diff --git a/doc/install-guide/section_neutron-install.xml b/doc/install-guide/section_neutron-install.xml
index 5254f99d8c..1c21a5e226 100644
--- a/doc/install-guide/section_neutron-install.xml
+++ b/doc/install-guide/section_neutron-install.xml
@@ -303,8 +303,10 @@ admin_password = NEUTRON_PASS
Configure access to the RabbitMQ service:
- # openstack-config --set /etc/neutron/neutron.conf \
- DEFAULT rabbit_host controller
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rpc_backend neutron.openstack.common.rpc.impl_kombu
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_host controller
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rabbit_userid guest
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
@@ -320,7 +322,7 @@ rabbit_userid = guest
rabbit_password = RABBIT_PASS
- Configure access to the Qpid message queue.
+ Configure access to the Qpid message queue:
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
@@ -829,33 +831,53 @@ net.ipv4.conf.default.rp_filter=0
that you chose when you set up your network node, see .
-
- Configure the core components of Neutron. Edit the
- /etc/neutron/neutron.conf
- file:
- auth_host = controller
-admin_tenant_name = service
-admin_user = neutron
-admin_password = NEUTRON_PASS
-auth_url = http://controller:35357/v2.0
-auth_strategy = keystone
-rpc_backend = neutron.openstack.common.rpc.impl_qpid
-qpid_hostname = controller
+
+ Configure Networking to use keystone for authentication:
+
+
+ Set the auth_strategy
+ configuration key to keystone in the
+ DEFAULT section of the file:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
+
+
+ Set the neutron configuration for
+ keystone authentication:
+ # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ auth_host controller
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ auth_url http://controller:35357/v2.0
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_tenant_name service
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_user neutron
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_password NEUTRON_PASS
+
- Configure the core components of Neutron. Edit the
- /etc/neutron/neutron.conf
- file:
- auth_host = controller
-admin_tenant_name = service
-admin_user = neutron
-admin_password = NEUTRON_PASS
-auth_url = http://controller:35357/v2.0
-auth_strategy = keystone
-rpc_backend = neutron.openstack.common.rpc.impl_kombu
-rabbit_host = controller
-rabbit_port = 5672
-rabbit_password = RABBIT_PASS
+ Configure access to the RabbitMQ service:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rpc_backend neutron.openstack.common.rpc.impl_kombu
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_host controller
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_userid guest
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_password RABBIT_PASS
+
+
+ Configure access to the Qpid message queue:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rpc_backend neutron.openstack.common.rpc.impl_qpid
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_hostname controller
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_port 5672
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_username guest
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_password guest
Configure the core components of Neutron. Edit the
@@ -875,22 +897,24 @@ rabbit_port = 5672
rabbit_password = RABBIT_PASS
- Edit the [agent] section in the
- /etc/neutron/neutron.conf file and modify
- the root_helper key:
- [agent]
-...
-root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
-
+ Set the root_helper configuration in the
+ [agent] section of /etc/neutron/neutron.conf:
+ # openstack-config --set /etc/neutron/neutron.conf AGENT \
+ root_helper sudo neutron-rootwrap /etc/neutron/rootwrap.conf
-
- Edit the database URL under the
- [database] section in the above file,
- to tell Neutron how to connect to the database:
+
+ Configure Networking to connect to the database:
+ # openstack-config --set /etc/neutron/neutron.conf DATABASE sql_connection \
+ mysql://neutron:NEUTRON_DBPASS@controller/neutron
+
+
+ Configure Networking to connect to the database. Edit
+ the [database] section in the same file,
+ as follows:
[database]
connection = mysql://neutron:NEUTRON_DBPASS@controller/neutron
-
+
Edit the /etc/neutron/api-paste.ini
file and add these lines to the
[filter:authtoken] section:
@@ -900,12 +924,49 @@ auth_host = controller
admin_tenant_name = service
admin_user = neutron
admin_password = NEUTRON_PASS
+
+
+ Configure the /etc/neutron/api-paste.ini file for keystone
+ authentication:
+ # openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ paste.filter_factory keystoneclient.middleware.auth_token:filter_factory
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ auth_host controller
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_tenant_name service
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_user neutron
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_password NEUTRON_PASS
- Configure OpenStack Compute to use OpenStack Networking
+ Configure OpenStack Compute to use OpenStack Networking
+ services. Configure the /etc/nova/nova.conf
+ file as per instructions below:
+ # openstack-config --set /etc/nova/nova.conf DEFAULT \
+ network_api_class nova.network.neutronv2.api.API
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_url http://controller:9696
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_auth_strategy keystone
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_tenant_name service
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_username neutron
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_password NEUTRON_PASS
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_auth_url http://controller:35357/v2.0
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ firewall_driver nova.virt.firewall.NoopFirewallDriver
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ security_group_api neutron
+ Configure OpenStack Compute to use OpenStack Networking
services. Edit the /etc/nova/nova.conf
file:
- network_api_class=nova.network.neutronv2.api.API
+ network_api_class=nova.network.neutronv2.api.API
neutron_url=http://controller:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
@@ -935,9 +996,12 @@ security_group_api=neutron
the firewall for the plug-in. For example, with
OVS, edit the file as
follows:
- [securitygroup]
+ [securitygroup]
# Firewall driver for realizing neutron security group function.
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+ # openstack-config --set \
+ /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini security_group \
+ neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
If you do not want to use a firewall in Compute or
@@ -1146,7 +1210,12 @@ bridge_mappings = physnet1:br-DATA_INTERFACE# yum install openstack-neutron python-neutron python-neutronclient
# zypper install openstack-neutron python-neutron python-neutronclient
-
+
+ Configure Networking to connect to the database:
+ # openstack-config --set /etc/neutron/neutron.conf DATABASE sql_connection \
+ mysql://neutron:NEUTRON_DBPASS@controller/neutron
+
+
Configure Networking to use your MySQL database. Edit the
/etc/neutron/neutron.conf file and add the
following key under the [database] section. Replace
@@ -1156,8 +1225,32 @@ bridge_mappings = physnet1:br-DATA_INTERFACENEUTRON_DBPASS@controller/neutron
-
- Configure Networking to use Keystone as the Identity Service
+
+ Configure Networking to use keystone for authentication:
+
+
+ Set the auth_strategy
+ configuration key to keystone in the
+ DEFAULT section of the file:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
+
+
+ Set the neutron configuration for
+ keystone authentication:
+ # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ auth_host controller
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ auth_url http://controller:35357/v2.0
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_tenant_name service
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_user neutron
+# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
+ admin_password NEUTRON_PASS
+
+
+
+ Configure Networking to use keystone as the Identity Service
for authentication.
@@ -1199,32 +1292,63 @@ admin_password = NEUTRON_PASS
-
+
+ Configure the /etc/neutron/api-paste.ini file for keystone
+ authentication:
+ # openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ paste.filter_factory keystoneclient.middleware.auth_token:filter_factory
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ auth_host controller
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_tenant_name service
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_user neutron
+# openstack-config --set /etc/neutron/api-paste.ini filter:authtoken \
+ admin_password NEUTRON_PASS
+
+
+ Configure access to the RabbitMQ service:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rpc_backend neutron.openstack.common.rpc.impl_kombu
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_host controller
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_userid guest
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rabbit_password RABBIT_PASS
+
+
+ Configure access to the Qpid message queue:
+ # openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ rpc_backend neutron.openstack.common.rpc.impl_qpid
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_hostname controller
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_port 5672
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_username guest
+# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
+ qpid_password guest
+
+
Configure Networking to use your message broker. Edit the
/etc/neutron/neutron.conf file and add
the following keys under the [DEFAULT]
section.
- Replace
+ Replace
RABBIT_PASS with the password you chose
for RabbitMQ.
- [DEFAULT]
-...
-rpc_backend = neutron.openstack.common.rpc.impl_qpid
-qpid_hostname = controller
- [DEFAULT]
+ [DEFAULT]
...
rpc_backend = neutron.openstack.common.rpc.impl_kombu
rabbit_host = controller
rabbit_password = RABBIT_PASS
- Edit the /etc/neutron/neutron.conf file
- and modify the following key under the [agent]
- section.
- [agent]
-...
-root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
-
+ Set the root_helper configuration in the
+ [agent] section of /etc/neutron/neutron.conf:
+ # openstack-config --set /etc/neutron/neutron.conf AGENT \
+ root_helper sudo neutron-rootwrap /etc/neutron/rootwrap.conf
Although the controller node does not run any Networking agents,
@@ -1235,14 +1359,33 @@ root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
controller node
- Configure Compute to use Networking. Edit the
- /etc/nova/nova.conf file and add the following
- keys under the [DEFAULT] section. Replace
- NEUTRON_PASS with the password you chose
- for the Neutron user in the Identity Service.
- [DEFAULT]
-...
-network_api_class=nova.network.neutronv2.api.API
+ Configure OpenStack Compute to use OpenStack Networking
+ services. Configure the /etc/nova/nova.conf
+ file as per instructions below:
+ # openstack-config --set /etc/nova/nova.conf DEFAULT \
+ network_api_class nova.network.neutronv2.api.API
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_url http://controller:9696
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_auth_strategy keystone
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_tenant_name service
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_username neutron
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_password NEUTRON_PASS
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ neutron_admin_auth_url http://controller:35357/v2.0
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ firewall_driver nova.virt.firewall.NoopFirewallDriver
+# openstack-config --set /etc/nova/nova.conf DEFAULT \
+ security_group_api neutron
+ Configure OpenStack Compute to use OpenStack Networking
+ services. Edit the /etc/nova/nova.conf
+ file:
+ network_api_class=nova.network.neutronv2.api.API
neutron_url=http://controller:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
@@ -1253,31 +1396,41 @@ linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
security_group_api=neutron
- Regardless of which firewall driver you chose when you
- configured the network and compute nodes, set this driver
- as the No-Op firewall. This firewall is a
- Nova firewall, and because Neutron
- handles the Firewall, you must tell Nova not to use
- one.
- When Networking handles the firewall, the option
+
+
+ Regardless of which firewall driver you chose when you
+ configured the network and compute nodes, set this driver
+ as the No-Op firewall. This firewall is a
+ nova firewall,
+ and because neutron
+ handles the Firewall, you must tell nova
+ not to use one.
+ When Networking handles the firewall, the option
firewall_driver
should be set according to
- the specified plug-in. For example with
+ the specified plug-in. For example with
OVS, edit the
/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
- file:
- [securitygroup]
+ file:
+ [securitygroup]
# Firewall driver for realizing neutron security group function.
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
- If you do not want to use a firewall in Compute or
- Networking, set
- firewall_driver=nova.virt.firewall.NoopFirewallDriver
- in both config files, and comment out or remove
- security_group_api=neutron
in the
- /etc/nova/nova.conf file, otherwise
- you may encounter ERROR: The server has either
- erred or is incapable of performing the requested
- operation. (HTTP 500) when issuing
+firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+ # openstack-config --set \
+ /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini security_group \
+ neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+
+
+ If you do not want to use a firewall in Compute or
+ Networking, set
+ firewall_driver=nova.virt.firewall.NoopFirewallDriver
+ in both config files, and comment out or remove
+ security_group_api=neutron
in the
+ /etc/nova/nova.conf file, otherwise
+ you may encounter ERROR: The server has either
+ erred or is incapable of performing the requested
+ operation. (HTTP 500) when issuing
nova list commands.
+
+