openstack/openstack-manuals
Code Issues Proposed changes

Modify neutron content for Kilo

Browse Source 
Modify neutron content for Kilo as follows:

1) Change python-keystoneclient to python-openstackclient.

2) Move RabbitMQ configuration to [oslo_messaging_rabbit]
   section.

3) Use "openstack" account for RabbitMQ.

4) Change [keystone_authtoken] and [nova] sections to use
   auth_plugin.

5) Add note about differing stock configuration files and usage
   of ellipsis in configuration snippets.

6) Change database version to 'head' until release.

Implements: blueprint installguide-kilo
Change-Id: I98e76a82cb329680e0c653286c9681fb1a9f67de
This commit is contained in:
Matthew Kassawara 2015-03-30 11:51:17 -05:00
parent 1e979f0fe0
commit 90c6ac8c92
5 changed files with 204 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/glossary/glossary-terms.xml
View File

@ -8477,6 +8477,20 @@
</glossdef> </glossdef>
</glossentry> </glossentry>
<glossentry>
<glossterm>virtual extensible LAN (VXLAN)</glossterm>
<indexterm class="singular">
<primary>virtual extensible LAN (VXLAN)</primary>
</indexterm>
<glossdef>
<para>A network virtualization technology that attempts to reduce the
scalability problems associated with large cloud computing
deployments. It uses a VLAN-like encapsulation technique to
encapsulate Ethernet frames within UDP packets.</para>
</glossdef>
</glossentry>
<glossentry> <glossentry>
<glossterm>Virtual Hard Disk (VHD)</glossterm> <glossterm>Virtual Hard Disk (VHD)</glossterm>
<indexterm class="singular"> <indexterm class="singular">

61
doc/install-guide/section_neutron-compute-node.xml
View File

@ -49,7 +49,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
>Identity service credentials</link>, <link >Identity service credentials</link>, <link
linkend="debconf-api-endpoints">service endpoint linkend="debconf-api-endpoints">service endpoint
registration</link>, and <link linkend="debconf-rabbitmq" registration</link>, and <link linkend="debconf-rabbitmq"
>message broker credentials</link>.</para> >message queue credentials</link>.</para>
</step> </step>
<step> <step>
<para>Select the ML2 plug-in:</para> <para>Select the ML2 plug-in:</para>
@ -74,7 +74,14 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
<procedure os="ubuntu;rhel;centos;fedora;sles;opensuse"> <procedure os="ubuntu;rhel;centos;fedora;sles;opensuse">
<title>To configure the Networking common components</title> <title>To configure the Networking common components</title>
<para>The Networking common component configuration includes the <para>The Networking common component configuration includes the
authentication mechanism, message broker, and plug-in.</para> authentication mechanism, message queue, and plug-in.</para>
<note>
<para>Default configuration files vary by distribution. You might need
to add these sections and options rather than modifying existing
sections and options. Also, an ellipsis (...) in the configuration
snippets indicates potential default configuration options that you
should retain.</para>
</note>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
and complete the following actions:</para> and complete the following actions:</para>
@ -85,15 +92,20 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
do not directly access the database.</para> do not directly access the database.</para>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> section, configure <para>In the <literal>[DEFAULT]</literal> and
<application>RabbitMQ</application> message broker access:</para> <literal>[oslo_messaging_rabbit]</literal> sections, configure
<application>RabbitMQ</application> message queue access:</para>
<programlisting language="ini">[DEFAULT] <programlisting language="ini">[DEFAULT]
... ...
rpc_backend = rabbit rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = <replaceable>controller</replaceable> rabbit_host = <replaceable>controller</replaceable>
rabbit_userid = openstack
rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting> rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the <para>Replace <replaceable>RABBIT_PASS</replaceable> with the
password you chose for the <literal>guest</literal> account in password you chose for the <literal>openstack</literal> account in
<application>RabbitMQ</application>.</para> <application>RabbitMQ</application>.</para>
</step> </step>
<step> <step>
@ -106,19 +118,20 @@ auth_strategy = keystone
[keystone_authtoken] [keystone_authtoken]
... ...
auth_uri = http://<replaceable>controller</replaceable>:5000/v2.0 auth_uri = http://<replaceable>controller</replaceable>:5000
identity_uri = http://<replaceable>controller</replaceable>:35357 auth_url = http://<replaceable>controller</replaceable>:35357
admin_tenant_name = service auth_plugin = password
admin_user = neutron project_domain_id = default
admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting> user_domain_id = default
project_name = service
username = neutron
password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<para>Replace <replaceable>NEUTRON_PASS</replaceable> with the <para>Replace <replaceable>NEUTRON_PASS</replaceable> with the
password you chose or the <literal>neutron</literal> user in the password you chose or the <literal>neutron</literal> user in the
Identity service.</para> Identity service.</para>
<note> <note>
<para>Comment out any <literal>auth_host</literal>, <para>Comment out or remove any other options in the
<literal>auth_port</literal>, and <literal>[keystone_authtoken]</literal> section.</para>
<literal>auth_protocol</literal> options because the
<literal>identity_uri</literal> option replaces them.</para>
</note> </note>
</step> </step>
<step> <step>
@ -153,13 +166,15 @@ verbose = True</programlisting>
<substeps> <substeps>
<step os="ubuntu;rhel;centos;fedora;sles;opensuse"> <step os="ubuntu;rhel;centos;fedora;sles;opensuse">
<para>In the <literal>[ml2]</literal> section, enable the <para>In the <literal>[ml2]</literal> section, enable the
<glossterm baseform="flat network">flat</glossterm> and <glossterm baseform="flat network">flat</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm> <glossterm baseform="VLAN network">VLAN</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm>, and
<glossterm>virtual extensible LAN (VXLAN)</glossterm>
network type drivers, GRE tenant networks, and the OVS network type drivers, GRE tenant networks, and the OVS
mechanism driver:</para> mechanism driver:</para>
<programlisting language="ini">[ml2] <programlisting language="ini">[ml2]
... ...
type_drivers = flat,gre type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre tenant_network_types = gre
mechanism_drivers = openvswitch</programlisting> mechanism_drivers = openvswitch</programlisting>
</step> </step>
@ -186,8 +201,7 @@ firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewal
and configure the local tunnel endpoint:</para> and configure the local tunnel endpoint:</para>
<programlisting language="ini">[ovs] <programlisting language="ini">[ovs]
... ...
local_ip = <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable> local_ip = <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable></programlisting>
enable_tunneling = True</programlisting>
<para>Replace <para>Replace
<replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable> <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable>
with the IP address of the instance tunnels network interface with the IP address of the instance tunnels network interface
@ -341,9 +355,16 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<computeroutput>+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+ <computeroutput>+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
| id | agent_type | host | alive | admin_state_up | binary | | id | agent_type | host | alive | admin_state_up | binary |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+ +--------------------------------------+--------------------+----------+-------+----------------+---------------------------+
... | 30275801-e17a-41e4-8f53-9db63544f689 | Metadata agent | network | :-) | True | neutron-metadata-agent |
| 4bd8c50e-7bad-4f3b-955d-67658a491a15 | Open vSwitch agent | network | :-) | True | neutron-openvswitch-agent |
| 756e5bba-b70f-4715-b80e-e37f59803d20 | L3 agent | network | :-) | True | neutron-l3-agent |
| 9c45473c-6d6d-4f94-8df1-ebd0b6838d5f | DHCP agent | network | :-) | True | neutron-dhcp-agent |
| a5a49051-05eb-4b4f-bfc7-d36235fe9131 | Open vSwitch agent | compute1 | :-) | True | neutron-openvswitch-agent | | a5a49051-05eb-4b4f-bfc7-d36235fe9131 | Open vSwitch agent | compute1 | :-) | True | neutron-openvswitch-agent |
+--------------------------------------+--------------------+----------+-------+----------------+---------------------------+</computeroutput></screen> +--------------------------------------+--------------------+----------+-------+----------------+---------------------------+</computeroutput></screen>
<note>
<para>This output should indicate four agents alive on the
network node and one agent alive on the compute node.</para>
</note>
</step> </step>
</procedure> </procedure>
</section> </section>

177
doc/install-guide/section_neutron-controller-node.xml
View File

@ -47,61 +47,66 @@
<substeps> <substeps>
<step> <step>
<para>Create the <literal>neutron</literal> user:</para> <para>Create the <literal>neutron</literal> user:</para>
<screen><prompt>$</prompt> <userinput>keystone user-create --name neutron --pass <replaceable>NEUTRON_PASS</replaceable></userinput> <screen><prompt>$</prompt> <userinput>openstack user create --password-prompt neutron</userinput>
<computeroutput>+----------+----------------------------------+ <computeroutput>User Password:
| Property | Value | Repeat User Password:
+----------+----------------------------------+ +----------+----------------------------------+
| email | | | Field | Value |
| enabled | True | +----------+----------------------------------+
| id | 7fd67878dcd04d0393469ef825a7e005 | | email | None |
| name | neutron | | enabled | True |
| username | neutron | | id | ab67f043d9304017aaa73d692eeb4945 |
| name | neutron |
| username | neutron |
+----------+----------------------------------+</computeroutput></screen> +----------+----------------------------------+</computeroutput></screen>
<para>Replace <replaceable>NEUTRON_PASS</replaceable> with a suitable
password.</para>
</step> </step>
<step> <step>
<para>Add the <literal>admin</literal> role to the <para>Add the <literal>admin</literal> role to the
<literal>neutron</literal> user:</para> <literal>neutron</literal> user:</para>
<screen><prompt>$</prompt> <userinput>keystone user-role-add --user neutron --tenant service --role admin</userinput></screen> <screen><prompt>$</prompt> <userinput>openstack role add --project service --user neutron admin</userinput>
<note> <computeroutput>+-------+----------------------------------+
<para>This command provides no output.</para> | Field | Value |
</note> +-------+----------------------------------+
| id | 1169d778631b4fd1aefd9d35314e1c56 |
| name | admin |
+-------+----------------------------------+</computeroutput></screen>
</step> </step>
<step> <step>
<para>Create the <literal>neutron</literal> service entity:</para> <para>Create the <literal>neutron</literal> service entity:</para>
<screen><prompt>$</prompt> <userinput>keystone service-create --name neutron --type network \ <screen><prompt>$</prompt> <userinput>openstack service create --type network \
--description "OpenStack Networking"</userinput> --description "OpenStack Networking" neutron</userinput>
<computeroutput>+-------------+----------------------------------+ <computeroutput>+-------------+----------------------------------+
| Property | Value | | Field | Value |
+-------------+----------------------------------+ +-------------+----------------------------------+
| description | OpenStack Networking | | description | OpenStack Networking |
| enabled | True | | enabled | True |
| id | 6369ddaf99a447f3a0d41dac5e342161 | | id | f71529314dab4a4d8eca427e701d209e |
| name | neutron | | name | neutron |
| type | network | | type | network |
+-------------+----------------------------------+</computeroutput></screen> +-------------+----------------------------------+</computeroutput></screen>
</step> </step>
</substeps> </substeps>
</step> </step>
<step> <step>
<para>Create the Networking service API endpoints:</para> <para>Create the Networking service API endpoints:</para>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create \ <screen><prompt>$</prompt> <userinput>openstack endpoint create \
--service-id $(keystone service-list | awk '/ network / {print $2}') \
--publicurl http://<replaceable>controller</replaceable>:9696 \ --publicurl http://<replaceable>controller</replaceable>:9696 \
--adminurl http://<replaceable>controller</replaceable>:9696 \ --adminurl http://<replaceable>controller</replaceable>:9696 \
--internalurl http://<replaceable>controller</replaceable>:9696 \ --internalurl http://<replaceable>controller</replaceable>:9696 \
--region regionOne</userinput> --region regionOne
<computeroutput>+-------------+----------------------------------+ network</userinput>
| Property | Value | <computeroutput>+--------------+----------------------------------+
+-------------+----------------------------------+ | Field | Value |
| adminurl | http://controller:9696 | +--------------+----------------------------------+
| id | fa18b41938a94bf6b35e2c152063ee21 | | adminurl | http://controller:9696 |
| internalurl | http://controller:9696 | | id | 04a7d3c1de784099aaba83a8a74100b3 |
| publicurl | http://controller:9696 | | internalurl | http://controller:9696 |
| region | regionOne | | publicurl | http://controller:9696 |
| service_id | 6369ddaf99a447f3a0d41dac5e342161 | | region | regionOne |
+-------------+----------------------------------+</computeroutput></screen> | service_id | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron |
| service_type | network |
+--------------+----------------------------------+</computeroutput></screen>
</step> </step>
</procedure> </procedure>
<procedure os="ubuntu;rhel;centos;fedora;sles;opensuse"> <procedure os="ubuntu;rhel;centos;fedora;sles;opensuse">
@ -130,7 +135,7 @@
credentials</link>, credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint <link linkend="debconf-api-endpoints">service endpoint
registration</link>, and registration</link>, and
<link linkend="debconf-rabbitmq">message broker <link linkend="debconf-rabbitmq">message queue
credentials</link>.</para> credentials</link>.</para>
</step> </step>
<step> <step>
@ -156,8 +161,15 @@
<procedure os="ubuntu;rhel;centos;fedora;sles;opensuse"> <procedure os="ubuntu;rhel;centos;fedora;sles;opensuse">
<title>To configure the Networking server component</title> <title>To configure the Networking server component</title>
<para>The Networking server component configuration includes the database, <para>The Networking server component configuration includes the database,
authentication mechanism, message broker, topology change notifications, authentication mechanism, message queue, topology change notifications,
and plug-in.</para> and plug-in.</para>
<note>
<para>Default configuration files vary by distribution. You might need
to add these sections and options rather than modifying existing
sections and options. Also, an ellipsis (...) in the configuration
snippets indicates potential default configuration options that you
should retain.</para>
</note>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
and complete the following actions:</para> and complete the following actions:</para>
@ -172,16 +184,21 @@ connection = mysql://neutron:<replaceable>NEUTRON_DBPASS</replaceable>@<replacea
password you chose for the database.</para> password you chose for the database.</para>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> section, configure <para>In the <literal>[DEFAULT]</literal> and
<application>RabbitMQ</application> message broker access:</para> <literal>[oslo_messaging_rabbit]</literal> sections, configure
<application>RabbitMQ</application> message queue access:</para>
<programlisting language="ini">[DEFAULT] <programlisting language="ini">[DEFAULT]
... ...
rpc_backend = rabbit rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = <replaceable>controller</replaceable> rabbit_host = <replaceable>controller</replaceable>
rabbit_userid = openstack
rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting> rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the <para>Replace <replaceable>RABBIT_PASS</replaceable> with the
password you chose for the <literal>guest</literal> account in password you chose for the <literal>openstack</literal> account
<application>RabbitMQ</application>.</para> in <application>RabbitMQ</application>.</para>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> and <para>In the <literal>[DEFAULT]</literal> and
@ -193,19 +210,20 @@ auth_strategy = keystone
[keystone_authtoken] [keystone_authtoken]
... ...
auth_uri = http://<replaceable>controller</replaceable>:5000/v2.0 auth_uri = http://<replaceable>controller</replaceable>:5000
identity_uri = http://<replaceable>controller</replaceable>:35357 auth_url = http://<replaceable>controller</replaceable>:35357
admin_tenant_name = service auth_plugin = password
admin_user = neutron project_domain_id = default
admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting> user_domain_id = default
project_name = service
username = neutron
password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<para>Replace <replaceable>NEUTRON_PASS</replaceable> with the <para>Replace <replaceable>NEUTRON_PASS</replaceable> with the
password you chose or the <literal>neutron</literal> user in the password you chose for the <literal>neutron</literal> user in the
Identity service.</para> Identity service.</para>
<note> <note>
<para>Comment out any <literal>auth_host</literal>, <para>Comment out or remove any other options in the
<literal>auth_port</literal>, and <literal>[keystone_authtoken]</literal> section.</para>
<literal>auth_protocol</literal> options because the
<literal>identity_uri</literal> option replaces them.</para>
</note> </note>
</step> </step>
<step> <step>
@ -219,37 +237,28 @@ service_plugins = router
allow_overlapping_ips = True</programlisting> allow_overlapping_ips = True</programlisting>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> section, configure <para>In the <literal>[DEFAULT]</literal> and
<literal>[nova]</literal> sections, configure
Networking to notify Compute of network topology changes:</para> Networking to notify Compute of network topology changes:</para>
<programlisting language="ini">[DEFAULT] <programlisting language="ini">[DEFAULT]
... ...
notify_nova_on_port_status_changes = True notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True notify_nova_on_port_data_changes = True
nova_url = http://<replaceable>controller</replaceable>:8774/v2 nova_url = http://<replaceable>controller</replaceable>:8774/v2
nova_admin_auth_url = http://<replaceable>controller</replaceable>:35357/v2.0
nova_region_name = regionOne [nova]
nova_admin_username = nova ...
nova_admin_tenant_id = <replaceable>SERVICE_TENANT_ID</replaceable> auth_url = http://<replaceable>controller</replaceable>:35357
nova_admin_password = <replaceable>NOVA_PASS</replaceable></programlisting> auth_plugin = password
<para>Replace <replaceable>SERVICE_TENANT_ID</replaceable> with the project_domain_id = default
<literal>service</literal> tenant identifier (id) in the Identity user_domain_id = default
service and <replaceable>NOVA_PASS</replaceable> with the password region_name = regionOne
project_name = service
username = nova
password = <replaceable>NOVA_PASS</replaceable></programlisting>
<para>Replace <literal>NOVA_PASS</literal> with the password
you chose for the <literal>nova</literal> user in the Identity you chose for the <literal>nova</literal> user in the Identity
service.</para> service.</para>
<note>
<para>To obtain the <literal>service</literal> tenant
identifier (id):</para>
<screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput>
<prompt>$</prompt> <userinput>keystone tenant-get service</userinput>
<computeroutput>+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id | f727b5ec2ceb4d71bad86dfc414449bf |
| name | service |
+-------------+----------------------------------+</computeroutput></screen>
</note>
</step> </step>
<step> <step>
<para>(Optional) To assist with troubleshooting, <para>(Optional) To assist with troubleshooting,
@ -276,18 +285,20 @@ verbose = True</programlisting>
<substeps> <substeps>
<step> <step>
<para>In the <literal>[ml2]</literal> section, enable the <para>In the <literal>[ml2]</literal> section, enable the
<glossterm baseform="flat network">flat</glossterm> and <glossterm baseform="flat network">flat</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm> <glossterm baseform="VLAN network">VLAN</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm>, and
<glossterm>virtual extensible LAN (VXLAN)</glossterm>
network type drivers, GRE tenant networks, and the OVS network type drivers, GRE tenant networks, and the OVS
mechanism driver:</para> mechanism driver:</para>
<programlisting language="ini">[ml2] <programlisting language="ini">[ml2]
... ...
type_drivers = flat,gre type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre tenant_network_types = gre
mechanism_drivers = openvswitch</programlisting> mechanism_drivers = openvswitch</programlisting>
<warning> <warning>
<para>Once you configure the ML2 plug-in, be aware that disabling <para>Once you configure the ML2 plug-in, changing values in
a network type driver and re-enabling it later can lead to the <literal>type_drivers</literal> option can lead to
database inconsistency.</para> database inconsistency.</para>
</warning> </warning>
</step> </step>
@ -378,8 +389,10 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
</step> </step>
<step os="ubuntu;rhel;centos;fedora"> <step os="ubuntu;rhel;centos;fedora">
<para>Populate the database:</para> <para>Populate the database:</para>
<!-- FIXME: Change database version from 'head' to 'kilo' after
release. -->
<screen><prompt>#</prompt> <userinput>su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ <screen><prompt>#</prompt> <userinput>su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron</userinput></screen> --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron</userinput></screen>
<note> <note>
<para>Database population occurs later for Networking because the <para>Database population occurs later for Networking because the
script requires complete server and plug-in configuration script requires complete server and plug-in configuration
@ -397,9 +410,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<para os="opensuse">On openSUSE:</para> <para os="opensuse">On openSUSE:</para>
<screen os="opensuse"><prompt>#</prompt> <userinput>systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \ <screen os="opensuse"><prompt>#</prompt> <userinput>systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service</userinput></screen> openstack-nova-conductor.service</userinput></screen>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>service nova-api restart</userinput> <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>service nova-api restart</userinput></screen>
<prompt>#</prompt> <userinput>service nova-scheduler restart</userinput>
<prompt>#</prompt> <userinput>service nova-conductor restart</userinput></screen>
</step> </step>
<step os="rhel;centos;fedora;sles;opensuse"> <step os="rhel;centos;fedora;sles;opensuse">
<para>Start the Networking service and configure it to start when the <para>Start the Networking service and configure it to start when the

13
doc/install-guide/section_neutron-initial-networks.xml
View File

@ -6,7 +6,7 @@
xml:id="neutron-initial-networks"> xml:id="neutron-initial-networks">
<title>Create initial networks</title> <title>Create initial networks</title>
<para>Before launching your first instance, you must create the <para>Before launching your first instance, you must create the
necessary virtual network infrastructure to which the instance will necessary virtual network infrastructure to which the instances
connect, including the connect, including the
<link linkend="neutron_initial-external-network">external network</link> <link linkend="neutron_initial-external-network">external network</link>
and and
@ -51,7 +51,7 @@
</step> </step>
<step> <step>
<para>Create the network:</para> <para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --router:external True \ <screen><prompt>$</prompt> <userinput>neutron net-create ext-net --router:external \
--provider:physical_network external --provider:network_type flat</userinput> --provider:physical_network external --provider:network_type flat</userinput>
<computeroutput>Created a new network: <computeroutput>Created a new network:
+---------------------------+--------------------------------------+ +---------------------------+--------------------------------------+
@ -158,8 +158,8 @@
</procedure> </procedure>
<para>Like the external network, your tenant network also requires <para>Like the external network, your tenant network also requires
a subnet attached to it. You can specify any valid subnet because the a subnet attached to it. You can specify any valid subnet because the
architecture isolates tenant networks. By default, this subnet will architecture isolates tenant networks. By default, this subnet uses
use DHCP so your instances can obtain IP addresses.</para> DHCP so your instances can obtain IP addresses.</para>
<procedure> <procedure>
<title>To create a subnet on the tenant network</title> <title>To create a subnet on the tenant network</title>
<step> <step>
@ -196,7 +196,7 @@
<para>A virtual router passes network traffic between two or more virtual <para>A virtual router passes network traffic between two or more virtual
networks. Each router requires one or more networks. Each router requires one or more
<glossterm baseform="interface">interfaces</glossterm> and/or gateways <glossterm baseform="interface">interfaces</glossterm> and/or gateways
that provide access to specific networks. In this case, you will create that provide access to specific networks. In this case, you create
a router and attach your tenant and external networks to it.</para> a router and attach your tenant and external networks to it.</para>
<procedure> <procedure>
<title>To create a router on the tenant network and attach the external <title>To create a router on the tenant network and attach the external
@ -249,7 +249,8 @@
<procedure> <procedure>
<title>To verify network connectivity</title> <title>To verify network connectivity</title>
<step> <step>
<para>Ping the tenant router gateway:</para> <para>From a host on the the external network, ping the tenant router
gateway:</para>
<screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput> <screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput>
<computeroutput>PING 203.0.113.101 (203.0.113.101) 56(84) bytes of data. <computeroutput>PING 203.0.113.101 (203.0.113.101) 56(84) bytes of data.
64 bytes from 203.0.113.101: icmp_req=1 ttl=64 time=0.619 ms 64 bytes from 203.0.113.101: icmp_req=1 ttl=64 time=0.619 ms

73
doc/install-guide/section_neutron-network-node.xml
View File

@ -27,7 +27,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
<title>To install the Networking components</title> <title>To install the Networking components</title>
<step> <step>
<screen os="ubuntu"><prompt>#</prompt> <userinput>apt-get install neutron-plugin-ml2 neutron-plugin-openvswitch-agent \ <screen os="ubuntu"><prompt>#</prompt> <userinput>apt-get install neutron-plugin-ml2 neutron-plugin-openvswitch-agent \
neutron-l3-agent neutron-dhcp-agent</userinput></screen> neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent</userinput></screen>
<screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch</userinput></screen> <screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch</userinput></screen>
<screen os="sles;opensuse"><prompt>#</prompt> <userinput>zypper install --no-recommends openstack-neutron-openvswitch-agent openstack-neutron-l3-agent \ <screen os="sles;opensuse"><prompt>#</prompt> <userinput>zypper install --no-recommends openstack-neutron-openvswitch-agent openstack-neutron-l3-agent \
openstack-neutron-dhcp-agent openstack-neutron-metadata-agent ipset</userinput></screen> openstack-neutron-dhcp-agent openstack-neutron-metadata-agent ipset</userinput></screen>
@ -52,7 +52,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
credentials</link>, credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint <link linkend="debconf-api-endpoints">service endpoint
registration</link>, and registration</link>, and
<link linkend="debconf-rabbitmq">message broker <link linkend="debconf-rabbitmq">message queue
credentials</link>.</para> credentials</link>.</para>
</step> </step>
<step> <step>
@ -78,7 +78,14 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
<procedure os="ubuntu;rhel;centos;fedora;sles;opensuse"> <procedure os="ubuntu;rhel;centos;fedora;sles;opensuse">
<title>To configure the Networking common components</title> <title>To configure the Networking common components</title>
<para>The Networking common component configuration includes the <para>The Networking common component configuration includes the
authentication mechanism, message broker, and plug-in.</para> authentication mechanism, message queue, and plug-in.</para>
<note>
<para>Default configuration files vary by distribution. You might need
to add these sections and options rather than modifying existing
sections and options. Also, an ellipsis (...) in the configuration
snippets indicates potential default configuration options that you
should retain.</para>
</note>
<step> <step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file <para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
and complete the following actions:</para> and complete the following actions:</para>
@ -89,16 +96,21 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
do not directly access the database.</para> do not directly access the database.</para>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> section, configure <para>In the <literal>[DEFAULT]</literal> and
<application>RabbitMQ</application> message broker access:</para> <literal>[oslo_messaging_rabbit]</literal> sections, configure
<application>RabbitMQ</application> message queue access:</para>
<programlisting language="ini">[DEFAULT] <programlisting language="ini">[DEFAULT]
... ...
rpc_backend = rabbit rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = <replaceable>controller</replaceable> rabbit_host = <replaceable>controller</replaceable>
rabbit_userid = openstack
rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting> rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the <para>Replace <replaceable>RABBIT_PASS</replaceable> with the
password you chose for the <literal>guest</literal> account in password you chose for the <literal>openstack</literal> account
<application>RabbitMQ</application>.</para> in <application>RabbitMQ</application>.</para>
</step> </step>
<step> <step>
<para>In the <literal>[DEFAULT]</literal> and <para>In the <literal>[DEFAULT]</literal> and
@ -110,19 +122,20 @@ auth_strategy = keystone
[keystone_authtoken] [keystone_authtoken]
... ...
auth_uri = http://<replaceable>controller</replaceable>:5000/v2.0 auth_uri = http://<replaceable>controller</replaceable>:5000
identity_uri = http://<replaceable>controller</replaceable>:35357 auth_url = http://<replaceable>controller</replaceable>:35357
admin_tenant_name = service auth_plugin = password
admin_user = neutron project_domain_id = default
admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting> user_domain_id = default
project_name = service
username = neutron
password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<para>Replace <replaceable>NEUTRON_PASS</replaceable> with the <para>Replace <replaceable>NEUTRON_PASS</replaceable> with the
password you chose or the <literal>neutron</literal> user in the password you chose or the <literal>neutron</literal> user in the
Identity service.</para> Identity service.</para>
<note> <note>
<para>Comment out any <literal>auth_host</literal>, <para>Comment out or remove any other options in the
<literal>auth_port</literal>, and <literal>[keystone_authtoken]</literal> section.</para>
<literal>auth_protocol</literal> options because the
<literal>identity_uri</literal> option replaces them.</para>
</note> </note>
</step> </step>
<step> <step>
@ -159,13 +172,15 @@ verbose = True</programlisting>
<substeps> <substeps>
<step os="ubuntu;rhel;centos;fedora;sles;opensuse"> <step os="ubuntu;rhel;centos;fedora;sles;opensuse">
<para>In the <literal>[ml2]</literal> section, enable the <para>In the <literal>[ml2]</literal> section, enable the
<glossterm baseform="flat network">flat</glossterm> and <glossterm baseform="flat network">flat</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm> <glossterm baseform="VLAN network">VLAN</glossterm>,
<glossterm>generic routing encapsulation (GRE)</glossterm>, and
<glossterm>virtual extensible LAN (VXLAN)</glossterm>
network type drivers, GRE tenant networks, and the OVS network type drivers, GRE tenant networks, and the OVS
mechanism driver:</para> mechanism driver:</para>
<programlisting language="ini">[ml2] <programlisting language="ini">[ml2]
... ...
type_drivers = flat,gre type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre tenant_network_types = gre
mechanism_drivers = openvswitch</programlisting> mechanism_drivers = openvswitch</programlisting>
</step> </step>
@ -203,7 +218,6 @@ firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewal
<programlisting language="ini">[ovs] <programlisting language="ini">[ovs]
... ...
local_ip = <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable> local_ip = <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable>
enable_tunneling = True
bridge_mappings = external:br-ex</programlisting> bridge_mappings = external:br-ex</programlisting>
<para>Replace <para>Replace
<replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable> <replaceable>INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS</replaceable>
@ -238,8 +252,13 @@ tunnel_types = gre</programlisting>
... ...
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True use_namespaces = True
external_network_bridge = br-ex external_network_bridge =
router_delete_namespaces = True</programlisting> router_delete_namespaces = True</programlisting>
<note>
<para>The <literal>external_network_bridge</literal> option
intentionally lacks a value to enable multiple external
networks on a single agent.</para>
</note>
<note os="sles"> <note os="sles">
<para>Due to an issue with old versions of the <para>Due to an issue with old versions of the
<application>iproute2</application> utility, we recommend <application>iproute2</application> utility, we recommend
@ -375,11 +394,15 @@ dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf</programlisting>
access parameters:</para> access parameters:</para>
<programlisting language="ini">[DEFAULT] <programlisting language="ini">[DEFAULT]
... ...
auth_url = http://<replaceable>controller</replaceable>:5000/v2.0 auth_uri = http://<replaceable>controller</replaceable>:5000
auth_url = http://<replaceable>controller</replaceable>:35357
auth_region = regionOne auth_region = regionOne
admin_tenant_name = service auth_plugin = password
admin_user = neutron project_domain_id = default
admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting> user_domain_id = default
project_name = service
username = neutron
password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
<para>Replace <replaceable>NEUTRON_PASS</replaceable> with the <para>Replace <replaceable>NEUTRON_PASS</replaceable> with the
password you chose for the <literal>neutron</literal> user in password you chose for the <literal>neutron</literal> user in
the Identity service.</para> the Identity service.</para>