# # Translators: msgid "" msgstr "" "Project-Id-Version: OpenStack Manuals\n" "POT-Creation-Date: 2014-01-17 07:14+0000\n" "PO-Revision-Date: 2014-01-17 01:51+0000\n" "Last-Translator: openstackjenkins \n" "Language-Team: English (United States) (http://www.transifex.com/projects/p/openstack/language/en_US/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Language: en_US\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml7(title) msgid "Identity management" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml8(para) msgid "" "The OpenStack Identity Service, code-named Keystone, is the default identity" " management system for OpenStack. After you install the Identity Service, " "you configure it through the etc/keystone.conf " "configuration file and, possibly, a separate logging configuration file. You" " initialize data into the Identity Service by using the " "command-line client." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml16(title) msgid "Identity Service concepts" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml28(title) msgid "User CRUD" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml29(para) msgid "" "The Identity Service provides a user CRUD filter that can be added to the " "public_api pipeline. This user CRUD filter enables users to use a HTTP PATCH" " to change their own password. To enable this extension you should define a " "user_crud_extension filter, insert it after the " "*_body middleware and before the " "public_service application in the public_api WSGI " "pipeline in keystone.conf e.g.:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml43(para) msgid "Each user can then change their own password with a HTTP PATCH:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml46(para) msgid "" "In addition to changing their password, all of the user's current tokens are" " deleted (if the back-end is KVS or sql)." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml48(para) msgid "Only use a KVS backend for tokens when testing." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml51(title) msgid "Logging" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml52(para) msgid "" "You configure logging externally to the rest of the Identity Service. The " "file specifying the logging configuration is in the " "[DEFAULT] section of the " "keystone.conf file under log_config." " To route logging through syslog, set use_syslog=true " "option in the [DEFAULT] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml59(para) msgid "" "A sample logging file is available with the project in the " "etc/logging.conf.sample directory. Like other OpenStack" " projects, the Identity Service uses the Python logging module, which " "includes extensive configuration options that let you define the output " "levels and formats." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml64(para) msgid "" "Review the etc/keystone.conf sample configuration files" " that are distributed with the Identity Service. For example, each server " "application has its own configuration file." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml68(para) msgid "" "For services that have separate paste-deploy .ini " "files, you can configure auth_token middleware in the " "[keystone_authtoken] section in the main configuration " "file, such as nova.conf. For example in Compute, you " "can remove the middleware parameters from api-" "paste.ini, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml78(para) msgid "Set these values in the nova.conf file:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml93(para) msgid "" "Middleware parameters in paste config take priority. You must remove them to" " use values in the [keystone_authtoken] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml99(title) msgid "Monitoring" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml100(para) msgid "" "The Identity Service provides some basic request/response monitoring " "statistics out of the box." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml102(para) msgid "" "Enable data collection by defining a stats_monitoring " "filter and including it at the beginning of any desired WSGI pipelines:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml110(para) msgid "" "Enable the reporting of collected data by defining a " "stats_reporting filter and including it near the end of " "your admin_api WSGI pipeline (After " "*_body middleware and before " "*_extension filters is recommended):" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml120(para) msgid "Query the admin API for statistics using:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml122(para) msgid "Reset collected data using:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml127(title) msgid "Start the Identity Service" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml128(para) msgid "" "To start the services for the Identity Service, run the following command:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml131(para) msgid "" "This command starts two wsgi.Server instances configured by the " "keystone.conf file as described previously. One of " "these wsgi servers is admin (the administration API) and " "the other is main (the primary/public API interface). " "Both run in a single process." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml139(title) msgid "Example usage" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml140(para) msgid "" "The keystone client is set up to expect commands in the " "general form of " "keystonecommandargument," " followed by flag-like keyword arguments to provide additional (often " "optional) information. For example, the command user-list" " and tenant-create can be invoked as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml170(title) msgid "Authentication middleware with user name and password" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml172(para) msgid "" "You can also configure the Identity Service authentication middleware using " "the and options." " When using the and " " options the " "parameter is optional. If is specified, it is " "used only if the specified token is still valid." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml180(para) msgid "" "For services that have a separate paste-deploy .ini file, you can configure " "the authentication middleware in the [keystone_authtoken]" " section of the main configuration file, such as " "nova.conf. In Compute, for example, you can remove the " "middleware parameters from api-paste.ini, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml189(para) msgid "" "And set the following values in nova.conf as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml204(para) msgid "" "The middleware parameters in the paste config take priority. You must remove" " them to use the values in the [keystone_authtoken] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml208(para) msgid "" "This sample paste config filter makes use of the " " and options:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml221(para) msgid "" "Using this option requires an admin tenant/role relationship. The admin user" " is granted access to the admin role on the admin tenant." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_sched_create_vol.xml4(title) msgid "Failed to schedule and create volume" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_sched_create_vol.xml6(title) #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml6(title) #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml10(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml8(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml6(title) #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml6(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml8(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml6(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml6(title) #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml8(title) #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml7(title) #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml6(title) msgid "Problem" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_sched_create_vol.xml7(para) msgid "" "The following warning is seen in the cinder-" "scheduler.log when volume type and extra specs are defined and " "the volume is in an error state." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_sched_create_vol.xml14(title) #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml15(title) #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml24(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml14(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml14(title) #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml11(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml43(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml12(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml15(title) #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml20(title) #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml15(title) #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml12(title) msgid "Solution" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_sched_create_vol.xml15(para) msgid "" "Enable the option " "scheduler_driver=cinder.scheduler.simple.SimpleScheduler" " in the /etc/cinder/cinder.conf file and restart the " "cinder-scheduler service. The " "scheduler_driver defaults to " "cinder.scheduler.filter_scheduler.FilterScheduler." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml32(None) msgid "" "@@image: '../common/figures/demo_multiple_dhcp_agents.png'; " "md5=7e9abc4226d6b6cb9a6a3b3ec7435805" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml6(title) msgid "Scalable and highly available DHCP agents" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml7(para) msgid "" "This section describes how to use the agent management (alias agent) and " "scheduler (alias agent_scheduler) extensions for DHCP agents scalability and" " HA." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml11(para) msgid "" "Use the client command to check if these extensions are " "enabled: " msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml47(para) msgid "" "Runs the Neutron, Keystone, and Nova services that are required to deploy " "VMs. The node must have at least one network interface that is connected to " "the Management Network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml52(para) msgid "" "Note that nova-network should not" " be running because it is replaced by Neutron." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml35(para) msgid "" "There will be three hosts in the setup.
Hosts " "for " "demo
HostDescription
OpenStack" " Controller host - " "controlnode
HostARuns Nova " "compute, the Neutron L2 agent and DHCP " "agent
HostBSame as HostA
" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml71(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml15(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml383(title) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml146(th) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml221(td) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml256(td) msgid "Configuration" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml73(title) msgid "controlnode—Neutron Server" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml75(para) #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml100(para) msgid "" "Neutron configuration file /etc/neutron/neutron.conf:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml85(para) #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml109(para) msgid "" "Update the plug-in configuration file " "/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml98(title) msgid "HostA and HostB—L2 Agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml121(para) msgid "" "Update the nova configuration file /etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml136(title) msgid "HostA and HostB—DHCP Agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml138(para) msgid "" "Update the DHCP configuration file " "/etc/neutron/dhcp_agent.ini:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml146(title) msgid "Commands in agent management and scheduler extensions" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml148(para) msgid "" "The following commands require the tenant running the command to have an " "admin role." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml151(para) msgid "" "Ensure that the following environment variables are set. These are used by " "the various clients to access Keystone." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml160(title) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml68(caption) msgid "Settings" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml161(para) msgid "To experiment, you need VMs and a neutron network:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml181(title) msgid "Manage agents in neutron deployment" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml182(para) msgid "" "Every agent which supports these extensions will register itself with the " "neutron server when it starts up." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml186(para) msgid "List all agents:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml197(para) msgid "" "The output shows information for four agents. The alive " "field shows :-) if the agent reported its state within " "the period defined by the option in the " "neutron.conf file. Otherwise the " " is xxx." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml209(para) msgid "List the DHCP agents that host a specified network" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml211(para) msgid "" "In some deployments, one DHCP agent is not enough to hold all network data. " "In addition, you must have a backup for it even when the deployment is " "small. The same network can be assigned to more than one DHCP agent and one " "DHCP agent can host more than one network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml218(para) msgid "List DHCP agents that a a specified network:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml229(para) msgid "List the networks hosted by a given DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml231(para) msgid "This command is to show which networks a given dhcp agent is managing." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml242(para) msgid "Show agent details." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml243(para) msgid "The command shows details for a specified agent:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml271(para) msgid "" "In this output, heartbeat_timestamp is the time on the " "neutron server. You do not need to synchronize all agents to this time for " "this extension to run correctly. configurations describes" " the static configuration for the agent or run time data. This agent is a " "DHCP agent and it hosts one network, one subnet, and three ports." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml281(para) msgid "" "Different types of agents show different details. The following output shows" " information for a Linux bridge agent:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml306(para) msgid "" "The output shows bridge-mapping and the number of virtual" " network devices on this L2 agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml313(title) msgid "Manage assignment of networks to DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml314(para) msgid "" "Now that you have run the and commands, " "you can add a network to a DHCP agent and remove one from it." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml320(para) msgid "Default scheduling." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml321(para) msgid "" "When you create a network with one port, you can schedule it to an active " "DHCP agent. If many active DHCP agents are running, select one randomly. You" " can design more sophisticated scheduling algorithms in the same way as " "nova-schedule later on." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml339(para) msgid "" "It is allocated to DHCP agent on HostA. If you want to validate the behavior" " through the command, you must create a subnet for the " "network because the DHCP agent starts the dnsmasq service only if there is a DHCP." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml349(para) msgid "Assign a network to a given DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml351(para) msgid "To add another DHCP agent to host the network, run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml362(para) msgid "Both DHCP agents host the net2 network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml367(para) msgid "Remove a network from a specified DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml369(para) msgid "" "This command is the sibling command for the previous one. Remove " "net2 from the DHCP agent for HostA:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml381(para) msgid "" "You can see that only the DHCP agent for HostB is hosting the " "net2 network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml388(title) msgid "HA of DHCP agents" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml389(para) msgid "" "Boot a VM on net2. Let both DHCP agents host net2. Fail " "the agents in turn to see if the VM can still get the desired IP." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml394(para) msgid "Boot a VM on net2." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml415(para) msgid "Make sure both DHCP agents hosting 'net2'." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml417(para) msgid "Use the previous commands to assign the network to agents." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml429(title) msgid "Test the HA" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml431(para) msgid "" "Log in to the myserver4 VM, and run " "udhcpc, dhclient or other DHCP client." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml438(para) msgid "" "Stop the DHCP agent on HostA. Besides stopping the neutron-dhcp-" "agent binary, you must stop the processes." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml446(para) msgid "Run a DHCP client in VM to see if it can get the wanted IP." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml451(para) msgid "Stop the DHCP agent on HostB too." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml455(para) msgid "Run in the VM; it cannot get the wanted IP." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml460(para) msgid "Start DHCP agent on HostB. The VM gets the wanted IP again." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml465(title) msgid "Disable and remove an agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml466(para) msgid "" "An administrator might want to disable an agent if a system hardware or " "software upgrade is planned. Some agents that support scheduling also " "support disabling and enabling agents, such as L3 and DHCP agents. After the" " agent is disabled, the scheduler does not schedule new resources to the " "agent. After the agent is disabled, you can safely remove the agent. Remove " "the resources on the agent before you delete the agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml475(para) msgid "To run the following commands, you must stop the DHCP agent on HostA." msgstr "" #: ./doc/admin-guide-cloud/section_networking-multi-dhcp-agents.xml497(para) msgid "" "After deletion, if you restart the DHCP agent, it appears on the agent list " "again." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml6(title) msgid "Secure with root wrappers" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml7(para) msgid "" "The root wrapper enables the Compute unprivileged user to run a number of " "actions as the root user in the safest manner possible. Historically, " "Compute used a specific sudoers file that listed every " "command that the Compute user was allowed to run, and used " "to run that command as root. However this was difficult " "to maintain (the sudoers file was in packaging), and " "did not enable complex filtering of parameters (advanced filters). The " "rootwrap was designed to solve those issues." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml19(title) msgid "How rootwrap works" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml20(para) msgid "" "Instead of calling , Compute services start with nova- call " ". A generic sudoers entry lets the Compute user run nova-" "rootwrap as root. The nova-rootwrap code looks for filter definition " "directories in its configuration file, and loads command filters from them. " "Then it checks if the command requested by Compute matches one of those " "filters, in which case it executes the command (as root). If no filter " "matches, it denies the request." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml33(title) msgid "Security model" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml34(para) msgid "" "The escalation path is fully controlled by the root user. A sudoers entry " "(owned by root) allows Compute to run (as root) a specific rootwrap " "executable, and only with a specific configuration file (which should be " "owned by root). nova-rootwrap imports the Python modules it needs from a " "cleaned (and system-default) PYTHONPATH. The configuration file (also root-" "owned) points to root-owned filter definition directories, which contain " "root-owned filters definition files. This chain ensures that the Compute " "user itself is not in control of the configuration or modules used by the " "nova-rootwrap executable." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml47(title) msgid "Details of rootwrap.conf" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml48(para) msgid "" "You configure nova-rootwrap in the rootwrap.conf file. " "Because it's in the trusted security path, it must be owned and writable by " "only the root user. Its location is specified both in the sudoers entry and " "in the nova.conf configuration file with the " "rootwrap_config=entry." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml55(para) msgid "It uses an INI file format with these sections and parameters:" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml59(caption) #: ./doc/admin-guide-cloud/section_rootwrap.xml98(caption) msgid "rootwrap.conf configuration options" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml64(para) #: ./doc/admin-guide-cloud/section_rootwrap.xml103(para) msgid "Configuration option=Default value" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml66(para) #: ./doc/admin-guide-cloud/section_rootwrap.xml105(para) msgid "(Type) Description" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml71(para) msgid "[DEFAULT]" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml72(para) msgid "filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml74(para) msgid "" "(ListOpt) Comma-separated list of directories containing filter definition " "files. Defines where filters for root wrap are stored. Directories defined " "on this line should all exist, be owned and writable only by the root user." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml86(title) msgid "Details of .filters files" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml87(para) msgid "" "Filters definition files contain lists of filters that nova-rootwrap will " "use to allow or deny a specific command. They are generally suffixed by " ".filters. Since they are in the trusted security path, they need to be owned" " and writable only by the root user. Their location is specified in the " "rootwrap.conf file." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml93(para) msgid "" "It uses an INI file format with a [Filters] section and several lines, each " "with a unique parameter name (different for each filter that you define):" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml110(para) msgid "[Filters]" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml111(para) msgid "filter_name=kpartx: CommandFilter, /sbin/kpartx, root" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml113(para) msgid "" "(ListOpt) Comma-separated list containing first the Filter class to use, " "followed by that Filter arguments (which vary depending on the Filter class " "selected)." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml7(title) msgid "Troubleshoot the Block Storage configuration" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml9(para) msgid "" "This section helps you solve some basic and common errors that you might " "encounter during setup and configuration of the Block Storage Service. The " "focus here is on failed creation of volumes. The most important thing to " "know is where to look in case of a failure." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml14(para) msgid "" "Two log files are especially helpful for solving volume creation failures, " "the cinder-api log and the " "cinder-volume log. The " "cinder-api log is useful for " "determining if you have endpoint or connectivity issues. If you send a " "request to create a volume and it fails, review the cinder-api log to determine whether the " "request made it to the Block Storage service. If the request is logged and " "you see no errors or trace-backs, check the cinder-volume log for errors or trace-backs." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml28(para) msgid "" "Create commands are listed in the cinder-" "api log." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml31(para) msgid "" "These entries in the cinder.openstack.common.log file " "can be used to assist in troubleshooting your block storage configuration." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml103(para) msgid "" "These common issues might occur during configuration. To correct, use these " "suggested solutions." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml107(para) msgid "" "Issues with state_path and volumes_dir" " settings." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml109(para) msgid "" "The OpenStack Block Storage uses as the default iscsi " "helper and implements persistent targets. This means that in the case of a " "tgt restart or even a node reboot your existing volumes on that node will be" " restored automatically with their original IQN." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml114(para) msgid "" "In order to make this possible the iSCSI target information needs to be " "stored in a file on creation that can be queried in case of restart of the " "tgt daemon. By default, Block Storage uses a state_path " "variable, which if installing with Yum or APT should be set to " "/var/lib/cinder/. The next part is the " "volumes_dir variable, by default this just simply appends" " a \"volumes\" directory to the " "state_path. The result is a file-tree " "/var/lib/cinder/volumes/." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml127(para) msgid "" "While this should all be handled by the installer, it can go wrong. If you " "have trouble creating volumes and this directory does not exist you should " "see an error message in the cinder-" "volume log indicating that the volumes_dir " "does not exist, and it should provide information about which path it was " "looking for." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml137(para) msgid "The persistent tgt include file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml138(para) msgid "" "Along with the option, the iSCSI target driver " "also needs to be configured to look in the correct place for the persist " "files. This is a simple entry in the /etc/tgt/conf.d " "file that you should have set when you installed OpenStack. If issues occur," " verify that you have a /etc/tgt/conf.d/cinder.conf " "file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml147(para) msgid "If the file is not present, create it with this command:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml152(para) msgid "" "No sign of attach call in the cinder-" "api log." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml155(para) msgid "" "This is most likely going to be a minor adjustment to your " "nova.conf file. Make sure that your " "nova.conf has this entry:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml162(para) msgid "" "Failed to create iscsi target error in the cinder-" "volume.log file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml166(para) msgid "" "You might see this error in cinder-volume.log after " "trying to create a volume that is 1 GB. To fix this issue:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml170(para) msgid "" "Change content of the /etc/tgt/targets.conf from " "include /etc/tgt/conf.d/*.conf to include " "/etc/tgt/conf.d/cinder_tgt.conf, as follows:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml179(para) msgid "" "Restart tgt and cinder-* services so they pick up the new " "configuration." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml7(title) msgid "Block Storage" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml8(para) msgid "" "The OpenStack Block Storage service works though the interaction of a series" " of daemon processes named cinder-* that reside persistently on the host " "machine or machines. The binaries can all be run from a single node, or " "spread across multiple nodes. They can also be run on the same node as other" " OpenStack services." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml16(title) msgid "Introduction to Block Storage" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml17(para) msgid "" "To administer the OpenStack Block Storage service, it is helpful to " "understand a number of concepts. You must make certain choices when you " "configure the Block Storage service in OpenStack. The bulk of the options " "come down to two choices, single node or multi-node install. You can read a " "longer discussion about storage decisions in Storage Decisions in the " "OpenStack Operations Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml26(para) msgid "" "The OpenStack Block Storage Service enables you to add extra block-level " "storage to your OpenStack Compute instances. This service is similar to the " "Amazon EC2 Elastic Block Storage (EBS) offering." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml33(title) msgid "Manage volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml34(para) msgid "" "The default OpenStack Block Storage service implementation is an iSCSI " "solution that uses Logical Volume Manager (LVM) for Linux." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml38(para) msgid "" "The OpenStack Block Storage service is not a shared storage solution like a " "Storage Area Network (SAN) of NFS volumes, where you can attach a volume to " "multiple servers. With the OpenStack Block Storage service, you can attach a" " volume to only one instance at a time." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml44(para) msgid "" "The OpenStack Block Storage service also provides drivers that enable you to" " use several vendors' back-end storage devices, in addition to or instead of" " the base LVM implementation." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml49(para) msgid "" "This high-level procedure shows you how to create and attach a volume to a " "server instance." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml53(para) msgid "" "You must configure both OpenStack Compute and the OpenStack Block Storage " "service through the cinder.conf file." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml58(para) msgid "" "Create a volume through the command. This command creates " "an LV into the volume group (VG) \"cinder-volumes.\"" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml64(para) msgid "" "Attach the volume to an instance through the command. This " "command creates a unique iSCSI IQN that is exposed to the compute node." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml70(para) msgid "" "The compute node, which runs the instance, now has an active ISCSI session " "and new local storage (usually a /dev/sdX disk)." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml77(para) msgid "" "libvirt uses that local storage as storage for the instance. The instance " "get a new disk, usually a /dev/vdX disk." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml86(para) msgid "" "For this particular walk through, one cloud controller runs nova-api, nova-" "scheduler, nova-" "objectstore, nova-network and " "cinder-* services. Two additional compute nodes run " "nova-compute. The walk through " "uses a custom partitioning scheme that carves out 60 GB of space and labels " "it as LVM. The network uses the FlatManager and " "NetworkManager settings for OpenStack Compute (Nova)." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml100(para) msgid "" "The network mode does not interfere with the way cinder works, but you must " "set up networking for cinder to work. For details, see ." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml103(para) msgid "" "To set up Compute to use volumes, ensure that Block Storage is installed " "along with lvm2. This guide describes how to troubleshoot your installation " "and back up your Compute volumes." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml108(title) msgid "Boot from volume" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml109(para) msgid "" "In some cases, instances can be stored and run from inside volumes. For " "information, see the Launch an instance from a " "volume section in the OpenStack End User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml124(title) msgid "Troubleshoot your installation" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml125(para) msgid "" "This section provides useful tips to help troubleshoot your Block Storage " "Service installation." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml6(title) msgid "Advanced configuration options" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml7(para) msgid "" "This section describes advanced configuration options for various system " "components. For example, configuration options where the default works but " "that the user wants to customize options. After installing from packages, " "$NEUTRON_CONF_DIR is /etc/neutron." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml13(title) msgid "OpenStack Networking server with plug-in" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml14(para) msgid "" "This is the web server that runs the OpenStack Networking API Web Server. It" " is responsible for loading a plug-in and passing the API calls to the plug-" "in for processing. The neutron-server should receive one of more " "configuration files as it its input, for example:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml20(para) msgid "" "The neutron config contains the common neutron configuration parameters. The" " plug-in config contains the plug-in specific flags. The plug-in that is run" " on the service is loaded through the core_plugin " "configuration parameter. In some cases a plug-in might have an agent that " "performs the actual networking." msgstr "" #. Specific #. configuration details can be seen in the Appendix - #. Configuration File Options. #: ./doc/admin-guide-cloud/section_networking-adv-config.xml31(para) msgid "" "Most plug-ins require a SQL database. After you install and start the " "database server, set a password for the root account and delete the " "anonymous accounts:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml37(para) msgid "Create a database and user account specifically for plug-in:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml43(para) msgid "" "Once the above is done you can update the settings in the relevant plug-in " "configuration files. The plug-in specific configuration files can be found " "at $NEUTRON_CONF_DIR/plugins." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml47(para) msgid "" "Some plug-ins have a L2 agent that performs the actual networking. That is, " "the agent will attach the virtual machine NIC to the OpenStack Networking " "network. Each node should have an L2 agent running on it. Note that the " "agent receives the following input parameters:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml53(para) msgid "Two things need to be done prior to working with the plug-in:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml57(para) msgid "Ensure that the core plug-in is updated." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml60(para) msgid "Ensure that the database connection is correctly set." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml64(para) msgid "" "The following table contains examples for these settings. Some Linux " "packages might provide installation utilities that configure these." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml73(th) msgid "Parameter" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml74(th) msgid "Value" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml79(emphasis) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml11(title) #: ./doc/admin-guide-cloud/ch_networking.xml345(td) #: ./doc/admin-guide-cloud/ch_networking.xml2429(td) msgid "Open vSwitch" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml84(td) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml107(td) msgid "core_plugin ($NEUTRON_CONF_DIR/neutron.conf)" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml86(td) msgid "neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml90(code) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml113(code) msgid "[database]" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml89(td) msgid "" "connection (in the plugin configuration file, section )" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml91(td) msgid "" "mysql://<username>:<password>@localhost/ovs_neutron?charset=utf8" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml94(td) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml117(td) msgid "Plug-in Configuration File" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml95(td) msgid "$NEUTRON_CONF_DIR/plugins/openvswitch/ovs_neutron_plugin.ini" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml98(td) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml121(td) #: ./doc/admin-guide-cloud/ch_networking.xml1315(th) msgid "Agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml99(td) msgid "neutron-openvswitch-agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml102(emphasis) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml378(title) #: ./doc/admin-guide-cloud/ch_networking.xml297(td) #: ./doc/admin-guide-cloud/ch_networking.xml2434(td) msgid "Linux Bridge" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml109(td) msgid "neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml112(td) msgid "" "connection (in the plug-in configuration file, section )" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml114(td) msgid "" "mysql://<username>:<password>@localhost/neutron_linux_bridge?charset=utf8" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml118(td) msgid "$NEUTRON_CONF_DIR/plugins/linuxbridge/linuxbridge_conf.ini" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml122(td) msgid "neutron-linuxbridge-agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml126(para) msgid "" "All plug-in configuration files options can be found in the Appendix - " "Configuration File Options." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml130(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml200(title) msgid "DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml131(para) msgid "" "There is an option to run a DHCP server that will allocate IP addresses to " "virtual machines running on the network. When a subnet is created, by " "default, the subnet has DHCP enabled." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml135(para) msgid "The node that runs the DHCP agent should run:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml138(para) msgid "" "Currently the DHCP agent uses dnsmasq to perform that static address " "assignment." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml140(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/dhcp_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
Linux " "Bridge
interface_driver " "($NEUTRON_CONF_DIR/dhcp_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml175(title) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml264(title) #: ./doc/admin-guide-cloud/section_networking-adv-config.xml386(title) msgid "Namespace" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml176(para) msgid "" "By default the DHCP agent makes use of Linux network namespaces in order to " "support overlapping IP addresses. Requirements for network namespaces " "support are described in the Limitations section." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml182(para) msgid "" "If the Linux installation does not support network " "namespace, you must disable using network namespace in the DHCP agent config" " file (The default value of use_namespaces is True)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml192(title) msgid "L3 Agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml193(para) msgid "" "There is an option to run a L3 agent that will give enable layer 3 " "forwarding and floating IP support. The node that runs the L3 agent should " "run:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml198(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service. The driver is used to create the routing interface.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/l3_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
external_network_bridge" " ($NEUTRON_CONF_DIR/l3_agent.ini)br-ex
Linux Bridge
interface_driver" " " "($NEUTRON_CONF_DIR/l3_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge" " ($NEUTRON_CONF_DIR/l3_agent.ini)This field must be empty (or the " "bridge name for the external network).
" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml250(para) msgid "OpenStack Identity authentication:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml252(para) msgid "For example," msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml256(para) msgid "Admin user details:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml246(para) msgid "" "The L3 agent communicates with the OpenStack Networking server via the " "OpenStack Networking API, so the following configuration is required: " "" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml265(para) msgid "" "By default the L3 agent makes use of Linux network namespaces in order to " "support overlapping IP addresses. Requirements for network namespaces " "support are described in the Limitation section." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml271(para) msgid "" "If the Linux installation does not support network " "namespace, you must disable using network namespace in the L3 agent config " "file (The default value of use_namespaces is True)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml278(para) msgid "" "When use_namespaces is set to False, only one router ID can be supported per" " node. This must be configured via the configuration variable " "router_id." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml285(para) msgid "" "To configure it, you need to run the OpenStack Networking service and create" " a router, and then set an ID of the router created to " "router_id in the L3 agent configuration file." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml305(title) msgid "Multiple floating IP pools" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml306(para) msgid "" "The L3 API in OpenStack Networking supports multiple floating IP pools. In " "OpenStack Networking, a floating IP pool is represented as an external " "network and a floating IP is allocated from a subnet associated with the " "external network. Since each L3 agent can be associated with at most one " "external network, we need to invoke multiple L3 agent to define multiple " "floating IP pools. 'gateway_external_network_id' in L3 agent " "configuration file indicates the external network that the L3 agent handles." " You can run multiple L3 agent instances on one host." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml318(para) msgid "" "In addition, when you run multiple L3 agents, make sure that handle_internal_only_routers is set to True only for one L3 agent in an OpenStack " "Networking deployment and set to False " "for all other L3 agents. Since the default value of this parameter is True, " "you need to configure it carefully." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml327(para) msgid "" "Before starting L3 agents, you need to create routers and external networks," " then update the configuration files with UUID of external networks and " "start L3 agents." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml331(para) msgid "" "For the first agent, invoke it with the following l3_agent.ini where " "handle_internal_only_routers is True." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml340(para) msgid "" "For the second (or later) agent, invoke it with the following l3_agent.ini " "where handle_internal_only_routers is False." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml349(title) msgid "L3 Metering Agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml350(para) msgid "" "There is an option to run a L3 metering agent that will enable layer 3 " "traffic metering. In general case the metering agent should be launched on " "all nodes that run the L3 agent:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml355(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service. The driver is used to add metering to the routing interface.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/metering_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
Linux " "Bridge
interface_driver " "($NEUTRON_CONF_DIR/metering_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml387(para) msgid "" "The metering agent and the L3 agent have to have the same configuration " "regarding to the network namespaces setting." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml389(para) msgid "" "If the Linux installation does not support network namespace, you must " "disable using network namespace in the L3 metering config file (The default " "value of is True)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml396(title) msgid "L3 metering driver" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml397(para) msgid "" "A driver which implements the metering abstraction needs to be configured. " "Currently there is only one implementation which is based on iptables." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml402(title) msgid "L3 metering service driver" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml403(para) msgid "" "To enable L3 metering you have to be sure to set the following parameter in " "neutron.conf on the host that runs neutron-server:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml410(title) msgid "Limitations" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml413(para) msgid "" "No equivalent for nova-network --multi_host flag: Nova-" "network has a model where the L3, NAT, and DHCP processing happen on the " "compute node itself, rather than a dedicated networking node. OpenStack " "Networking now support running multiple l3-agent and dhcp-agents with load " "being split across those agents, but the tight coupling of that scheduling " "with the location of the VM is not supported in Grizzly. The Havana release " "is expected to include an exact replacement for the --multi_host flag in " "nova-network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml427(para) msgid "" "Linux network namespace required on nodes running neutron-l3-agent or " "neutron-dhcp-" "agent if overlapping IPs are in use: . In order to " "support overlapping IP addresses, the OpenStack Networking DHCP and L3 " "agents use Linux network namespaces by default. The hosts running these " "processes must support network namespaces. To support network namespaces, " "the following are required:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml445(para) msgid "" "Linux kernel 2.6.24 or newer (with CONFIG_NET_NS=y in kernel configuration) " "and" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml450(para) msgid "" "iproute2 utilities ('ip' command) version 3.1.0 (aka 20111117) or newer" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml455(para) msgid "" "To check whether your host supports namespaces try running the following as " "root:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml459(para) msgid "" "If the preceding commands do not produce errors, your platform is likely " "sufficient to use the dhcp-agent or l3-agent with namespace. In our " "experience, Ubuntu 12.04 or later support namespaces as does Fedora 17 and " "new, but some older RHEL platforms do not by default. It may be possible to " "upgrade the iproute2 package on a platform that does not support namespaces " "by default." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml468(para) msgid "" "If you need to disable namespaces, make sure the " "neutron.conf used by neutron-server has the following " "setting:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml472(para) msgid "" "and that the dhcp_agent.ini and l3_agent.ini have the following setting:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml476(para) msgid "" "If the host does not support namespaces then the neutron-l3-agent and neutron-dhcp-agent should be run on different" " hosts. This is due to the fact that there is no isolation between the IP " "addresses created by the L3 agent and by the DHCP agent. By manipulating the" " routing the user can ensure that these networks have access to one another." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml488(para) msgid "" "If you run both L3 and DHCP services on the same node, you should enable " "namespaces to avoid conflicts with routes:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml496(para) msgid "" "No IPv6 support for L3 agent: The neutron-l3-agent, used by many " "plug-ins to implement L3 forwarding, supports only IPv4 forwarding. " "Currently, there are no errors provided if you configure IPv6 addresses via " "the API." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml507(para) msgid "" "ZeroMQ support is experimental: Some agents, including " "neutron-dhcp-agent, neutron-openvswitch-agent, and neutron-linuxbridge-agent use RPC to " "communicate. ZeroMQ is an available option in the configuration file, but " "has not been tested and should be considered experimental. In particular, " "issues might occur with ZeroMQ and the dhcp agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-adv-config.xml522(para) msgid "" "MetaPlugin is experimental: This release includes a " "MetaPlugin that is intended to support multiple plug-ins at the same time " "for different API requests, based on the content of those API requests. The " "core team has not thoroughly reviewed or tested this functionality. Consider" " this functionality to be experimental until further validation is " "performed." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml6(title) msgid "Back up Block Storage Service disks" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml7(para) msgid "" "While you can use the LVM snapshot to create snapshots, you can also use it " "to back up your volumes. By using LVM snapshot, you reduce the size of the " "backup; only existing data is backed up instead of the entire volume." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml11(para) msgid "" "To back up a volume, you must create a snapshot of it. An LVM snapshot is " "the exact copy of a logical volume, which contains data in a frozen state. " "This prevents data corruption, because data cannot be manipulated during the" " volume creation process. Remember that the volumes created through a " " command exist in an LVM logical volume." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml18(para) msgid "" "Before you create the snapshot, you must have enough space to save it. As a " "precaution, you should have at least twice as much space as the potential " "snapshot size. If insufficient space is available, the snapshot might become" " corrupted." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml23(para) msgid "" "For this example, assume that a 100 GB volume named " "volume-00000001 was created for an instance while only 4 " "GB are used. This example uses these commands to back up only those 4 GB:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml29(para) msgid " command. Directly manipulates the volumes." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml33(para) msgid "" " command. Discovers the partition table created inside the " "instance." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml37(para) msgid " command. Creates a minimum-sized backup." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml41(para) msgid "" " command. Calculates the backup checksum to check its " "consistency." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml45(para) msgid "You can apply this process to volumes of any size." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml47(title) msgid "To back up Block Storage Service disks" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml49(title) msgid "Create a snapshot of a used volume" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml52(para) msgid "Use this command to list all volumes:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml56(para) msgid "" "Create the snapshot; you can do this while the volume is attached to an " "instance:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml59(para) msgid "" "Use the configuration option to tell LVM that " "you want a snapshot of an already existing volume. The command includes the " "size of the space reserved for the snapshot volume, the name of the " "snapshot, and the path of an already existing volume. Generally, this path " "is /dev/nova-" "volumes/$volume_name." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml67(para) msgid "" "The size does not have to be the same as the volume of the snapshot. The " "size parameter defines the space that LVM reserves " "for the snapshot volume. As a precaution, the size should be the same as " "that of the original volume, even if the whole space is not currently used " "by the snapshot." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml78(para) msgid "Run the command again to verify the snapshot:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml120(title) msgid "Partition table discovery" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml123(para) msgid "" "To exploit the snapshot with the command, mount your " "partition on the Block Storage Service server." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml127(para) msgid "" "The utility discovers and maps table partitions. You can " "use it to view partitions that are created inside the instance. Without " "using the partitions created inside instances, you cannot see its content " "and create efficient backups." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml136(para) msgid "" "On a Debian-based distribution, you can also use the " "command." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml140(para) msgid "" "If the tools successfully find and map the partition table, no errors are " "returned." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml145(para) msgid "To check the partition table map, run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml148(para) msgid "" "You can see the nova--volumes-volume--00000001--snapshot1" " partition." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml151(para) msgid "" "If you created more than one partition on that volume, you see several " "partitions; for example: nova--volumes-volume--00000001--" "snapshot2, nova--volumes-volume--00000001--" "snapshot3, and so on." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml159(para) msgid "Mount your partition:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml161(para) msgid "If the partition mounts successfully, no errors are returned." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml163(para) msgid "" "You can directly access the data inside the instance. If a message prompts " "you for a partition or you cannot mount it, determine whether enough space " "was allocated for the snapshot or the command failed to " "discover the partition table." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml170(para) msgid "Allocate more space to the snapshot and try the process again." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml176(title) msgid "Use the command to create archives" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml178(para) msgid "Create a backup of the volume:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml180(para) msgid "" "This command creates a tar.gz file that contains the " "data, and data only. This ensures that " "you do not waste space by backing up empty sectors." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml186(title) msgid "Checksum calculation I" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml187(para) msgid "" "You should always have the checksum for your backup files. When you transfer" " the same file over the network, you can run a checksum calculation to " "ensure that your file was not corrupted during its transfer. The checksum is" " a unique ID for a file. If the checksums are different, the file is " "corrupted." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml193(para) msgid "" "Run this command to run a checksum for your file and save the result to a " "file:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml197(para) msgid "" "Use the command carefully because the time it takes to " "complete the calculation is directly proportional to the size of the file." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml201(para) msgid "" "For files larger than around 4 to 6 GB, and depending on your CPU, the " "process might take a long time." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml207(title) msgid "After work cleaning" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml208(para) msgid "" "Now that you have an efficient and consistent backup, use this command to " "clean up the file system:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml213(para) msgid "Unmount the volume:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml217(para) msgid "Delete the partition table:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml221(para) msgid "Remove the snapshot:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml225(para) msgid "Repeat these steps for all your volumes." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml228(title) msgid "Automate your backups" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml229(para) msgid "" "Because more and more volumes might be allocated to your Block Storage " "service, you might want to automate your backups. The SCR_5005_V01_NUAC-" "OPENSTACK-EBS-volumes-backup.sh script assists you with this task. " "The script performs the operations from the previous example, but also " "provides a mail report and runs the backup based on the " " setting." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml239(para) msgid "" "Launch this script from the server that runs the Block Storage Service." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml241(para) msgid "This example shows a mail report:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml255(para) msgid "" "The script also enables you to SSH to your instances and run a " " command into them. To make this work, enable the connection" " to the Compute project keys. If you do not want to run the " " command, you can add enable_mysql_dump=0 to the script " "to turn off this functionality." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml4(title) msgid "Failed to connect volume in FC SAN" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml7(para) msgid "" "Compute node failed to connect to a volume in a Fibre Channel (FC) SAN " "configuration. The WWN may not be zoned correctly in your FC SAN that links " "the Compute host to the storage array." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml16(para) msgid "" "The network administrator must configure the FC SAN fabric by correctly " "zoning the WWN (port names) from your Compute node HBAs." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml6(title) msgid "System administration for Object Storage" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml7(para) msgid "" "By understanding Object Storage concepts, you can better monitor and " "administer your storage solution. The majority of the administration " "information is maintained in developer documentation at docs.openstack.org/developer/swift/." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml13(para) msgid "" "See the OpenStack Configuration " "Reference for a list of configuration options for Object " "Storage." msgstr "" #: ./doc/admin-guide-cloud/ch_objectstorage.xml7(title) msgid "Object Storage" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml8(title) msgid "Failed to Attach Volume, Missing sg_scan" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml11(para) msgid "" "Failed to attach volume to an instance, sg_scan file " "not found. This warning and error occur when the " "sg3-utils package is not installed on the Compute node. " "The IDs in your message are unique to your system:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml25(para) msgid "" "Run this command on the Compute node to install the " "sg3-utils package:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml6(title) msgid "Advanced operational features" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml8(title) msgid "Logging settings" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml9(para) msgid "" "Networking components use Python logging module to do logging. Logging " "configuration can be provided in neutron.conf or as " "command line options. Command options override ones in " "neutron.conf." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml14(para) msgid "" "To configure logging for Networking components, use one of these methods:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml18(para) msgid "Provide logging settings in a logging configuration file." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml20(para) msgid "" "See Python logging " "how-to to learn more about logging." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml24(para) msgid "Provide logging setting in neutron.conf" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml49(title) msgid "Notifications" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml50(para) msgid "" "Notifications can be sent when Networking resources such as network, subnet " "and port are created, updated or deleted." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml54(title) msgid "Notification options" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml55(para) msgid "" "To support DHCP agent, rpc_notifier driver must be set. To set up the " "notification, edit notification options in " "neutron.conf:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml85(title) msgid "Setting cases" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml87(title) msgid "Logging and RPC" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml88(para) msgid "" "These options configure the Networking server to send notifications through " "logging and RPC. The logging options are described in OpenStack " "Configuration Reference . RPC notifications go to " "'notifications.info' queue bound to a topic exchange defined by " "'control_exchange' in neutron.conf." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml127(title) msgid "Multiple RPC topics" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_operational_features.xml128(para) msgid "" "These options configure the Networking server to send notifications to " "multiple RPC topics. RPC notifications go to 'notifications_one.info' and " "'notifications_two.info' queues bound to a topic exchange defined by " "'control_exchange' in neutron.conf." msgstr "" #. ... Based on a blog, should be replaced with original material... #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml7(title) msgid "Object Storage monitoring" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml9(para) msgid "" "Excerpted from a blog post by Darrell Bishop" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml12(para) msgid "" "An OpenStack Object Storage cluster is a collection of many daemons that " "work together across many nodes. With so many different components, you must" " be able to tell what is going on inside the cluster. Tracking server-level " "metrics like CPU utilization, load, memory consumption, disk usage and " "utilization, and so on is necessary, but not sufficient." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml19(para) msgid "" "What are different daemons are doing on each server? What is the volume of " "object replication on node8? How long is it taking? Are there errors? If so," " when did they happen?" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml22(para) msgid "" "In such a complex ecosystem, you can use multiple approaches to get the " "answers to these questions. This section describes several approaches." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml26(title) msgid "Swift Recon" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml27(para) msgid "" "The Swift Recon middleware (see http://swift.openstack.org/admin_guide.html#cluster-telemetry-" "and-monitoring) provides general machine statistics, such as load " "average, socket statistics, /proc/meminfo contents, and so on, " "as well as Swift-specific metrics:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml35(para) msgid "The MD5 sum of each ring file." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml38(para) msgid "The most recent object replication time." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml41(para) msgid "Count of each type of quarantined file: Account, container, or object." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml45(para) msgid "Count of “async_pendings” (deferred container updates) on disk." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml49(para) msgid "" "Swift Recon is middleware that is installed in the object servers pipeline " "and takes one required option: A local cache directory. To track " "async_pendings, you must set up an additional cron job " "for each object server. You access data by either sending HTTP requests " "directly to the object server or using the command-line " "client." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml57(para) msgid "" "There are some good Object Storage cluster statistics but the general server" " metrics overlap with existing server monitoring systems. To get the Swift-" "specific metrics into a monitoring system, they must be polled. Swift Recon " "essentially acts as a middleware metrics collector. The process that feeds " "metrics to your statistics system, such as collectd and " "gmond, probably already runs on the storage node. So, you" " can choose to either talk to Swift Recon or collect the metrics directly." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml69(title) msgid "Swift-Informant" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml70(para) msgid "" "Florian Hines developed the Swift-Informant middleware (see http://pandemicsyn.posterous.com/swift-informant-statsd-" "getting-realtime-telem) to get real-time visibility into Object " "Storage client requests. It sits in the pipeline for the proxy server, and " "after each request to the proxy server, sends three metrics to a StatsD " "server (see http://codeascraft.etsy.com/2011/02/15" "/measure-anything-measure-everything/):" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml82(para) msgid "" "A counter increment for a metric like obj.GET.200 or " "cont.PUT.404." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml87(para) msgid "" "Timing data for a metric like acct.GET.200 or " "obj.GET.200. [The README says the metrics look like " "duration.acct.GET.200, but I do not see the " "duration in the code. I am not sure what the Etsy server " "does but our StatsD server turns timing metrics into five derivative metrics" " with new segments appended, so it probably works as coded. The first metric" " turns into acct.GET.200.lower, " "acct.GET.200.upper, acct.GET.200.mean, " "acct.GET.200.upper_90, and acct.GET.200.count]." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml104(para) msgid "" "A counter increase by the bytes transferred for a metric like " "tfer.obj.PUT.201." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml109(para) msgid "" "This is good for getting a feel for the quality of service clients are " "experiencing with the timing metrics, as well as getting a feel for the " "volume of the various permutations of request server type, command, and " "response code. Swift-Informant also requires no change to core Object " "Storage code because it is implemented as middleware. However, it gives you " "no insight into the workings of the cluster past the proxy server. If the " "responsiveness of one storage node degrades, you can only see that some of " "your requests are bad, either as high latency or error status codes. You do " "not know exactly why or where that request tried to go. Maybe the container " "server in question was on a good node but the object server was on a " "different, poorly-performing node." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml125(title) msgid "Statsdlog" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml126(para) msgid "" "Florian’s Statsdlog project " "increments StatsD counters based on logged events. Like Swift-Informant, it " "is also non-intrusive, but statsdlog can track events from all Object " "Storage daemons, not just proxy-server. The daemon listens to a UDP stream " "of syslog messages and StatsD counters are incremented when a log line " "matches a regular expression. Metric names are mapped to regex match " "patterns in a JSON file, allowing flexible configuration of what metrics are" " extracted from the log stream." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml137(para) msgid "" "Currently, only the first matching regex triggers a StatsD counter " "increment, and the counter is always incremented by one. There is no way to " "increment a counter by more than one or send timing data to StatsD based on " "the log line content. The tool could be extended to handle more metrics for " "each line and data extraction, including timing data. But a coupling would " "still exist between the log textual format and the log parsing regexes, " "which would themselves be more complex to support multiple matches for each " "line and data extraction. Also, log processing introduces a delay between " "the triggering event and sending the data to StatsD. It would be preferable " "to increment error counters where they occur and send timing data as soon as" " it is known to avoid coupling between a log string and a parsing regex and " "prevent a time delay between events and sending data to StatsD." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml153(para) msgid "" "The next section describes another method for gathering Object Storage " "operational metrics." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml157(title) msgid "Swift StatsD logging" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml158(para) msgid "" "StatsD (see http://codeascraft.etsy.com/2011/02/15" "/measure-anything-measure-everything/) was designed for application " "code to be deeply instrumented; metrics are sent in real-time by the code " "that just noticed or did something. The overhead of sending a metric is " "extremely low: a sendto of one UDP packet. If that overhead is " "still too high, the StatsD client library can send only a random portion of " "samples and StatsD approximates the actual number when flushing metrics " "upstream." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml169(para) msgid "" "To avoid the problems inherent with middleware-based monitoring and after-" "the-fact log processing, the sending of StatsD metrics is integrated into " "Object Storage itself. The submitted change set (see https://review.openstack.org/#change,6058)" " currently reports 124 metrics across 15 Object Storage daemons and the " "tempauth middleware. Details of the metrics tracked are in the Administrator's" " Guide." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml180(para) msgid "" "The sending of metrics is integrated with the logging framework. To enable, " "configure log_statsd_host in the relevant config file. You can " "also specify the port and a default sample rate. The specified default " "sample rate is used unless a specific call to a statsd logging method (see " "the list below) overrides it. Currently, no logging calls override the " "sample rate, but it is conceivable that some metrics may require accuracy " "(sample_rate == 1) while others may not." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml195(para) msgid "" "Then the LogAdapter object returned by get_logger(), usually " "stored in self.logger, has these new methods:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml201(para) msgid "" "set_statsd_prefix(self, prefix) Sets the client library stat " "prefix value which gets prefixed to every metric. The default prefix is the " "“name” of the logger (such as, . “object-server”, “container-auditor”, " "etc.). This is currently used to turn “proxy-server” into one of “proxy-" "server.Account”, “proxy-server.Container”, or “proxy-server.Object” as soon " "as the Controller object is determined and instantiated for the request." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml213(para) msgid "" "update_stats(self, metric, amount, sample_rate=1) Increments " "the supplied metric by the given amount. This is used when you need to add " "or subtract more that one from a counter, like incrementing “suffix.hashes” " "by the number of computed hashes in the object replicator." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml222(para) msgid "" "increment(self, metric, sample_rate=1) Increments the given " "counter metric by one." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml227(para) msgid "" "decrement(self, metric, sample_rate=1) Lowers the given counter" " metric by one." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml232(para) msgid "" "timing(self, metric, timing_ms, sample_rate=1) Record that the " "given metric took the supplied number of milliseconds." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml238(para) msgid "" "timing_since(self, metric, orig_time, sample_rate=1) " "Convenience method to record a timing metric whose value is “now” minus an " "existing timestamp." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml244(para) msgid "" "Note that these logging methods may safely be called anywhere you have a " "logger object. If StatsD logging has not been configured, the methods are " "no-ops. This avoids messy conditional logic each place a metric is recorded." " These example usages show the new logging methods:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml287(para) msgid "" "The development team of StatsD wanted to use the pystatsd client library " "(not to be confused with a similar-looking project also hosted on GitHub), but the released " "version on PyPi was missing two desired features the latest version in " "GitHub had: the ability to configure a metrics prefix in the client object " "and a convenience method for sending timing data between “now” and a “start”" " timestamp you already have. So they just implemented a simple StatsD client" " library from scratch with the same interface. This has the nice fringe " "benefit of not introducing another external library dependency into Object " "Storage." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml5(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml5(title) msgid "Failed to attach volume after detaching" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml9(para) msgid "Failed to attach a volume after detaching the same volume." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml15(para) msgid "" "You must change the device name on the command. The VM " "might not clean up after a command runs. This example shows" " how the command fails when you use the vdb, " "vdc, or vdd device names:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml34(para) msgid "" "You might also have this problem after attaching and detaching the same " "volume from the same VM with the same mount point multiple times. In this " "case, restart the KVM host." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml4(title) msgid "Non-existent host" msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml7(para) msgid "" "This error could be caused by a volume being exported outside of OpenStack " "using a host name different from the system name that OpenStack expects. " "This error could be displayed with the IQN if the host was exported using " "iSCSI." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml15(para) msgid "" "Host names constructed by the driver use just the local hostname, not the " "fully qualified domain name (FQDN) of the Compute host. For example, if the " "FQDN was myhost.example.com, just " "myhost would be used as the 3PAR hostname. IP addresses" " are not allowed as host names on the 3PAR storage server." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml38(None) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml406(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1.png'; " "md5=6c8c80ff7e23cc2c7c7e1aa66e1fd8c0" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml79(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-ovs-compute.png'; " "md5=46509fcb546df0f43adb5350f2dd9fab" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml172(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-ovs-network.png'; " "md5=8eea1c1dbde433c46666c985751c3276" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml252(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-ovs-netns.png'; " "md5=de52650e491e4dc2946e827cd93e0a85" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml298(None) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml503(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2.png'; " "md5=148feb87744e7b04da21ec4f17503c75" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml340(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-ovs-compute.png'; " "md5=94603b4ec7904ac04bc1ed81a2d38f79" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml355(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-ovs-network.png'; " "md5=80aa67268b5ce7deddc41845e6313634" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml364(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-ovs-netns.png'; " "md5=d8878beff47037240d6f8c48f8d4d4c3" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml446(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-linuxbridge-" "compute.png'; md5=8270a65d291a628c7091997414046167" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml484(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-linuxbridge-" "network.png'; md5=bd78453eb11ffebddf55484ca2cd125e" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml491(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-1-linuxbridge-" "netns.png'; md5=915d10e90cbb18e887b4d5eb5ea15e58" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml546(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-linuxbridge-" "compute.png'; md5=f68f0baeba932b219574e55853bd2300" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml559(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-linuxbridge-" "network.png'; md5=25f818f7f9148152e5a8dbf6d530dcf6" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml567(None) msgid "" "@@image: '../common/figures/under-the-hood-scenario-2-linuxbridge-" "netns.png'; md5=cdc0bd4b3e7988f7fedffefae4dae9d0" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml599(None) msgid "" "@@image: '../common/figures/ml2_without_l2pop_full_mesh.png'; " "md5=881485c0686f20b82967d5b817932952" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/section_networking-scenarios.xml609(None) msgid "" "@@image: '../common/figures/ml2_without_l2pop_partial_mesh.png'; " "md5=66fe83560a3e1880ffe3a85d80538f83" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml6(title) msgid "Networking scenarios" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml7(para) msgid "" "This chapter describes two networking scenarios and how the Open vSwitch " "plug-in and the Linux bridging plug-in implement these scenarios." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml12(para) msgid "" "This section describes how the Open vSwitch plug-in implements the " "Networking abstractions." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml16(para) msgid "" "This example uses VLAN isolation on the switches to isolate tenant networks." " This configuration labels the physical network associated with the public " "network as physnet1, and the physical network associated " "with the data network as physnet2, which leads to the " "following configuration options in " "ovs_neutron_plugin.ini:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml29(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml397(title) msgid "Scenario 1: one tenant, two networks, one router" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml30(para) msgid "" "The first scenario has two private networks (net01, and " "net02), each with one subnet " "(net01_subnet01: 192.168.101.0/24, " "net02_subnet01, 192.168.102.0/24). Both private networks " "are attached to a router that connects them to the public network " "(10.64.201.0/24)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml41(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml409(para) msgid "" "Under the service tenant, create the shared router, " "define the public network, and set it as the default gateway of the " "router" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml52(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml420(para) msgid "" "Under the demo user tenant, create the private network " "net01 and corresponding subnet, and connect it to the " "router01 router. Configure it to use VLAN ID 101 on the " "physical switch." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml63(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml431(para) msgid "" "Similarly, for net02, using VLAN ID 102 on the physical " "switch:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml73(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml440(title) msgid "Scenario 1: Compute host config" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml74(para) msgid "" "The following figure shows how to configure various Linux networking devices" " on the compute host:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml84(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml451(title) msgid "Types of network devices" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml85(para) msgid "" "There are four distinct type of virtual networking devices: TAP devices, " "veth pairs, Linux bridges, and Open vSwitch bridges. For an ethernet frame " "to travel from eth0 of virtual machine " "vm01 to the physical network, it must pass through nine " "devices inside of the host: TAP vnet0, Linux bridge " "qbrnnn, veth pair " "(qvbnnn, " "qvonnn), Open vSwitch bridge br-int, veth pair (int-br-eth1, phy-br-eth1), " "and, finally, the physical network interface card eth1." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml96(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml460(para) msgid "" "A TAP device, such as " "vnet0 is how hypervisors such as KVM and Xen implement a " "virtual network interface card (typically called a VIF or vNIC). An ethernet" " frame sent to a TAP device is received by the guest operating system." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml100(para) msgid "" "A veth pair is a pair of directly " "connected virtual network interfaces. An ethernet frame sent to one end of a" " veth pair is received by the other end of a veth pair. Networking uses veth" " pairs as virtual patch cables to make connections between virtual bridges." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml104(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml473(para) msgid "" "A Linux bridge behaves like a hub: you " "can connect multiple (physical or virtual) network interfaces devices to a " "Linux bridge. Any ethernet frames that come in from one interface attached " "to the bridge is transmitted to all of the other devices." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml108(para) msgid "" "An Open vSwitch bridge behaves like a " "virtual switch: network interface devices connect to Open vSwitch bridge's " "ports, and the ports can be configured much like a physical switch's ports, " "including VLAN configurations." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml114(title) msgid "Integration bridge" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml115(para) msgid "" "The br-int OpenvSwitch bridge is the integration bridge: " "all guests running on the compute host connect to this bridge. Networking " "implements isolation across these guests by configuring the br-" "int ports." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml121(title) msgid "Physical connectivity bridge" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml122(para) msgid "" "The br-eth1 bridge provides connectivity to the physical " "network interface card, eth1. It connects to the " "integration bridge by a veth pair: (int-br-eth1, phy-br-" "eth1)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml127(title) msgid "VLAN translation" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml128(para) msgid "" "In this example, net01 and net02 have VLAN ids of 1 and 2, respectively. " "However, the physical network in our example only supports VLAN IDs in the " "range 101 through 110. The Open vSwitch agent is responsible for configuring" " flow rules on br-int and br-eth1 to " "do VLAN translation. When br-eth1 receives a frame marked" " with VLAN ID 1 on the port associated with phy-br-eth1, " "it modifies the VLAN ID in the frame to 101. Similarly, when br-" "int receives a frame marked with VLAN ID 101 on the port " "associated with int-br-eth1, it modifies the VLAN ID in " "the frame to 1." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml139(title) msgid "Security groups: iptables and Linux bridges" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml140(para) msgid "" "Ideally, the TAP device vnet0 would be connected directly" " to the integration bridge, br-int. Unfortunately, this " "isn't possible because of how OpenStack security groups are currently " "implemented. OpenStack uses iptables rules on the TAP devices such as " "vnet0 to implement security groups, and Open vSwitch is " "not compatible with iptables rules that are applied directly on TAP devices " "that are connected to an Open vSwitch port." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml147(para) msgid "" "Networking uses an extra Linux bridge and a veth pair as a workaround for " "this issue. Instead of connecting vnet0 to an Open " "vSwitch bridge, it is connected to a Linux bridge, " "qbrXXX. This bridge is " "connected to the integration bridge, br-int, through the " "(qvbXXX, " "qvoXXX) veth pair." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml157(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml480(title) msgid "Scenario 1: Network host config" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml158(para) msgid "" "The network host runs the neutron-openvswitch-plugin-agent, the neutron-" "dhcp-agent, neutron-l3-agent, and neutron-metadata-agent services." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml160(para) msgid "" "On the network host, assume that eth0 is connected to the external network, " "and eth1 is connected to the data network, which leads to the following " "configuration in the ovs_neutron_plugin.ini file: " " The following figure shows the network devices on the " "network host:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml175(para) msgid "" "As on the compute host, there is an Open vSwitch integration bridge " "(br-int) and an Open vSwitch bridge connected to the data" " network (br-eth1), and the two are connected by a veth " "pair, and the neutron-openvswitch-plugin-agent configures the ports on both " "switches to do VLAN translation." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml180(para) msgid "" "An additional Open vSwitch bridge, br-ex, connects to the" " physical interface that is connected to the external network. In this " "example, that physical interface is eth0." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml183(para) msgid "" "While the integration bridge and the external bridge are connected by a veth" " pair (int-br-ex, phy-br-ex), this example uses layer 3 " "connectivity to route packets from the internal networks to the public " "network: no packets traverse that veth pair in this example." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml187(title) msgid "Open vSwitch internal ports" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml188(para) msgid "" "The network host uses Open vSwitch internal " "ports. Internal ports enable you to assign one or more IP " "addresses to an Open vSwitch bridge. In previous example, the br-" "int bridge has four internal ports: " "tapXXX, " "qr-YYY, " "qr-ZZZ, and " "tapWWW. Each internal port has" " a separate IP address associated with it. An internal port, qg-" "VVV, is on the br-ex bridge." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml201(para) msgid "" "By default, The Networking DHCP agent uses a process called dnsmasq to " "provide DHCP services to guests. Networking must create an internal port for" " each network that requires DHCP services and attach a dnsmasq process to " "that port. In the previous example, the " "tapXXX interface is on " "net01_subnet01, and the " "tapWWW interface is on " "net02_subnet01." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml211(title) msgid "L3 agent (routing)" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml212(para) msgid "" "The Networking L3 agent uses Open vSwitch internal ports to implement " "routing and relies on the network host to route the packets across the " "interfaces. In this example, the qr-YYY interface is on " "net01_subnet01 and has the IP address 192.168.101.1/24. " "The qr-ZZZ, interface is on " "net02_subnet01 and has the IP address " "192.168.102.1/24. The " "qg-VVV interface has the IP " "address 10.64.201.254/24. Because each of these " "interfaces is visible to the network host operating system, the network host" " routes the packets across the interfaces, as long as an administrator has " "enabled IP forwarding." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml224(para) msgid "" "The L3 agent uses iptables to implement floating IPs to do the network " "address translation (NAT)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml228(title) msgid "Overlapping subnets and network namespaces" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml229(para) msgid "" "One problem with using the host to implement routing is that one of the " "Networking subnets might overlap with one of the physical networks that the " "host uses. For example, if the management network is implemented on " "eth2 and also happens to be on the " "192.168.101.0/24 subnet, routing problems will occur " "because the host can't determine whether to send a packet on this subnet to " "qr-YYY or eth2. If end users are " "permitted to create their own logical networks and subnets, you must design " "the system so that such collisions do not occur." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml238(para) msgid "" "Networking uses Linux network namespaces " "to prevent collisions between the physical networks on the " "network host, and the logical networks used by the virtual machines. It also" " prevents collisions across different logical networks that are not routed " "to each other, as the following scenario shows." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml243(para) msgid "" "A network namespace is an isolated environment with its own networking " "stack. A network namespace has its own network interfaces, routes, and " "iptables rules. Consider it a chroot jail, except for networking instead of " "for a file system. LXC (Linux containers) use network namespaces to " "implement networking virtualization." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml248(para) msgid "" "Networking creates network namespaces on the network host to avoid subnet " "collisions." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml257(para) msgid "" "qdhcp-aaa: contains the " "tapXXX interface and the " "dnsmasq process that listens on that interface to provide DHCP services for " "net01_subnet01. This allows overlapping IPs between " "net01_subnet01 and any other subnets on the network host." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml267(para) msgid "" "qrouter-bbbb: contains the " "qr-YYY, " "qr-ZZZ, and " "qg-VVV interfaces, and the " "corresponding routes. This namespace implements router01 " "in our example." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml276(para) msgid "" "qdhcp-ccc: contains the " "tapWWW interface and the " "dnsmasq process that listens on that interface, to provide DHCP services for" " net02_subnet01. This allows overlapping IPs between " "net02_subnet01 and any other subnets on the network host." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml255(para) msgid "" "In this example, there are three network namespaces, as shown in the figure " "above:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml290(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml497(title) msgid "Scenario 2: two tenants, two networks, two routers" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml292(para) msgid "" "In this scenario, tenant A and tenant B each have a network with one subnet " "and one router that connects the tenants to the public Internet." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml301(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml506(para) msgid "" "Under the service tenant, define the public " "network:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml309(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml514(para) msgid "" "Under the tenantA user tenant, create the tenant router " "and set its gateway for the public network. Then, define " "private network net01 using VLAN ID 102 on the physical " "switch, along with its subnet, and connect it to the router. " "" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml322(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml527(para) msgid "" "Similarly, for tenantB, create a router and another " "network, using VLAN ID 102 on the physical switch:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml335(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml540(title) msgid "Scenario 2: Compute host config" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml336(para) msgid "" "The following figure shows how to configure Linux networking devices on the " "Compute host:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml343(para) msgid "" "The Compute host configuration resembles the configuration in scenario 1. " "However, in scenario 1, a guest connects to two subnets while in this " "scenario, the subnets belong to different tenants." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml350(title) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml554(title) msgid "Scenario 2: Network host config" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml351(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml555(para) msgid "" "The following figure shows the network devices on the network host for the " "second scenario." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml358(para) msgid "" "In this configuration, the network namespaces are organized to isolate the " "two subnets from each other as shown in the following figure." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml367(para) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml570(para) msgid "" "In this scenario, there are four network namespaces " "(qhdcp-aaa, " "qrouter-bbbb, " "qrouter-cccc, and " "qhdcp-dddd), instead of three." " Since there is no connectivity between the two networks, and so each router" " is implemented by a separate namespace." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml379(para) msgid "" "This section describes how the Linux Bridge plug-in implements the " "Networking abstractions. For information about DHCP and L3 agents, see ." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml384(para) msgid "" "This example uses VLAN isolation on the switches to isolate tenant networks." " This configuration labels the physical network associated with the public " "network as physnet1, and the physical network associated " "with the data network as physnet2, which leads to the " "following configuration options in " "linuxbridge_conf.ini:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml398(para) msgid "" "The first scenario has two private networks (net01, and " "net02), each with one subnet " "(net01_subnet01: 192.168.101.0/24, " "net02_subnet01, 192.168.102.0/24). Both private networks " "are attached to a router that contains them to the public network " "(10.64.201.0/24)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml441(para) msgid "" "The following figure shows how to configure the various Linux networking " "devices on the compute host." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml452(para) msgid "" "There are three distinct type of virtual networking devices: TAP devices, " "VLAN devices, and Linux bridges. For an ethernet frame to travel from " "eth0 of virtual machine vm01, to the " "physical network, it must pass through four devices inside of the host: TAP " "vnet0, Linux bridge " "brqXXX, VLAN " "eth1.101), and, finally, the physical network interface " "card eth1." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml464(para) msgid "" "A VLAN device is associated with a VLAN" " tag attaches to an existing interface device and adds or removes VLAN tags." " In the preceding example, VLAN device eth1.101 is " "associated with VLAN ID 101 and is attached to interface " "eth1. Packets received from the outside by " "eth1 with VLAN tag 101 will be passed to device " "eth1.101, which will then strip the tag. In the other " "direction, any ethernet frame sent directly to eth1.101 will have VLAN tag " "101 added and will be forward to eth1 for sending out to " "the network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml481(para) msgid "The following figure shows the network devices on the network host." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml487(para) msgid "" "The following figure shows how the Linux Bridge plug-in uses network " "namespaces to provide isolation." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml488(para) msgid "" "veth pairs form connections between the Linux bridges and the network " "namespaces." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml498(para) msgid "" "The second scenario has two tenants (A, B). Each tenant has a network with " "one subnet, and each one has a router that connects them to the public " "Internet." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml541(para) msgid "" "The following figure shows how the various Linux networking devices would be" " configured on the compute host under this scenario." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml549(para) msgid "" "The configuration on the compute host is very similar to the configuration " "in scenario 1. The only real difference is that scenario 1 had a guest that " "was connected to two subnets, and in this scenario, the subnets belong to " "different tenants." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml562(para) msgid "" "The main difference between the configuration in this scenario and the " "previous one is the organization of the network namespaces, in order to " "provide isolation across the two subnets, as shown in the following figure." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml581(title) #: ./doc/admin-guide-cloud/ch_networking.xml321(td) #: ./doc/admin-guide-cloud/ch_networking.xml2424(td) msgid "ML2" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml582(para) msgid "" "The Modular Layer 2 plugin allows OpenStack Networking to simultaneously " "utilize the variety of layer 2 networking technologies found in complex " "real-world data centers. It currently includes drivers for the local, flat, " "vlan, gre and vxlan network types and works with the existing Open" " vSwitch, Linux Bridge, and " "HyperV L2 agents. The ML2 plug-in " "can be extended through mechanism drivers, multiple mechanisms can be used " "simultaneously. This section describes different ML2 " "plug-in / agents configurations with different type drivers and mechanism " "drivers." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml592(title) msgid "ML2 with L2 population mechanism driver" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml593(para) msgid "" "Current Open vSwitch and Linux " "Bridge tunneling implementations broadcast to every agent, even " "if they don’t host the corresponding network as illustrated below." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml602(para) msgid "" "As broadcast emulation on overlay is costly, it may be better to avoid its " "use for mac learning and ARP resolution. This supposes the use of proxy ARP " "on the agent to answer VM requests, and to populate forwarding table. " "Currently only the Linux Bridge Agent implements an ARP" " proxy. The prepopulation limits L2 broadcasts in overlay, however it may " "anyway be necessary to provide broadcast emulation. This is achieved by " "sending broadcasts packets over unicasts only to the relevant agents as " "illustrated below.The partial-mesh is available with the " "Open vSwitch and the Linux Bridge " "agent. The following scenarios will use the L2 population mechanism driver " "with an Open vSwitch agent and a Linux " "Bridge agent. To enable the l2 population driver we have to add " "it in the list of mechanism drivers. We also need to have at least one " "tunneling type driver enabled, either GRE, VXLAN or both. Below " "configuration options that we have to set in " "ml2_conf.ini:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml621(title) msgid "Scenario 1: L2 population with Open vSwitch agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml625(replaceable) #: ./doc/admin-guide-cloud/section_networking-scenarios.xml637(replaceable) msgid "192.168.1.10" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml628(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml184(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml191(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml208(literal) msgid "gre" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml628(replaceable) msgid "vxlan" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml622(para) msgid "" "We have to enable the l2 population extension on the Open " "vSwitch agent side and we also have to set the " " parameter and the " "ml2_conf.ini." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml632(title) msgid "Scenario 2: L2 population with Linux Bridge agent" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml633(para) msgid "" "We have to enable the l2 population extension on the agent side and we also " "have to set the local_ip parameter and enable VXLAN in " "ml2_conf.ini." msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml641(title) msgid "Enable security group API" msgstr "" #: ./doc/admin-guide-cloud/section_networking-scenarios.xml642(para) msgid "" "Since the ML2 plugin can concurrently support different L2 agents (or other " "mechanisms) with different configuration files, the actual " " value in the " "ml2_conf.ini file does not matter in the server, but " " must be set to a non-default value in the " "ml2 configuration to enable the securitygroup extension. To enable " "securitygroup API, edit the ml2_conf.ini " "file: Each L2 agent configuration file (such as " "ovs_neutron_plugin.ini or " "linuxbridge_conf.ini) should contain the appropriate " " value for that agent. To disable " "securitygroup API, edit the ml2_conf.ini " "file: Also, each L2 agent configuration file (such as " "ovs_neutron_plugin.ini or " "linuxbridge_conf.ini) should contain this value in " " parameter for that agent." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_networking.xml1412(None) msgid "" "@@image: '../common/figures/Neutron-PhysNet-Diagram.png'; " "md5=ac17dba8837f9d7ba714a692c60e68ab" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml7(title) msgid "Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml8(para) msgid "" "Learn Networking concepts, architecture, and basic and advanced neutron and " "nova command-line interface (CLI) cloud." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml12(title) msgid "Introduction to Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml13(para) msgid "" "The Networking service, code-named Neutron, provides an API that lets you " "define network connectivity and addressing in the cloud. The Networking " "service enables operators to leverage different networking technologies to " "power their cloud networking. The Networking service also provides an API to" " configure and manage a variety of network services ranging from L3 " "forwarding and NAT to load balancing, edge firewalls, and IPSEC VPN." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml21(para) msgid "" "For a detailed description of the Networking API abstractions and their " "attributes, see the OpenStack Networking API v2.0 " "Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml27(title) msgid "Networking API" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml28(para) msgid "" "Networking is a virtual network service that provides a powerful API to " "define the network connectivity and IP addressing used by devices from other" " services, such as Compute." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml32(para) msgid "" "The Compute API has a virtual server abstraction to describe computing " "resources. Similarly, the Networking API has virtual network, subnet, and " "port abstractions to describe networking resources." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml37(caption) msgid "Networking resources" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml42(th) msgid "Resource" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml43(th) #: ./doc/admin-guide-cloud/ch_networking.xml1316(th) #: ./doc/admin-guide-cloud/ch_networking.xml1428(th) #: ./doc/admin-guide-cloud/ch_networking.xml1541(th) #: ./doc/admin-guide-cloud/ch_networking.xml1605(th) #: ./doc/admin-guide-cloud/ch_networking.xml1678(th) #: ./doc/admin-guide-cloud/ch_networking.xml1782(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml45(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml171(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml374(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml436(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml759(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml806(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1074(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1209(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1287(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1524(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1903(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2011(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2054(th) msgid "Description" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml49(emphasis) #: ./doc/admin-guide-cloud/ch_networking.xml1427(th) #: ./doc/admin-guide-cloud/ch_networking.xml1547(emphasis) msgid "Network" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml50(td) msgid "" "An isolated L2 segment, analogous to VLAN in the physical networking world." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml55(emphasis) #: ./doc/admin-guide-cloud/ch_networking.xml1556(emphasis) msgid "Subnet" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml56(td) msgid "A block of v4 or v6 IP addresses and associated configuration state." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml60(emphasis) #: ./doc/admin-guide-cloud/ch_networking.xml1568(emphasis) msgid "Port" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml61(td) msgid "" "A connection point for attaching a single device, such as the NIC of a " "virtual server, to a virtual network. Also describes the associated network " "configuration, such as the MAC and IP addresses to be used on that port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml70(para) msgid "" "You can configure rich network topologies by creating and configuring " "networks and subnets, and then instructing other OpenStack services like " "Compute to attach virtual devices to ports on these networks." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml75(para) msgid "" "In particular, Networking supports each tenant having multiple private " "networks, and allows tenants to choose their own IP addressing scheme (even " "if those IP addresses overlap with those used by other tenants). The " "Networking service:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml82(para) msgid "" "Enables advanced cloud networking use cases, such as building multi-tiered " "web applications and allowing applications to be migrated to the cloud " "without changing IP addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml89(para) msgid "" "Offers flexibility for the cloud administrator to customize network " "offerings." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml94(para) msgid "" "Enables developers to extend the Networking API. Over time, the extended " "functionality becomes part of the core Networking API." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml102(title) msgid "Plug-in architecture" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml103(para) msgid "" "The original Compute network implementation assumed a basic model of " "isolation through Linux VLANs and IP tables. Networking introduces the " "concept of a plug-in, which is a back-" "end implementation of the Networking API. A plug-in can use a variety of " "technologies to implement the logical API requests. Some Networking plug-ins" " might use basic Linux VLANs and IP tables, while others might use more " "advanced technologies, such as L2-in-L3 tunneling or OpenFlow, to provide " "similar benefits." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml115(caption) msgid "Available networking plug-ins" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml120(th) #: ./doc/admin-guide-cloud/ch_networking.xml255(th) #: ./doc/admin-guide-cloud/ch_networking.xml2417(th) msgid "Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml121(th) msgid "Documentation" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml126(emphasis) msgid "Big Switch Plug-in (Floodlight REST Proxy)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml132(link) msgid "" "http://www.openflowhub.org/display/floodlightcontroller/Neutron+REST+Proxy+Plugin" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml129(td) msgid "Documentation included in this guide and " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml136(emphasis) msgid "Brocade Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml138(td) msgid "Documentation included in this guide" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml142(emphasis) #: ./doc/admin-guide-cloud/ch_networking.xml281(td) msgid "Cisco" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml145(link) msgid "http://wiki.openstack.org/cisco-neutron" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml148(emphasis) msgid "Cloudbase Hyper-V Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml152(link) msgid "http://www.cloudbase.it/quantum-hyper-v-plugin/" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml155(emphasis) msgid "Linux Bridge Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml159(link) msgid "http://wiki.openstack.org/Neutron-Linux-Bridge-Plugin" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml162(emphasis) msgid "Mellanox Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml166(link) msgid "https://wiki.openstack.org/wiki/Mellanox-Neutron/" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml169(emphasis) msgid "Midonet Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml173(link) msgid "http://www.midokura.com/" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml176(emphasis) msgid "ML2 (Modular Layer 2) Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml180(link) msgid "https://wiki.openstack.org/wiki/Neutron/ML2" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml183(emphasis) msgid "NEC OpenFlow Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml187(link) msgid "http://wiki.openstack.org/Quantum-NEC-OpenFlow-Plugin" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml190(emphasis) msgid "Nicira NVP Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml195(link) msgid "NVP Product Overview" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml197(link) msgid "NVP Product Support" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml192(td) msgid "" "Documentation included in this guide as well as in , " "" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml200(emphasis) msgid "Open vSwitch Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml202(td) msgid "Documentation included in this guide." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml206(emphasis) msgid "PLUMgrid" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml210(link) msgid "https://https://wiki.openstack.org/wiki/PLUMgrid-Neutron" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml207(td) #: ./doc/admin-guide-cloud/ch_networking.xml215(td) msgid "Documentation included in this guide as well as in " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml213(emphasis) msgid "Ryu Plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml218(link) msgid "https://github.com/osrg/ryu/wiki/OpenStack" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml222(para) msgid "" "Plug-ins can have different properties for hardware requirements, features, " "performance, scale, or operator tools. Because Networking supports a large " "number of plug-ins, the cloud administrator can weigh options to decide on " "the right networking technology for the deployment." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml228(para) msgid "" "In the Havana release, OpenStack Networking provides the Modular Layer 2 (ML2) " "plug-in that can concurrently use multiple layer 2 networking " "technologies that are found in real-world data centers. It currently works " "with the existing Open vSwitch, Linux Bridge, and Hyper-v L2 agents. The ML2" " framework simplifies the addition of support for new L2 technologies and " "reduces the effort that is required to add and maintain them compared to " "monolithic plug-ins." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml239(title) msgid "Plug-in deprecation notice:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml240(para) msgid "" "The Open vSwitch and Linux Bridge plug-ins are deprecated in the Havana " "release and will be removed in the Icehouse release. All features have been " "ported to the ML2 plug-in in the form of mechanism drivers. ML2 currently " "provides Linux Bridge, Open vSwitch and Hyper-v mechanism drivers." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml248(para) msgid "" "Not all Networking plug-ins are compatible with all possible Compute " "drivers:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml251(caption) msgid "Plug-in compatibility with Compute drivers" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml256(th) msgid "Libvirt (KVM/QEMU)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml257(th) msgid "XenServer" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml258(th) msgid "VMware" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml259(th) #: ./doc/admin-guide-cloud/ch_compute.xml47(link) msgid "Hyper-V" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml260(th) msgid "Bare-metal" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml265(td) msgid "Big Switch / Floodlight" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml266(td) #: ./doc/admin-guide-cloud/ch_networking.xml274(td) #: ./doc/admin-guide-cloud/ch_networking.xml282(td) #: ./doc/admin-guide-cloud/ch_networking.xml293(td) #: ./doc/admin-guide-cloud/ch_networking.xml298(td) #: ./doc/admin-guide-cloud/ch_networking.xml306(td) #: ./doc/admin-guide-cloud/ch_networking.xml314(td) #: ./doc/admin-guide-cloud/ch_networking.xml322(td) #: ./doc/admin-guide-cloud/ch_networking.xml325(td) #: ./doc/admin-guide-cloud/ch_networking.xml330(td) #: ./doc/admin-guide-cloud/ch_networking.xml338(td) #: ./doc/admin-guide-cloud/ch_networking.xml339(td) #: ./doc/admin-guide-cloud/ch_networking.xml340(td) #: ./doc/admin-guide-cloud/ch_networking.xml346(td) #: ./doc/admin-guide-cloud/ch_networking.xml354(td) #: ./doc/admin-guide-cloud/ch_networking.xml356(td) #: ./doc/admin-guide-cloud/ch_networking.xml362(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1909(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1918(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1927(td) msgid "Yes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml273(td) msgid "Brocade" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml289(td) msgid "Cloudbase Hyper-V" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml305(td) msgid "Mellanox" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml313(td) msgid "Midonet" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml329(td) msgid "NEC OpenFlow" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml337(td) msgid "Nicira NVP" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml353(td) msgid "Plumgrid" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml361(td) msgid "Ryu" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml371(title) msgid "Plug-in configurations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml372(para) msgid "" "For configurations options, see Networking configuration " "options in Configuration Reference. These " "sections explain how to configure specific plug-ins." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml379(title) msgid "Configure Big Switch, Floodlight REST Proxy plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml382(title) msgid "To use the REST Proxy plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml385(para) #: ./doc/admin-guide-cloud/ch_networking.xml538(para) #: ./doc/admin-guide-cloud/ch_networking.xml702(para) #: ./doc/admin-guide-cloud/ch_networking.xml745(para) msgid "Edit /etc/neutron/neutron.conf and set:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml391(para) msgid "" "Edit the plug-in configuration file, " "/etc/neutron/plugins/bigswitch/restproxy.ini, and " "specify a comma-separated list of " "controller_ip:port pairs: For " "database configuration, see Install Networking Services in any of the " "Installation Guides in the OpenStack Documentation index. " "(The link defaults to the Ubuntu version.)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml408(para) #: ./doc/admin-guide-cloud/ch_networking.xml608(para) #: ./doc/admin-guide-cloud/ch_networking.xml806(para) msgid "" "To apply the new settings, restart neutron-" "server:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml417(title) msgid "Configure Brocade plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml419(title) msgid "To use the Brocade plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml422(para) msgid "" "Install the Brocade modified Python netconf client (ncclient) library which " "is available at https://github.com/brocade/ncclient:" " " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml431(para) msgid "" "Edit the /etc/neutron/neutron.conf file and set the " "following option:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml437(para) msgid "" "Edit the /etc/neutron/plugins/brocade/brocade.ini " "configuration file for the Brocade plug-in and specify the admin user name, " "password, and IP address of the Brocade switch:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml444(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml665(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml666(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml677(replaceable) msgid "admin" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml445(replaceable) msgid "password" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml446(replaceable) msgid "switch mgmt ip address" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml448(para) msgid "" "For database configuration, see Install Networking Services in " "any of the Installation Guides in the OpenStack Documentation index. " "(The link defaults to the Ubuntu version.)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml460(para) msgid "" "To apply the new settings, restart the neutron-server service:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml470(title) msgid "Configure OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml471(para) msgid "" "If you use the Open vSwitch (OVS) plug-in in a deployment with multiple " "hosts, you will need to use either tunneling or vlans to isolate traffic " "from multiple networks. Tunneling is easier to deploy because it does not " "require configuring VLANs on network switches." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml478(para) msgid "This procedure uses tunneling:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml480(title) msgid "To configure OpenStack Networking to use the OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml483(para) msgid "" "Edit /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini " " to specify these values (for database configuration, see Install Networking Services in " "Installation Guide):" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml498(para) msgid "" "If you use the neutron DHCP agent, add these lines to the " "/etc/neutron/dhcp_agent.ini file:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml505(para) msgid "" "Create /etc/neutron/dnsmasq-neutron.conf, and add these" " values to lower the MTU size on instances and prevent packet fragmentation " "over the GRE tunnel:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml514(para) msgid "" "After performing that change on the node running neutron-server, restart neutron-server to apply the new settings:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml526(title) msgid "Configure Nicira NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml528(title) msgid "To configure OpenStack Networking to use the NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml530(para) msgid "" "While the instructions in this section refer to the Nicira NVP platform, " "they also apply to VMware NSX." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml533(para) msgid "Install the NVP plug-in, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml542(para) msgid "Example neutron.conf file for NVP:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml559(para) msgid "" "A set of parameters need to establish and configure the connection with the " "controller cluster. Such parameters include NVP API endpoints, access " "credentials, and settings for HTTP redirects and retries in case of " "connection failures" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml571(para) msgid "" "In order to ensure correct operations nvp_user shoud be a" " user with administrator credentials on the NVP platform." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml574(para) msgid "" "A controller API endpoint consists of the controller's IP address and port; " "if the port is omitted, port 443 will be used. If multiple API endpoints are" " specified, it is up to the user to ensure that all these endpoints belong " "to the same controller cluster; The Openstack Networking Nicira NVP plugin " "does not perform this check, and results might be unpredictable." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml582(para) msgid "" "When multiple API endpoints are specified, the plugin will load balance " "requests on the various API endpoints." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml587(para) msgid "" "The UUID of the NVP Transport Zone that should be used by default when a " "tenant creates a network. This value can be retrieved from the NVP Manager's" " Transport Zones page:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml596(para) msgid "" "Ubuntu packaging currently does not update the neutron init script to point " "to the NVP configuration file. Instead, you must manually update " "/etc/default/neutron-server with the following:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml550(para) msgid "" "To configure the NVP controller cluster for the Openstack Networking " "Service, locate the [default] section in the " "/etc/neutron/plugins/nicira/nvp.ini file, and add the " "following entries (for database configuration, see Install Networking Services in " "Installation Guide): " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml614(para) msgid "Example nvp.ini file:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml623(para) msgid "" "To debug nvp.ini configuration issues, run this command" " from the host that runs neutron-" "server:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml629(para) msgid "" "This command tests whether neutron-" "server can log into all of the NVP Controllers and the SQL " "server, and whether all UUID values are correct." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml637(title) msgid "Loadbalancer-as-a-Service and Firewall-as-a-Service" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml638(para) msgid "" "The NVP LBaaS and FWaaS services use the standard OpenStack API with the " "exception of requiring routed-insertion extension support." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml639(para) msgid "" "Below are the main differences between the NVP implementation and the " "community reference implementation of these services:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml642(para) msgid "" "The NVP LBaaS and FWaaS plugins require the routed-insertion extension, " "which adds the router_id attribute to the VIP (Virtual IP " "address) and firewall resources and binds these services to a logical " "router." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml645(para) msgid "" "The community reference implementation of LBaaS only supports a one-arm " "model, which restricts the VIP to be on the same subnet as the backend " "servers. The NVP LBaaS plugin only supports a two-arm model between north-" "south traffic, meaning that the VIP can only be created on the external " "(physical) network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml648(para) msgid "" "The community reference implementation of FWaaS applies firewall rules to " "all logical routers in a tenant, while the NVP FWaaS plugin applies firewall" " rules only to one logical router according to the router_id of" " the firewall entity." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml652(title) msgid "" "To configure Loadbalancer-as-a-Service and Firewall-as-a-Service with NVP:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml654(para) msgid "Edit /etc/neutron/neutron.conf file:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml660(para) msgid "Edit /etc/neutron/plugins/nicira/nvp.ini file:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml661(para) msgid "" "In addition to the original NVP configuration, the " "default_l3_gw_service_uuid is required for the NVP Advanced " "Plugin and a vcns section must be added as shown below." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml667(replaceable) msgid "10.37.1.137:443" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml668(replaceable) msgid "aae63e9b-2e4e-4efe-81a1-92cf32e308bf" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml669(replaceable) msgid "2702f27a-869a-49d1-8781-09331a0f6b9e" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml674(replaceable) msgid "https://10.24.106.219" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml680(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1535(td) msgid "default" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml683(replaceable) msgid "f2c023cf-76e2-4625-869b-d0dabcfcc638" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml697(title) msgid "Configure PLUMgrid plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml699(title) msgid "To use the PLUMgrid plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml708(para) msgid "" "Edit /etc/neutron/plugins/plumgrid/plumgrid.ini under " "the [PLUMgridDirector] section, and specify the IP " "address, port, admin user name, and password of the PLUMgrid Director: " " For database configuration, see Install Networking Services in " "Installation Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml727(para) msgid "" "To apply the settings, restart neutron-" "server:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml735(title) msgid "Configure Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml737(title) msgid "To use the Ryu plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml740(para) msgid "Install the Ryu plug-in, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml763(para) msgid "" "The openflow_rest_api is used to tell where Ryu is " "listening for REST API. Substitute ip-address and " "port-no based on your Ryu setup." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml773(para) msgid "" "The ovsdb_interface is used for Ryu to access the " "ovsdb-server. Substitute eth0 based on your set up." " The IP address is derived from the interface name. If you want to change " "this value irrespective of the interface name, " "ovsdb_ip can be specified. If you use a non-default" " port for ovsdb-server, it can be specified by " "ovsdb_port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml790(para) msgid "" "tunnel_interface needs to be set to tell what IP " "address is used for tunneling (if tunneling isn't used, this value is " "ignored). The IP address is derived from the network interface name." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml751(para) msgid "" "Edit /etc/neutron/plugins/ryu/ryu.ini (for database " "configuration, see Install " "Networking Services in Installation Guide), " "and update the following in the [ovs] section for " "the ryu-neutron-agent: " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml799(para) msgid "" "You can use the same configuration file for many Compute nodes by using a " "network interface name with a different IP address:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml816(title) msgid "Configure neutron agents" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml817(para) msgid "" "Plug-ins typically have requirements for particular software that must be " "run on each node that handles data packets. This includes any node that runs" " nova-compute and nodes that run " "dedicated OpenStack Networking service agents such as, neutron-" "dhcp-agent, neutron-l3-agent, or " "neutron-lbaas-agent (see below for more information" " about individual service agents)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml828(para) msgid "" "A data-forwarding node typically has a network interface with an IP address " "on the “management network” and another interface on the “data network”." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml832(para) msgid "" "This section shows you how to install and configure a subset of the " "available plug-ins, which may include the installation of switching software" " (for example, Open vSwitch) as well as agents used to communicate with the " "neutron-server process running " "elsewhere in the data center." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml840(title) msgid "Configure data-forwarding nodes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml842(title) msgid "Node set up: OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml845(para) msgid "" "This section also applies to the ML2 plugin when Open vSwitch is used as a " "mechanism driver." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml843(para) msgid "" "If you use the Open vSwitch plug-in, you must install Open " "vSwitch and the neutron-plugin-openvswitch-agent " "agent on each data-forwarding node:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml851(para) msgid "" "Do not install the openvswitch-brcompat package as it breaks the security " "groups functionality." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml856(title) msgid "To set up each node for the OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml859(para) msgid "" "Install the OVS agent package (this pulls in the Open vSwitch software as a " "dependency):" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml865(para) msgid "" "On each node that runs the neutron-plugin-openvswitch-" "agent:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml869(para) msgid "" "Replicate the ovs_neutron_plugin.ini file created in " "the first step onto the node." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml875(para) msgid "" "If using tunneling, the node's ovs_neutron_plugin.ini " "file must also be updated with the node's IP address configured on the data " "network using the local_ip value." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml887(para) #: ./doc/admin-guide-cloud/ch_networking.xml991(para) msgid "Restart Open vSwitch to properly load the kernel module:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml892(para) #: ./doc/admin-guide-cloud/ch_networking.xml996(para) msgid "Restart the agent:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml896(para) msgid "" "All nodes that run neutron-plugin-openvswitch-agent" " must have an OVS br-int bridge. . To create the bridge, " "run:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml906(title) msgid "Node set up: Nicira NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml907(para) msgid "" "If you use the Nicira NVP plug-in, you must also install Open vSwitch on " "each data-forwarding node. However, you do not need to install an additional" " agent on each node." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml913(para) msgid "" "It is critical that you are running an Open vSwitch version that is " "compatible with the current version of the NVP Controller software. Do not " "use the Open vSwitch version that is installed by default on Ubuntu. " "Instead, use the Open Vswitch version that is provided on the Nicira support" " portal for your NVP Controller version." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml924(title) msgid "To set up each node for the Nicira NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml927(para) msgid "" "Ensure each data-forwarding node has an IP address on the \"management " "network,\" and an IP address on the \"data network\" that is used for " "tunneling data traffic. For full details on configuring your forwarding " "node, see the NVP Administrator Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml938(para) msgid "" "Use the NVP Administrator Guide to add the node as a " "\"Hypervisor\" using the NVP Manager GUI. Even if your forwarding node has " "no VMs and is only used for services agents like neutron-dhcp-" "agent or neutron-lbaas-agent, it " "should still be added to NVP as a Hypervisor." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml951(para) msgid "" "After following the NVP Administrator Guide, use the " "page for this Hypervisor in the NVP Manager GUI to confirm that the node is " "properly connected to the NVP Controller Cluster and that the NVP Controller" " Cluster can see the br-int integration bridge." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml964(title) msgid "Node set up: Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml965(para) msgid "" "If you use the Ryu plug-in, you must install both Open vSwitch and Ryu, in " "addition to the Ryu agent package:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml969(title) msgid "To set up each node for the Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml972(para) msgid "Install Ryu (there isn't currently an Ryu package for ubuntu):" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml977(para) msgid "Install the Ryu agent and Open vSwitch packages:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml982(para) msgid "" "Replicate the ovs_ryu_plugin.ini and " "neutron.conf files created in the above step on all " "nodes running neutron-plugin-ryu-agent." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1000(para) msgid "" "All nodes running neutron-plugin-ryu-agent also " "require that an OVS bridge named \"br-int\" exists on each node. To create " "the bridge, run:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1011(title) msgid "Configure DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1012(para) msgid "" "The DHCP service agent is compatible with all existing plug-ins and is " "required for all deployments where VMs should automatically receive IP " "addresses through DHCP." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1017(title) msgid "To install and configure the DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1020(para) msgid "" "You must configure the host running the neutron-dhcp-" "agent as a \"data forwarding node\" according to the " "requirements for your plug-in (see )." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1028(para) msgid "Install the DHCP agent:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1032(para) msgid "" "Finally, update any options in the " "/etc/neutron/dhcp_agent.ini file that depend on the " "plug-in in use (see the sub-sections)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1039(para) msgid "" "If you reboot a node that runs the DHCP agent, you must run the " " command before the neutron-" "dhcp-agent service starts." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1043(para) msgid "" "On Red Hat-based systems, the neutron-ovs-" "cleanup service runs the command automatically." " However, on Debian-based systems such as Ubuntu, you must manually run this" " command or write your own system script that runs on boot before the " " neutron-dhcp-agent service " "starts." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1053(title) msgid "DHCP agent setup: OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1054(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the OVS plug-in:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1064(title) msgid "DHCP agent setup: NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1065(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the NVP plug-in:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1076(title) msgid "DHCP agent setup: Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1077(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the Ryu plug-in:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1087(title) msgid "Configure L3 agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1088(para) msgid "" "The OpenStack Networking Service has a widely used API extension to allow " "administrators and tenants to create routers to interconnect L2 networks, " "and floating IPs to make ports on private networks publicly accessible." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1093(para) msgid "" "Many plug-ins rely on the L3 service agent to implement the L3 " "functionality. However, the following plug-ins already have built-in L3 " "capabilities:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1100(para) msgid "Nicira NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1103(para) msgid "" "Big Switch/Floodlight plug-in, which supports both the open source Floodlight " "controller and the proprietary Big Switch controller." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1110(para) msgid "" "Only the proprietary BigSwitch controller implements L3 functionality. When " "using Floodlight as your OpenFlow controller, L3 functionality is not " "available." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1119(para) msgid "PLUMgrid plug-in" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1123(para) msgid "" "Do not configure or use neutron-l3-agent if you use one" " of these plug-ins." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1128(title) msgid "To install the L3 agent for all other plug-ins" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1131(para) msgid "" "Install the neutron-l3-agent binary on the network " "node:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1137(para) msgid "" "To uplink the node that runs neutron-l3-agent to " "the external network, create a bridge named \"br-ex\" and attach the NIC for" " the external network to this bridge." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1143(para) msgid "" "For example, with Open vSwitch and NIC eth1 connected to the external " "network, run:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1148(para) msgid "" "Do not manually configure an IP address on the NIC connected to the external" " network for the node running neutron-l3-agent. " "Rather, you must have a range of IP addresses from the external network that" " can be used by OpenStack Networking for routers that uplink to the external" " network. This range must be large enough to have an IP address for each " "router in the deployment, as well as each floating IP." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1162(para) msgid "" "The neutron-l3-agent uses the Linux IP stack and " "iptables to perform L3 forwarding and NAT. In order to support multiple " "routers with potentially overlapping IP addresses, " "neutron-l3-agent defaults to using Linux network " "namespaces to provide isolated forwarding contexts. As a result, the IP " "addresses of routers will not be visible simply by running " "or on the node. Similarly, you will not be able to directly" " fixed IPs." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1179(para) msgid "" "To do either of these things, you must run the command within a particular " "router's network namespace. The namespace will have the name " "\"qrouter-<UUID of the router>. These example commands run in the " "router namespace with UUID 47af3868-0fa8-4447-85f6-1304de32153b:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1193(para) msgid "" "If you reboot a node that runs the L3 agent, you must run the " " command before the neutron-l3-agent service starts." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1196(para) msgid "" "On Red Hat-based systems, the neutron-ovs-" "cleanup service runs the command " "automatically. However, on Debian-based systems such as Ubuntu, you must " "manually run this command or write your own system script that runs on boot " "before the neutron-l3-agent " "service starts." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1206(title) msgid "Configure LBaaS agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1207(para) msgid "" "Starting with the Havana release, the Neutron Load-Balancer-as-a-Service " "(LBaaS) supports an agent scheduling mechanism, so several neutron-lbaas-agents can be run on several nodes (one per " "one)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1213(title) msgid "To install the LBaas agent and configure the node" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1216(para) msgid "Install the agent by running:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1222(para) msgid "" "An OVS-based plug-in (OVS, NVP, Ryu, NEC, BigSwitch/Floodlight), you must " "set:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1229(para) msgid "A plug-in that uses LinuxBridge, you must set:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1220(para) msgid "If you are using: " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1236(para) msgid "To use the reference implementation, you must also set:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1241(para) #: ./doc/admin-guide-cloud/ch_networking.xml1262(para) msgid "" "Set this parameter in the neutron.conf file on the host" " that runs neutron-server:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1251(title) msgid "Configure FWaaS agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1252(para) msgid "" "The Firewall-as-a-Service (FWaaS) agent is co-located with the Neutron L3 " "agent and does not require any additional packages apart from those required" " for the Neutron L3 agent. You can enable the FWaaS functionality by setting" " the configuration, as follows." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1259(title) msgid "To configure FWaaS service and agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1270(para) msgid "" "To use the reference implementation, you must also add a FWaaS driver " "configuration to the neutron.conf file on every node " "where the Neutron L3 agent is deployed:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1284(title) msgid "Networking architecture" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1285(para) msgid "" "Before you deploy Networking, it helps to understand the Networking " "components and how these components interact with each other and other " "OpenStack services." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1289(title) msgid "Overview" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1290(para) msgid "" "Networking is a standalone service, just like other OpenStack services such " "as Compute, Image service, Identity service, or the Dashboard. Like those " "services, a deployment of Networking often involves deploying several " "processes on a variety of hosts." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1296(para) msgid "" "The Networking server uses the neutron-" "server daemon to expose the Networking API and to pass user " "requests to the configured Networking plug-in for additional processing. " "Typically, the plug-in requires access to a database for persistent storage " "(also similar to other OpenStack services)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1303(para) msgid "" "If your deployment uses a controller host to run centralized Compute " "components, you can deploy the Networking server on that same host. However," " Networking is entirely standalone and can be deployed on its own host as " "well. Depending on your deployment, Networking can also include the " "following agents." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1310(caption) msgid "Networking agents" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1321(emphasis) msgid "plug-in agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1323(literal) msgid "neutron-*-agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1321(td) #: ./doc/admin-guide-cloud/ch_networking.xml1331(td) #: ./doc/admin-guide-cloud/ch_networking.xml1339(td) #: ./doc/admin-guide-cloud/ch_networking.xml1348(td) msgid " ()" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1324(td) msgid "" "Runs on each hypervisor to perform local vswitch configuration. The agent " "that runs depends on the plug-in that you use, and some plug-ins do not " "require an agent." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1331(emphasis) msgid "dhcp agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1333(literal) msgid "neutron-dhcp-agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1334(td) msgid "" "Provides DHCP services to tenant networks. Some plug-ins use this agent." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1339(emphasis) msgid "l3 agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1341(literal) msgid "neutron-l3-agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1342(td) msgid "" "Provides L3/NAT forwarding to provide external network access for VMs on " "tenant networks. Some plug-ins use this agent." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1348(emphasis) msgid "l3 metering agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1349(literal) msgid "neutron-metering-agent" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1350(td) msgid "Provides L3 traffic measurements for tenant networks." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1355(para) msgid "" "These agents interact with the main neutron process through RPC (for " "example, rabbitmq or qpid) or through the standard Networking API. Further:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1360(para) msgid "" "Networking relies on the Identity service (Keystone) for the authentication " "and authorization of all API requests." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1365(para) msgid "" "Compute (Nova) interacts with Networking through calls to its standard API." "  As part of creating a VM, the nova-" "compute service communicates with the Networking API to plug " "each virtual NIC on the VM into a particular network. " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1374(para) msgid "" "The Dashboard (Horizon) integrates with the Networking API, enabling " "administrators and tenant users to create and manage network services " "through a web-based GUI." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1382(title) msgid "Place services on physical hosts" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1383(para) msgid "" "Like other OpenStack services, Networking enables cloud administrators to " "run one or more services on one or more physical devices. At one extreme, " "the cloud administrator can run all service daemons on a single physical " "host for evaluation purposes. Alternatively the cloud administrator can run " "each service on its own physical host and, in some cases, can replicate " "services across multiple hosts for redundancy. For more information, see the" " OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1396(para) msgid "" "A standard architecture includes a cloud controller host, a network gateway " "host, and a set of hypervisors that run virtual machines. The cloud " "controller and network gateway can be on the same host. However, if you " "expect VMs to send significant traffic to or from the Internet, a dedicated " "network gateway host helps avoid CPU contention between the neutron-l3-agent and other OpenStack services" " that forward packets." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1407(title) msgid "Network connectivity for physical hosts" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1415(para) msgid "" "A standard Networking set up has one or more of the following distinct " "physical data center networks." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1421(caption) msgid "General distinct physical data center networks" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1433(emphasis) msgid "Management network" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1435(td) msgid "" "Provides internal communication between OpenStack Components. IP addresses " "on this network should be reachable only within the data center." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1442(emphasis) msgid "Data network" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1444(td) msgid "" "Provides VM data communication within the cloud deployment. The IP " "addressing requirements of this network depend on the Networking plug-in " "that is used." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1451(emphasis) msgid "External network" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1453(td) msgid "" "Provides VMs with Internet access in some deployment scenarios. Anyone on " "the Internet can reach IP addresses on this network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1459(emphasis) msgid "API network" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1461(td) msgid "" "Exposes all OpenStack APIs, including the Networking API, to tenants. IP " "addresses on this network should be reachable by anyone on the Internet. The" " API network might be the same as the external network, because it is " "possible to create an external-network subnet that is allocated IP ranges " "that use less than the full range of IP addresses in an IP block." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1483(title) msgid "Use Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1484(para) msgid "" "You can start and stop OpenStack Networking services using the " "service command. For example:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1491(para) msgid "" "Log files are in the /var/log/neutron directory." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1494(para) msgid "" "Configuration files are in the /etc/neutron " "directory." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1497(para) msgid "You can use Networking in the following ways:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1500(para) msgid "" "Expose the Networking API to cloud tenants, which enables them to build rich" " network topologies." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1505(para) msgid "" "Have the cloud administrator, or an automated administrative tool, create " "network connectivity on behalf of tenants." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1510(para) msgid "" "A tenant or cloud administrator can both perform the following procedures." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1513(title) msgid "Core Networking API features" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1514(para) msgid "" "After you install and run Networking, tenants and administrators can perform" " create-read-update-delete (CRUD) API networking operations by using the " "Networking API directly or the neutron command-line interface (CLI). The " "neutron CLI is a wrapper around the Networking API. Every Networking API " "call has a corresponding neutron command." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1521(para) msgid "" "The CLI includes a number of options. For details, refer to the OpenStack " "End User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1527(title) #: ./doc/admin-guide-cloud/ch_networking.xml1535(caption) msgid "API abstractions" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1528(para) msgid "" "The Networking v2.0 API provides control over both L2 network topologies and" " the IP addresses used on those networks (IP Address Management or IPAM). " "There is also an extension to cover basic L3 forwarding and NAT, which " "provides capabilities similar to ." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1540(th) msgid "Abstraction" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1548(td) msgid "" "An isolated L2 network segment (similar to a VLAN) that forms the basis for " "describing the L2 network topology available in an Networking deployment." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1557(td) msgid "" "Associates a block of IP addresses and other network configuration, such as," " default gateways or dns-servers, with an Networking network. Each subnet " "represents an IPv4 or IPv6 address block and, if needed, each Networking " "network can have multiple subnets." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1569(td) msgid "" "Represents an attachment port to a L2 Networking network. When a port is " "created on the network, by default it is allocated an available fixed IP " "address out of one of the designated subnets for each IP version (if one " "exists). When the port is destroyed, its allocated addresses return to the " "pool of available IPs on the subnet. Users of the Networking API can either " "choose a specific IP address from the block, or let Networking choose the " "first available IP address." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1588(para) msgid "" "This table summarizes the attributes available for each networking " "abstraction. For information about API abstraction and operations, see the " "Networking API v2.0 Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1595(caption) msgid "Network attributes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1602(th) #: ./doc/admin-guide-cloud/ch_networking.xml1675(th) #: ./doc/admin-guide-cloud/ch_networking.xml1779(th) msgid "Attribute" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1603(th) #: ./doc/admin-guide-cloud/ch_networking.xml1676(th) #: ./doc/admin-guide-cloud/ch_networking.xml1780(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml169(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml372(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml434(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml757(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml804(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1072(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1207(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1285(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1522(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2009(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2052(th) msgid "Type" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1604(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1770(th) msgid "Default value" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1610(option) #: ./doc/admin-guide-cloud/ch_networking.xml1787(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml392(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1320(td) msgid "admin_state_up" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1611(td) #: ./doc/admin-guide-cloud/ch_networking.xml1633(td) #: ./doc/admin-guide-cloud/ch_networking.xml1712(td) #: ./doc/admin-guide-cloud/ch_networking.xml1788(td) msgid "bool" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1612(td) #: ./doc/admin-guide-cloud/ch_networking.xml1713(td) #: ./doc/admin-guide-cloud/ch_networking.xml2425(td) #: ./doc/admin-guide-cloud/ch_networking.xml2426(td) #: ./doc/admin-guide-cloud/ch_networking.xml2430(td) #: ./doc/admin-guide-cloud/ch_networking.xml2431(td) #: ./doc/admin-guide-cloud/ch_networking.xml2435(td) #: ./doc/admin-guide-cloud/ch_networking.xml2436(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml394(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1189(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1322(td) msgid "True" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1613(td) msgid "" "Administrative state of the network. If specified as False (down), this " "network does not forward packets." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1619(option) #: ./doc/admin-guide-cloud/ch_networking.xml1734(option) #: ./doc/admin-guide-cloud/ch_networking.xml1819(option) #: ./doc/admin-guide-cloud/ch_networking.xml1902(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml379(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml441(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml764(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml811(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1079(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1214(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1292(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1529(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2016(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2059(td) msgid "id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1620(td) #: ./doc/admin-guide-cloud/ch_networking.xml1657(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml380(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml408(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml442(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml456(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml464(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml473(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml490(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml765(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml787(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml812(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml871(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1080(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1086(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1215(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1221(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1293(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1299(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1530(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1578(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2017(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2037(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2060(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2073(td) msgid "uuid-str" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1621(td) #: ./doc/admin-guide-cloud/ch_networking.xml1736(td) #: ./doc/admin-guide-cloud/ch_networking.xml1821(td) #: ./doc/admin-guide-cloud/ch_networking.xml1827(td) msgid "Generated" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1622(td) msgid "UUID for this network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1625(option) #: ./doc/admin-guide-cloud/ch_networking.xml1746(option) #: ./doc/admin-guide-cloud/ch_networking.xml1831(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml385(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml770(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1093(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1228(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1306(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1544(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2022(td) msgid "name" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1626(td) #: ./doc/admin-guide-cloud/ch_networking.xml1643(td) #: ./doc/admin-guide-cloud/ch_networking.xml1698(td) #: ./doc/admin-guide-cloud/ch_networking.xml1719(td) #: ./doc/admin-guide-cloud/ch_networking.xml1747(td) #: ./doc/admin-guide-cloud/ch_networking.xml1796(td) #: ./doc/admin-guide-cloud/ch_networking.xml1804(td) #: ./doc/admin-guide-cloud/ch_networking.xml1826(td) #: ./doc/admin-guide-cloud/ch_networking.xml1832(td) #: ./doc/admin-guide-cloud/ch_networking.xml1846(td) msgid "string" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1627(td) #: ./doc/admin-guide-cloud/ch_networking.xml1748(td) #: ./doc/admin-guide-cloud/ch_networking.xml1797(td) #: ./doc/admin-guide-cloud/ch_networking.xml1805(td) #: ./doc/admin-guide-cloud/ch_networking.xml1833(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml387(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml772(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml781(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml833(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml840(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml846(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml852(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml859(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1095(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1102(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1132(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1144(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1150(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1158(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1166(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1172(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1230(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1237(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1254(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1308(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1315(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1359(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1546(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2024(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2031(td) msgid "None" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1628(td) msgid "Human-readable name for this network; is not required to be unique." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1632(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1121(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1243(td) msgid "shared" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1634(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1123(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1245(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1263(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1840(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2083(td) msgid "False" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1635(td) msgid "" "Specifies whether this network resource can be accessed by any tenant. The " "default policy setting restricts usage of this attribute to administrative " "users only." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1642(option) #: ./doc/admin-guide-cloud/ch_networking.xml1845(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml400(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1328(td) msgid "status" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1644(td) #: ./doc/admin-guide-cloud/ch_networking.xml1658(td) #: ./doc/admin-guide-cloud/ch_networking.xml1699(td) #: ./doc/admin-guide-cloud/ch_networking.xml1755(td) #: ./doc/admin-guide-cloud/ch_networking.xml1762(td) #: ./doc/admin-guide-cloud/ch_networking.xml1840(td) #: ./doc/admin-guide-cloud/ch_networking.xml1847(td) #: ./doc/admin-guide-cloud/ch_networking.xml1854(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml178(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml214(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml402(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml409(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml457(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml465(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml491(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml788(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml826(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml872(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1087(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1222(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1300(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1330(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1559(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1579(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2038(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2074(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2093(td) msgid "N/A" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1645(td) msgid "Indicates whether this network is currently operational." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1649(option) msgid "subnets" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1650(td) msgid "list(uuid-str)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1651(td) #: ./doc/admin-guide-cloud/ch_networking.xml1706(td) #: ./doc/admin-guide-cloud/ch_networking.xml1728(td) msgid "Empty list" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1652(td) msgid "List of subnets associated with this network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1656(option) #: ./doc/admin-guide-cloud/ch_networking.xml1760(option) #: ./doc/admin-guide-cloud/ch_networking.xml1852(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml407(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml489(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml786(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml870(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1085(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1220(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1298(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1577(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2036(td) msgid "tenant_id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1659(td) msgid "" "Tenant owner of the network. Only administrative users can set the tenant " "identifier; this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1668(caption) msgid "Subnet attributes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1677(th) #: ./doc/admin-guide-cloud/ch_networking.xml1781(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml170(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml373(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml435(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml758(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml805(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1073(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1208(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1286(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1523(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2010(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2053(th) msgid "Default Value" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1683(option) msgid "allocation_pools" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1684(td) #: ./doc/admin-guide-cloud/ch_networking.xml1727(td) #: ./doc/admin-guide-cloud/ch_networking.xml1811(td) msgid "list(dict)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1686(option) #: ./doc/admin-guide-cloud/ch_networking.xml1697(option) #: ./doc/admin-guide-cloud/ch_networking.xml1720(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2159(replaceable) msgid "cidr" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1687(option) #: ./doc/admin-guide-cloud/ch_networking.xml1718(option) msgid "gateway_ip" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1685(td) msgid "" "Every address in , excluding (if " "configured)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1689(para) msgid "" "List of cidr sub-ranges that are available for dynamic allocation to ports. " "Syntax:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1700(td) msgid "IP range for this subnet, based on the IP version." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1704(option) msgid "dns_nameservers" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1705(td) msgid "list(string)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1707(td) msgid "List of DNS name servers used by hosts in this subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1711(option) msgid "enable_dhcp" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1714(td) msgid "Specifies whether DHCP is enabled for this subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1720(td) msgid "First address in " msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1722(td) msgid "Default gateway used by devices in this subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1726(option) msgid "host_routes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1729(td) msgid "" "Routes that should be used by devices with IPs from this subnet (not " "including local subnet route)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1735(td) #: ./doc/admin-guide-cloud/ch_networking.xml1754(td) #: ./doc/admin-guide-cloud/ch_networking.xml1761(td) #: ./doc/admin-guide-cloud/ch_networking.xml1820(td) #: ./doc/admin-guide-cloud/ch_networking.xml1839(td) #: ./doc/admin-guide-cloud/ch_networking.xml1853(td) msgid "uuid-string" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1737(td) msgid "UUID representing this subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1740(option) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1136(td) msgid "ip_version" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1741(td) msgid "int" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1742(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1138(td) msgid "4" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1743(td) msgid "IP version." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1749(td) msgid "Human-readable name for this subnet (might not be unique)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1753(option) #: ./doc/admin-guide-cloud/ch_networking.xml1838(option) msgid "network_id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1756(td) msgid "Network with which this subnet is associated." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1763(td) msgid "" "Owner of network. Only administrative users can set the tenant identifier; " "this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1772(caption) msgid "Port attributes" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1789(td) msgid "true" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1790(td) msgid "" "Administrative state of this port. If specified as False (down), this port " "does not forward packets." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1795(option) msgid "device_id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1798(td) msgid "" "Identifies the device using this port (for example, a virtual server's ID)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1803(option) #: ./doc/admin-guide-cloud/ch_networking.xml1904(option) msgid "device_owner" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1806(td) msgid "Identifies the entity using this port (for example, a dhcp agent)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1810(option) #: ./doc/admin-guide-cloud/ch_networking.xml1903(option) msgid "fixed_ips" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1812(td) msgid "Automatically allocated from pool" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1813(td) msgid "" "Specifies IP addresses for this port; associates the port with the subnets " "containing the listed IP addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1822(td) msgid "UUID for this port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1825(option) #: ./doc/admin-guide-cloud/ch_networking.xml2048(option) msgid "mac_address" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1828(td) msgid "Mac address to use on this port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1834(td) msgid "Human-readable name for this port (might not be unique)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1841(td) msgid "Network with which this port is associated." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1848(td) msgid "Indicates whether the network is currently operational." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1855(td) msgid "" "Owner of the network. Only administrative users can set the tenant " "identifier; this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1865(title) #: ./doc/admin-guide-cloud/ch_networking.xml1876(caption) msgid "Basic Networking operations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1866(para) msgid "" "To learn about advanced capabilities that are available through the neutron " "command-line interface (CLI), read the networking section in the OpenStack " "End User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1872(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "Networking operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1881(th) #: ./doc/admin-guide-cloud/ch_networking.xml1962(th) #: ./doc/admin-guide-cloud/ch_networking.xml2095(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml254(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml514(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml891(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml969(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1597(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2114(th) msgid "Operation" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1882(th) #: ./doc/admin-guide-cloud/ch_networking.xml1963(th) #: ./doc/admin-guide-cloud/ch_networking.xml2022(th) #: ./doc/admin-guide-cloud/ch_networking.xml2096(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml255(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml515(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml892(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml970(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1598(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2115(th) msgid "Command" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1887(td) msgid "Creates a network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1891(td) msgid "Creates a subnet that is associated with net1." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1896(td) msgid "Lists ports for a specified tenant." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1901(td) msgid "" "Lists ports for a specified tenant and displays the , " ", and columns." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1910(td) msgid "Shows information for a specified port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1912(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2055(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2108(option) #: ./doc/admin-guide-cloud/ch_networking.xml2112(replaceable) msgid "port-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1917(para) msgid "" "The field describes who owns the port. A port " "whose begins with:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1923(para) msgid "network is created by Networking." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1927(para) msgid "compute is created by Compute." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1934(title) msgid "Administrative operations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1935(para) msgid "" "The cloud administrator can run any command on behalf of " "tenants by specifying an Identity in the command," " as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1940(replaceable) msgid "tenant-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1940(replaceable) msgid "network-name" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1941(para) #: ./doc/admin-guide-cloud/ch_compute.xml1140(para) #: ./doc/admin-guide-cloud/ch_compute.xml1164(para) #: ./doc/admin-guide-cloud/ch_compute.xml1208(para) #: ./doc/admin-guide-cloud/ch_compute.xml1236(para) #: ./doc/admin-guide-cloud/ch_compute.xml1242(para) #: ./doc/admin-guide-cloud/ch_compute.xml1451(para) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml47(para) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml61(para) msgid "For example:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1944(para) msgid "" "To view all tenant IDs in Identity, run the following command as an Identity" " Service admin user:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1952(title) #: ./doc/admin-guide-cloud/ch_networking.xml1957(caption) msgid "Advanced Networking operations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1953(para) msgid "" "This table shows example neutron commands that enable you to complete " "advanced Networking operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1968(td) msgid "Creates a network that all tenants can use." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1973(td) msgid "Creates a subnet with a specified gateway IP address." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1978(td) msgid "Creates a subnet that has no gateway IP address." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1983(td) msgid "Creates a subnet with DHCP disabled." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1988(td) msgid "Creates a subnet with a specified set of host routes." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1993(td) msgid "Creates a subnet with a specified set of dns name servers." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml1998(td) msgid "Displays all ports and IPs allocated on a network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2000(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2033(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2110(option) #: ./doc/admin-guide-cloud/ch_networking.xml2111(replaceable) msgid "net-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2008(title) msgid "Use Compute with Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2010(title) #: ./doc/admin-guide-cloud/ch_networking.xml2015(caption) msgid "Basic Compute and Networking operations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2011(para) msgid "" "This table shows example neutron and nova commands that enable you to " "complete basic Compute and Networking operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2021(th) msgid "Action" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2027(td) msgid "Checks available networks." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2031(td) msgid "Boots a VM with a single NIC on a selected Networking network." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2033(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2102(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2112(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2121(replaceable) msgid "img" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2033(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2102(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2112(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2121(replaceable) msgid "flavor" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2033(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2102(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2112(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2121(replaceable) msgid "vm-name" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2037(para) msgid "" "Searches for ports with a that matches the " "Compute instance UUID. See ." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2044(replaceable) #: ./doc/admin-guide-cloud/ch_networking.xml2050(replaceable) msgid "vm-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2047(td) msgid "Searches for ports, but shows only the for the port." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2053(td) msgid "Temporarily disables a port from sending traffic." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2060(para) msgid "The can also be a logical router ID." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2064(title) msgid "Create and delete VMs" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2067(para) msgid "" "When you boot a Compute VM, a port on the network that corresponds to the VM" " NIC is automatically created and associated with the default security " "group. You can configure security " "group rules to enable users to access the VM." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2077(para) msgid "" "When you delete a Compute VM, the underlying Networking port is " "automatically deleted." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2085(title) #: ./doc/admin-guide-cloud/ch_networking.xml2090(caption) msgid "Advanced VM creation operations" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2086(para) msgid "" "This table shows example nova and neutron commands that enable you to " "complete advanced VM creation operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2101(td) msgid "Boots a VM with multiple NICs." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2102(replaceable) msgid "net1-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2102(replaceable) msgid "net2-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2105(td) msgid "" "Boots a VM with a specific IP address. First, create an Networking port with" " a specific IP address. Then, boot a VM specifying a rather" " than a ." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2111(replaceable) msgid "subnet-id" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2111(replaceable) msgid "IP" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2119(parameter) msgid "--nic" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2116(td) msgid "" "Boots a VM that connects to all networks that are accessible to the tenant " "who submits the request (without the option)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2127(para) msgid "" "Networking does not currently support the v4-fixed-ip" " parameter of the --nic option for the " " command." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2134(title) msgid "Enable ping and SSH on VMs (security groups)" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2136(para) msgid "" "You must configure security group rules depending on the type of plug-in you" " are using. If you are using a plug-in that:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2141(para) msgid "" "Implements Networking security groups, you can configure security group " "rules directly by using . This example enables " " and access to your VMs." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2155(para) msgid "" "Does not implement Networking security groups, you can configure security " "group rules by using the or command. These" " commands enable and " "access to your VMs." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2169(para) msgid "" "If your plug-in implements Networking security groups, you can also leverage" " Compute security groups by setting security_group_api = " "neutron in the nova.conf file. After you set " "this option, all Compute security group commands are proxied to Networking." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2184(title) msgid "Authentication and authorization" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2185(para) msgid "" "Networking uses the Identity Service as the default authentication service. " "When the Identity Service is enabled, users who submit requests to the " "Networking service must provide an authentication token in X-Auth-" "Token request header. Users obtain this token by authenticating " "with the Identity Service endpoint. For more information about " "authentication with the Identity Service, see OpenStack Identity Service API v2.0 " "Reference. When the Identity Service is enabled, it is " "not mandatory to specify the tenant ID for resources in create requests " "because the tenant ID is derived from the authentication token." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2200(para) msgid "" "The default authorization settings only allow administrative users to create" " resources on behalf of a different tenant. Networking uses information " "received from Identity to authorize user requests. Networking handles two " "kind of authorization policies:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2209(para) msgid "" "Operation-based policies specify access " "criteria for specific operations, possibly with fine-grained control over " "specific attributes;" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2215(para) msgid "" "Resource-based policies specify whether " "access to specific resource is granted or not according to the permissions " "configured for the resource (currently available only for the network " "resource). The actual authorization policies enforced in Networking might " "vary from deployment to deployment." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2225(para) msgid "" "The policy engine reads entries from the policy.json " "file. The actual location of this file might vary from distribution to " "distribution. Entries can be updated while the system is running, and no " "service restart is required. Every time the policy file is updated, the " "policies are automatically reloaded. Currently the only way of updating such" " policies is to edit the policy file. In this section, the terms policy and rule refer to objects that are specified in the " "same way in the policy file. There are no syntax differences between a rule " "and a policy. A policy is something that is matched directly from the " "Networking policy engine. A rule is an element in a policy, which is " "evaluated. For instance in create_subnet: " "[[\"admin_or_network_owner\"]], create_subnet is a policy, and admin_or_network_owner is a rule." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2245(para) msgid "" "Policies are triggered by the Networking policy engine whenever one of them " "matches an Networking API operation or a specific attribute being used in a " "given operation. For instance the create_subnet policy is " "triggered every time a POST /v2.0/subnets request is sent to " "the Networking server; on the other hand create_network:shared " "is triggered every time the shared " "attribute is explicitly specified (and set to a value different from its " "default) in a POST /v2.0/networks request. It is also worth " "mentioning that policies can be also related to specific API extensions; for" " instance extension:provider_network:set is be triggered if the" " attributes defined by the Provider Network extensions are specified in an " "API request." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2261(para) msgid "" "An authorization policy can be composed by one or more rules. If more rules " "are specified, evaluation policy succeeds if any of the rules evaluates " "successfully; if an API operation matches multiple policies, then all the " "policies must evaluate successfully. Also, authorization rules are " "recursive. Once a rule is matched, the rule(s) can be resolved to another " "rule, until a terminal rule is reached." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2269(para) msgid "" "The Networking policy engine currently defines the following kinds of " "terminal rules:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2273(para) msgid "" "Role-based rules evaluate successfully if" " the user who submits the request has the specified role. For instance " "\"role:admin\" is successful if the user who submits the " "request is an administrator." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2281(para) msgid "" "Field-based rules evaluate successfully " "if a field of the resource specified in the current request matches a " "specific value. For instance \"field:networks:shared=True\" is " "successful if the shared attribute of the " "network resource is set to true." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2291(para) msgid "" "Generic rules compare an attribute in the" " resource with an attribute extracted from the user's security credentials " "and evaluates successfully if the comparison is successful. For instance " "\"tenant_id:%(tenant_id)s\" is successful if the tenant " "identifier in the resource is equal to the tenant identifier of the user " "submitting the request." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2302(para) msgid "" "This extract is from the default policy.json file:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2326(para) msgid "" "[1] is a rule which evaluates successfully if the current user is an " "administrator or the owner of the resource specified in the request (tenant " "identifier is equal)." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2330(para) msgid "" "[2] is the default policy which is always evaluated if an API operation does" " not match any of the policies in policy.json." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2333(para) msgid "" "[3] This policy evaluates successfully if either admin_or_owner, or shared evaluates successfully." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2337(para) msgid "" "[4] This policy restricts the ability to manipulate the shared attribute for a network to administrators " "only." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2340(para) msgid "" "[5] This policy restricts the ability to manipulate the mac_address attribute for a port only to " "administrators and the owner of the network where the port is attached." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2344(para) msgid "" "In some cases, some operations are restricted to administrators only. This " "example shows you how to modify a policy file to permit tenants to define " "networks and see their resources and permit administrative users to perform " "all other operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2369(title) msgid "High availability" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2370(para) msgid "" "The use of high-availability in a Networking deployment helps prevent " "individual node failures. In general, you can run neutron-server and neutron-dhcp-agent in an active-active " "fashion. You can run the neutron-l3-agent service as active/passive, " "which avoids IP conflicts with respect to gateway IP addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2380(title) msgid "Networking high availability with Pacemaker" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2381(para) msgid "" "You can run some Networking services into a cluster (Active / Passive or " "Active / Active for Networking Server only) with Pacemaker." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2384(para) msgid "Download the latest resources agents:" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2387(para) msgid "" "neutron-server: https://github.com/madkiss" "/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2392(para) msgid "" "neutron-dhcp-agent : https://github.com/madkiss/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2397(para) msgid "" "neutron-l3-agent : https://github.com/madkiss/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2403(para) msgid "" "For information about how to build a cluster, see Pacemaker " "documentation." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2411(title) msgid "Plug-in pagination and sorting support" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2413(caption) msgid "Plug-ins that support native pagination and sorting" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2418(th) msgid "Support Native Pagination" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml2419(th) msgid "Support Native Sorting" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml8(title) msgid "OpenStack Cloud Administrator Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml10(titleabbrev) msgid "Cloud Administrator Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml18(orgname) #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml23(holder) msgid "OpenStack Foundation" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml22(year) msgid "2013" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml25(releaseinfo) msgid "havana" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml26(productname) msgid "OpenStack" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml30(remark) msgid "Copyright details are filled in by the template." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml36(remark) msgid "Remaining licensing details are filled in by the template." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml41(para) msgid "" "OpenStack offers open source software for cloud administrators to manage and" " troubleshoot an OpenStack cloud." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml48(date) msgid "2013-11-12" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml52(para) msgid "" "Adds options for tuning operational status synchronization in the NVP plug-" "in." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml60(date) msgid "2013-10-17" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml64(para) msgid "Havana release." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml70(date) msgid "2013-09-05" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml74(para) msgid "Moves object storage monitoring section to this guide." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml78(para) msgid "Removes redundant object storage information." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml85(date) msgid "2013-09-03" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml89(para) msgid "" "Moved all but configuration and installation information from these " "component guides to create the new guide:" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml95(para) msgid "OpenStack Compute Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml99(para) msgid "OpenStack Networking Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml103(para) msgid "OpenStack Object Storage Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml107(para) msgid "OpenStack Block Storage Service Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml4(title) msgid "Cannot find suitable emulator for x86_64" msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml7(para) msgid "" "When you attempt to create a VM, the error shows the VM is in the " "BUILD then ERROR state." msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml12(para) msgid "" "On the KVM host run, cat /proc/cpuinfo. Make sure the " "vme and svm flags are set." msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml14(para) msgid "" "Follow the instructions in the enabling KVM " "section of the Configuration Reference to " "enable hardware virtualization support in your BIOS." msgstr "" #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml9(para) msgid "" "These errors appear in the cinder-volume.log file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml44(para) msgid "" "You need to update your copy of the hp_3par_fc.py " "driver which contains the synchronization code." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml4(title) msgid "Non-existent VLUN" msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml7(para) msgid "" "This error occurs if the 3PAR host exists with the correct host name that " "the OpenStack Block Storage drivers expect but the volume was created in a " "different Domain." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml13(para) msgid "" "The hp3par_domain configuration items either need to be updated" " to use the domain the 3PAR host currently resides in, or the 3PAR host " "needs to be moved to the domain that the volume was created in." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml4(title) msgid "Failed to attach volume, systool is not installed" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml7(para) msgid "" "This warning and error occurs if you do not have the required " "sysfsutils package installed on the Compute node." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml16(para) msgid "" "Run the following command on the Compute node to install the " "sysfsutils packages." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml6(title) msgid "Advanced features through API extensions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml7(para) msgid "" "Several plug-ins implement API extensions that provide capabilities similar " "to what was available in nova-network: These plug-ins are likely to be of " "interest to the OpenStack community." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml12(title) msgid "Provider networks" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml13(para) msgid "" "Provider networks enable cloud administrators to create Networking networks " "that map directly to the physical networks in the data center. This is " "commonly used to give tenants direct access to a public network that can be " "used to reach the Internet. It might also be used to integrate with VLANs in" " the network that already have a defined meaning (for example, enable a VM " "from the \"marketing\" department to be placed on the same VLAN as bare-" "metal marketing hosts in the same data center)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml22(para) msgid "" "The provider extension allows administrators to explicitly manage the " "relationship between Networking virtual networks and underlying physical " "mechanisms such as VLANs and tunnels. When this extension is supported, " "Networking client users with administrative privileges see additional " "provider attributes on all virtual networks, and are able to specify these " "attributes in order to create provider networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml30(para) msgid "" "The provider extension is supported by the Open vSwitch and Linux Bridge " "plug-ins. Configuration of these plug-ins requires familiarity with this " "extension." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml34(title) msgid "Terminology" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml35(para) msgid "" "A number of terms are used in the provider extension and in the " "configuration of plug-ins supporting the provider extension:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml39(caption) msgid "Provider extension terminology" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml44(th) msgid "Term" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml50(emphasis) msgid "virtual network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml52(td) msgid "" "An Networking L2 network (identified by a UUID and optional name) whose " "ports can be attached as vNICs to Compute instances and to various " "Networking agents. The Open vSwitch and Linux Bridge plug-ins each support " "several different mechanisms to realize virtual networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml61(emphasis) msgid "physical network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml63(td) msgid "" "A network connecting virtualization hosts (such as, Compute nodes) with each" " other and with other network resources. Each physical network might support" " multiple virtual networks. The provider extension and the plug-in " "configurations identify physical networks using simple string names." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml73(emphasis) msgid "tenant network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml75(td) msgid "" "A virtual network that a tenant or an administrator creates. The physical " "details of the network are not exposed to the tenant." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml81(emphasis) msgid "provider network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml83(td) msgid "" "A virtual network administratively created to map to a specific network in " "the data center, typically to enable direct access to non-OpenStack " "resources on that network. Tenants can be given access to provider networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml91(emphasis) msgid "VLAN network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml93(td) msgid "" "A virtual network implemented as packets on a specific physical network " "containing IEEE 802.1Q headers with a specific VID field value. VLAN " "networks sharing the same physical network are isolated from each other at " "L2, and can even have overlapping IP address spaces. Each distinct physical " "network supporting VLAN networks is treated as a separate VLAN trunk, with a" " distinct space of VID values. Valid VID values are 1 through 4094." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml107(emphasis) msgid "flat network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml109(td) msgid "" "A virtual network implemented as packets on a specific physical network " "containing no IEEE 802.1Q header. Each physical network can realize at most " "one flat network." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml116(emphasis) msgid "local network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml118(td) msgid "" "A virtual network that allows communication within each host, but not across" " a network. Local networks are intended mainly for single-node test " "scenarios, but can have other uses." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml125(emphasis) msgid "GRE network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml130(emphasis) msgid "tunnels" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml127(td) msgid "" "A virtual network implemented as network packets encapsulated using GRE. GRE" " networks are also referred to as . GRE tunnel packets are " "routed by the IP routing table for the host, so GRE networks are not " "associated by Networking with specific physical networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml137(emphasis) msgid "Virtual Extensible LAN (VXLAN) network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml139(td) msgid "" "VXLAN is a proposed encapsulation protocol for running an overlay network on" " existing Layer 3 infrastructure. An overlay network is a virtual network " "that is built on top of existing network Layer 2 and Layer 3 technologies to" " support elastic compute architectures." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml149(para) msgid "" "The ML2, Open vSwitch, and Linux Bridge plug-ins support VLAN networks, flat" " networks, and local networks. Only the ML2 and Open vSwitch plug-ins " "currently support GRE and VXLAN networks, provided that the required " "features exist in the hosts Linux kernel, Open vSwitch, and iproute2 " "packages." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml157(title) msgid "Provider attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml158(para) msgid "" "The provider extension extends the Networking network resource with these " "attributes:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml161(caption) msgid "Provider network attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml168(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml371(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml433(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml756(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml803(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1071(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1206(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1284(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1521(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1900(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2008(th) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2051(th) msgid "Attribute name" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml176(td) msgid "provider:network_type" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml177(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml197(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml386(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml401(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml771(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml780(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml825(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml832(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml851(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1094(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1101(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1131(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1181(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1229(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1236(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1307(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1314(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1329(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1545(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1565(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2023(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2030(td) msgid "String" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml181(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml201(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml221(literal) msgid "flat" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml182(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml190(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml202(literal) msgid "vlan" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml183(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml192(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml207(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml222(literal) msgid "local" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml179(td) msgid "" "The physical mechanism by which the virtual network is implemented. Possible" " values are , , , and " ", corresponding to flat networks, VLAN networks, local " "networks, and GRE networks as defined above. All types of provider networks " "can be created by administrators, while tenant networks can be implemented " "as , , or network types " "depending on plug-in configuration." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml196(td) msgid "provider:physical_network" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml198(td) msgid "" "If a physical network named \"default\" has been configured, and if " "provider:network_type is or , then " "\"default\" is used." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml204(td) msgid "" "The name of the physical network over which the virtual network is " "implemented for flat and VLAN networks. Not applicable to the " " or network types." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml212(td) msgid "provider:segmentation_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml213(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml839(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml845(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1171(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1551(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1558(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1572(td) msgid "Integer" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml215(td) msgid "" "For VLAN networks, the VLAN VID on the physical network that realizes the " "virtual network. Valid VLAN VIDs are 1 through 4094. For GRE networks, the " "tunnel ID. Valid tunnel IDs are any 32 bit unsigned integer. Not applicable " "to the or network types." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml227(para) msgid "" "To view or set provider extended attributes, a client must be authorized for" " the extension:provider_network:view and " "extension:provider_network:set actions in the Networking policy" " configuration. The default Networking configuration authorizes both actions" " for users with the admin role. An authorized client or an administrative " "user can view and set the provider extended attributes through Networking " "API calls. See for details on " "policy configuration." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml240(title) msgid "Provider extension API operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml241(para) msgid "" "To use the provider extension with the default policy settings, you must " "have the administrative role." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml244(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "provider extension API operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml248(caption) msgid "Basic provider extension API operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml261(para) msgid "Shows all attributes of a network, including provider attributes." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml270(para) msgid "Creates a local provider network." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml278(para) msgid "" "Creates a flat provider network. When you create flat networks, <phys-" "net-name> must be known to the plug-in. See the OpenStack " "Configuration Reference for details." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml293(para) msgid "" "Creates a VLAN provider network. When you create VLAN networks, <phys-" "net-name> must be known to the plug-in. See the OpenStack " "Configuration Reference for details on configuring " "network_vlan_ranges to identify all physical networks. When you create VLAN " "networks, <VID> can fall either within or outside any configured " "ranges of VLAN IDs from which tenant networks are allocated." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml314(para) msgid "" "Creates a GRE provider network. When you create GRE networks, <tunnel-" "id> can be either inside or outside any tunnel ID ranges from which " "tenant networks are allocated." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml320(para) msgid "" "After you create provider networks, you can allocate subnets, which you can " "use in the same way as other virtual networks, subject to authorization " "policy based on the specified <tenant_id>." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml336(title) msgid "L3 routing and NAT" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml337(para) msgid "" "The Networking API provides abstract L2 network segments that are decoupled " "from the technology used to implement the L2 network. Networking includes an" " API extension that provides abstract L3 routers that API users can " "dynamically provision and configure. These Networking routers can connect " "multiple L2 Networking networks, and can also provide a gateway that " "connects one or more private L2 networks to a shared external network. For " "example, a public network for access to the Internet. See the " "OpenStack Configuration Reference for details on " "common models of deploying Networking L3 routers." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml350(para) msgid "" "The L3 router provides basic NAT capabilities on gateway ports that uplink " "the router to external networks. This router SNATs all traffic by default, " "and supports floating IPs, which creates a static one-to-one mapping from a " "public IP on the external network to a private IP on one of the other " "subnets attached to the router. This allows a tenant to selectively expose " "VMs on private networks to other hosts on the external network (and often to" " all hosts on the Internet). You can allocate and map floating IPs from one " "port to another, as needed." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml362(title) msgid "L3 API abstractions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml364(caption) msgid "Router" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml381(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml443(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml766(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml813(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1081(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1216(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1294(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1531(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2018(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2061(td) msgid "generated" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml382(td) msgid "UUID for the router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml388(td) msgid "Human-readable name for the router. Might not be unique." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml393(td) msgid "Bool" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml395(td) msgid "" "The administrative state of router. If false (down), the router does not " "forward packets." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml403(para) msgid "Indicates whether router is currently operational." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml410(td) msgid "" "Owner of the router. Only admin users can specify a tenant_id other than its" " own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml415(td) msgid "external_gateway_info" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml416(td) msgid "dict contain 'network_id' key-value pair" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml418(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml474(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml482(td) msgid "Null" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml419(td) msgid "" "External network that this router connects to for gateway services (for " "example, NAT)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml426(caption) msgid "Floating IP" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml444(td) msgid "UUID for the floating IP." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml447(td) msgid "floating_ip_address" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml448(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml481(td) msgid "string (IP address)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml449(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml819(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1110(td) msgid "allocated by Networking" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml450(td) msgid "" "The external network IP address available to be mapped to an internal IP " "address." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml455(td) msgid "floating_network_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml458(para) msgid "" "The network indicating the set of subnets from which the floating IP should " "be allocated" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml463(td) msgid "router_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml466(td) msgid "" "Read-only value indicating the router that connects the external network to " "the associated internal port, if a port is associated." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml472(td) msgid "port_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml475(td) msgid "" "Indicates the internal Networking port associated with the external floating" " IP." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml480(td) msgid "fixed_ip_address" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml483(td) msgid "" "Indicates the IP address on the internal port that is mapped to by the " "floating IP (since an Networking port might have more than one IP address)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml492(td) msgid "" "Owner of the Floating IP. Only admin users can specify a tenant_id other " "than its own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml501(title) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml509(caption) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2109(caption) msgid "Basic L3 operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml502(para) msgid "" "External networks are visible to all users. However, the default policy " "settings enable only administrative users to create, update, and delete " "external networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml506(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "L3 operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml521(para) msgid "Creates external networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml530(para) msgid "Lists external networks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml536(para) msgid "" "Creates an internal-only router that connects to multiple L2 networks " "privately." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml551(para) msgid "" "Connects a router to an external network, which enables that router to act " "as a NAT gateway for external connectivity." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml557(para) msgid "" "The router obtains an interface with the gateway_ip address of the subnet, " "and this interface is attached to a port on the L2 Networking network " "associated with the subnet. The router also gets a gateway interface to the " "specified external network. This provides SNAT connectivity to the external " "network as well as support for floating IPs allocated on that external " "networks. Commonly an external network maps to a network in the provider" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml574(para) msgid "Lists routers." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml581(para) msgid "Shows information for a specified router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml589(para) msgid "Shows all internal interfaces for a router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml595(para) msgid "" "Identifies the port-id that represents the VM NIC to " "which the floating IP should map." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml601(para) msgid "" "This port must be on an Networking subnet that is attached to a router " "uplinked to the external network used to create the floating IP.  " "Conceptually, this is because the router must be able to perform the " "Destination NAT (DNAT) rewriting of packets from the Floating IP address " "(chosen from a subnet on the external network) to the internal Fixed IP " "(chosen from a private subnet that is behind the router)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml617(para) msgid "Creates a floating IP address and associates it with a port." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml626(para) msgid "" "Creates a floating IP address and associates it with a port, in a single " "step." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml635(para) msgid "Lists floating IPs." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml642(para) msgid "Finds floating IP for a specified VM port." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml650(para) msgid "Disassociates a floating IP address." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml658(para) msgid "Deletes the floating IP address." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml666(para) msgid "Clears the gateway." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml673(para) msgid "Removes the interfaces from the router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml681(para) msgid "Deletes the router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml692(title) msgid "Security groups" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml693(para) msgid "" "Security groups and security group rules allows administrators and tenants " "the ability to specify the type of traffic and direction (ingress/egress) " "that is allowed to pass through a port. A security group is a container for " "security group rules." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml698(para) msgid "" "When a port is created in Networking it is associated with a security group." " If a security group is not specified the port is associated with a " "'default' security group. By default, this group drops all ingress traffic " "and allows all egress. Rules can be added to this group in order to change " "the behaviour." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml704(para) msgid "" "To use the Compute security group APIs or use Compute to orchestrate the " "creation of ports for instances on specific security groups, you must " "complete additional configuration. You must configure the " "/etc/nova/nova.conf file and set the " "security_group_api=neutron option on every node that runs " "nova-compute and nova-api. After you make this change, restart" " nova-api and nova-compute to pick up this change. Then, " "you can use both the Compute and OpenStack Network security group APIs at " "the same time." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml721(para) msgid "" "To use the Compute security group API with Networking, the Networking plug-" "in must implement the security group API. The following plug-ins currently " "implement this: ML2, Nicira NVP, Open vSwitch, Linux Bridge, NEC, and Ryu." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml729(para) msgid "" "You must configure the correct firewall driver in the " "securitygroup section of the plug-in/agent configuration " "file. Some plug-ins and agents, such as Linux Bridge Agent and Open vSwitch " "Agent, use the no-operation driver as the default, which results in non-" "working security groups." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml738(para) msgid "" "When using the security group API through Compute, security groups are " "applied to all ports on an instance. The reason for this is that Compute " "security group APIs are instances based and not port based as Networking." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml747(title) msgid "Security group API abstractions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml749(caption) msgid "Security group attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml767(td) msgid "UUID for the security group." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml773(td) msgid "" "Human-readable name for the security group. Might not be unique. Cannot be " "named default as that is automatically created for a tenant." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml779(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1100(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1235(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1313(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2029(td) msgid "description" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml782(td) msgid "Human-readable description of a security group." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml789(td) msgid "" "Owner of the security group. Only admin users can specify a tenant_id other " "than their own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml796(caption) msgid "Security group rules" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml814(td) msgid "UUID for the security group rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml817(td) msgid "security_group_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml818(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml864(td) msgid "uuid-str or Integer" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml820(td) msgid "The security group to associate rule with." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml824(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2065(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2159(replaceable) msgid "direction" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml827(td) msgid "The direction the traffic is allow (ingress/egress) from a VM." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml831(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1130(td) msgid "protocol" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml834(td) msgid "IP Protocol (icmp, tcp, udp, and so on)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml838(td) msgid "port_range_min" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml841(td) msgid "Port at start of range" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml844(td) msgid "port_range_max" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml847(td) msgid "Port at end of range" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml850(td) msgid "ethertype" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml853(td) msgid "ethertype in L2 packet (IPv4, IPv6, and so on)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml857(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2091(td) msgid "remote_ip_prefix" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml858(td) msgid "string (IP cidr)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml860(td) msgid "CIDR for address range" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml863(td) msgid "remote_group_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml865(td) msgid "allocated by Networking or Compute" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml866(td) msgid "Source security group to apply to rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml873(td) msgid "" "Owner of the security group rule. Only admin users can specify a tenant_id " "other than its own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml881(title) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml886(caption) msgid "Basic security group operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml882(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "security group operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml898(para) msgid "Creates a security group for our web servers." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml904(para) msgid "Lists security groups." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml910(para) msgid "Creates a security group rule to allow port 80 ingress." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml917(para) msgid "Lists security group rules." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml923(para) msgid "Deletes a security group rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml930(para) msgid "Deletes a security group." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml936(para) msgid "Creates a port and associates two security groups." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml943(para) msgid "Removes security groups from a port." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml954(title) msgid "Basic Load-Balancer-as-a-Service operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml956(para) msgid "" "The Load-Balancer-as-a-Service (LBaaS) API provisions and configures load " "balancers. The Havana release offers a reference implementation that is " "based on the HAProxy software load balancer." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml961(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "LBaaS operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml964(caption) msgid "Basic LBaaS operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml976(para) msgid "Creates a load balancer pool by using specific provider." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml978(para) msgid "" "--provider is an optional argument. If not used, the " "pool is created with default provider for LBaaS service. You should " "configure the default provider in the [service_providers]" " section of neutron.conf file. If no default provider " "is specified for LBaaS, the --provider option is " "required for pool creation." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml992(parameter) msgid "--provider <provider_name>" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml996(para) msgid "Associates two web servers with pool." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1004(para) msgid "" "Creates a health monitor which checks to make sure our instances are still " "running on the specified protocol-port." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1012(para) msgid "Associates a health monitor with pool." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1019(para) msgid "" "Creates a virtual IP (VIP) address that, when accessed through the load " "balancer, directs the requests to one of the pool members." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1032(title) msgid "Firewall-as-a-Service" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1033(para) msgid "" "The Firewall-as-a-Service (FWaaS) API is an experimental API that enables " "early adopters and vendors to test their networking implementations." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1036(para) msgid "" "The FWaaS is backed by a reference " "implementation that works with the Networking OVS plug-in and " "provides perimeter firewall functionality. It leverages the footprint of the" " Networking OVS L3 agent and an IPTables driver to apply the firewall rules " "contained in a particular firewall policy. This reference implementation " "supports one firewall policy and consequently one logical firewall instance " "for each tenant. This is not a constraint of the resource model, but of the " "current reference implementation. The firewall is present on a Networking " "virtual router. If a tenant has multiple routers, the firewall is present on" " all the routers. If a tenant does not have any router, the firewall is in " "PENDING_CREATE state until a router is created and the first " "interface is added to the router. At that point the firewall policy is " "immediately applied to the router and the firewall changes to " "ACTIVE state." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1056(para) msgid "" "Because this is the first iteration of this implementation, it should " "probably not be run in production environments without adequate testing." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1062(title) msgid "Firewall-as-a-Service API abstractions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1064(caption) msgid "Firewall rules" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1082(td) msgid "UUID for the firewall rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1088(td) msgid "" "Owner of the firewall rule. Only admin users can specify a tenant_id other " "than its own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1096(td) msgid "Human readable name for the firewall rule (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1103(td) msgid "" "Human readable description for the firewall rule (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1108(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1357(td) msgid "firewall_policy_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1109(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1358(td) msgid "uuid-str or None" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1111(td) msgid "" "This is a read-only attribute that gets populated with the uuid of the " "firewall policy when this firewall rule is associated with a firewall " "policy. A firewall rule can be associated with only one firewall policy at a" " time. However, the association can be changed to a different firewall " "policy." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1122(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1188(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1244(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1262(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1321(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1536(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2082(td) msgid "Boolean" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1124(td) msgid "" "When set to True makes this firewall rule visible to tenants other than its " "owner, and it can be used in firewall policies not owned by its tenant." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1133(td) msgid "IP Protocol (icmp, tcp, udp, None)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1137(td) msgid "Integer or String" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1139(td) msgid "IP Version (4, 6)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1142(td) msgid "source_ip_address" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1143(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1149(td) msgid "String (IP address or CIDR)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1145(td) msgid "Source IP address or CIDR." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1148(td) msgid "destination_ip_address" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1151(td) msgid "Destination IP address or CIDR." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1154(td) msgid "source_port" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1155(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1163(td) msgid "" "Integer or String (either as a single port number or in the format of a ':' " "separated range)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1159(td) msgid "Source port number or a range." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1162(td) msgid "destination_port" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1167(td) msgid "Destination port number or a range." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1170(td) msgid "position" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1173(td) msgid "" "This is a read-only attribute that gets assigned to this rule when the rule " "is associated with a firewall policy. It indicates the position of this rule" " in that firewall policy." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1180(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1926(td) msgid "action" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1182(td) msgid "deny" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1183(td) msgid "Action to be performed on the traffic matching the rule (allow, deny)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1187(td) msgid "enabled" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1190(td) msgid "" "When set to False, disables this rule in the firewall policy. Facilitates " "selectively turning off rules without having to disassociate the rule from " "the firewall policy." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1199(caption) msgid "Firewall policies" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1217(td) msgid "UUID for the firewall policy." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1223(td) msgid "" "Owner of the firewall policy. Only admin users can specify a tenant_id other" " their own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1231(td) msgid "Human readable name for the firewall policy (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1238(td) msgid "" "Human readable description for the firewall policy (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1246(td) msgid "" "When set to True makes this firewall policy visible to tenants other than " "its owner, and can be used to associate with firewalls not owned by its " "tenant." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1252(td) msgid "firewall_rules" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1253(td) msgid "List of uuid-str or None" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1255(td) msgid "" "This is an ordered list of firewall rule uuids. The firewall applies the " "rules in the order in which they appear in this list." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1261(td) msgid "audited" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1264(td) msgid "" "When set to True by the policy owner indicates that the firewall policy has " "been audited. This attribute is meant to aid in the firewall policy audit " "workflows. Each time the firewall policy or the associated firewall rules " "are changed, this attribute is set to False and must be explicitly set to " "True through an update operation." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1277(caption) msgid "Firewalls" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1295(td) msgid "UUID for the firewall." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1301(td) msgid "" "Owner of the firewall. Only admin users can specify a tenant_id other than " "its own." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1309(td) msgid "Human readable name for the firewall (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1316(td) msgid "Human readable description for the firewall (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1323(td) msgid "" "The administrative state of the firewall. If False (down), the firewall does" " not forward any packets." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1331(para) msgid "" "Indicates whether the firewall is currently operational. Possible values " "include:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1336(para) msgid "ACTIVE" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1339(para) msgid "DOWN" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1342(para) msgid "PENDING_CREATE" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1345(para) msgid "PENDING_UPDATE" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1348(para) msgid "PENDING_DELETE" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1351(para) msgid "ERROR" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1360(td) msgid "" "The firewall policy uuid that this firewall is associated with. This " "firewall implements the rules contained in the firewall policy represented " "by this uuid." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1370(title) msgid "Basic Firewall-as-a-Service operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1373(para) msgid "Create a firewall rule:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1375(para) msgid "" "The CLI requires that a protocol value be provided. If the rule is protocol " "agnostic, the 'any' value can be used." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1378(para) msgid "" "In addition to the protocol attribute, other attributes can be specified in " "the firewall rule. See the previous section for the supported attributes." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1384(para) msgid "Create a firewall policy:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1386(para) msgid "" "The order of the rules specified above is important. A firewall policy can " "be created without any rules and rules can be added later either via the " "update operation (if adding multiple rules) or via the insert-rule operation" " (if adding a single rule). Please check the CLI help for more details on " "these operations." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1395(para) msgid "" "The reference implementation always adds a default deny all rule at the end " "of each policy. This implies that if a firewall policy is created without " "any rules and is associated with a firewall, that firewall blocks all " "traffic." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1404(para) msgid "Create a firewall:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1409(para) msgid "" "The FWaaS features and the above workflow can also be accessed from the " "Horizon user interface. This support is disabled by default, but can be " "enabled by configuring " "#HORIZON_DIR/openstack_dashboard/local/local_settings.py " " and setting:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1421(title) msgid "Allowed-address-pairs" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1422(para) msgid "" "Allowed-address-pairs is an API extension that extends the port attribute. " "This extension allows one to specify arbitrary mac_address/ip_address(cidr) " "pairs that are allowed to pass through a port regardless of subnet. The main" " use case for this is to enable the ability to use protocols such as VRRP " "which floats an ip address between two instances to enable fast data plane " "failover." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1430(para) msgid "" "The allowed-address-pairs extension is currently only supported by these " "plug-ins: ML2, Nicira NVP, and Open vSwitch." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1435(title) msgid "Basic allowed address pairs operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1438(para) msgid "Create a port with a specific allowed-address-pairs:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1443(para) msgid "Update a port adding allowed-address-pairs:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1449(para) msgid "" "Setting an allowed-address-pair that matches the mac_address and ip_address " "of a port is prevented. This is because that would have no effect since " "traffic matching the mac_address and ip_address is already allowed to pass " "through the port." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1456(para) msgid "" "If your plug-in implements the port-security extension port-security-enabled" " must be set to True on the port in order to have allowed-address-pairs on a" " port. The reason for this is because if port-security-enabled is set to " "False this allows all traffic to be passed through the port thus having " "allowed-address-pairs would have no effect." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1469(title) msgid "Plug-in specific extensions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1471(para) msgid "" "Each vendor can choose to implement additional API extensions to the core " "API. This section describes the extensions for each plug-in." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1475(title) msgid "Nicira NVP extensions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1476(para) msgid "These sections explain Nicira NVP plug-in extensions." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1479(title) msgid "Nicira NVP QoS extension" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1480(para) msgid "" "The Nicira NVP QoS extension rate-limits network ports to guarantee a " "specific amount of bandwidth for each port. This extension, by default, is " "only accessible by a tenant with an admin role but is configurable through " "the policy.json file. To use this extension, create a " "queue and specify the min/max bandwidth rates (kbps) and optionally set the " "QoS Marking and DSCP value (if your network fabric uses these values to make" " forwarding decisions). Once created, you can associate a queue with a " "network. Then, when ports are created on that network they are automatically" " created and associated with the specific queue size that was associated " "with the network. Because one size queue for a every port on a network might" " not be optimal, a scaling factor from the Nova flavor 'rxtx_factor' is " "passed in from Compute when creating the port to scale the queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1499(para) msgid "" "Lastly, if you want to set a specific baseline QoS policy for the amount of " "bandwidth a single port can use (unless a network queue is specified with " "the network a port is created on) a default queue can be created in " "Networking which then causes ports created to be associated with a queue of " "that size times the rxtx scaling factor. Note that after a network or " "default queue is specified, queues are added to ports that are subsequently " "created but are not added to existing ports." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1512(title) msgid "Nicira NVP QoS API abstractions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1514(caption) msgid "Nicira NVP QoS attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1532(td) msgid "UUID for the QoS queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1537(td) msgid "False by default" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1538(td) msgid "" "If True, ports are created with this queue size unless the network port is " "created or associated with a queue at port creation time." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1547(td) msgid "Name for QoS queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1550(td) msgid "min" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1552(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1573(td) msgid "0" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1553(td) msgid "Minimum Bandwidth Rate (kbps)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1557(td) msgid "max" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1560(td) msgid "Maximum Bandwidth Rate (kbps)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1564(td) msgid "qos_marking" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1566(td) msgid "untrusted by default" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1567(td) msgid "Whether QoS marking should be trusted or untrusted." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1571(td) msgid "dscp" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1574(td) msgid "DSCP Marking value." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1580(td) msgid "The owner of the QoS queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1586(title) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1591(caption) msgid "Basic Nicira NVP QoS operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1587(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "queue operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1604(para) msgid "Creates QoS Queue (admin-only)." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1612(para) msgid "Associates a queue with a network." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1620(para) msgid "Creates a default system queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1626(para) msgid "Lists QoS queues." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1633(para) msgid "Deletes a QoS queue." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1644(title) msgid "Nicira NVP provider networks extension" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1645(para) msgid "" "Provider networks can be implemented in different ways by the underlying NVP" " platform." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1648(para) msgid "" "The FLAT and VLAN network types " "use bridged transport connectors. These network types enable the attachment " "of large number of ports. To handle the increased scale, the NVP plug-in can" " back a single Openstack Network with a chain of NVP logical switches. You " "can specify the maximum number of ports on each logical switch in this chain" " on the max_lp_per_bridged_ls parameter, which has a " "default value of 5,000." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1660(para) msgid "" "The recommended value for this parameter varies with the NVP version running" " in the back-end, as shown in the following table." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1664(caption) msgid "Recommended values for max_lp_per_bridged_ls" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1670(td) msgid "NVP version" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1671(td) msgid "Recommended Value" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1676(td) msgid "2.x" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1677(td) msgid "64" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1680(td) msgid "3.0.x" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1681(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1685(td) msgid "5,000" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1684(td) msgid "3.1.x" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1688(td) msgid "3.2.x" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1689(td) msgid "10,000" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1693(para) msgid "" "In addition to these network types, the NVP plug-in also supports a special " "l3_ext network type, which maps external networks to " "specific NVP gateway services as discussed in the next section." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1701(title) msgid "Nicira NVP L3 extension" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1702(para) msgid "" "NVP exposes its L3 capabilities through gateway services which are usually " "configured out of band from OpenStack. To use NVP with L3 capabilities, " "first create a L3 gateway service in the NVP Manager. Next, in " "/etc/neutron/plugins/nicira/nvp.ini set " "default_l3_gw_service_uuid to this value. By default, " "routers are mapped to this gateway service." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1712(title) msgid "Nicira NVP L3 extension operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1713(para) msgid "Create external network and map it to a specific NVP gateway service:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1717(para) msgid "Terminate traffic on a specific VLAN from a NVP gateway service:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1724(title) msgid "Operational status synchronization in the Nicira NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1726(para) msgid "" "Starting with the Havana release, the Nicira NVP plug-in provides an " "asynchronous mechanism for retrieving the operational status for neutron " "resources from the NVP back-end; this applies to " "network, port, and " "router resources." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1733(para) msgid "" "The back-end is polled periodically, and the status for every resource is " "retrieved; then the status in the Networking database is updated only for " "the resources for which a status change occurred. As operational status is " "now retrieved asynchronously, performance for GET " "operations is consistently improved." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1741(para) msgid "" "Data to retrieve from the back-end are divided in chunks in order to avoid " "expensive API requests; this is achieved leveraging NVP APIs response paging" " capabilities. The minimum chunk size can be specified using a configuration" " option; the actual chunk size is then determined dynamically according to: " "total number of resources to retrieve, interval between two synchronization " "task runs, minimum delay between two subsequent requests to the NVP back-" "end." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1752(para) msgid "" "The operational status synchronization can be tuned or disabled using the " "configuration options reported in this table; it is however worth noting " "that the default values work fine in most cases." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1758(caption) msgid "" "Configuration options for tuning operational status synchronization in the " "NVP plug-in" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1768(th) msgid "Option name" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1769(th) msgid "Group" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1771(th) msgid "Type and constraints" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1772(th) msgid "Notes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1777(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1784(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1808(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1826(literal) msgid "state_sync_interval" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1778(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1793(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1805(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1818(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1839(literal) msgid "nvp_sync" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1779(td) msgid "120 seconds" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1780(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1820(td) msgid "Integer; no constraint." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1781(td) msgid "" "Interval in seconds between two run of the synchronization task. If the " "synchronization task takes more than seconds to execute, a " "new instance of the task is started as soon as the other is completed. " "Setting the value for this option to 0 will disable the synchronization " "task." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1792(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1799(literal) msgid "max_random_sync_delay" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1794(td) msgid "0 seconds" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1796(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1804(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1828(literal) msgid "min_sync_req_delay" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1795(td) msgid "Integer. Must not exceed " msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1797(td) msgid "" "When different from zero, a random delay between 0 and will" " be added before processing the next chunk." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1806(td) msgid "10 seconds" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1807(td) msgid "Integer. Must not exceed ." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1809(td) msgid "" "The value of this option can be tuned according to the observed load on the " "NVP controllers. Lower values will result in faster synchronization, but " "might increase the load on the controller cluster." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1817(literal) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1832(literal) msgid "min_chunk_size" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1819(td) msgid "500 resources" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1821(td) msgid "" "Minimum number of resources to retrieve from the back-end for each " "synchronization chunk. The expected number of synchronization chunks is " "given by the ratio between and . This size " "of a chunk might increase if the total number of resources is such that more" " than resources must be fetched in one chunk with the " "current number of chunks." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1838(literal) msgid "always_read_status" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1841(td) msgid "Boolean; no constraint." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1845(literal) msgid "GET" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1842(td) msgid "" "When this option is enabled, the operational status will always be retrieved" " from the NVP back-end ad every request. In this case it is" " advisable to disable the synchronization task." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1851(para) msgid "" "When running multiple OpenStack Networking server instances, the status " "synchronization task should not run on every node; doing so sends " "unnecessary traffic to the NVP back-end and performs unnecessary DB " "operations. Set the configuration " "option to a non-zero value exclusively on a node designated for back-end " "status synchronization." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1860(para) msgid "" "Explicitly specifying the status " "attribute in Neutron API requests (e.g.: GET /v2.0/networks/<" ";net-id>?fields=status&fields=name) always triggers an " "explicit query to the NVP back-end, even when asynchronous state " "synchronization is enabled." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1870(title) msgid "Big Switch plug-in extensions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1871(para) msgid "" "This section explains the Big Switch Neutron plug-in-specific extension." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1874(title) msgid "Big Switch router rules" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1875(para) msgid "" "Big Switch allows router rules to be added to each tenant router. These " "rules can be used to enforce routing policies such as denying traffic " "between subnets or traffic to external networks. By enforcing these at the " "router level, network segmentation policies can be enforced across many VMs " "that have differing security groups." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1883(title) msgid "Router rule attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1884(para) msgid "" "Each tenant router has a set of router rules associated with it. Each router" " rule has the attributes in this table. Router rules and their attributes " "can be set using the command, through the Horizon interface" " or the Neutron API." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1892(caption) msgid "Big Switch Router rule attributes" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1901(th) msgid "Required" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1902(th) msgid "Input Type" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1908(td) msgid "source" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1910(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1919(td) msgid "A valid CIDR or one of the keywords 'any' or 'external'" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1912(td) msgid "" "The network that a packet's source IP must match for the rule to be applied" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1917(td) msgid "destination" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1921(td) msgid "" "The network that a packet's destination IP must match for the rule to be " "applied" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1928(td) msgid "'permit' or 'deny'" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1929(td) msgid "" "Determines whether or not the matched packets will allowed to cross the " "router" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1934(td) msgid "nexthop" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1935(td) msgid "No" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1936(td) msgid "" "A plus-separated (+) list of next-hop IP addresses (e.g. '1.1.1.1+1.1.1.2')" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1939(td) msgid "" "Overrides the default virtual router used to handle traffic for packets that" " match the rule" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1948(title) msgid "Order of rule processing" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1949(para) msgid "" "The order of router rules has no effect. Overlapping rules are evaluated " "using longest prefix matching on the source and destination fields. The " "source field is matched first so it always takes higher precedence over the " "destination field. In other words, longest prefix matching is used on the " "destination field only if there are multiple matching rules with the same " "source." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1961(title) msgid "Big Switch router rules operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1962(para) msgid "" "Router rules are configured with a router update operation in OpenStack " "Networking. The update overrides any previous rules so all rules must be " "provided at the same time." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1966(para) msgid "" "Update a router with rules to permit traffic by default but block traffic " "from external networks to the 10.10.10.0/24 subnet:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1969(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1974(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1979(replaceable) msgid "Router-UUID" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1972(para) msgid "Specify alternate next-hop addresses for a specific subnet:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1977(para) msgid "Block traffic between two subnets while allowing everything else:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1987(title) msgid "L3 metering" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1988(para) msgid "" "The L3 metering API extension enables administrators to configure IP ranges " "and assign a specified label to them to be able to measure traffic that goes" " through a virtual router." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1992(para) msgid "" "The L3 metering extension is decoupled from the technology that implements " "the measurement. Two abstractions have been added: One is the metering label" " that can contain metering rules. Because a metering label is associated " "with a tenant, all virtual routers in this tenant are associated with this " "label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml1999(title) msgid "L3 metering API abstractions" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2001(caption) msgid "Label" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2019(td) msgid "UUID for the metering label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2025(td) msgid "Human-readable name for the metering label. Might not be unique." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2032(td) msgid "The optional description for the metering label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2039(td) msgid "Owner of the metering label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2044(caption) msgid "Rules" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2062(td) msgid "UUID for the metering rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2066(td) msgid "String (Either ingress or egress)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2067(td) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2160(replaceable) msgid "ingress" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2068(td) msgid "" "The direction in which metering rule is applied, either ingress or egress." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2072(td) msgid "metering_label_id" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2076(para) msgid "The metering label ID to associate with this metering rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2081(td) msgid "excluded" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2084(td) msgid "" "Specify whether the remote_ip_prefix will be excluded or not from traffic " "counters of the metering label, For example to not count the traffic of a " "specific IP address of a range." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2092(td) msgid "String (CIDR)" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2094(td) msgid "Indicates remote IP prefix to be associated with this metering rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2102(title) msgid "Basic L3 metering operations" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2103(para) msgid "Only administrators can manage the L3 metering labels and rules." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2105(para) msgid "" "This table shows example commands that enable you to " "complete basic L3 metering operations:" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2121(para) msgid "Creates a metering label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2124(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2142(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2151(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2160(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2161(replaceable) msgid "label1" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2124(replaceable) msgid "\"description of label1\"" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2129(para) msgid "Lists metering labels." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2137(para) msgid "Shows information for a specified label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2141(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2150(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2159(replaceable) msgid "label-uuid" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2147(para) msgid "Deletes a metering label." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2156(para) msgid "Creates a metering rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2160(replaceable) msgid "10.0.0.0/24" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2161(replaceable) msgid "20.0.0.0/24" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2166(para) msgid "Lists metering all label rules." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2175(para) msgid "Shows information for a specified label rule." msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2179(replaceable) #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2185(replaceable) msgid "rule-uuid" msgstr "" #: ./doc/admin-guide-cloud/section_networking_adv_features.xml2183(td) msgid "Deletes a metering label rule." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml5(title) msgid "Configure a multiple-storage back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml6(para) msgid "" "This section presents the multi back-end storage feature introduced with the" " Grizzly release. Multi back-end allows the creation of several back-end " "storage solutions serving the same OpenStack Compute configuration. " "Basically, multi back-end launches one cinder-" "volume for each back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml12(para) msgid "" "In a multi back-end configuration, each back-end has a name " "(volume_backend_name). Several back-ends can have the " "same name. In that case, the scheduler properly decides which back-end the " "volume has to be created in." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml17(para) msgid "" "The name of the back-end is declared as an extra-specification of a volume " "type (such as, volume_backend_name=LVM_iSCSI). When a " "volume is created, the scheduler chooses an appropriate back-end to handle " "the request, according to the volume type specified by the user." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml24(title) msgid "Enable multi back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml25(para) msgid "" "To enable a multi back-end configuration, you must set the " " flag in the " "cinder.conf file. This flag defines the names " "(separated by a comma) of the configuration groups for the different back-" "ends: one name is associated to one configuration group for a back-end (such" " as, [lvmdriver-1])." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml33(para) msgid "" "The configuration group name is not related to the " "volume_backend_name." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml36(para) msgid "" "The options for a configuration group must be defined in the group (or " "default options are used). All the standard Block Storage configuration " "options (volume_group, volume_driver, " "and so on) might be used in a configuration group. Configuration values in " "the [DEFAULT] configuration group are not used." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml44(para) msgid "These examples show three back-ends:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml59(para) msgid "" "In this configuration, lvmdriver-1 and " "lvmdriver-2 have the same " "volume_backend_name. If a volume creation requests the " "LVM_iSCSI back-end name, the scheduler uses the capacity " "filter scheduler to choose the most suitable driver, which is either " "lvmdriver-1 or lvmdriver-2. The " "capacity filter scheduler is enabled by default. The next section provides " "more information. In addition, this example presents a " "lvmdriver-3 back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml72(title) msgid "Configure Block Storage scheduler multi back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml73(para) msgid "" "You must enable the option to use multi " "back-end. Filter scheduler acts in two steps:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml78(para) msgid "" "The filter scheduler filters the available back-ends. By default, " "AvailabilityZoneFilter, CapacityFilter" " and CapabilitiesFilter are enabled." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml86(para) msgid "" "The filter scheduler weighs the previously filtered back-ends. By default, " "CapacityWeigher is enabled. The " "CapacityWeigher attributes higher scores to back-ends " "with the most available." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml94(para) msgid "" "The scheduler uses the filtering and weighing process to pick the best back-" "end to handle the request, and explicitly creates volumes on specific back-" "ends through the use of volume types." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml99(para) msgid "" "To enable the filter scheduler, add this line to the " "cinder.conf configuration file:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml103(para) msgid "" "While the Block Storage Scheduler defaults to " " in Grizzly, this setting is not required." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml110(title) msgid "Volume type" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml111(para) msgid "" "Before using it, a volume type has to be declared to Block Storage. This can" " be done by the following command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml114(para) msgid "" "Then, an extra-specification have to be created to link the volume type to a" " back-end name. Run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml118(para) msgid "" "This example creates a lvm volume type with " "volume_backend_name=LVM_iSCSI as extra-specifications." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml121(para) msgid "Create another volume type:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml124(para) msgid "" "This second volume type is named lvm_gold and has " "LVM_iSCSI_b as back-end name." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml129(para) msgid "To list the extra-specifications, use this command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml134(para) msgid "" "If a volume type points to a volume_backend_name that " "does not exist in the Block Storage configuration, the " "filter_scheduler returns an error that it cannot find a " "valid host with the suitable back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml143(title) msgid "Usage" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml144(para) msgid "" "When you create a volume, you must specify the volume type. The extra-" "specifications of the volume type are used to determine which back-end has " "to be used. Considering the cinder.conf " "described previously, the scheduler creates this volume on " "lvmdriver-1 or lvmdriver-2." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml153(para) msgid "This second volume is created on lvmdriver-3." msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml6(title) msgid "Multipath Call Failed Exit" msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml9(para) msgid "" "Multipath call failed exit. This warning occurs in the Compute log if you do" " not have the optional multipath-tools package " "installed on the Compute node. This is an optional package and the volume " "attachment does work without the multipath tools installed. If the multipath-tools package is installed on the Compute node, it is " "used to perform the volume attachment. The IDs in your message are unique to" " your system." msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml21(para) msgid "" "Run the following command on the Compute node to install the multipath-tools packages." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml6(title) msgid "Migrate volumes" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml7(para) msgid "" "The Havana release of OpenStack introduces the ability to migrate volumes " "between back-ends. Migrating a volume transparently moves its data from the " "current back-end for the volume to a new one. This is an administrator " "function, and can be used for functions including storage evacuation (for " "maintenance or decommissioning), or manual optimizations (for example, " "performance, reliability, or cost)." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml14(para) msgid "These workflows are possible for a migration:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml17(para) msgid "" "If the storage can migrate the volume on its own, it is given the " "opportunity to do so. This allows the Block Storage driver to enable " "optimizations that the storage might be able to perform. If the back-end is " "not able to perform the migration, the Block Storage Service uses one of two" " generic flows, as follows." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml26(para) msgid "" "If the volume is not attached, the Block Storage Service creates a volume " "and copies the data from the original to the new volume. Note: While most " "back-ends support this function, not all do. See driver documentation in the" " OpenStack Configuration " "Reference for more details." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml37(para) msgid "" "If the volume is attached to a VM instance, the Block Storage Service " "creates a volume, and calls Compute to copy the data from the original to " "the new volume. Currently this is supported only by the Compute libvirt " "driver." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml44(para) msgid "" "As an example, this scenario shows two LVM back-ends and migrates an " "attached volume from one to the other. This scenario uses the third " "migration flow." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml47(para) msgid "First, list the available back-ends:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml51(para) msgid "" "Next, as the admin user, you can see the current status of the volume " "(replace the example ID with your own):" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml75(para) msgid "Note these attributes:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml78(para) msgid "" "os-vol-host-attr:host - the volume's current back-end." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml82(para) msgid "" "os-vol-mig-status-attr:migstat - the status of this " "volume's migration ('None' means that a migration is not currently in " "progress)." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml87(para) msgid "" "os-vol-mig-status-attr:name_id - the volume ID that this " "volume's name on the back-end is based on. Before a volume is ever migrated," " its name on the back-end storage may be based on the volume's ID (see the " "volume_name_template configuration parameter). For example, if " "volume_name_template is kept as the default value (volume-%s), your first " "LVM back-end has a logical volume named volume-" "6088f80a-f116-4331-ad48-9afb0dfb196c. During the course of a " "migration, if you create a volume and copy over the data, the volume get the" " new name but keeps its original ID. This is exposed by the " "name_id attribute." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml104(para) msgid "Migrate this volume to the second LVM back-end:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml106(para) msgid "" "You can use the command to see the status of the migration." " While migrating, the migstat attribute shows states such" " as migrating or completing. On error," " migstat is set to None and the " "host attribute shows the original host. On success, in " "this example, the output looks like:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml137(para) msgid "" "Note that migstat is None, host is the" " new host, and name_id holds the ID of the volume created" " by the migration. If you look at the second LVM back-end, you find the " "logical volume volume-133d1f56-9ffc-" "4f57-8798-d5217d851862." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml144(para) msgid "" "The migration is not visible to non-admin users (for example, through the " "volume status). However, some operations are not allowed " "while a migration is taking place, such as attaching/detaching a volume and " "deleting a volume. If a user performs such an action during a migration, an " "error is returned." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml152(para) msgid "Migrating volumes that have snapshots are currently not allowed." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml7(title) #: ./doc/admin-guide-cloud/ch_compute.xml766(title) msgid "Dashboard" msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml8(para) msgid "" "The OpenStack dashboard is a web-based interface that allows you to manage " "OpenStack resources and services. The dashboard allows you to interact with " "the OpenStack Compute cloud controller using the OpenStack APIs. For more " "information about installing and configuring the dashboard, see the " "OpenStack Installation Guide for your operating " "system." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml20(para) msgid ", for customizing the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml24(para) msgid "" ", for setting up session storage for " "the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml28(para) msgid "" "The " " Horizon documentation, for deploying the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml32(para) msgid "" "The OpenStack End User Guide, for" " launching instances with the dashboard.." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml16(para) msgid "For more information about using the dashboard, see: " msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml5(title) msgid "Nova volume attach error, not JSON serializable" msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml8(para) msgid "" "When you attach a nova volume to a VM, you will see the error with stack " "trace in /var/log/nova/nova-volume.log. The JSON " "serializable issue is caused by an RPC response timeout." msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml16(para) msgid "" "Make sure your iptables allow port 3260 communication on the ISC controller." " Run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml19(para) msgid "" "If the port communication is properly configured, you can try running this " "command." msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml23(para) msgid "This service does not exist on Debian or Ubuntu." msgstr "" #: ./doc/admin-guide-cloud/section_ts_attach_vol_fail_not_JSON.xml26(para) msgid "" "If you continue to get the RPC response time out, your ISC controller and " "KVM host might be incompatible." msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml4(title) msgid "Duplicate 3PAR host" msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml7(para) msgid "" "This error may be caused by a volume being exported outside of OpenStack " "using a host name different from the system name that OpenStack expects. " "This error could be displayed with the IQN if the host was exported using " "iSCSI." msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml13(para) msgid "" "Change the 3PAR host name to match the one that OpenStack expects. The 3PAR " "host constructed by the driver uses just the local hostname, not the fully " "qualified domain name (FQDN) of the compute host. For example, if the FQDN " "was myhost.example.com, just " "myhost would be used as the 3PAR hostname. IP addresses" " are not allowed as host names on the 3PAR storage server." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml214(None) msgid "" "@@image: '../common/figures/instance-life-1.png'; " "md5=c7e56263f9ffb5a5cffb59fbc5ffba35" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml233(None) msgid "" "@@image: '../common/figures/instance-life-2.png'; " "md5=84aed8a4c2575548c2f8bacf496465ac" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml275(None) msgid "" "@@image: '../common/figures/instance-life-3.png'; " "md5=e25d1bd617373f95e1b8a12605a65ac6" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml1544(None) msgid "" "@@image: '../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-" "manager.jpg'; md5=31f7e15a45d042bd9d6499631e2f3ccc" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml1554(None) msgid "" "@@image: '../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-DHCP-" "manager.jpg'; md5=0f33a228f1dec4a4e4424dd5ee81bde8" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/ch_compute.xml1564(None) msgid "" "@@image: '../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-VLAN-" "manager.jpg'; md5=0acaf3e2041f941d8fee2d111f37e7ac" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml9(title) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml102(title) msgid "Compute" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml10(para) msgid "" "The OpenStack Compute service allows you to control an Infrastructure-" "as-a-Service (IaaS) cloud computing platform. It gives you control over " "instances and networks, and allows you to manage access to the cloud through" " users and projects." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml15(para) msgid "" "Compute does not include any virtualization software. Instead, it defines " "drivers that interact with underlying virtualization mechanisms that run on " "your host operating system, and exposes functionality over a web-based API." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml20(title) msgid "Hypervisors" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml21(para) msgid "" "Compute controls hypervisors through an API server. Selecting the best " "hypervisor to use can be difficult, and you must take budget, resource " "constraints, supported features, and required technical specifications into " "account. However, the majority of OpenStack development is done on systems " "using KVM and Xen-based hypervisors. For a detailed list of features and " "support across different hypervisors, see http://wiki.openstack.org/HypervisorSupportMatrix." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml31(para) msgid "" "You can also orchestrate clouds using multiple hypervisors in different " "availability zones. The types of virtualization standards that can be used " "with Compute include:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml40(link) msgid "Baremetal" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml54(link) msgid "Kernel-based Virtual Machine (KVM)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml60(link) msgid "Linux Containers (LXC)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml66(link) msgid "Quick Emulator (QEMU)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml73(link) msgid "User Mode Linux (UML)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml80(link) msgid "VMWare vSphere" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml87(link) msgid "Xen" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml91(para) msgid "" "For more information about hypervisors, see the Hypervisors section in the " "OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml98(title) msgid "Tenants, users, and roles" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml99(para) msgid "" "The Compute system is designed to be used by different consumers in the form" " of tenants on a shared system, and role-based access assignments. Roles " "control the actions that a user is allowed to perform." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml103(para) msgid "" "Tenants are isolated resource containers that form the principal " "organizational structure within the Compute service. They consist of an " "individual VLAN, and volumes, instances, images, keys, and users. A user can" " specify the tenant by appending :project_id to their " "access key. If no tenant is specified in the API request, Compute attempts " "to use a tenant with the same ID as the user." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml111(para) msgid "For tenants, quota controls are available to limit the:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml115(para) msgid "number of volumes that may be launched." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml118(para) msgid "number of processor cores and the amount of RAM that can be allocated." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml122(para) msgid "" "floating IP addresses assigned to any instance when it launches. This allows" " instances to have the same publicly accessible IP addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml127(para) msgid "" "fixed IP addresses assigned to the same instance when it launches. This " "allows instances to have the same publicly or privately accessible IP " "addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml133(para) msgid "" "Roles control the actions a user is allowed to perform. By default, most " "actions do not require a particular role, but you can configure them by " "editing the policy.json file for user roles. For " "example, a rule can be defined so that a user must have the " "admin role in order to be able to allocate a public " "IP address." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml140(para) msgid "" "A tenant limits users' access to particular images. Each user is assigned a " "username and password. Keypairs granting access to an instance are enabled " "for each user, but quotas are set, so that each tenant can control resource " "consumption across available hardware resources." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml147(para) msgid "" "Earlier versions of OpenStack used the term project instead of tenant. Because of this legacy terminology, " "some command-line tools use --project_id where you " "would normally expect to enter a tenant ID." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml157(title) msgid "Images and instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml158(para) msgid "" "Disk images provide templates for virtual machine file systems. The Glance " "service manages storage and management of images." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml161(para) msgid "" "Instances are the individual virtual machines that run on physical compute " "nodes. Users can launch any number of instances from the same image. Each " "launched instance runs from a copy of the base image so that any changes " "made to the instance do not affect the base image. You can take snapshots of" " running instances to create an image based on the current disk state of a " "particular instance. The Compute services manages instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml169(para) msgid "" "For more information about creating and troubleshooting images, see the " "Manage Images section of the " "OpenStack Admin User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml175(para) msgid "" "For more information about image configuration options, see the Image Services section" " of the OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml181(para) msgid "" "When you launch an instance, you must choose a flavor, " "which represents a set of virtual resources. Flavors define how many virtual" " CPUs an instance has and the amount of RAM and size of its ephemeral disks." " OpenStack provides a number of predefined flavors that you can edit or add " "to. Users must select from the set of available flavors defined on their " "cloud." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml189(para) msgid "" "For more information about flavors, see the Flavors section in the " "OpenStack Operations Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml193(para) msgid "" "You can add and remove additional resources from running instances, such as " "persistent volume storage, or public IP addresses. The example used in this " "chapter is of a typical virtual system within an OpenStack cloud. It uses " "the cinder-volume service, which " "provides persistent block storage, instead of the ephemeral storage provided" " by the selected instance flavor." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml201(para) msgid "" "This diagram shows the system state prior to launching an instance. The " "image store, fronted by the image service, Glance, has a number of " "predefined images. Inside the cloud, a compute node contains the available " "vCPU, memory, and local disk resources. Additionally, the cinder-volume service provides a number of " "predefined volumes." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml209(title) msgid "Base image state with no running instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml218(para) msgid "" "To launch an instance, select an image, a flavor, and other optional " "attributes. The selected flavor provides a root volume, labeled " "vda in this diagram, and additional ephemeral storage, " "labeled vdb. In this example, the cinder-volume store is mapped to the third " "virtual disk on this instance, vdc." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml227(title) msgid "Instance creation from image and runtime state" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml237(para) msgid "" "The base image is copied from the image store to the local disk. The local " "disk is the first disk that the instance accesses, and is labeled " "vda. By using smaller images, your instances start up " "faster as less data needs to be copied across the network." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml242(para) msgid "" "A new empty disk, labeled vdb is also created. This is an" " empty ephemeral disk, which is destroyed when you delete the instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml245(para) msgid "" "The compute node is attached to the cinder-" "volume using iSCSI, and maps to the third disk, " "vdc. The vCPU and memory resources are provisioned and " "the instance is booted from vda. The instance runs and " "changes data on the disks as indicated in red in the diagram." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml255(para) msgid "" "Some of the details in this example scenario might be different in your " "environment. Specifically, you might use a different type of back-end " "storage or different network protocols. One common variant is that the " "ephemeral storage used for volumes vda and " "vdb could be backed by network storage rather than a " "local disk." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml264(para) msgid "" "When the instance is deleted, the state is reclaimed with the exception of " "the persistent volume. The ephemeral storage is purged, memory and vCPU " "resources are released. The image remains unchanged throughout." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml269(title) msgid "End state of image and volume after instance exits" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml281(title) msgid "System architecture" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml282(para) msgid "" "OpenStack Compute contains several main components. The cloud " "controller represents the global state and interacts with the " "other components. The API server acts as the web services" " front end for the cloud controller. The compute " "controller provides compute server resources and usually also " "contains the Compute service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml289(para) msgid "" "The object store is an optional component that provides " "storage services. An auth manager provides authentication" " and authorization services when used with the Compute system, or you can " "use the identity service as a separate authentication " "service instead. A volume controller provides fast and " "permanent block-level storage for the compute servers. The network " "controller provides virtual networks to enable compute servers to " "interact with each other and with the public network. The " "scheduler is used to select the most suitable compute " "controller to host an instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml303(para) msgid "" "Compute uses a messaging-based, shared nothing " "architecture. All major components exist on multiple servers, including the " "compute, volume, and network controllers, and the object store or image " "service. The state of the entire system is stored in a database. The cloud " "controller communicates with the internal object store using HTTP, but it " "communicates with the scheduler, network controller, and volume controller " "using AMQP (advanced message queueing protocol). To avoid blocking a " "component while waiting for a response, Compute uses asynchronous calls, " "with a callback that is triggered when a response is received." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml317(title) msgid "Block storage" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml318(para) msgid "" "OpenStack provides two classes of block storage: ephemeral storage and " "persistent volumes. Volumes are persistent virtualized block devices " "independent of any particular instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml322(para) msgid "" "Ephemeral storage is associated with a single unique instance, and it exists" " only for the life of that instance. The amount of ephemeral storage is " "defined by the flavor of the instance. Generally, the root file system for " "an instance will be stored on ephemeral storage. It persists across reboots " "of the guest operating system, but when the instance is deleted, the " "ephemeral storage is also removed." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml330(para) msgid "" "In addition to the ephemeral root volume, all flavors except the smallest, " "m1.tiny, also provide an additional ephemeral block " "device of between 20 and 160GB. These sizes can be configured to suit your " "environment. This is presented as a raw block device with no partition table" " or file system. Cloud-aware operating system images can discover, format, " "and mount these storage devices. For example, the cloud-init package included in Ubuntu's stock" " cloud images format this space as an ext3 file system " "and mount it on /mnt. This is a feature of the guest " "operating system you are using, and is not an OpenStack mechanism. OpenStack" " only provisions the raw storage." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml345(para) msgid "" "Persistent volumes are created by users and their size is limited only by " "the user's quota and availability limits. Upon initial creation, volumes are" " raw block devices without a partition table or a file system. To partition " "or format volumes, you must attach them to an instance. Once they are " "attached to an instance, you can use persistent volumes in much the same way" " as you would use external hard disk drive. You can attach volumes to only " "one instance at a time, although you can detach and reattach volumes to as " "many different instances as you like." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml356(para) msgid "" "Persistent volumes can be configured as bootable and used to provide a " "persistent virtual instance similar to traditional non-cloud-based " "virtualization systems. Typically, the resulting instance can also still " "have ephemeral storage depending on the flavor selected, but the root file " "system can be on the persistent volume and its state maintained even if the " "instance is shut down. For more information about this type of " "configuration, see the OpenStack Configuration " "Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml367(para) msgid "" "Persistent volumes do not provide concurrent access from multiple instances." " That type of configuration requires a traditional network file system like " "NFS or CIFS, or a cluster file system such as GlusterFS. These systems can " "be built within an OpenStack cluster or provisioned outside of it, but " "OpenStack software does not provide these features." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml377(title) msgid "Image management" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml378(para) msgid "" "The OpenStack Image service discovers, registers, and retrieves virtual " "machine images. The service also includes a RESTful API that allows you to " "query VM image metadata and retrieve the actual image with HTTP requests. " "For more information about the API, see the OpenStack " "API or the Python API." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml387(para) msgid "" "The OpenStack Image service can be controlled using a command line tool. For" " more information about the OpenStack Image command line tool, see the Image Management section in " "the OpenStack User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml393(para) msgid "" "Virtual images that have been made available through the Image service can " "be stored in a variety of ways. In order to use these services, you must " "have a working installation of the Image service, with a working endpoint, " "and users that have been created in the Identity service. Additionally, you " "must meet the environment variables required by the Compute and Image " "clients." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml401(para) msgid "The Image service supports these back end stores:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml404(term) msgid "File system" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml406(para) msgid "" "The OpenStack Image service stores virtual machine images in the file system" " back-end by default. This simple back end writes image files to the local " "file system." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml413(term) msgid "Object Storage service" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml415(para) msgid "The OpenStack highly-available object storage service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml420(term) msgid "S3" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml422(para) msgid "The Amazon S3 service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml426(term) msgid "HTTP" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml428(para) msgid "" "OpenStack Image Service can read virtual machine images that are available " "on the internet using HTTP. This store is read only." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml435(term) msgid "Rados block device (RBD)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml437(para) msgid "" "Stores images inside of a Ceph storage cluster using Ceph's RBD interface." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml442(term) msgid "GridFS" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml444(para) msgid "Stores images using MongoDB." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml450(title) msgid "Instance management tools" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml451(para) msgid "" "OpenStack provides command line, web-based, and API-based instance " "management tools. Additionally, a number of third party management tools are" " available, using either the native API or the provided EC2-compatible API." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml456(para) msgid "" "The OpenStack python-novaclient package provides " "a basic command line utility, which uses the command. This " "is available as a native package for most Linux distributions, or you can " "install the latest version using the pip python " "package installer: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml466(para) msgid "" "For more information about python-novaclient and " "other available command line tools, see the OpenStack End User " "Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml574(title) msgid "EC2 compatibility API" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml575(para) msgid "" "In addition to the native compute API, OpenStack provides an EC2-compatible " "API. This API allows EC2 legacy workflows built for EC2 to work with " "OpenStack." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml578(para) msgid "" "The OpenStack Configuration Reference lists " "configuration options for customizing this compatibility API on your " "OpenStack cloud." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml582(para) msgid "" "Numerous third party tools and language-specific SDKs can be used to " "interact with OpenStack clouds, using both native and compatibility APIs. " "Some of the more popular third-party tools are:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml588(term) msgid "Euca2ools" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml590(para) msgid "" "A popular open source command line tool for interacting with the EC2 API. " "This is convenient for multi-cloud environments where EC2 is the common API," " or for transitioning from EC2-based clouds to OpenStack. For more " "information, see the euca2ools " "site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml601(term) msgid "Hybridfox" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml603(para) msgid "" "A Firefox browser add-on that provides a graphical interface to many popular" " public and private cloud technologies, including OpenStack. For more " "information, see the " "hybridfox site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml612(term) msgid "boto" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml614(para) msgid "" "A Python library for interacting with Amazon Web Services. It can be used to" " access OpenStack through the EC2 compatibility API. For more information, " "see the boto project page on " "GitHub." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml623(term) msgid "fog" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml625(para) msgid "" "A Ruby cloud services library. It provides methods for interacting with a " "large number of cloud and virtualization platforms, including OpenStack. For" " more information, see the fog" " site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml634(term) msgid "php-opencloud" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml636(para) msgid "" "A PHP SDK designed to work with most OpenStack- based cloud deployments, as " "well as Rackspace public cloud. For more information, see the php-opencloud site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml647(title) msgid "Building blocks" msgstr "" #. There are two fundamental requirements for a #. computing system, software and hardware. #. Virtualization and cloud frameworks tend to blur these #. lines and some of your "hardware" might actually be #. "software" but conceptually you still need an #. operating system and something to run it on. #: ./doc/admin-guide-cloud/ch_compute.xml654(para) msgid "" "In OpenStack the base operating system is usually copied from an image " "stored in the OpenStack Image service. This is the most common case and " "results in an ephemeral instance that starts from a known template state and" " loses all accumulated states on shutdown. It is also possible to put an " "operating system on a persistent volume in the Nova-Volume or Cinder volume " "system. This gives a more traditional persistent system that accumulates " "states, which are preserved across restarts. To get a list of available " "images on your system run: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml673(para) msgid "The displayed image attributes are:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml676(literal) msgid "ID" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml678(para) msgid "Automatically generated UUID of the image" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml683(literal) msgid "Name" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml685(para) msgid "Free form, human-readable name for image" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml690(literal) msgid "Status" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml692(para) msgid "" "The status of the image. Images marked ACTIVE are " "available for use." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml698(literal) msgid "Server" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml700(para) msgid "" "For images that are created as snapshots of running instances, this is the " "UUID of the instance the snapshot derives from. For uploaded images, this " "field is blank." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml708(para) msgid "" "Virtual hardware templates are called flavors. The " "default installation provides five flavors. By default, these are " "configurable by admin users, however that behavior can be changed by " "redefining the access controls for " "compute_extension:flavormanage in " "/etc/nova/policy.json on the compute-" "api server." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml716(para) msgid "For a list of flavors that are available on your system:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml742(title) msgid "Control where instances run" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml743(para) msgid "" "The OpenStack Configuration Reference provides " "detailed information on controlling where your instances run, including " "ensuring a set of instances run on different compute nodes for service " "resiliency or on the same node for high performance inter-instance " "communications." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml752(replaceable) msgid "availability-zone" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml752(replaceable) msgid "compute-host" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml750(para) msgid "" "Admin users can specify an exact compute node to run on using the command " "" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml757(title) msgid "Admin password injection" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml758(para) msgid "" "You can configure Compute to generate a random administrator (root) password" " and inject that password into the instance. If this feature is enabled, a " "user can ssh to an instance without an ssh keypair. The random password " "appears in the output of the command. You can also view and" " set the admin password from the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml767(para) msgid "" "The dashboard is configured by default to display the admin password and " "allow the user to modify it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml770(para) msgid "" "If you do not want to support password injection, we recommend disabling the" " password fields by editing your Dashboard " "local_settings file (file location will vary by Linux " "distribution, on Fedora/RHEL/CentOS: /etc/openstack-" "dashboard/local_settings, on Ubuntu and Debian: /etc" "/openstack-dashboard/local_settings.py and on openSUSE and SUSE " "Linux Enterprise Server: /usr/share/openstack-" "dashboard/openstack_dashboard/local/local_settings.py) " "" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml786(title) msgid "Libvirt-based hypervisors (KVM, QEMU, LXC)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml787(para) msgid "" "For hypervisors such as KVM that use the libvirt backend, admin password " "injection is disabled by default. To enable it, set the following option in " "/etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml795(para) msgid "" "When enabled, Compute will modify the password of the root account by " "editing the /etc/shadow file inside of the virtual " "machine instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml803(para) msgid "The virtual machine image is a Linux distribution" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml807(para) msgid "" "The virtual machine has been configured to allow users to ssh as the root " "user. This is not the case for Ubuntu cloud images, which disallow ssh to the " "root account by default." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml800(para) msgid "" "Users will only be able to ssh to the instance using the admin password " "if:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml820(title) msgid "XenAPI (XenServer/XCP)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml821(para) msgid "" "Compute uses the XenAPI agent to inject passwords into guests when using the" " XenAPI hypervisor backend. The virtual machine image must be configured " "with the agent for password injection to work." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml827(title) msgid "Windows images (all hypervisors)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml828(para) msgid "" "To support the admin password for Windows virtual machines, you must " "configure the Windows image to retrieve the admin password on boot by " "installing an agent such as cloudbase-init." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml856(title) msgid "Networking with nova-network" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml857(para) msgid "" "Understanding the networking configuration options helps you design the best" " configuration for your Compute instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml861(title) msgid "Networking options" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml862(para) msgid "" "This section offers a brief overview of each concept in networking for " "Compute. With the Grizzly release, you can choose to either install and " "configure nova-network for " "networking between VMs or use the Networking service (neutron) for " "networking. To configure Compute networking options with Neutron, see the " "." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml871(para) msgid "" "For each VM instance, Compute assigns to it a private IP address. " "(Currently, Compute with nova-" "network only supports Linux bridge networking that enables the " "virtual interfaces to connect to the outside network through the physical " "interface.)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml878(para) msgid "" "The network controller with nova-" "network provides virtual networks to enable compute servers to " "interact with each other and with the public network." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml887(para) msgid "Flat Network Manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml890(para) msgid "Flat DHCP Network Manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml893(para) msgid "VLAN Network Manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml882(para) msgid "" "Currently, Compute with nova-" "network supports these kinds of networks, implemented in " "different “Network Manager” types: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml896(para) msgid "" "These networks can co-exist in a cloud system. However, because you can't " "yet select the type of network for a given project, you cannot configure " "more than one type of network in a given Compute installation." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml902(para) msgid "" "All networking options require network connectivity to be already set up " "between OpenStack physical nodes. OpenStack does not configure any physical " "network interfaces. OpenStack automatically creates all network bridges (for" " example, br100) and VM virtual interfaces." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml909(para) msgid "" "All machines must have a public and " "internal network interface (controlled " "by the options: public_interface for the public " "interface, and flat_interface and " "vlan_interface for the internal interface with flat / " "VLAN managers)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml919(para) msgid "" "The internal network interface is used for communication with VMs, it " "shouldn't have an IP address attached to it before OpenStack installation " "(it serves merely as a fabric where the actual endpoints are VMs and " "dnsmasq). Also, the internal network interface must be put in promiscuous mode, because it must receive packets" " whose target MAC address is of the guest VM, not of the host." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml930(para) msgid "" "All the network managers configure the network using network drivers. For example, the Linux L3 driver" " (l3.py and linux_net.py), which makes" " use of iptables, route and other " "network management facilities, and libvirt's network filtering " "facilities. The driver isn't tied to any particular network manager; " "all network managers use the same driver. The driver usually initializes " "(creates bridges and so on) only when the first VM lands on this host node." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml944(para) msgid "" "All network managers operate in either single-" "host or multi-host mode. " "This choice greatly influences the network configuration. In single-host " "mode, a single nova-network " "service provides a default gateway for VMs and hosts a single DHCP server " "(dnsmasq). In multi-host mode, each compute node runs its own nova-network service. In both cases, all " "traffic between VMs and the outer world flows through nova-network. Each mode has its pros and " "cons. Read more in the OpenStack Configuration " "Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml961(para) msgid "" "Compute makes a distinction between fixed " "IPs and floating IPs for VM " "instances. Fixed IPs are IP addresses that are assigned to an instance on " "creation and stay the same until the instance is explicitly terminated. By " "contrast, floating IPs are addresses that can be dynamically associated with" " an instance. A floating IP address can be disassociated and associated with" " another instance at any time. A user can reserve a floating IP for their " "project." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml972(para) msgid "" "In Flat Mode, a network administrator " "specifies a subnet. The IP addresses for VM instances are grabbed from the " "subnet, and then injected into the image on launch. Each instance receives a" " fixed IP address from the pool of available addresses. A system " "administrator may create the Linux networking bridge (typically named " "br100, although this configurable) on the systems running" " the nova-network service. All " "instances of the system are attached to the same bridge, configured manually" " by the network administrator." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml986(para) msgid "" "The configuration injection currently only works on Linux-style systems that" " keep networking configuration in " "/etc/network/interfaces." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml991(para) msgid "" "In Flat DHCP Mode, OpenStack starts a " "DHCP server (dnsmasq) to pass out IP addresses to VM instances from the " "specified subnet in addition to manually configuring the networking bridge. " "IP addresses for VM instances are grabbed from a subnet specified by the " "network administrator." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml998(para) msgid "" "Like Flat Mode, all instances are attached to a single bridge on the compute" " node. In addition a DHCP server is running to configure instances " "(depending on single-/multi-host mode, alongside each nova-network). In this mode, Compute does a " "bit more configuration in that it attempts to bridge into an ethernet device" " (flat_interface, eth0 by default). It also runs and " "configures dnsmasq as a DHCP server listening on this bridge, usually on IP " "address 10.0.0.1 (see DHCP server: " "dnsmasq). For every instance, nova allocates a fixed IP address and " "configure dnsmasq with the MAC/IP pair for the VM. For example, dnsmasq " "doesn't take part in the IP address allocation process, it only hands out " "IPs according to the mapping done by nova. Instances receive their fixed IPs" " by doing a dhcpdiscover. These IPs are not assigned to any of the host's network " "interfaces, only to the VM's guest-side interface." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1019(para) msgid "" "In any setup with flat networking, the host(-s) with nova-network on it is " "(are) responsible for forwarding traffic from the private network. Compute " "can determine the NAT entries for each network, though sometimes NAT is not " "used, such as when configured with all public IPs or a hardware router is " "used (one of the HA options). Such host(-s) needs to have " "br100 configured and physically connected to any other " "nodes that are hosting VMs. You must set the " "flat_network_bridge option or create networks with the " "bridge parameter in order to avoid raising an error. Compute nodes have " "iptables/ebtables entries created for each project and instance to protect " "against IP/MAC address spoofing and ARP poisoning." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1035(para) msgid "" "In single-host Flat DHCP mode you will " "be able to ping VMs through their fixed IP from the nova-network node, but " "you cannot ping them from the compute " "nodes. This is expected behavior." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1042(para) msgid "" "VLAN Network Mode is the default mode for" " OpenStack Compute. In this mode, Compute creates a VLAN and bridge for each" " project. For multiple machine installation, the VLAN Network Mode requires " "a switch that supports VLAN tagging (IEEE 802.1Q). The project gets a range " "of private IPs that are only accessible from inside the VLAN. In order for a" " user to access the instances in their project, a special VPN instance (code" " named cloudpipe) needs to be created. Compute generates a certificate and " "key for the user to access the VPN and starts the VPN automatically. It " "provides a private network segment for each project's instances that can be " "accessed through a dedicated VPN connection from the Internet. In this mode," " each project gets its own VLAN, Linux networking bridge, and subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1059(para) msgid "" "The subnets are specified by the network administrator, and are assigned " "dynamically to a project when required. A DHCP Server is started for each " "VLAN to pass out IP addresses to VM instances from the subnet assigned to " "the project. All instances belonging to one project are bridged into the " "same VLAN for that project. OpenStack Compute creates the Linux networking " "bridges and VLANs when required." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1070(title) msgid "DHCP server: dnsmasq" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1071(para) msgid "" "The Compute service uses dnsmasq as the" " DHCP server when running with either that Flat DHCP Network Manager or the " "VLAN Network Manager. The nova-" "network service is responsible for starting up dnsmasq " "processes." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1078(para) msgid "" "The behavior of dnsmasq can be customized by creating a dnsmasq " "configuration file. Specify the config file using the " "dnsmasq_config_file configuration option. For example: " " See the OpenStack Configuration " "Reference for an example of how to change the behavior of" " dnsmasq using a dnsmasq configuration file. The dnsmasq documentation has a" " more comprehensive dnsmasq" " configuration file example." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1093(para) msgid "" "Dnsmasq also acts as a caching DNS server for instances. You can explicitly " "specify the DNS server that dnsmasq should use by setting the " "dns_server configuration option in " "/etc/nova/nova.conf. The following example would " "configure dnsmasq to use Google's public DNS server: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1101(para) msgid "" "Dnsmasq logging output goes to the syslog (typically " "/var/log/syslog or " "/var/log/messages, depending on Linux distribution). " "The dnsmasq logging output can be useful for troubleshooting if VM instances" " boot successfully but are not reachable over the network." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1108(para) msgid "" "A network administrator can run nova-manage fixed reserve " "--address=x.x.x.x to specify the starting " "point IP address (x.x.x.x) to reserve with the DHCP server. This reservation" " only affects which IP address the VMs start at, not the fixed IP addresses " "that the nova-network service " "places on the bridges." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1119(title) msgid "Metadata service" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1121(title) msgid "Introduction" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1122(para) msgid "" "The Compute service uses a special metadata service to enable virtual " "machine instances to retrieve instance-specific data. Instances access the " "metadata service at http://169.254.169.254. The metadata " "service supports two sets of APIs: an OpenStack metadata API and an " "EC2-compatible API. Each of the APIs is versioned by date." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1130(para) msgid "" "To retrieve a list of supported versions for the OpenStack metadata API, " "make a GET request to For example:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1134(para) msgid "" " To retrieve a list of supported versions for the " "EC2-compatible metadata API, make a GET request to " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1152(para) msgid "" "If you write a consumer for one of these APIs, always attempt to access the " "most recent API version supported by your consumer first, then fall back to " "an earlier version if the most recent one is not available." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1159(title) msgid "OpenStack metadata API" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1160(para) msgid "" "Metadata from the OpenStack API is distributed in JSON format. To retrieve " "the metadata, make a GET request to:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1167(para) msgid "" "Here is the same content after having run through a JSON pretty-printer:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1183(para) msgid "" "Instances also retrieve user data (passed as the " "user_data parameter in the API call or by the " "--user_data flag in the command) through" " the metadata service, by making a GET request to: For " "example:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1197(title) msgid "EC2 metadata API" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1198(para) msgid "" "The metadata service has an API that is compatible with version 2009-04-04 " "of the Amazon EC2 metadata service; virtual " "machine images that are designed for EC2 work properly with OpenStack." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1204(para) msgid "" "The EC2 API exposes a separate URL for each metadata. You can retrieve a " "listing of these elements by making a GET query to:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1232(para) msgid "" "Instances can retrieve the public SSH key (identified by keypair name when a" " user requests a new instance) by making a GET request to:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1239(para) msgid "Instances can retrieve user data by making a GET request to:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1248(title) msgid "Run the metadata service" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1249(para) msgid "" "The metadata service is implemented by either the nova-api service or the nova-api-metadata service. (The nova-api-metadata service is generally only " "used when running in multi-host mode, see the OpenStack Configuration " "Reference for details). If you are running the " "nova-api service, you must have " "metadata as one of the elements of the list of the " "enabled_apis configuration option in " "/etc/nova/nova.conf. The default " "enabled_apis configuration setting includes the metadata " "service, so you should not need to modify it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1272(para) msgid "" "To enable instances to reach the metadata service, the nova-network service configures iptables to " "NAT port 80 of the 169.254.169.254 " "address to the IP address specified in " "(default $my_ip, which is the IP address of the " "nova-network service) and port " "specified in (default " "8775) in /etc/nova/nova.conf." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1286(para) msgid "" "The metadata_host configuration option must be an IP " "address, not a host name." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1291(para) msgid "" "The default Compute service settings assume that the nova-network service and the nova-api service are running on the same " "host. If this is not the case, you must make this change in the " "/etc/nova/nova.conf file on the host running the " "nova-network service:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1302(para) msgid "" "Set the metadata_host configuration option to the IP " "address of the host where the nova-" "api service runs." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1313(title) msgid "Enable ping and SSH on VMs" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1314(para) msgid "" "Be sure you enable access to your VMs by using the or " " command. These commands enable you to and " " to your VMs:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1320(para) msgid "" "You must run these commands as root only if the credentials used to interact" " with nova-api are in " "/root/.bashrc. If the EC2 credentials are the " ".bashrc file for another user, you must run these " "commands as the user." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1328(para) msgid "Run commands:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1331(para) msgid "Using euca2ools:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1334(para) msgid "" "If you still cannot ping or SSH your instances after issuing the " " commands, look at the number of dnsmasq " "processes that are running. If you have a running instance, check to see " "that TWO dnsmasq processes are running. If not, perform " "this as root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1345(title) msgid "Configure public (floating) IP addresses" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1348(para) msgid "" "This section describes how to configure floating IP addresses if you opt to " "use nova-network instead of " "neutron for OpenStack Networking. For instructions on how to configure " "neutron to provide access to instances through floating IP addresses, see " "." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1358(title) msgid "Private and public IP addresses" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1359(para) msgid "" "Every virtual instance is automatically assigned a private IP address. You " "can optionally assign public IP addresses to instances. The term floating IP refers to an IP " "address, typically public, that you can dynamically add to a running virtual" " instance. OpenStack Compute uses Network Address Translation (NAT) to " "assign floating IPs to virtual instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1369(para) msgid "" "If you plan to use this feature, you must add edit the " "/etc/nova/nova.conf file to specify to which interface " "the nova-network service binds " "public IP addresses, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1375(replaceable) msgid "vlan100" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1376(para) msgid "" "If you make changes to the /etc/nova/nova.conf file " "while the nova-network service is" " running, you must restart the service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1382(title) msgid "Traffic between VMs using floating IPs" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1384(para) msgid "" "Because floating IPs are implemented by using a source NAT (SNAT rule in " "iptables), security groups can show inconsistent behavior if VMs use their " "floating IP to communicate with other VMs, particularly on the same physical" " host. Traffic from VM to VM across the fixed network does not have this " "issue, and so this is the recommended path. To ensure that traffic does not " "get SNATed to the floating range, explicitly set . The " "x.x.x.x/y value specifies the range of floating IPs for " "each pool of floating IPs that you define. If the VMs in the source group " "have floating IPs, this configuration is also required." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1403(title) msgid "Enable IP forwarding" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1404(para) msgid "" "By default, IP forwarding is disabled on most Linux distributions. To use " "the floating IP feature, you must enable IP forwarding." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1408(para) msgid "" "You must enable IP forwarding on only the nodes that run the nova-network service. If you use " "multi_host mode, make sure to enable it on all compute " "nodes. Otherwise, enable it on only the node that runs the nova-network service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1417(para) msgid "To check if the forwarding is enabled, run this command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1421(para) msgid "Alternatively, you can run this command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1424(para) msgid "" "In this example, IP forwarding is disabled. To enable it dynamically, run this " "command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1428(para) msgid "Or:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1430(para) msgid "" "To make the changes permanent, edit the " "/etc/sysctl.conf file and update the IP forwarding " "setting:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1434(para) msgid "Save the file and run this command to apply the changes:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1437(para) msgid "You can also update the setting by restarting the network service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1439(para) msgid "For example, on Ubuntu, run this command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1441(para) msgid "On RHEL/Fedora/CentOS, run this command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1445(title) msgid "Create a list of available floating IP addresses" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1447(para) msgid "" "Nova maintains a list of floating IP addresses that you can assign to " "instances. Use the command to add entries to this list." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1453(para) msgid "" "You can use the following commands to perform floating IP " "operations:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1459(para) msgid "Lists the floating IP addresses in the pool." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1464(replaceable) msgid "[pool name]" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1466(replaceable) #: ./doc/admin-guide-cloud/ch_compute.xml1473(replaceable) msgid "[CIDR]" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1468(para) msgid "Creates specific floating IPs for either a single address or a subnet." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1474(para) msgid "" "Removes floating IP addresses using the same parameters as the create " "command." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1479(para) msgid "" "For information about how administrators can associate floating IPs with " "instances, see Manage IP addresses in the " "OpenStack Admin User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1487(title) msgid "Automatically add floating IPs" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1488(para) msgid "" "You can configure the nova-" "network service to automatically allocate and assign a floating" " IP address to virtual instances when they are launched. Add the following " "line to the /etc/nova/nova.conf file and restart the " "nova-network service:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1498(para) msgid "" "If you enable this option and all floating IP addresses have already been " "allocated, the command fails." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1506(title) msgid "Remove a network from a project" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1507(para) msgid "" "You cannot remove a network that has already been associated to a project by" " simply deleting it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1509(para) msgid "" "To determine the project ID you must have admin rights. You can disassociate" " the project from the network with a scrub command and the project ID as the" " final parameter:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1513(replaceable) msgid "<id>" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1516(title) msgid "Multiple interfaces for your instances (multinic)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1523(para) msgid "SSL Configurations (VIPs)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1526(para) msgid "Services failover/ HA" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1529(para) msgid "Bandwidth Allocation" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1532(para) msgid "Administrative/ Public access to your instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1539(title) msgid "multinic flat manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1549(title) msgid "multinic flatdhcp manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1559(title) msgid "multinic VLAN manager" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1519(para) msgid "" "The multi-nic feature allows you to plug more than one interface to your " "instances, making it possible to make several use cases available: " " Each VIF is representative of a separate network with its " "own IP block. Every network mode introduces it's own set of changes " "regarding the mulitnic usage: " "" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1570(title) msgid "Use the multinic feature" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1571(para) msgid "" "In order to use the multinic feature, first create two networks, and attach " "them to your project: Now every time you spawn a new " "instance, it gets two IP addresses from the respective DHCP servers:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1586(para) msgid "" "Make sure to power up the second interface on the instance, otherwise that " "last won't be reachable through its second IP. Here is an example of how to " "setup the interfaces within the instance (this is the configuration that " "needs to be applied inside the image):" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1592(filename) msgid "/etc/network/interfaces" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1604(para) msgid "" "If the Virtual Network Service Neutron is installed, it is possible to " "specify the networks to attach to the respective interfaces by using the " "--nic flag when invoking the nova " "command: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1616(title) msgid "Troubleshoot Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1618(title) msgid "Cannot reach floating IPs" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1619(para) msgid "" "If you cannot reach your instances through the floating IP address, make " "sure the default security group allows ICMP (ping) and SSH (port 22), so " "that you can reach the instances:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1630(para) msgid "" "Ensure the NAT rules have been added to iptables on the node that nova-" "network is running on, as root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1638(para) msgid "" "Check that the public address, in this example \"68.99.26.170\", has been " "added to your public interface: You should see the address in the listing " "when you enter \"ip addr\" at the command prompt." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1650(para) msgid "" "Note that you cannot SSH to an instance with a public IP from within the " "same server as the routing configuration won't allow it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1653(para) msgid "" "You can use to identify if packets are being routed to the " "inbound interface on the compute host. If the packets are reaching the " "compute hosts but the connection is failing, the issue may be that the " "packet is being dropped by reverse path filtering. Try disabling reverse " "path filtering on the inbound interface. For example, if the inbound " "interface is eth2, as root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1663(replaceable) msgid "eth2" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1664(para) msgid "" "If this solves your issue, add this line to " "/etc/sysctl.conf so that the reverse path filter is " "disabled the next time the compute host reboots: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1671(title) msgid "Disable firewall" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1672(para) msgid "" "To help debug networking issues with reaching VMs, you can disable the " "firewall by setting the following option in " "/etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1677(para) msgid "" "We strongly recommend you remove this line to re-enable the firewall once " "your networking issues have been resolved." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1682(title) msgid "Packet loss from instances to nova-network server (VLANManager mode)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1684(para) msgid "" "If you can SSH to your instances but you find that the network interactions " "to your instance is slow, or if you find that running certain operations are" " slower than they should be (for example, ), then there may " "be packet loss occurring on the connection to the instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1691(para) msgid "" "Packet loss can be caused by Linux networking configuration settings related" " to bridges. Certain settings can cause packets to be dropped between the " "VLAN interface (for example, vlan100) and the associated " "bridge interface (for example, br100) on the host running" " the nova-network service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1700(para) msgid "" "One way to check if this is the issue in your setup is to open up three " "terminals and run the following commands:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1703(para) msgid "" "In the first terminal, on the host running nova-network, use " " to monitor DNS-related traffic (UDP, port 53) on the VLAN " "interface. As root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1708(para) msgid "" "In the second terminal, also on the host running nova-network, use " " to monitor DNS-related traffic on the bridge interface. As " "root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1713(para) msgid "" "In the third terminal, SSH inside of the instance and generate DNS requests " "by using the command:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1717(para) msgid "" "The symptoms may be intermittent, so try running multiple " "times. If the network configuration is correct, the command should return " "immediately each time. If it is not functioning properly, the command hangs " "for several seconds." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1723(para) msgid "" "If the command sometimes hangs, and there are packets that " "appear in the first terminal but not the second, then the problem may be due" " to filtering done on the bridges. Try to disable filtering, as root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1731(para) msgid "" "If this solves your issue, add this line to " "/etc/sysctl.conf so that these changes take effect the " "next time the host reboots:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1740(title) msgid "KVM: Network connectivity works initially, then fails" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1742(para) msgid "" "Some administrators have observed an issue with the KVM hypervisor where " "instances running Ubuntu 12.04 sometimes loses network connectivity after " "functioning properly for a period of time. Some users have reported success " "with loading the vhost_net kernel module as a workaround for this issue (see" " bug " "#997978) . This kernel module may also improve network performance on KVM. To load " "the kernel module, as root:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1757(para) msgid "Loading the module has no effect on running instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1764(title) msgid "Volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1765(para) msgid "" "The Block Storage Service provides persistent block storage resources that " "OpenStack Compute instances can consume." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1768(para) msgid "" "See the OpenStack Configuration Reference for " "information about configuring volume drivers and creating and attaching " "volumes to server instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1774(title) msgid "System administration" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1775(para) msgid "" "By understanding how the different installed nodes interact with each other " "you can administer the Compute installation. Compute offers many ways to " "install using multiple servers but the general idea is that you can have " "multiple compute nodes that control the virtual servers and a cloud " "controller node that contains the remaining Compute services." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1782(para) msgid "" "The Compute cloud works through the interaction of a series of daemon " "processes named nova-* that reside persistently on the host machine or " "machines. These binaries can all run on the same machine or be spread out on" " multiple boxes in a large deployment. The responsibilities of Services, " "Managers, and Drivers, can be a bit confusing at first. Here is an outline " "the division of responsibilities to make understanding the system a little " "bit easier." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1791(para) msgid "" "Currently, Services are nova-api," " nova-objectstore (which can be " "replaced with Glance, the OpenStack Image Service), nova-compute, and nova-network. Managers and Drivers are specified by " "configuration options and loaded using utils.load_object(). Managers are " "responsible for a certain aspect of the system. It is a logical grouping of " "code relating to a portion of the system. In general other components should" " be using the manager to make changes to the components that it is " "responsible for." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1806(para) msgid "" "nova-api. Receives xml requests " "and sends them to the rest of the system. It is a wsgi app that routes and " "authenticate requests. It supports the EC2 and OpenStack APIs. There is a " "nova-api.conf file created when you install Compute." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1815(para) msgid "" "nova-objectstore: The nova-objectstore service is an ultra simple " "file-based storage system for images that replicates most of the S3 API. It " "can be replaced with OpenStack Image Service and a simple image manager or " "use OpenStack Object Storage as the virtual machine image storage facility. " "It must reside on the same node as nova-" "compute." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1829(para) msgid "" "nova-compute. Responsible for " "managing virtual machines. It loads a Service object which exposes the " "public methods on ComputeManager through Remote Procedure Call (RPC)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1837(para) msgid "" "nova-network. Responsible for " "managing floating and fixed IPs, DHCP, bridging and VLANs. It loads a " "Service object which exposes the public methods on one of the subclasses of " "NetworkManager. Different networking strategies are available to the service" " by changing the network_manager configuration option to FlatManager, " "FlatDHCPManager, or VlanManager (default is VLAN if no other is specified)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1850(title) msgid "Compute service architecture" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1851(para) msgid "" "These basic categories describe the service architecture and what's going on" " within the cloud controller." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1855(title) msgid "API server" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1856(para) msgid "" "At the heart of the cloud framework is an API server. This API server makes " "command and control of the hypervisor, storage, and networking " "programmatically available to users in realization of the definition of " "cloud computing." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1861(para) msgid "" "The API endpoints are basic HTTP web services which handle authentication, " "authorization, and basic command and control functions using various API " "interfaces under the Amazon, Rackspace, and related models. This enables API" " compatibility with multiple existing tool sets created for interaction with" " offerings from other vendors. This broad compatibility prevents vendor " "lock-in." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1872(title) msgid "Message queue" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1873(para) msgid "" "A messaging queue brokers the interaction between compute nodes " "(processing), the networking controllers (software which controls network " "infrastructure), API endpoints, the scheduler (determines which physical " "hardware to allocate to a virtual resource), and similar components. " "Communication to and from the cloud controller is by HTTP requests through " "multiple API endpoints." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1882(para) msgid "" "A typical message passing event begins with the API server receiving a " "request from a user. The API server authenticates the user and ensures that " "the user is permitted to issue the subject command. Availability of objects " "implicated in the request is evaluated and, if available, the request is " "routed to the queuing engine for the relevant workers. Workers continually " "listen to the queue based on their role, and occasionally their type host " "name. When such listening produces a work request, the worker takes " "assignment of the task and begins its execution. Upon completion, a response" " is dispatched to the queue which is received by the API server and relayed " "to the originating user. Database entries are queried, added, or removed as " "necessary throughout the process." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1901(title) msgid "Compute worker" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1902(para) msgid "" "Compute workers manage computing instances on host machines. The API " "dispatches commands to compute workers to complete these tasks:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1907(para) msgid "Run instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1910(para) msgid "Terminate instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1913(para) msgid "Reboot instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1916(para) msgid "Attach volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1919(para) msgid "Detach volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1922(para) msgid "Get console output" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1927(title) msgid "Network Controller" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1928(para) msgid "" "The Network Controller manages the networking resources on host machines. " "The API server dispatches commands through the message queue, which are " "subsequently processed by Network Controllers. Specific operations include:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1935(para) msgid "Allocate fixed IP addresses" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1938(para) msgid "Configuring VLANs for projects" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1941(para) msgid "Configuring networks for compute nodes" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1948(title) msgid "Manage Compute users" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1949(para) msgid "" "Access to the Euca2ools (ec2) API is controlled by an access and secret key." " The user’s access key needs to be included in the request, and the request " "must be signed with the secret key. Upon receipt of API requests, Compute " "verifies the signature and runs commands on behalf of the user." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1955(para) msgid "" "To begin using Compute, you must create a user with the Identity Service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1959(title) msgid "Manage the cloud" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1960(para) msgid "" "A system administrator can use these tools to manage a cloud; the nova " "client, the command, and the commands." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1964(para) msgid "" "The command can only be run by cloud administrators. Both " "nova client and euca2ools can be used by all users, though specific commands" " might be restricted by Role Based Access Control in the Identity Service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1970(title) msgid "To use the nova command-line tool" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1972(para) msgid "" "Installing the python-novaclient gives you a nova shell command" " that enables Compute API interactions from the command line. You install " "the client, and then provide your user name and password, set as environment" " variables for convenience, and then you can have the ability to send " "commands to your cloud on the command-line." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1980(para) msgid "" "To install python-novaclient, download the tarball from http://pypi.python.org/pypi/python-" "novaclient/2.6.3#downloads and then install it in your favorite " "python environment." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml1992(para) msgid "" "Now that you have installed the python-novaclient, confirm the installation " "by entering:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2003(para) msgid "" "This command returns a list of nova commands and parameters. Set the " "required parameters as environment variables to make running commands " "easier. You can add --os-username, for example, on " "the nova command, or set it as environment variables:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2015(para) msgid "" "Using the Identity Service, you are supplied with an authentication " "endpoint, which nova recognizes as the OS_AUTH_URL." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2026(title) msgid "To use the nova-manage command" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2027(para) msgid "" "The nova-manage command may be used to perform many essential functions for " "administration and ongoing maintenance of nova, such as network creation or " "user manipulation." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2032(para) msgid "" "The man page for nova-manage has a good explanation for each of its " "functions, and is recommended reading for those starting out. Access it by " "running:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2039(para) msgid "" "For administrators, the standard pattern for executing a nova-manage command" " is:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2041(replaceable) msgid "[args]" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2044(para) msgid "For example, to obtain a list of all projects:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2049(para) msgid "Run without arguments to see a list of available command categories:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2054(para) msgid "" "You can also run with a category argument such as user to see a list of all " "commands in that category:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2061(title) msgid "Use the euca2ools commands" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2062(para) msgid "" "For a command-line interface to EC2 API calls, use the euca2ools command " "line tool. See http://open.eucalyptus.com/wiki/Euca2oolsGuide_v1.3" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2071(title) msgid "Manage logs" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2073(title) msgid "Logging module" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2074(para) msgid "" "Add this line to the /etc/nova/nova.conf file to " "specify a configuration file to change the logging behavior. To change the " "logging level, such as DEBUG, INFO, " "WARNING, ERROR): " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2083(para) msgid "" "The log config file is an ini-style config file which must contain a section" " called logger_nova, which controls the behavior of the " "logging facility in the nova-* services. The file must " "contain a section called logger_nova, for " "example:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2094(para) msgid "" "This example sets the debugging level to INFO (which less" " verbose than the default DEBUG setting). See the Python documentation on logging configuration " "file format for more details on this file, including the meaning of " "the handlers and quaname variables. " "See etc/nova/logging_sample.conf" " in the openstack/nova repository on GitHub for an example " "logging.conf file with various handlers defined." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2112(title) msgid "Syslog" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2113(para) msgid "" "You can configure OpenStack Compute services to send logging information to " "syslog. This is useful if you want to use rsyslog, which forwards the logs " "to a remote machine. You need to separately configure the Compute service " "(Nova), the Identity Service (Keystone), the Image Service (Glance), and, if" " you are using it, the Block Storage Service (Cinder) to send log messages " "to syslog. To do so, add these lines to:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2124(filename) msgid "/etc/nova/nova.conf" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2127(filename) msgid "/etc/keystone/keystone.conf" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2130(filename) msgid "/etc/glance/glance-api.conf" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2133(filename) msgid "/etc/glance/glance-registry.conf" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2136(filename) msgid "/etc/cinder/cinder.conf" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2146(para) msgid "" "While the example above uses the same local facility for each service " "(LOG_LOCAL0, which corresponds to syslog facility " "LOCAL0), we recommend that you configure a separate local" " facility for each service, as this provides better isolation and more " "flexibility. For example, you may want to capture logging info at different " "severity levels for different services. Syslog allows you to define up to " "seven local facilities, LOCAL0, LOCAL1, ..., LOCAL7. See " "the syslog documentation for more details." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2143(para) msgid "" "In addition to enabling syslog, these settings also turn off more verbose " "output and debugging output from the log." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2164(title) msgid "Rsyslog" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2165(para) msgid "" "Rsyslog is a useful tool for setting up a centralized log server across " "multiple machines. We briefly describe the configuration to set up an " "rsyslog server; a full treatment of rsyslog is beyond the scope of this " "document. We assume rsyslog has already been installed on your hosts, which " "is the default on most Linux distributions." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2173(para) msgid "" "This example shows a minimal configuration for " "/etc/rsyslog.conf on the log server host, which " "receives the log files:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2185(replaceable) msgid "compute-01" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2180(para) msgid "" "Add to /etc/rsyslog.conf a filter rule on which looks " "for a host name. The example below use compute-01" " as an example of a compute host name:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2186(para) msgid "" "On the compute hosts, create a file named " "/etc/rsyslog.d/60-nova.conf, with this " "content." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2193(para) msgid "" "Once you have created this file, restart your rsyslog daemon. Error-level " "log messages on the compute hosts should now be sent to your log server." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2201(title) msgid "Migration" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2202(para) msgid "" "Before starting migrations, review the Configure migrations section in OpenStack " "Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2207(para) msgid "" "Migration provides a scheme to migrate running instances from one OpenStack " "Compute server to another OpenStack Compute server." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2211(title) msgid "To migrate instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2213(para) msgid "" "Look at the running instances, to get the ID of the instance you wish to " "migrate." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2224(para) msgid "" "Look at information associated with that instance - our example is vm1 from " "above." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2241(para) msgid "In this example, vm1 is running on HostB." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2245(para) msgid "Select the server to migrate instances to." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2252(para) msgid "" "In this example, HostC can be picked up because nova-compute is running on it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2258(para) msgid "Ensure that HostC has enough resource for migration." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2270(para) msgid "cpu:the number of cpu" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2275(para) msgid "mem(mb):total amount of memory (MB)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2280(para) msgid "" "hdd:total amount of space for NOVA-INST-" "DIR/instances (GB)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2286(para) msgid "" "1st line shows total amount of resource " "physical server has." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2291(para) msgid "2nd line shows current used resource." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2296(para) msgid "3rd line shows maximum used resource." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2301(para) msgid "" "4th line and under shows the resource for" " each project." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2308(para) msgid "Use the command to migrate the instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2321(para) msgid "" "While the nova command is called , under the default Compute" " configuration options the instances are suspended before migration." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2326(para) msgid "" "See Configure migrations in " "OpenStack Configuration Reference for more details." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2312(para) msgid "" "Make sure instances are migrated successfully with . If " "instances are still running on HostB, check log files (src/dest nova-compute and nova-scheduler) to determine why. " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2338(title) msgid "Recover from a failed compute node" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2339(para) msgid "" "If you have deployed Compute with a shared file system, you can quickly " "recover from a failed compute node. Of the two methods covered in these " "sections, the evacuate API is the preferred method even in the absence of " "shared storage. The evacuate API provides many benefits over manual " "recovery, such as re-attachment of volumes and floating IPs." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2348(title) msgid "Manual recovery" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2349(para) msgid "" "For KVM/libvirt compute node recovery, see the previous section. Use this " "procedure for other hypervisors." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2353(title) msgid "To work with host information" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2355(para) msgid "" "Identify the vms on the affected hosts, using tools such as a combination of" " nova list and nova show or euca-describe-instances. Here's an example using the EC2 API - " "instance i-000015b9 that is running on node np-rcc54:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2366(para) msgid "" "You can review the status of the host by using the nova database. Some of " "the important information is highlighted below. This example converts an EC2" " API instance ID into an OpenStack ID - if you used the " "nova commands, you can substitute the ID directly. You " "can find the credentials for your database in " "/etc/nova.conf." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2397(title) msgid "To recover the VM" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2399(para) msgid "" "Armed with the information of VMs on the failed host, determine to which " "compute host the affected VMs should move. Run the following database " "command to move the VM to np-rcc46:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2407(para) msgid "" "Next, if using a hypervisor that relies on libvirt (such as KVM) it is a " "good idea to update the libvirt.xml file (found in " "/var/lib/nova/instances/[instance ID]). The important " "changes to make are to change the DHCPSERVER value to the" " host ip address of the Compute host that is the VMs new home, and update " "the VNC IP if it isn't already 0.0.0.0." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2422(para) msgid "Next, reboot the VM:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2426(para) msgid "" "In theory, the above database update and nova reboot " "command are all that is required to recover the VMs from a failed host. " "However, if further problems occur, consider looking at recreating the " "network filter configuration using virsh, restarting the " "Compute services or updating the vm_state and " "power_state in the Compute database." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2443(title) msgid "Recover from a UID/GID mismatch" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2444(para) msgid "" "When running OpenStack compute, using a shared file system or an automated " "configuration tool, you could encounter a situation where some files on your" " compute node are using the wrong UID or GID. This causes a raft of errors, " "such as being unable to live migrate, or start virtual machines." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2450(para) msgid "" "This basic procedure runs on nova-" "compute hosts, based on the KVM hypervisor, that could help to " "restore the situation:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2455(title) msgid "To recover from a UID/GID mismatch" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2457(para) msgid "" "Make sure you don't use numbers that are already used for some other " "user/group." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2461(para) msgid "" "Set the nova uid in /etc/passwd to the same number in " "all hosts (for example, 112)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2467(para) msgid "" "Set the libvirt-qemu uid in /etc/passwd to the same " "number in all hosts (for example, 119)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2473(para) msgid "" "Set the nova group in /etc/group file to the same " "number in all hosts (for example, 120)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2479(para) msgid "" "Set the libvirtd group in /etc/group file to the same " "number in all hosts (for example, 119)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2485(para) msgid "Stop the services on the compute node." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2489(para) msgid "Change all the files owned by user nova or by group nova. For example:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2495(para) msgid "" "Repeat the steps for the libvirt-qemu owned files if those were needed to " "change." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2499(para) msgid "Restart the services." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2502(para) msgid "" "Now you can run the command to verify that all files using " "the correct identifiers." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2509(title) msgid "Compute disaster recovery process" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2510(para) msgid "" "In this section describes how to manage your cloud after a disaster, and how" " to easily back up the persistent storage volumes. Backups are mandatory, even outside of disaster scenarios." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2515(para) msgid "" "For reference, you can find a DRP definition at http://en.wikipedia.org/wiki/Disaster_Recovery_Plan." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2520(title) msgid "A- The disaster recovery process presentation" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2522(para) msgid "" "A disaster could happen to several components of your architecture: a disk " "crash, a network loss, a power cut, and so on. In this example, assume the " "following set up:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2528(para) msgid "A cloud controller (nova-api, nova-objecstore, nova-network)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2532(para) msgid "A compute node (nova-compute)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2537(para) msgid "" "A Storage Area Network used by cinder-" "volumes (aka SAN)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2543(para) msgid "" "The disaster example is the worst one: a power loss. That power loss applies" " to the three components. Let's see what runs and " "how it runs before the crash:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2550(para) msgid "" "From the SAN to the cloud controller, we have an active iscsi session (used " "for the \"cinder-volumes\" LVM's VG)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2555(para) msgid "" "From the cloud controller to the compute node we also have active iscsi " "sessions (managed by cinder-" "volume)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2561(para) msgid "" "For every volume an iscsi session is made (so 14 ebs volumes equals 14 " "sessions)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2566(para) msgid "" "From the cloud controller to the compute node, we also have iptables/ " "ebtables rules which allows the access from the cloud controller to the " "running instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2573(para) msgid "" "And at least, from the cloud controller to the compute node ; saved into " "database, the current state of the instances (in that case \"running\" ), " "and their volumes attachment (mount point, volume id, volume status, and so " "on.)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2581(para) msgid "" "Now, after the power loss occurs and all hardware components restart, the " "situation is as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2586(para) msgid "From the SAN to the cloud, the ISCSI session no longer exists." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2590(para) msgid "" "From the cloud controller to the compute node, the ISCSI sessions no longer " "exist." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2595(para) msgid "" "From the cloud controller to the compute node, the iptables and ebtables are" " recreated, since, at boot, nova-network reapply the configurations." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2601(para) msgid "" "From the cloud controller, instances turn into a shutdown state (because " "they are no longer running)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2606(para) msgid "" "Into the database, data was not updated at all, since Compute could not have" " guessed the crash." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2611(para) msgid "" "Before going further, and to prevent the admin to make fatal " "mistakes, the instances won't be lost, " "because no \"\" or \"\" command was invoked," " so the files for the instances remain on the compute node." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2618(para) msgid "Perform these tasks in that exact order." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2619(para) msgid "" "Any extra step would be dangerous at this " "stage :" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2624(para) msgid "" "Get the current relation from a volume to its instance, so that you can " "recreate the attachment." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2629(para) msgid "" "Update the database to clean the stalled state. (After that, you cannot " "perform the first step)." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2634(para) msgid "" "Restart the instances. In other words, go from a shutdown to running state." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2639(para) msgid "" "After the restart, you can reattach the volumes to their respective " "instances." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2644(para) msgid "" "That step, which is not a mandatory one, exists in an SSH into the instances" " to reboot them." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2652(title) msgid "B - Disaster recovery" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2654(title) msgid "To perform disaster recovery" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2656(title) msgid "Get the instance-to-volume relationship" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2658(para) msgid "" "You must get the current relationship from a volume to its instance, because" " we re-create the attachment." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2661(para) msgid "" "You can find this relationship by running . Note that nova " "client includes the ability to get volume information from cinder." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2668(title) msgid "Update the database" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2669(para) msgid "" "Update the database to clean the stalled state. You must restore for every " "volume, uses these queries to clean up the database:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2678(para) msgid "Then, when you run commands, all volumes appear." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2683(title) msgid "Restart instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2686(replaceable) msgid "$instance" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2684(para) msgid "You can restart the instances through the ." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2687(para) msgid "" "At that stage, depending on your image, some instances completely reboot and" " become reachable, while others stop on the \"plymouth\" stage." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2693(title) msgid "DO NOT reboot a second time" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2694(para) msgid "" "Do not reboot the ones that are stopped at that stage (see the fourth step). In fact it depends on " "whether you added an /etc/fstab entry for that volume. " "Images built with the cloud-init package remain in a " "pending state, while others skip the missing volume and start. (More " "information is available on help.ubuntu.com.)" " The idea of that stage is only to ask nova to reboot every instance, so the" " stored state is preserved." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2711(title) msgid "Reattach volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2712(para) msgid "" "After the restart, you can reattach the volumes to their respective " "instances. Now that nova has restored the right status, it is time to " "perform the attachments through a " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2718(para) msgid "This simple snippet uses the created file:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2730(para) msgid "" "At that stage, instances that were pending on the boot sequence (plymouth) automatically continue their boot, and " "restart normally, while the ones that booted see the volume." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2738(title) msgid "SSH into instances" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2739(para) msgid "" "If some services depend on the volume, or if a volume has an entry into " "fstab, it could be good to simply restart the instance. This restart needs " "to be made from the instance itself, not through nova. So, we SSH into the " "instance and perform a reboot:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2749(para) msgid "By completing this procedure, you can successfully recover your cloud." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2751(para) msgid "Follow these guidelines:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2754(para) msgid "" "Use the errors=remount parameter in the " "fstab file, which prevents data corruption." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2758(para) msgid "" "The system would lock any write to the disk if it detects an I/O error. This" " configuration option should be added into the cinder-volume server (the one which performs the ISCSI " "connection to the SAN), but also into the instances' " "fstab file." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2769(para) msgid "" "Do not add the entry for the SAN's disks to the cinder-volume's fstab file." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2774(para) msgid "" "Some systems hang on that step, which means you could lose access to your " "cloud-controller. To re-run the session manually, you would run the " "following command before performing the mount: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2782(para) msgid "" "For your instances, if you have the whole /home/ " "directory on the disk, instead of emptying the /home " "directory and map the disk on it, leave a user's directory with the user's " "bash files and the authorized_keys file." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2790(para) msgid "" "This enables you to connect to the instance, even without the volume " "attached, if you allow only connections through public keys." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2798(title) msgid "C - Scripted DRP" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2800(title) msgid "To use scripted DRP" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2801(para) msgid "" "You can download from here a bash script " "which performs these steps:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2806(para) msgid "" "The \"test mode\" allows you to perform that whole sequence for only one " "instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2811(para) msgid "" "To reproduce the power loss, connect to the compute node which runs that " "same instance and close the iscsi session. Do " "not detach the volume through , but instead " "manually close the iscsi session." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2822(para) msgid "In this example, the iscsi session is number 15 for that instance:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml2827(para) msgid "" "Do not forget the -r flag. Otherwise, you close ALL " "sessions." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml6(title) msgid "Configure Identity Service for Networking" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml8(title) msgid "To configure the Identity Service for use with Networking" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml11(title) msgid "Create the get_id() function" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml12(para) msgid "" "The get_id() function stores the ID of created objects," " and removes the need to copy and paste object IDs in later steps:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml16(para) msgid "Add the following function to your .bashrc file:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml23(para) msgid "Source the .bashrc file:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml29(title) msgid "Create the Networking service entry" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml30(para) msgid "" "Networking must be available in the Compute service catalog. Create the " "service:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml34(title) msgid "Create the Networking service endpoint entry" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml36(para) msgid "" "The way that you create a Networking endpoint entry depends on whether you " "are using the SQL or the template catalog driver:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml40(para) msgid "" "If you use the SQL driver, run the following command " "with the specified region ($REGION), IP address of the " "Networking server ($IP), and service ID " "($NEUTRON_SERVICE_ID, obtained in the previous step)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml52(para) msgid "" "If you are using the template driver, specify the " "following parameters in your Compute catalog template file " "(default_catalog.templates), along with the region " "($REGION) and IP address of the Networking server " "($IP)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml70(title) msgid "Create the Networking service user" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml71(para) msgid "" "You must provide admin user credentials that Compute and some internal " "Networking components can use to access the Networking API. Create a special" " service tenant and a neutron user " "within this tenant, and assign an admin role to this " "role." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml77(para) msgid "Create the admin role:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml82(para) msgid "Create the neutron user:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml87(para) msgid "Create the service tenant:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml91(para) msgid "Establish the relationship among the tenant, user, and role:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml98(para) msgid "" "For information about how to create service entries and users, see the " "OpenStack Installation Guide for your distribution " "(docs.openstack.org)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml103(para) msgid "" "If you use Networking, do not run the Compute nova-network service (like you do in traditional Compute " "deployments). Instead, Compute delegates most network-related decisions to " "Networking. Compute proxies tenant-facing API calls to manage security " "groups and floating IPs to Networking APIs. However, operator-facing tools " "such as nova-manage, are not " "proxied and should not be used." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml110(para) msgid "" "When you configure networking, you must use this guide. Do not rely on " "Compute networking documentation or past experience with Compute. If a " " command or configuration option related to networking is " "not mentioned in this guide, the command is probably not supported for use " "with Networking. In particular, you cannot use CLI tools like " " and to manage networks or IP addressing, " "including both fixed and floating IPs, with Networking." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml118(para) msgid "" "Uninstall nova-network and reboot" " any physical nodes that have been running nova-network before using them to run Networking. " "Inadvertently running the nova-" "network process while using Networking can cause problems, as " "can stale iptables rules pushed down by previously running nova-network." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml126(para) msgid "" "To ensure that Compute works properly with Networking (rather than the " "legacy nova-network mechanism), " "you must adjust settings in the nova.conf configuration" " file." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml133(title) msgid "Networking API and credential configuration" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml134(para) msgid "" "Each time you provision or de-provision a VM in Compute, nova-* services communicate with Networking " "using the standard API. For this to happen, you must configure the following" " items in the nova.conf file (used by each nova-compute and nova-api instance)." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml140(caption) msgid "nova.conf API and credential settings" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml145(th) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml220(td) #: ./doc/admin-guide-cloud/section_networking-config-identity.xml255(td) msgid "Item" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml151(literal) msgid "network_api_class" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml153(para) msgid "" "Modify from the default to " "nova.network.neutronv2.api.API, to indicate that " "Networking should be used rather than the traditional nova-network networking model." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml161(literal) msgid "neutron_url" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml162(para) msgid "" "Update to the hostname/IP and port of the neutron-server instance for this deployment." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml168(literal) msgid "neutron_auth_strategy" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml169(para) msgid "" "Keep the default keystone value for all production " "deployments." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml173(literal) msgid "neutron_admin_tenant_name" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml175(para) msgid "" "Update to the name of the service tenant created in the above section on " "Identity configuration." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml180(literal) msgid "neutron_admin_username" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml182(para) msgid "" "Update to the name of the user created in the above section on Identity " "configuration." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml187(literal) msgid "neutron_admin_password" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml189(para) msgid "" "Update to the password of the user created in the above section on Identity " "configuration." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml194(literal) msgid "neutron_admin_auth_url" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml196(para) msgid "" "Update to the Identity server IP and port. This is the Identity (keystone) " "admin API server IP and port value, and not the Identity service API IP and " "port." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml206(title) msgid "Configure security groups" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml207(para) msgid "" "The Networking Service provides security group functionality using a " "mechanism that is more flexible and powerful than the security group " "capabilities built into Compute. Therefore, if you use Networking, you " "should always disable built-in security groups and proxy all security group " "calls to the Networking API . If you do not, security policies will conflict" " by being simultaneously applied by both services." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml212(para) msgid "" "To proxy security groups to Networking, use the following configuration " "values in nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml215(caption) msgid "nova.conf security group settings" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml226(literal) msgid "firewall_driver" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml227(para) msgid "" "Update to nova.virt.firewall.NoopFirewallDriver, so that " "nova-compute does not perform " "iptables-based filtering itself." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml234(literal) msgid "security_group_api" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml235(para) msgid "" "Update to neutron, so that all security group requests " "are proxied to the Network Service." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml242(title) msgid "Configure metadata" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml243(para) msgid "" "The Compute service allows VMs to query metadata associated with a VM by " "making a web request to a special 169.254.169.254 address. Networking " "supports proxying those requests to nova-" "api, even when the requests are made from isolated networks, or" " from multiple networks that use overlapping IP addresses." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml247(para) msgid "" "To enable proxying the requests, you must update the following fields in " "nova.conf." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml250(caption) msgid "nova.conf metadata settings" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml261(literal) msgid "service_neutron_metadata_proxy" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml263(para) msgid "" "Update to true, otherwise nova-api will not properly respond to requests from the " "neutron-metadata-agent." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml270(literal) msgid "neutron_metadata_proxy_shared_secret" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml272(para) msgid "" "Update to a string \"password\" value. You must also configure the same " "value in the metadata_agent.ini file, to authenticate " "requests made for metadata." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml276(para) msgid "" "The default value of an empty string in both files will allow metadata to " "function, but will not be secure if any non-trusted entities have access to " "the metadata APIs exposed by nova-" "api." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml285(para) msgid "" "As a precaution, even when using " "neutron_metadata_proxy_shared_secret, it is recommended " "that you do not expose metadata using the same nova-api instances that are used for tenants. Instead, you " "should run a dedicated set of nova-" "api instances for metadata that are available only on your " "management network. Whether a given nova-" "api instance exposes metadata APIs is determined by the value " "of enabled_apis in its nova.conf." msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml300(title) msgid "" "Example nova.conf (for nova-" "compute and nova-" "api)" msgstr "" #: ./doc/admin-guide-cloud/section_networking-config-identity.xml303(para) msgid "" "Example values for the above settings, assuming a cloud controller node " "running Compute and Networking with an IP address of 192.168.1.2:" msgstr "" #. Put one translator per line, in the form of NAME , YEAR1, YEAR2 #: ./doc/admin-guide-cloud/section_networking-config-identity.xml0(None) msgid "translator-credits" msgstr ""