openstack/openstack-manuals
Code Issues Proposed changes

Add more entries to glossary of Install and Security Guides

Browse Source 
Install Guide: Add some more glossterm entries.

Security Guide: Add glossterm entries for SPICE, VNC

Add new entries "OpenStack", "role", "service", and "SPICE" to the glossary itself.

Change-Id: Ibc93970c544012db45e47c5467145675dcef5149
This commit is contained in:
Andreas Jaeger
2014-02-08 15:30:04 +01:00
parent a94a6405b5
commit e4ec1d4446
7 changed files with 120 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
doc/common/ch_getstart.xml
View File

@@ -11,10 +11,11 @@
rich. Developers and cloud computing technologists
from around the world create the OpenStack project.</para>
<para xml:id="para2">OpenStack provides an Infrastructure as a
Service (IaaS) solution through a set of interrelated
services. Each service offers an application programming
interface (API) that facilitates this integration. Depending
on your needs, you can install some or all services.</para>
Service (<glossterm>IaaS</glossterm>) solution through a set
of interrelated services. Each service offers an application
programming interface (<glossterm>API</glossterm>) that
facilitates this integration. Depending on your needs, you can
install some or all services.</para>
<para xml:id="para3">The following table describes the OpenStack
services that make up the OpenStack architecture:</para>
<table rules="all" xml:id="table1" width="85%">
@@ -33,10 +34,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-dashboard/"
>Dashboard</link></td>
><glossterm>Dashboard</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/horizon/"
>Horizon</link></td>
><glossterm>Horizon</glossterm></link>
</td>
<td>Provides a web-based self-service portal to interact
with underlying OpenStack services, such as launching
an instance, assigning IP addresses and configuring
@@ -45,10 +48,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-compute/"
>Compute</link></td>
><glossterm>Compute</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/nova/"
>Nova</link></td>
><glossterm>Nova</glossterm></link>
</td>
<td>Manages the lifecycle of compute instances in an
OpenStack environment. Responsibilities include
spawning, scheduling and decomissioning of
@@ -57,10 +62,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-networking/"
>Networking</link></td>
><glossterm>Networking</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/neutron/"
>Neutron</link></td>
><glossterm>Neutron</glossterm></link>
</td>
<td>Enables network connectivity as a service for
other OpenStack services, such as OpenStack Compute.
Provides an API for users to define networks and the
@@ -72,10 +79,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-storage/"
>Object Storage</link></td>
><glossterm>Object Storage</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/swift/"
>Swift</link></td>
><glossterm>Swift</glossterm></link>
</td>
<td>Stores and retrieves arbitrary unstructured
data objects via a <glossterm>RESTful</glossterm>,
HTTP based API. It is highly
@@ -86,10 +95,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-storage/"
>Block Storage</link></td>
><glossterm>Block Storage</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/cinder/"
>Cinder</link></td>
><glossterm>Cinder</glossterm></link>
</td>
<td>
Provides persistent block storage to running instances. Its
pluggable driver architecture facilitates the creation and
@@ -99,10 +110,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-shared-services/"
>Identity Service</link></td>
><glossterm>Identity Service</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/keystone/"
>Keystone</link></td>
><glossterm>Keystone</glossterm></link>
</td>
<td>Provides an authentication and authorization service
for other OpenStack services. Provides a catalog of endpoints
for all OpenStack services.</td>
@@ -110,10 +123,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-shared-services/"
>Image Service</link></td>
><glossterm>Image Service</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/glance/"
>Glance</link></td>
><glossterm>Glance</glossterm></link>
</td>
<td>Stores and retrieves virtual machine disk images.
OpenStack Compute makes use of this during instance
provisioning.
@@ -123,10 +138,12 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-shared-services/"
>Telemetry</link></td>
><glossterm>Telemetry</glossterm></link>
</td>
<td><link
xlink:href="http://docs.openstack.org/developer/ceilometer/"
>Ceilometer</link></td>
><glossterm>Ceilometer</glossterm></link>
</td>
<td>Monitors and meters the OpenStack cloud for
billing, benchmarking, scalability, and statistical
purposes.</td>
@@ -135,10 +152,11 @@
<tr>
<td><link
xlink:href="http://www.openstack.org/software/openstack-shared-services/"
>Orchestration</link></td>
><glossterm>Orchestration</glossterm></link></td>
<td><link
xlink:href="http://docs.openstack.org/developer/heat/"
>Heat</link></td>
><glossterm>Heat</glossterm></link>
</td>
<td>Orchestrates multiple composite cloud applications by using
either the native HOT template format or the AWS
CloudFormation template format, through both an

23
doc/common/section_keystone-concepts.xml
View File

@@ -22,7 +22,8 @@
following concepts:</para>
<variablelist wordsize="10">
<varlistentry>
<term><emphasis role="bold">User</emphasis></term>
<term><glossterm>User</glossterm>
</term>
<listitem>
<para>Digital representation of a person, system, or
service who uses OpenStack cloud services. The
@@ -35,7 +36,8 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Credentials</emphasis></term>
<term><glossterm>Credentials</glossterm>
</term>
<listitem>
<para>Data that is known only by a user that proves
who they are. In the Identity Service, examples
@@ -45,8 +47,7 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold"
>Authentication</emphasis></term>
<term><glossterm>Authentication</glossterm></term>
<listitem>
<para>The act of confirming the identity of a user.
The Identity Service confirms an incoming request
@@ -60,7 +61,7 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Token</emphasis></term>
<term><glossterm>Token</glossterm></term>
<listitem>
<para>An arbitrary bit of text that is used to access
resources. Each token has a scope which describes
@@ -77,7 +78,8 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Tenant</emphasis></term>
<term><glossterm>Tenant</glossterm>
</term>
<listitem>
<para>A container used to group or isolate resources
and/or identity objects. Depending on the service
@@ -86,7 +88,8 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Service</emphasis></term>
<term><glossterm>Service</glossterm>
</term>
<listitem>
<para>An OpenStack service, such as Compute (Nova),
Object Storage (Swift), or Image Service (Glance).
@@ -96,7 +99,8 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Endpoint</emphasis></term>
<term><glossterm>Endpoint</glossterm>
</term>
<listitem>
<para>A network-accessible address, usually described
by a URL, from where you access a service. If using
@@ -107,7 +111,8 @@
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis role="bold">Role</emphasis></term>
<term><glossterm>Role</glossterm>
</term>
<listitem>
<para>A personality that a user assumes that enables
them to perform a specific set of operations. A

46
doc/glossary/glossary-terms.xml
View File

@@ -3317,6 +3317,20 @@ Each entry in a typical ACL specifies a subject and an operation. For instance,
Compute and Identity Service.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>OpenStack</glossterm>
<glossdef>
<para>
OpenStack is a cloud operating system that controls
large pools of compute, storage, and networking
resources throughout a datacenter, all managed through
a dashboard that gives administrators control while
empowering their users to provision resources through
a web interface. OpenStack is an Open Source project licensed
under the Apache License 2.0.
</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>OpenStack API (OSAPI)</glossterm>
<glossdef>
@@ -3904,6 +3918,16 @@ Each entry in a typical ACL specifies a subject and an operation. For instance,
dashboard.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>role</glossterm>
<glossdef>
<para>A personality that a user assumes that enables
them to perform a specific set of operations. A
role includes a set of rights and privileges. A
user assuming that role inherits those rights and
privileges.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>role ID</glossterm>
<glossdef>
@@ -4068,6 +4092,17 @@ Each entry in a typical ACL specifies a subject and an operation. For instance,
instance.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>service</glossterm>
<glossdef>
<para>
An OpenStack service, such as Compute, Object
Storage, or Image Service. Provides one or more
endpoints through which users can access resources
and perform operations.
</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>service catalog</glossterm>
<glossdef>
@@ -4227,6 +4262,17 @@ Each entry in a typical ACL specifies a subject and an operation. For instance,
storage appliance.</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>SPICE</glossterm>
<glossdef>
<para>
The Simple Protocol for Independent Computing
Environments (SPICE) provides remote desktop access
to guest virtual machines. It is an alternative to
VNC. SPICE is supported by OpenStack.
</para>
</glossdef>
</glossentry>
<glossentry>
<glossterm>spread-first scheduler</glossterm>
<glossdef>

3
doc/install-guide/ch_glance.xml
View File

@@ -6,7 +6,8 @@
<title>Configure the Image Service</title>
<para>The OpenStack Image Service enables users to discover,
register, and retrieve virtual machine images. Also known as
the glance project, the Image Service offers a REST API that
the glance project, the Image Service offers a
<glossterm baseform="RESTful">REST</glossterm> API that
enables you to query virtual machine image metadata and
retrieve an actual image. Virtual machine images made
available through the Image Service can be stored in a variety

16
doc/install-guide/ch_overview.xml
View File

@@ -5,7 +5,8 @@
<?dbhtml stop-chunking?>
<title>Architecture</title>
<para>This install guide offers a few of the many ways to install
OpenStack components and have them work together. It is meant as a
<glossterm>OpenStack</glossterm> components and have them work together.
It is meant as a
"choose your own adventure" guide, not a comprehensive guide. The
<citetitle>OpenStack Configuration Reference</citetitle> lists
every option in all OpenStack services. Before you begin an
@@ -32,14 +33,17 @@
<para>Basic architecture with legacy networking</para>
<itemizedlist>
<listitem>
<para>The controller node runs the Identity Service, Image Service,
<para>The <glossterm>controller node</glossterm> runs the Identity
Service, Image Service,
dashboard, and management portion of Compute. It also contains
the associated API services, MySQL databases, and messaging
system.</para>
</listitem>
<listitem>
<para>The compute node runs the hypervisor portion of Compute,
which operates <glossterm>tenant</glossterm> virtual machines.
<para>The <glossterm>compute node</glossterm> runs the
<glossterm>hypervisor</glossterm> portion of Compute,
which operates <glossterm>tenant</glossterm>
<glossterm baseform="virtual machine (VM)">virtual machines</glossterm>.
By default, Compute uses
<glossterm baseform="kernel-based VM (KVM)">KVM</glossterm>
as the <glossterm>hypervisor</glossterm>. Compute also
@@ -67,7 +71,9 @@
<para>Basic architecture with OpenStack Networking (Neutron)</para>
<itemizedlist>
<listitem>
<para>The controller node runs the Identity Service, Image Service,
<para>The <glossterm baseform="cloud controller node">controller node</glossterm>
runs the Identity
Service, Image Service,
dashboard, and management portions of Compute and Networking.
It also contains the associated API services, MySQL databases,
and messaging system.</para>

3
doc/install-guide/section_keystone-users.xml
View File

@@ -6,7 +6,8 @@
<para>After you install the Identity Service, set up
<glossterm baseform="user">users</glossterm>,
<glossterm baseform="tenant">tenants</glossterm>, and roles to authenticate
<glossterm baseform="tenant">tenants</glossterm>, and
<glossterm baseform="role">roles</glossterm> to authenticate
against. These are used to allow access to
services and <glossterm baseform="endpoint">endpoints</glossterm>, described
in the next section.</para>

6
doc/security-guide/ch026_compute.xml
View File

@@ -4,7 +4,11 @@
<para>The Compute Service (Nova) is one of the more complex OpenStack services.  It runs in many locations throughout the cloud and interacts with a variety of internal services.  For this reason, most of our recommendations regarding best practices for Compute Service configuration are distributed throughout this book. We provide specific details in the sections on Management, API Endpoints, Messaging, and Database.</para>
<section xml:id="ch026_compute-idp45072">
<title>Virtual Console Selection</title>
<para>One decision a cloud architect will need to make regarding Compute Service configuration is whether to use VNC or SPICE. Below we provide some details on the differences between these options.</para>
<para>One decision a cloud architect will need to make regarding
Compute Service configuration is whether to use <glossterm
baseform="Virtual Network Computing (VNC)">VNC</glossterm> or
<glossterm>SPICE</glossterm>. Below we provide some details on
the differences between these options.</para>
<section xml:id="ch026_compute-idp46336">
<title>Virtual Network Computer (VNC)</title>
<para>OpenStack can be configured to provide remote desktop console access to instances for tenants and/or administrators using the Virtual Network Computer (VNC) protocol.  </para>