink:href="http://www.clusterlabs.org/wiki/Documentation">Pacemaker
documentation</link>.</db:para></db:note>
</section>
</chapter>

71
doc/src/docbkx/openstack-network-connectivity-admin/ch_install.xml
View File

@@ -7,9 +7,11 @@
<!ENTITY plusmn "&#xB1;">
]>
<chapter xmlns="http://docbook.org/ns/docbook"
<chapter
xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="5.0"
xml:id="ch_install">
<title>Quantum Installation</title>
<para> This chapter describes how to install the Quantum Service
@@ -22,7 +24,7 @@
<title>Install Packages (Ubuntu) </title>
<note>
<para>This model assumes that you are using Ubuntu Precise
with trunk testing PPAs. We will update this once
with folsom testing PPAs. We will update this once
there is an official released by Ubuntu.</para>
</note>
<para>Point to Folsom PPAs:                        
@@ -107,11 +109,10 @@ rabbit_user=guest </computeroutput></screen>
<screen><computeroutput>enable_tunneling=True
tenant_network_type=gre
tunnel_id_ranges=1:1000
local_ip=&lt;data-net-IP-address-of-node&gt; # only required on nodes running quantum-plugin-openvswitch-agent</computeroutput></screen>
<para>After performing that change on the node running
quantum-server, restart quantum-server to pick up
the new settings.</para>
<screen><computeroutput>service quantum-server restart</computeroutput></screen>
# only if node is running the agent
local_ip=&lt;data-net-IP-address-of-node&gt;</computeroutput></screen>
<para>After performing that change on the node running quantum-server, restart quantum-server to pick up the new settings.</para>
<screen><computeroutput>service quantum-server restart</computeroutput></screen>
</section>
</section>
<section xml:id="install_quantum_agent">
@@ -166,37 +167,20 @@ local_ip=&lt;data-net-IP-address-of-node&gt; # only required on nodes running qu
<para>For example, with Open vSwitch and NIC eth1 connect
to the external network, run:</para>
<screen><computeroutput>ovs-vsctl add-br br-ex
ovs-vsctl add-port br-ex eth1
</computeroutput></screen>
<para>The node running quantum-l3-agent should not have an
IP address manually configured on the NIC connected to
the external network. Rather, you must have a range of
IP addresses from the external network that can be
used by Quantum for routers that uplink to the
external network. This range must be large enough to
have an IP address for each router in the deployment,
as well as each floating IP.</para>
<para> The quantum-l3-agent uses the Linux IP stack and
iptables to perform L3 forwarding and NAT. In order to
support multiple routers with potentially overlapping
IP addresses, quantum-l3-agent defaults to using Linux
network namespaces to provide isolated forwarding
contexts (see diagram FIXME). As a result, the IP
addresses of routers will not be visible simply by
running "ip addr list" or "ifconfig" on the node.
Similarly, you will not be able to directly ping fixed
IPs. To do either of these things, you must run the
command within a particular router's network
namespace. The namespace will have the name
"qrouter-&lt;UUID of the router&gt;. The following
commands are examples of running commands in the
namespace of a router with UUID
47af3868-0fa8-4447-85f6-1304de32153b:
<screen>
<computeroutput>
ip netns exec qrouter-47af3868-0fa8-4447-85f6-1304de32153b ip addr list
ip netns exec qrouter-47af3868-0fa8-4447-85f6-1304de32153b ping &lt;fixed-ip&gt;
</computeroutput>
ovs-vsctl add-port br-ex eth1</computeroutput></screen>
<para>The node running quantum-l3-agent should not have an IP address manually configured on the NIC connected to the external network.
Rather, you must have a range of IP addresses from the external network that can be used by Quantum for routers that uplink
to the external network. This range must be large enough to have an IP address for each router in the deployment, as well as each
floating IP.</para>
<para>
The quantum-l3-agent uses the Linux IP stack and iptables to perform L3 forwarding and NAT. In order to support multiple routers with
potentially overlapping IP addresses, quantum-l3-agent defaults to using Linux network namespaces to provide isolated forwarding contexts. As a result, the IP addresses of routers will not be visible simply by running "ip addr list" or "ifconfig" on the
node. Similarly, you will not be able to directly ping fixed IPs. To do either of these things, you must run the command within
a particular router's network namespace. The namespace will have the name "qrouter-&lt;UUID of the router&gt;. The following commands are
examples of running commands in the namespace of a router with UUID 47af3868-0fa8-4447-85f6-1304de32153b:
<screen>
<computeroutput>ip netns exec qrouter-47af3868-0fa8-4447-85f6-1304de32153b ip addr list
ip netns exec qrouter-47af3868-0fa8-4447-85f6-1304de32153b ping &lt;fixed-ip&gt;</computeroutput>
</screen>
</para>
</section>
@@ -207,9 +191,8 @@ ip netns exec qrouter-47af3868-0fa8-4447-85f6-1304de32153b ping &lt;fixed-ip&gt;
</section>
<section xml:id="init_config">
<title>Init, Config, and Log File Locations</title>
<para>Services can be started and stopped using the
'service' command. For example:</para>
<screen><computeroutput>service quantum-server stop
<para>Services can be started and stopped using the 'service' command. For example:</para>
<screen><computeroutput>service quantum-server stop
service quantum-server status
service quantum-server start
service quantum-server restart</computeroutput></screen>
@@ -311,7 +294,7 @@ sudo systemctl start quantum-openvswitch-agent.service</computeroutput></screen>
<para>Run the agent setup script:</para>
<screen><computeroutput>sudo quantum-dhcp-setup --plugin openvswitch</computeroutput></screen>
<para>Enable and start the agent:</para>
<screen><computeroutput>sudo systemctl enable quantum-dhcp-agent.service
<screen><computeroutput>sudo systemctl enable quantum-dhcp-agent.service
sudo systemctl start quantum-dhcp-agent.service </computeroutput></screen>
</section>
<section xml:id="fedora_q_l3">
@@ -338,7 +321,7 @@ sudo ovs-vsctl add-port br-ex eth1</computeroutput></screen>
<para>Run the agent setup script:</para>
<screen><computeroutput>sudo quantum-l3-setup --plugin openvswitch</computeroutput></screen>
<para>Enable and start the agent:</para>
<screen><computeroutput>sudo systemctl enable quantum-l3-agent.service
<screen><computeroutput>sudo systemctl enable quantum-l3-agent.service
sudo systemctl start quantum-l3-agent.service</computeroutput></screen>
</section>
<section xml:id="fedora_q_client">

56
doc/src/docbkx/openstack-network-connectivity-admin/ch_security.xml
View File

@@ -1,56 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!ENTITY plusmn "&#xB1;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY CHECK '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject role="fo">
<imagedata fileref="figures/Check_mark_23x20_02.svg"
format="SVG" scale="60"/>
</imageobject>
<imageobject role="html">
<imagedata fileref="../figures/Check_mark_23x20_02.png"
format="PNG" />
</imageobject>
</inlinemediaobject>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject role="fo">
<imagedata fileref="figures/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
<imageobject role="html">
<imagedata fileref="../figures/Arrow_east.png"
format="PNG" />
</imageobject>
</inlinemediaobject>'>
]>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="ch_security">
<title>Security</title>
<para>
<itemizedlist>
<listitem>
<para>Not sure if this should be a section.</para>
</listitem>
<listitem>
<para>rootwrap</para>
</listitem>
</itemizedlist>
</para>
</chapter>