openstack/openstack-manuals
Code Issues Proposed changes

Restructured and updated Neutron initial networks section

Browse Source 
As part of the installation guide improvement project, I performed
the following operations on the Neutron initial networks section:

1) Added new diagram to help visualize network components and their
   locations within the environment.
2) Added explanation for each procedure.
3) Added use of 'openrc' files.
4) Clarified phrasing and wording.

Change-Id: I69946a009807681115ebe23c011495ffb8b9467e
Partial-Bug: #1291071
Implements: blueprint networking-install-guide-improvements
This commit is contained in:
Matt Kassawara
2014-03-20 22:07:45 -06:00
parent 21aa195468
commit 36512433f9
4 changed files with 811 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
doc/glossary/glossary-terms.xml
View File

@@ -2056,8 +2056,8 @@
<glossentry>
<glossterm>gateway</glossterm>
<glossdef>
<para>Hardware or software that translates between two
different protocols.</para>
<para>An IP address, typically assigned to a router, that
passes network traffic between different networks.</para>
</glossdef>
</glossentry>
<glossentry>
@@ -2534,6 +2534,13 @@
instance.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>interface</glossterm>
<glossdef>
<para>A physical or virtual device that provides connectivity
to another device or medium.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>interface ID</glossterm>
<glossdef>
@@ -3960,6 +3967,13 @@
instances among available hosts.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>router</glossterm>
<glossdef>
<para>A physical or virtual network device that passes
network traffic between different networks.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>routing key</glossterm>
<glossdef>
@@ -4396,6 +4410,12 @@
possible.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>subnet</glossterm>
<glossdef>
<para>Logical subdivision of an IP network.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>SUSE Linux Enterprise Server (SLES)</glossterm>
<glossdef>

BIN
doc/install-guide/figures/installguide_neutron-initial-networks.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 48 KiB

621
doc/install-guide/figures/installguide_neutron-initial-networks.svg Normal file
View File

@@ -0,0 +1,621 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="340"
height="896.8075"
id="svg2"
version="1.1"
inkscape:version="0.48.4 r9939"
sodipodi:docname="installguide_neutron-initial-networks.svg">
<defs
id="defs4">
<marker
inkscape:stockid="Arrow1Mend"
orient="auto"
refY="0"
refX="0"
id="Arrow1Mend"
style="overflow:visible">
<path
id="path7091"
d="M 0,0 5,-5 -12.5,0 5,5 0,0 z"
style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt"
transform="matrix(-0.4,0,0,-0.4,-4,0)"
inkscape:connector-curvature="0" />
</marker>
<marker
inkscape:stockid="Arrow2Mend"
orient="auto"
refY="0"
refX="0"
id="Arrow2Mend"
style="overflow:visible">
<path
id="path7109"
style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
transform="scale(-0.6,-0.6)"
inkscape:connector-curvature="0" />
</marker>
<marker
inkscape:stockid="Arrow2Lend"
orient="auto"
refY="0"
refX="0"
id="Arrow2Lend"
style="overflow:visible">
<path
id="path7103"
style="fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
transform="matrix(-1.1,0,0,-1.1,-1.1,0)"
inkscape:connector-curvature="0" />
</marker>
<linearGradient
id="linearGradient6753">
<stop
id="stop6761"
offset="0"
style="stop-color:#80ff00;stop-opacity:1;" />
<stop
style="stop-color:#0080ff;stop-opacity:1;"
offset="1"
id="stop6757" />
</linearGradient>
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient6753"
id="linearGradient6759"
x1="157.56857"
y1="529.86218"
x2="253.43143"
y2="529.86218"
gradientUnits="userSpaceOnUse"
gradientTransform="matrix(1,0,0,0.95000001,2.9780565,364.63374)" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient6753-8"
id="linearGradient6759-1"
x1="157.56857"
y1="529.86218"
x2="253.43143"
y2="529.86218"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(0,175)" />
<linearGradient
id="linearGradient6753-8">
<stop
id="stop6761-9"
offset="0"
style="stop-color:#80ff00;stop-opacity:1;" />
<stop
style="stop-color:#0080ff;stop-opacity:1;"
offset="1"
id="stop6757-2" />
</linearGradient>
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.16"
inkscape:cx="132.16466"
inkscape:cy="745.8053"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="true"
inkscape:snap-bbox="true"
inkscape:snap-bbox-midpoints="false"
inkscape:snap-bbox-edge-midpoints="false"
inkscape:bbox-paths="false"
inkscape:bbox-nodes="false"
inkscape:snap-nodes="false"
inkscape:snap-global="true"
inkscape:window-width="1366"
inkscape:window-height="746"
inkscape:window-x="-8"
inkscape:window-y="-8"
inkscape:window-maximized="1"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0">
<inkscape:grid
type="xygrid"
id="grid2985"
empspacing="5"
visible="true"
enabled="true"
snapvisiblegridlinesonly="true"
units="px"
spacingx="1px"
spacingy="1px"
originx="-29.999991px"
originy="-432.53907px" />
</sodipodi:namedview>
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-10,-11.375)">
<text
sodipodi:linespacing="125%"
x="515.35541"
y="458.09265"
id="text8526"
xml:space="preserve"
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"><tspan
x="515.35541"
y="458.09265"
id="tspan8528"
style="font-size:16px;fill:#ffffff;fill-opacity:1">Network Interfaces</tspan></text>
<rect
style="fill:#e0e0e0;fill-opacity:1;stroke:#000000;stroke-width:1.96199918;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7705-0"
y="233.34317"
x="10.980995"
ry="4.999999"
rx="4.9999976"
height="398.03802"
width="338.03793" />
<text
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text7739-1"
y="248.82126"
x="179.72656"
sodipodi:linespacing="125%"><tspan
style="font-size:16px;text-align:center;text-anchor:middle"
id="tspan7741-9"
y="248.82126"
x="179.72656">Network Node</tspan><tspan
style="font-size:14px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique"
id="tspan7743-5"
y="267.19217"
x="179.72656">network</tspan></text>
<rect
style="fill:#0000c0;fill-opacity:1;stroke:#000000;stroke-width:1.16499984;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7725-7-0-0-5-1-4-7-6"
y="572.9447"
x="90.582497"
ry="5"
rx="5.000001"
height="38.83498"
width="178.83501" />
<text
style="font-size:12px;font-style:normal;font-weight:normal;text-align:center;line-height:125%;letter-spacing:0px;word-spacing:0px;text-anchor:middle;fill:#ffffff;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text7727-7-4-3-8-4-9-6"
y="588.26318"
x="179.74023"
sodipodi:linespacing="125%"><tspan
style="font-size:14px;fill:#ffffff;fill-opacity:1"
id="tspan7729-1-9-6-8-9-9-4"
y="588.26318"
x="179.74023">External Network Interface</tspan><tspan
style="font-size:12px;font-style:oblique;fill:#ffffff;fill-opacity:1;-inkscape-font-specification:Sans Oblique"
id="tspan7731-2-4-2-1-8-0-4"
y="604.12817"
x="179.74023">eth2: (unnumbered)</tspan></text>
<rect
style="fill:#e0e0e0;fill-opacity:1;stroke:#000000;stroke-width:1.96199977;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7705-0-8"
y="12.343173"
x="10.980999"
ry="4.999999"
rx="5"
height="179.03801"
width="338.03799" />
<text
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text7739-1-5"
y="27.609818"
x="179.9375"
sodipodi:linespacing="125%"><tspan
style="font-size:16px;text-align:center;text-anchor:middle"
id="tspan7741-9-9"
y="27.609818"
x="179.9375">Compute Node</tspan><tspan
style="font-size:14px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique"
id="tspan7743-5-4"
y="45.980759"
x="179.9375">compute1</tspan></text>
<flowRoot
xml:space="preserve"
id="flowRoot6249"
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
transform="translate(0,308.2677)"><flowRegion
id="flowRegion6251"><rect
id="rect6253"
width="6"
height="88"
x="249"
y="367.09448" /></flowRegion><flowPara
id="flowPara6255" /></flowRoot> <rect
style="fill:#80ff00;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect6380"
width="319"
height="60.499996"
x="21"
y="351.36218"
rx="5"
ry="4.999999" />
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="180"
y="370.36218"
id="text6376"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
x="180"
y="370.36218"
id="tspan6382"
style="text-align:center;text-anchor:middle">Tenant Virtual Network (demo-net)</tspan><tspan
sodipodi:role="line"
x="180"
y="386.22711"
id="tspan6386"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique">Subnet: 192.168.1.0/24 (demo-subnet)</tspan><tspan
sodipodi:role="line"
x="181.66406"
y="401.22711"
id="tspan6388"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique">Gateway: 192.168.1.1 </tspan></text>
<rect
style="fill:#0080ff;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect6380-8"
width="319"
height="61"
x="20.5"
y="490.86218"
rx="5"
ry="4.999999" />
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="179.70605"
y="508.76324"
id="text6376-8"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
x="179.70605"
y="508.76324"
style="font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique"
id="tspan6722"><tspan
id="tspan6724"
style="font-style:normal;text-align:center;text-anchor:middle">External Virtual Network (ext-net)</tspan></tspan><tspan
sodipodi:role="line"
x="179.70605"
y="524.62817"
id="tspan6386-4"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique">Subnet: 203.0.113.0/24 (ext-subnet)</tspan><tspan
sodipodi:role="line"
x="179.70605"
y="539.62817"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique"
id="tspan6441">Gateway: 203.0.113.1</tspan><tspan
sodipodi:role="line"
x="179.70605"
y="554.62817"
id="tspan6388-5"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique" /></text>
<rect
style="fill:#00c000;fill-opacity:1;stroke:#000000;stroke-width:1.16499984;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7725-7-0-0-5-1-4-7-5"
y="290.94467"
x="90.582497"
ry="5"
rx="4.9999995"
height="40.835011"
width="178.83499" />
<text
style="font-size:12px;font-style:normal;font-weight:normal;text-align:center;line-height:125%;letter-spacing:0px;word-spacing:0px;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text7727-7-4-3-8-4-9-7-5"
y="307.45267"
x="179.64111"
sodipodi:linespacing="125%"><tspan
style="font-size:14px;fill:#ffffff"
id="tspan7729-1-9-6-8-9-9-8-6"
y="307.45267"
x="179.64111">Instance Tunnel Interface</tspan><tspan
style="font-size:12px;font-style:oblique;fill:#ffffff;-inkscape-font-specification:Sans Oblique"
id="tspan7731-2-4-2-1-8-0-3-0"
y="323.3176"
x="179.64111">eth1: 10.0.1.21/24</tspan></text>
<text
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text8526-3-9"
y="458.09265"
x="592.98047"
sodipodi:linespacing="125%"><tspan
style="font-size:16px;fill:#ffffff;fill-opacity:1"
id="tspan8528-0-5"
y="458.09265"
x="592.98047">Network Interfaces</tspan></text>
<rect
style="fill:#e0e0e0;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect6380-8-1"
width="338"
height="178.00024"
x="11"
y="673.36206"
rx="5.0000005"
ry="4.9999995" />
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#ffffff;fill-opacity:1;stroke:none;font-family:Sans"
x="179.6748"
y="692.69537"
id="text6376-8-5"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
x="179.6748"
y="692.69537"
id="tspan6382-2-2"
style="font-size:16px;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1">External Physical Network</tspan><tspan
sodipodi:role="line"
x="179.6748"
y="711.06628"
id="tspan6388-5-1"
style="font-size:14px;font-style:oblique;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;-inkscape-font-specification:Sans Oblique">Subnet: 203.0.113.0/24</tspan></text>
<path
sodipodi:type="arc"
style="fill:url(#linearGradient6759);fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:0.84100455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="path6671"
sodipodi:cx="205.5"
sodipodi:cy="529.86218"
sodipodi:rx="47.5"
sodipodi:ry="47.5"
d="m 253,529.86218 c 0,26.23353 -21.26647,47.5 -47.5,47.5 -26.23353,0 -47.5,-21.26647 -47.5,-47.5 0,-26.23352 21.26647,-47.5 47.5,-47.5 26.23353,0 47.5,21.26648 47.5,47.5 z"
transform="matrix(3.3578947,0,0,0.42105263,-510.04736,228.76232)" />
<rect
style="fill:#00c000;fill-opacity:1;stroke:#000000;stroke-width:1.16499984;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7725-7-0-0-5-1-4-7-5-4"
y="132.94469"
x="90.582497"
ry="5"
rx="4.9999995"
height="40"
width="178.83499" />
<text
style="font-size:12px;font-style:normal;font-weight:normal;text-align:center;line-height:125%;letter-spacing:0px;word-spacing:0px;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
xml:space="preserve"
id="text7727-7-4-3-8-4-9-7-5-2"
y="149.45267"
x="179.64111"
sodipodi:linespacing="125%"><tspan
style="font-size:14px;fill:#ffffff"
id="tspan7729-1-9-6-8-9-9-8-6-3"
y="149.45267"
x="179.64111">Instance Tunnel Interface</tspan><tspan
style="font-size:12px;font-style:oblique;fill:#ffffff;-inkscape-font-specification:Sans Oblique"
id="tspan7731-2-4-2-1-8-0-3-0-2"
y="165.3176"
x="179.64111">eth1: 10.0.1.31/24</tspan></text>
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="68.724609"
y="453.98523"
id="text6714"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan6716"
x="68.724609"
y="453.98523">Tenant Virtual Router (demo-router)</tspan></text>
<rect
style="fill:#80ff00;fill-opacity:1;stroke:#000000;stroke-width:1.16499984;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7725-7-0-0-5-1-4-7-5-4-2"
y="72.362183"
x="70.582497"
ry="5"
rx="4.999999"
height="40"
width="218.83501" />
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="180"
y="92.362183"
id="text6793"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan6795"
x="180"
y="92.362183"
style="text-align:center;text-anchor:middle">Instance (demo1)</tspan><tspan
sodipodi:role="line"
x="180"
y="108.2271"
id="tspan6797"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;-inkscape-font-specification:Sans Oblique">Subnet: 192.168.1.0/24 (demo-subnet)</tspan></text>
<path
sodipodi:type="arc"
style="fill:#0000c0;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:0.85723114;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="path6671-7"
sodipodi:cx="205.5"
sodipodi:cy="529.86218"
sodipodi:rx="47.5"
sodipodi:ry="47.5"
d="m 253,529.86218 c 0,26.23353 -21.26647,47.5 -47.5,47.5 -26.23353,0 -47.5,-21.26647 -47.5,-47.5 0,-26.23352 21.26647,-47.5 47.5,-47.5 26.23353,0 47.5,21.26648 47.5,47.5 z"
transform="matrix(3.3578947,0,0,0.40526322,-510.04736,597.87852)" />
<text
xml:space="preserve"
style="font-size:14px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="179.35742"
y="809.36432"
id="text6620"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan6622"
x="179.35742"
y="809.36432"
style="text-align:center;text-anchor:middle;fill:#ffffff;fill-opacity:1">External Physical Router</tspan><tspan
sodipodi:role="line"
x="179.35742"
y="825.22925"
id="tspan6624"
style="font-size:12px;font-style:oblique;text-align:center;text-anchor:middle;fill:#ffffff;fill-opacity:1;-inkscape-font-specification:Sans Oblique">IP Address: 203.0.113.1</tspan></text>
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;marker-start:none"
d="m 180,112.36218 -1e-5,20.58251"
id="path6841"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#rect7725-7-0-0-5-1-4-7-5-4-2"
inkscape:connection-start-point="d4"
inkscape:connection-end="#rect7725-7-0-0-5-1-4-7-5-4"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
d="m 179.99999,311.36218 0,0"
id="path7029"
inkscape:connector-type="polyline"
inkscape:connector-curvature="20"
inkscape:connection-start="#rect7725-7-0-0-5-1-4-7-5"
inkscape:connection-start-point="d4"
inkscape:connection-end="#rect7725-7-0-0-5-1-4-7-5"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 180.14531,331.77968 0.13938,19.5825"
id="path7037"
inkscape:connector-type="polyline"
inkscape:connector-curvature="20"
inkscape:connection-start="#rect7725-7-0-0-5-1-4-7-5"
inkscape:connection-start-point="d4"
inkscape:connection-end="#rect6380"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 180.2847,411.86218 -0.14235,20.00001"
id="path7039"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#rect6380"
inkscape:connection-start-point="d4"
inkscape:connection-end="#path6671"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 180,471.86219 0,18.99999"
id="path7041"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#path6671"
inkscape:connection-start-point="d4"
inkscape:connection-end="#rect6380-8"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 180,551.86218 0,21.08252"
id="path7043"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#rect6380-8"
inkscape:connection-start-point="d4"
inkscape:connection-end="#rect7725-7-0-0-5-1-4-7-6"
inkscape:connection-end-point="d4" />
<rect
style="fill:#0000c0;fill-opacity:1;stroke:#000000;stroke-width:1.16499984;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0"
id="rect7725-7-0-0-5-1-4-7-6-9"
y="732.9447"
x="90.582497"
ry="5.0000005"
rx="5.000001"
height="38.834999"
width="178.83501" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 180,771.7797 0,21.58247"
id="path7074"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#rect7725-7-0-0-5-1-4-7-6-9"
inkscape:connection-start-point="d4"
inkscape:connection-end="#path6671-7"
inkscape:connection-end-point="d4" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;marker-end:url(#Arrow1Mend);display:inline"
d="m 180,831.86218 0,60.5"
id="path7076"
inkscape:connector-type="polyline"
inkscape:connector-curvature="0"
inkscape:connection-start="#path6671-7"
inkscape:connection-start-point="d4" />
<text
xml:space="preserve"
style="font-size:16px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="150.49506"
y="913.74829"
id="text7896"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan7898"
x="150.49506"
y="913.74829" /></text>
<text
xml:space="preserve"
style="font-size:16px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="152.16797"
y="907.995"
id="text7900"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan7902"
x="152.16797"
y="907.995">Internet</tspan></text>
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 270.39755,591.56673 c 79.43842,33.98981 78.43974,142.67834 0,164.20454"
id="path7904"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cc" />
<path
style="fill:none;stroke:#000000;stroke-width:3;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 270.39755,150.25991 c 79.43842,33.98981 78.43974,142.67834 0,164.20454"
id="path7904-1"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cc" />
<text
xml:space="preserve"
style="font-size:16px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Sans"
x="103.62207"
y="755.98523"
id="text7928"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan7930"
x="103.62207"
y="755.98523"
style="font-size:14px;fill:#ffffff;fill-opacity:1">External Physical Switch</tspan></text>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

309
doc/install-guide/section_neutron-initial-networks.xml
View File

@@ -5,153 +5,180 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0">
<title>Create initial networks</title>
<title>Create initial networks</title>
<para>Before launching your first instance, you must create the
necessary virtual network infrastructure to which the instance will
connect, including the
<link linkend="neutron_initial-external-network">external network</link>
and
<link linkend="neutron_initial-tenant-network">tenant network</link>.
See <xref linkend="neutron_figure-neutron-initial-networks"/>. After
creating this infrastructure, we recommend that you
<link linkend="neutron_initial-networks-verify">verify
connectivity</link> and resolve any issues before proceeding further.
</para>
<figure xml:id="neutron_figure-neutron-initial-networks">
<title>Initial networks</title>
<mediaobject>
<imageobject>
<imagedata contentwidth="6in"
fileref="figures/installguide_neutron-initial-networks.png"/>
</imageobject>
</mediaobject>
</figure>
<section xml:id="neutron_initial-external-network">
<title>External network</title>
<para>The external network typically provides internet access for
your instances. By default, this network only allows internet
access <emphasis>from</emphasis> instances using
<glossterm>Network Address Translation (NAT)</glossterm>. You can
enable internet access <emphasis>to</emphasis> individual instances
using a <glossterm>floating IP address</glossterm> and suitable
<glossterm>security group</glossterm> rules. The <literal>admin</literal>
tenant owns this network because it provides external network
access for multiple tenants. You must also enable sharing to allow
access by those tenants.</para>
<note>
<para>In these sections, replace <replaceable>SPECIAL_OPTIONS</replaceable> with any options specific to your OpenStack Networking plug-in choices. See <link
linkend="install-neutron.configure-networks.plug-in-specific"
>here</link> to check if your plug-in requires any special options.</para>
<para>Perform these commands on the controller node.</para>
</note>
<procedure>
<title>To create the external network:</title>
<step>
<para>Create the <literal>ext-net</literal> external network. This
network represents a slice of the outside world. VMs are not directly
linked to this network; instead, they connect to internal networks.
Outgoing traffic is routed by OpenStack Networking to the external
network. Additionally, floating IP addresses from the subnet for
<literal>ext-net</literal> might be assigned to VMs so that the
external network can contact them. Neutron-based services route the
traffic appropriately.</para>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --router:external=True <replaceable>SPECIAL_OPTIONS</replaceable></userinput></screen>
<para>Source the <literal>admin</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen>
</step>
<step>
<para>Create the associated subnet with the same gateway and
CIDR as <replaceable>EXTERNAL_INTERFACE</replaceable>. It
does not have DHCP because it represents a slice of the
external world:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net \
--allocation-pool start=<replaceable>FLOATING_IP_START</replaceable>,end=<replaceable>FLOATING_IP_END</replaceable> \
--gateway=<replaceable>EXTERNAL_INTERFACE_GATEWAY</replaceable> --enable_dhcp=False \
<replaceable>EXTERNAL_INTERFACE_CIDR</replaceable></userinput></screen>
</step>
<step>
<para>Create one or more initial tenants, for example:</para>
<screen><prompt>$</prompt> <userinput>keystone tenant-create --name <replaceable>DEMO_TENANT</replaceable></userinput></screen>
<para os="rhel;centos;fedora;opensuse;sles;ubuntu"> See <xref
linkend="keystone-users"/> for further details.</para>
<para os="debian"> See <xref linkend="keystone-install"/> for
further details.</para>
</step>
<step>
<para>Create the router attached to the external network. This
router routes traffic to the internal subnets as
appropriate. You can create it under a given tenant: Append
<literal>--tenant-id</literal> option with a value of
<replaceable>DEMO_TENANT_ID</replaceable> to the
command.</para>
<para>Use the following to quickly get the
<replaceable>DEMO_TENANT</replaceable> tenant-id:</para>
<screen><prompt>$</prompt> <userinput>keystone tenant-list | grep <replaceable>DEMO_TENANT</replaceable> | awk '{print $2;}'</userinput></screen>
<para>Then create the router:</para>
<screen><prompt>$</prompt> <userinput>neutron router-create ext-to-int --tenant-id <replaceable>DEMO_TENANT_ID</replaceable></userinput></screen>
</step>
<step>
<para>Connect the router to <literal>ext-net</literal> by
setting the gateway for the router as
<literal>ext-net</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron router-gateway-set <replaceable>EXT_TO_INT_ID</replaceable> <replaceable>EXT_NET_ID</replaceable></userinput></screen>
</step>
<step>
<para>Create an internal network for
<replaceable>DEMO_TENANT</replaceable> (and associated
subnet over an arbitrary internal IP range, such as,
<literal>10.5.5.0/24</literal>), and connect it to the
router by setting it as a port:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create --tenant-id <replaceable>DEMO_TENANT_ID</replaceable> demo-net <replaceable>SPECIAL_OPTIONS</replaceable></userinput>
<prompt>$</prompt> <userinput>neutron subnet-create --tenant-id <replaceable>DEMO_TENANT_ID</replaceable> demo-net 10.5.5.0/24 --gateway 10.5.5.1</userinput>
<prompt>$</prompt> <userinput>neutron router-interface-add <replaceable>EXT_TO_INT_ID</replaceable> <replaceable>DEMO_NET_SUBNET_ID</replaceable></userinput></screen>
<para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --shared --router:external=True</userinput></screen>
</step>
</procedure>
<para>Like a physical network, a virtual network requires a
<glossterm>subnet</glossterm> assigned to it. The external network
shares the same subnet and <glossterm>gateway</glossterm> associated
with the physical network connected to the external interface on the
network node. You should specify an exclusive slice of this subnet
for <glossterm>router</glossterm> and floating IP addresses to prevent
interference with other devices on the external network.</para>
<para>Replace <replaceable>FLOATING_IP_START</replaceable> and
<replaceable>FLOATING_IP_END</replaceable> with the first and last
IP addresses of the range that you want to allocate for floating IP
addresses. Replace <replaceable>EXTERNAL_NETWORK_CIDR</replaceable>
with the subnet associated with the physical network. Replace
<replaceable>EXTERNAL_NETWORK_GATEWAY</replaceable> with the gateway
associated with the physical network, typically the ".1" IP address.
You should disable <glossterm>DHCP</glossterm> on this subnet because
instances do not connect directly to the external network and floating
IP addresses require manual assignment.</para>
<procedure>
<title>To create a subnet on the external network:</title>
<step>
<para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=<replaceable>FLOATING_IP_START</replaceable>,end=<replaceable>FLOATING_IP_END</replaceable> \
--disable-dhcp --gateway <replaceable>EXTERNAL_NETWORK_GATEWAY</replaceable> <replaceable>EXTERNAL_NETWORK_CIDR</replaceable></userinput></screen>
<para>For example, using <literal>203.0.113.0/24</literal> with
floating IP address range <literal>203.0.113.101</literal> to
<literal>203.0.113.200</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=203.0.113.101,end=203.0.113.200 \
--disable-dhcp --gateway 203.0.113.1 203.0.113.0/24</userinput></screen>
</step>
</procedure>
<section
xml:id="install-neutron.configure-networks.plug-in-specific">
<title>Plug-in-specific Neutron network options</title>
<section
xml:id="install-neutron.configure-networks.plug-in-specific.ovs">
<title>Open vSwitch Network configuration options</title>
<section
xml:id="install-neutron.configure-networks.plug-in-specific.ovs.gre">
<title>GRE tunneling network options</title>
<note>
<para>While this guide currently enables network
namespaces by default, you can disable them if you have
issues or your kernel does not support them. If you
disabled namespaces, you must perform some additional
configuration for the L3 agent.</para>
<para>After you create all the networks, tell the L3 agent
what the external network ID is, as well as the ID of
the router associated with this machine (because you are
not using namespaces, there can be only one router for
each machine). To do this, edit the
<filename>/etc/neutron/l3_agent.ini</filename>
file:</para>
<programlisting language="ini">gateway_external_network_id = <replaceable>EXT_NET_ID</replaceable>
router_id = <replaceable>EXT_TO_INT_ID</replaceable></programlisting>
<para>Then, restart the L3 agent:</para>
<screen><prompt>#</prompt> <userinput>service neutron-l3-agent restart</userinput></screen>
</note>
<para>When creating networks, you should use the
options:</para>
<screen><userinput>--provider:network_type gre --provider:segmentation_id SEG_ID</userinput></screen>
<para><replaceable>SEG_ID</replaceable> should be
<literal>2</literal> for the external network, and just
any unique number inside the tunnel range specified before
for any other network.</para>
<note>
<para>These options are not needed beyond the first
network, as OpenStack Networking services automatically
increment the segmentation ID and copy the network type
option for any additional networks.</para>
</note>
</section>
<section
xml:id="install-neutron.configure-networks.plug-in-specific.ovs.vlan">
<title>VLAN network options</title>
<warning>
<para>Some NICs have Linux drivers that do not handle
VLANs properly. See the
<literal>ovs-vlan-bug-workaround</literal> and
<literal>ovs-vlan-test</literal> man pages for more
information. Additionally, you might try turning off
<literal>rx-vlan-offload</literal> and
<literal>tx-vlan-offload</literal> by using
<command>ethtool</command> on the
<replaceable>DATA_INTERFACE</replaceable>. Another
potential caveat to VLAN functionality is that VLAN tags
add an additional 4 bytes to the packet size. If your
NICs cannot handle large packets, make sure to set the
MTU to a value that is 4 bytes less than the normal
value on the
<replaceable>DATA_INTERFACE</replaceable>.</para>
<para>If you run OpenStack inside a virtualized
environment (for testing purposes), switching to the
<literal>virtio</literal> NIC type (or a similar
technology if you are not using KVM/QEMU to run your
host VMs) might solve the issue.</para>
</warning>
<para>When creating networks, use these options:</para>
<screen><userinput>--provider:network_type vlan --provider:physical_network physnet1 --provider:segmentation_id SEG_ID</userinput> </screen>
<para><replaceable>SEG_ID</replaceable> should be
<literal>2</literal> for the external network, and just
any unique number inside the vlan range specified above
for any other network.</para>
<note>
<para>These options are not needed beyond the first
network, as Neutron automatically increments the
segmentation ID and copies the network type and physical
network options for any additional networks. They are
only needed if you wish to modify those values in any
way.</para>
</note>
</section>
</section>
</section>
</section>
<section xml:id="neutron_initial-tenant-network">
<title>Tenant network</title>
<para>The tenant network provides internal network access for instances.
The architecture isolates this type of network from other tenants. The
<literal>demo</literal> tenant owns this network because it only
provides network access for instances within it.</para>
<note>
<para>Perform these commands on the controller node.</para>
</note>
<procedure>
<title>To create the tenant network:</title>
<step>
<para>Source the <literal>demo</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source demo-openrc.sh</userinput></screen>
</step>
<step>
<para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create demo-net</userinput></screen>
</step>
</procedure>
<para>Like the external network, your tenant network also requires
a subnet attached to it. You can specify any valid subnet because the
architecture isolates tenant networks. Replace
<replaceable>TENANT_NETWORK_CIDR</replaceable> with the subnet
you want to associate with the tenant network. Replace
<replaceable>TENANT_NETWORK_GATEWAY</replaceable> with the gateway you
want to associate with this network, typically the ".1" IP address. By
default, this subnet will use DHCP so your instances can obtain IP
addresses.</para>
<procedure>
<title>To create a subnet on the tenant network:</title>
<step>
<para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway <replaceable>TENANT_NETWORK_GATEWAY</replaceable> <replaceable>TENANT_NETWORK_CIDR</replaceable></userinput></screen>
<para>Example using <literal>192.168.1.0/24</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway 192.168.1.1 192.168.1.0/24</userinput></screen>
</step>
</procedure>
<para>A virtual router passes network traffic between two or more virtual
networks. Each router requires one or more
<glossterm baseform="interface">interfaces</glossterm> and/or gateways
that provide access to specific networks. In this case, you will create
a router and attach your tenant and external networks to it.</para>
<procedure>
<title>To create a router on the tenant network and attach the external
and tenant networks to it:</title>
<step>
<para>Create the router:</para>
<screen><prompt>$</prompt> <userinput>neutron router-create demo-router</userinput></screen>
</step>
<step>
<para>Attach the router to the <literal>demo</literal> tenant
subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron router-interface-add demo-router demo-subnet</userinput></screen>
</step>
<step>
<para>Attach the router to the external network by setting it as
the gateway:</para>
<screen><prompt>$</prompt> <userinput>neutron router-gateway-set demo-router ext-net</userinput></screen>
</step>
</procedure>
</section>
<section xml:id="neutron_initial-networks-verify">
<title>Verify connectivity</title>
<para>We recommend that you verify network connectivity and resolve any
issues before proceeding further. Following the external network
subnet example using <literal>203.0.113.0/24</literal>, the tenant
router gateway should occupy the lowest IP address in the floating
IP address range, <literal>203.0.113.101</literal>. If you configured
your external physical network and virtual networks correctly, you
you should be able to <command>ping</command> this IP address from any
host on your external physical network.</para>
<note>
<para>If you are building your OpenStack nodes as virtual machines,
you must configure the hypervisor to permit promiscuous mode on the
external network.</para>
</note>
<procedure>
<title>To verify network connectivity:</title>
<step>
<para>Ping the tenant router gateway:</para>
<screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput>
<computeroutput>PING 203.0.113.101 (203.0.113.101) 56(84) bytes of data.
64 bytes from 203.0.113.101: icmp_req=1 ttl=64 time=0.619 ms
64 bytes from 203.0.113.101: icmp_req=2 ttl=64 time=0.189 ms
64 bytes from 203.0.113.101: icmp_req=3 ttl=64 time=0.165 ms
64 bytes from 203.0.113.101: icmp_req=4 ttl=64 time=0.216 ms
--- 203.0.113.101 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.165/0.297/0.619/0.187 ms</computeroutput></screen>
</step>
</procedure>
</section>
</section>