# # Translators: msgid "" msgstr "" "Project-Id-Version: OpenStack Manuals\n" "POT-Creation-Date: 2014-04-08 18:10+0000\n" "PO-Revision-Date: 2014-04-07 10:59+0000\n" "Last-Translator: openstackjenkins \n" "Language-Team: Hebrew (Israel) (http://www.transifex.com/projects/p/openstack/language/he_IL/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Language: he_IL\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml6(title) msgid "Identity management" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml7(para) msgid "" "The OpenStack Identity Service, code-named Keystone, is the default identity" " management system for OpenStack. After you install the Identity Service, " "you configure it through the etc/keystone.conf " "configuration file and, possibly, a separate logging configuration file. You" " initialize data into the Identity Service by using the " "command-line client." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml15(title) msgid "Identity Service concepts" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml31(title) msgid "User CRUD" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml32(para) msgid "" "The Identity Service provides a user CRUD filter that can be added to the " "public_api pipeline. This user CRUD filter enables users to use a HTTP PATCH" " to change their own password. To enable this extension you should define a " "user_crud_extension filter, insert it after the " "*_body middleware and before the " "public_service application in the public_api WSGI " "pipeline in keystone.conf. For example:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml46(para) msgid "Each user can then change their own password with a HTTP PATCH:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml49(para) msgid "" "In addition to changing their password, all of the user's current tokens are" " deleted (if the back-end is KVS or sql)." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml51(para) msgid "Only use a KVS backend for tokens when testing." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml54(title) msgid "Logging" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml55(para) msgid "" "You configure logging externally to the rest of the Identity Service. The " "file specifying the logging configuration is in the " "[DEFAULT] section of the " "keystone.conf file under log_config." " To route logging through syslog, set use_syslog=true " "option in the [DEFAULT] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml62(para) msgid "" "A sample logging file is available with the project in the " "etc/logging.conf.sample directory. Like other OpenStack" " projects, the Identity Service uses the Python logging module, which " "includes extensive configuration options that let you define the output " "levels and formats." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml67(para) msgid "" "Review the etc/keystone.conf sample configuration files" " that are distributed with the Identity Service. For example, each server " "application has its own configuration file." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml71(para) msgid "" "For services that have separate paste-deploy .ini " "files, you can configure auth_token middleware in the " "[keystone_authtoken] section in the main configuration " "file, such as nova.conf. For example in Compute, you " "can remove the middleware parameters from api-" "paste.ini, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml81(para) msgid "Set these values in the nova.conf file:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml96(para) msgid "" "Middleware parameters in paste config take priority. You must remove them to" " use values in the [keystone_authtoken] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml102(title) msgid "Monitoring" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml103(para) msgid "" "The Identity Service provides some basic request/response monitoring " "statistics out of the box." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml105(para) msgid "" "Enable data collection by defining a stats_monitoring " "filter and including it at the beginning of any desired WSGI pipelines:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml113(para) msgid "" "Enable the reporting of collected data by defining a " "stats_reporting filter and including it near the end of " "your admin_api WSGI pipeline (After " "*_body middleware and before " "*_extension filters is recommended):" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml123(para) msgid "Query the admin API for statistics using:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml125(para) msgid "Reset collected data using:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml130(title) msgid "Start the Identity Service" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml131(para) msgid "" "To start the services for the Identity Service, run the following command:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml134(para) msgid "" "This command starts two wsgi.Server instances configured by the " "keystone.conf file as described previously. One of " "these wsgi servers is admin (the administration API) and " "the other is main (the primary/public API interface). " "Both run in a single process." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml142(title) msgid "Example usage" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml143(para) msgid "" "The keystone client is set up to expect commands in the " "general form of " "keystonecommandargument," " followed by flag-like keyword arguments to provide additional (often " "optional) information. For example, the command user-list" " and tenant-create can be invoked as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml173(title) msgid "Authentication middleware with user name and password" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml175(para) msgid "" "You can also configure the Identity Service authentication middleware using " "the and options." " When using the and " " options the " "parameter is optional. If is specified, it is " "used only if the specified token is still valid." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml183(para) msgid "" "For services that have a separate paste-deploy .ini file, you can configure " "the authentication middleware in the [keystone_authtoken]" " section of the main configuration file, such as " "nova.conf. In Compute, for example, you can remove the " "middleware parameters from api-paste.ini, as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml192(para) msgid "" "And set the following values in nova.conf as follows:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml207(para) msgid "" "The middleware parameters in the paste config take priority. You must remove" " them to use the values in the [keystone_authtoken] section." msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml211(para) msgid "" "This sample paste config filter makes use of the " " and options:" msgstr "" #: ./doc/admin-guide-cloud/ch_identity_mgmt.xml224(para) msgid "" "Using this option requires an admin tenant/role relationship. The admin user" " is granted access to the admin role on the admin tenant." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml6(title) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml6(title) msgid "Secure with root wrappers" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml7(para) msgid "" "The root wrapper enables the Compute unprivileged user to run a number of " "actions as the root user in the safest manner possible. Historically, " "Compute used a specific sudoers file that listed every " "command that the Compute user was allowed to run, and used " "to run that command as root. However this was difficult " "to maintain (the sudoers file was in packaging), and " "did not enable complex filtering of parameters (advanced filters). The " "rootwrap was designed to solve those issues." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml19(title) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml16(title) msgid "How rootwrap works" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml20(para) msgid "" "Instead of calling , Compute services start with nova- call " ". A generic sudoers entry lets the Compute user run nova-" "rootwrap as root. The nova-rootwrap code looks for filter definition " "directories in its configuration file, and loads command filters from them. " "Then it checks if the command requested by Compute matches one of those " "filters, in which case it executes the command (as root). If no filter " "matches, it denies the request." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml33(title) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml31(title) msgid "Security model" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml34(para) msgid "" "The escalation path is fully controlled by the root user. A sudoers entry " "(owned by root) allows Compute to run (as root) a specific rootwrap " "executable, and only with a specific configuration file (which should be " "owned by root). nova-rootwrap imports the Python modules it needs from a " "cleaned (and system-default) PYTHONPATH. The configuration file (also root-" "owned) points to root-owned filter definition directories, which contain " "root-owned filters definition files. This chain ensures that the Compute " "user itself is not in control of the configuration or modules used by the " "nova-rootwrap executable." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml47(title) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml43(title) msgid "Details of rootwrap.conf" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml48(para) msgid "" "You configure nova-rootwrap in the rootwrap.conf file. " "Because it's in the trusted security path, it must be owned and writable by " "only the root user. Its location is specified both in the sudoers entry and " "in the nova.conf configuration file with the " "rootwrap_config=entry." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml55(para) msgid "It uses an INI file format with these sections and parameters:" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml59(caption) #: ./doc/admin-guide-cloud/section_rootwrap.xml98(caption) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml53(caption) msgid "rootwrap.conf configuration options" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml64(para) #: ./doc/admin-guide-cloud/section_rootwrap.xml103(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml58(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml96(para) msgid "Configuration option=Default value" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml66(para) #: ./doc/admin-guide-cloud/section_rootwrap.xml105(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml60(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml98(para) msgid "(Type) Description" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml71(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml65(para) msgid "[DEFAULT]" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml72(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml66(para) msgid "filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml74(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml68(para) msgid "" "(ListOpt) Comma-separated list of directories containing filter definition " "files. Defines where filters for root wrap are stored. Directories defined " "on this line should all exist, be owned and writable only by the root user." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml86(title) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml80(title) msgid "Details of .filters files" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml87(para) msgid "" "Filters definition files contain lists of filters that nova-rootwrap will " "use to allow or deny a specific command. They are generally suffixed by " ".filters. Since they are in the trusted security path, they need to be owned" " and writable only by the root user. Their location is specified in the " "rootwrap.conf file." msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml93(para) msgid "" "It uses an INI file format with a [Filters] section and several lines, each " "with a unique parameter name (different for each filter that you define):" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml110(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml103(para) msgid "[Filters]" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml111(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml104(para) msgid "filter_name=kpartx: CommandFilter, /sbin/kpartx, root" msgstr "" #: ./doc/admin-guide-cloud/section_rootwrap.xml113(para) #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml106(para) msgid "" "(ListOpt) Comma-separated list containing first the Filter class to use, " "followed by that Filter arguments (which vary depending on the Filter class " "selected)." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml11(title) msgid "Troubleshoot the Block Storage configuration" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml13(para) msgid "" "Most Block Storage errors are caused by incorrect volume configurations that" " result in volume creation failues. To resolve these failures, review these " "logs:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml17(para) msgid "" "cinder-api log " "(/var/log/cinder/api.log)" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml19(para) msgid "" "cinder-volume log " "(/var/log/cinder/volume.log)" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml22(para) msgid "" "The cinder-api log is useful for " "determining if you have endpoint or connectivity issues. If you send a " "request to create a volume and it fails, review the cinder-api log to determine whether the " "request made it to the Block Storage service. If the request is logged and " "you see no errors or trace-backs, check the cinder-volume log for errors or trace-backs." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml32(para) msgid "" "Create commands are listed in the cinder-" "api log." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml35(para) msgid "" "These entries in the cinder.openstack.common.log file " "can be used to assist in troubleshooting your block storage configuration." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml107(para) msgid "" "These common issues might occur during configuration. To correct, use these " "suggested solutions." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml111(para) msgid "" "Issues with state_path and volumes_dir" " settings." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml113(para) msgid "" "The OpenStack Block Storage uses as the default iscsi " "helper and implements persistent targets. This means that in the case of a " "tgt restart or even a node reboot your existing volumes on that node will be" " restored automatically with their original IQN." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml118(para) msgid "" "In order to make this possible the iSCSI target information needs to be " "stored in a file on creation that can be queried in case of restart of the " "tgt daemon. By default, Block Storage uses a state_path " "variable, which if installing with Yum or APT should be set to " "/var/lib/cinder/. The next part is the " "volumes_dir variable, by default this just simply appends" " a \"volumes\" directory to the " "state_path. The result is a file-tree " "/var/lib/cinder/volumes/." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml131(para) msgid "" "While this should all be handled by the installer, it can go wrong. If you " "have trouble creating volumes and this directory does not exist you should " "see an error message in the cinder-" "volume log indicating that the volumes_dir " "does not exist, and it should provide information about which path it was " "looking for." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml141(para) msgid "The persistent tgt include file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml142(para) msgid "" "Along with the option, the iSCSI target driver " "also needs to be configured to look in the correct place for the persist " "files. This is a simple entry in the /etc/tgt/conf.d " "file that you should have set when you installed OpenStack. If issues occur," " verify that you have a /etc/tgt/conf.d/cinder.conf " "file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml151(para) msgid "If the file is not present, create it with this command:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml156(para) msgid "" "No sign of attach call in the cinder-" "api log." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml159(para) msgid "" "This is most likely going to be a minor adjustment to your " "nova.conf file. Make sure that your " "nova.conf has this entry:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml166(para) msgid "" "Failed to create iscsi target error in the cinder-" "volume.log file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml170(para) msgid "" "You might see this error in cinder-volume.log after " "trying to create a volume that is 1 GB. To fix this issue:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml174(para) msgid "" "Change content of the /etc/tgt/targets.conf from " "include /etc/tgt/conf.d/*.conf to include " "/etc/tgt/conf.d/cinder_tgt.conf, as follows:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_cinder_config.xml183(para) msgid "" "Restart tgt and cinder-* services so they pick up the new " "configuration." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml10(title) msgid "Block Storage" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml11(para) msgid "" "The OpenStack Block Storage service works through the interaction of a " "series of daemon processes named cinder-* that reside persistently on the host " "machine or machines. The binaries can all be run from a single node, or " "spread across multiple nodes. They can also be run on the same node as other" " OpenStack services." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml19(title) msgid "Introduction to Block Storage" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml20(para) msgid "" "To administer the OpenStack Block Storage service, it is helpful to " "understand a number of concepts. You must make certain choices when you " "configure the Block Storage service in OpenStack. The bulk of the options " "come down to two choices, single node or multi-node install. You can read a " "longer discussion about storage decisions in Storage Decisions in the " "OpenStack Operations Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml29(para) msgid "" "OpenStack Block Storage enables you to add extra block-level storage to your" " OpenStack Compute instances. This service is similar to the Amazon EC2 " "Elastic Block Storage (EBS) offering." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml36(title) msgid "Manage volumes" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml37(para) msgid "" "The default OpenStack Block Storage service implementation is an iSCSI " "solution that uses Logical Volume Manager (LVM) for Linux." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml41(para) msgid "" "The OpenStack Block Storage service is not a shared storage solution like a " "Storage Area Network (SAN) of NFS volumes, where you can attach a volume to " "multiple servers. With the OpenStack Block Storage service, you can attach a" " volume to only one instance at a time." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml47(para) msgid "" "The OpenStack Block Storage service also provides drivers that enable you to" " use several vendors' back-end storage devices, in addition to or instead of" " the base LVM implementation." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml52(para) msgid "" "This high-level procedure shows you how to create and attach a volume to a " "server instance." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml56(para) msgid "" "You must configure both OpenStack Compute and the OpenStack Block Storage " "service through the cinder.conf file." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml61(para) msgid "" "Create a volume through the command. This command creates " "an LV into the volume group (VG) cinder-volumes." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml67(para) msgid "" "Attach the volume to an instance through the command. This " "command creates a unique iSCSI IQN that is exposed to the compute node." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml73(para) msgid "" "The compute node, which runs the instance, now has an active ISCSI session " "and new local storage (usually a /dev/sdX disk)." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml80(para) msgid "" "libvirt uses that local storage as storage for the instance. The instance " "gets a new disk (usually a /dev/vdX disk)." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml89(para) msgid "" "For this particular walk through, one cloud controller runs nova-api, nova-" "scheduler, nova-" "objectstore, nova-network and " "cinder-* services. Two additional compute nodes run " "nova-compute. The walk through " "uses a custom partitioning scheme that carves out 60 GB of space and labels " "it as LVM. The network uses the FlatManager and " "NetworkManager settings for OpenStack Compute (Nova)." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml103(para) msgid "" "The network mode does not interfere with the way cinder works, but you must " "set up networking for cinder to work. For details, see ." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml106(para) msgid "" "To set up Compute to use volumes, ensure that Block Storage is installed " "along with lvm2. This guide describes how to troubleshoot your installation " "and back up your Compute volumes." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml111(title) msgid "Boot from volume" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml112(para) msgid "" "In some cases, instances can be stored and run from inside volumes. For " "information, see the Launch an instance from a " "volume section in the OpenStack End User Guide." msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml130(title) msgid "Troubleshoot your installation" msgstr "" #: ./doc/admin-guide-cloud/ch_blockstorage.xml131(para) msgid "" "This section provides useful tips to help troubleshoot your Block Storage " "installation." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml10(title) msgid "Back up Block Storage service disks" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml11(para) msgid "" "While you can use the LVM snapshot to create snapshots, you can also use it " "to back up your volumes. By using LVM snapshot, you reduce the size of the " "backup; only existing data is backed up instead of the entire volume." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml15(para) msgid "" "To back up a volume, you must create a snapshot of it. An LVM snapshot is " "the exact copy of a logical volume, which contains data in a frozen state. " "This prevents data corruption, because data cannot be manipulated during the" " volume creation process. Remember that the volumes created through a " " command exist in an LVM logical volume." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml22(para) msgid "" "You must also make sure that the operating system is not using the volume, " "and that all data has been flushed on the guest filesystems. This usually " "means that those filesystems have to be unmounted during the snapshot " "creation. They can be mounted again as soon as the logical volume snapshot " "has been created." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml27(para) msgid "" "Before you create the snapshot, you must have enough space to save it. As a " "precaution, you should have at least twice as much space as the potential " "snapshot size. If insufficient space is available, the snapshot might become" " corrupted." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml32(para) msgid "" "For this example, assume that a 100 GB volume named " "volume-00000001 was created for an instance while only 4 " "GB are used. This example uses these commands to back up only those 4 GB:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml38(para) msgid " command. Directly manipulates the volumes." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml42(para) msgid "" " command. Discovers the partition table created inside the " "instance." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml46(para) msgid " command. Creates a minimum-sized backup." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml50(para) msgid "" " command. Calculates the backup checksum to check its " "consistency." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml54(para) msgid "You can apply this process to volumes of any size." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml56(title) msgid "To back up Block Storage service disks" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml58(title) msgid "Create a snapshot of a used volume" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml61(para) msgid "Use this command to list all volumes:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml65(para) msgid "" "Create the snapshot; you can do this while the volume is attached to an " "instance:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml68(para) msgid "" "Use the configuration option to tell LVM that " "you want a snapshot of an already existing volume. The command includes the " "size of the space reserved for the snapshot volume, the name of the " "snapshot, and the path of an already existing volume. Generally, this path " "is /dev/cinder-" "volumes/$volume_name." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml76(para) msgid "" "The size does not have to be the same as the volume of the snapshot. The " "size parameter defines the space that LVM reserves " "for the snapshot volume. As a precaution, the size should be the same as " "that of the original volume, even if the whole space is not currently used " "by the snapshot." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml87(para) msgid "Run the command again to verify the snapshot:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml129(title) msgid "Partition table discovery" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml132(para) msgid "" "To exploit the snapshot with the command, mount your " "partition on the Block Storage service server." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml136(para) msgid "" "The utility discovers and maps table partitions. You can " "use it to view partitions that are created inside the instance. Without " "using the partitions created inside instances, you cannot see its content " "and create efficient backups." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml145(para) msgid "" "On a Debian-based distribution, you can use the command to " "install ." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml150(para) msgid "" "If the tools successfully find and map the partition table, no errors are " "returned." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml155(para) msgid "To check the partition table map, run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml158(para) msgid "" "You can see the cinder--volumes-volume--00000001--" "snapshot1 partition." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml161(para) msgid "" "If you created more than one partition on that volume, you see several " "partitions; for example: cinder--volumes-volume--00000001--" "snapshot2, cinder--volumes-volume--00000001--" "snapshot3, and so on." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml169(para) msgid "Mount your partition:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml171(para) msgid "If the partition mounts successfully, no errors are returned." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml173(para) msgid "" "You can directly access the data inside the instance. If a message prompts " "you for a partition or you cannot mount it, determine whether enough space " "was allocated for the snapshot or the command failed to " "discover the partition table." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml180(para) msgid "Allocate more space to the snapshot and try the process again." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml186(title) msgid "Use the command to create archives" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml188(para) msgid "Create a backup of the volume:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml190(para) msgid "" "This command creates a tar.gz file that contains the " "data, and data only. This ensures that " "you do not waste space by backing up empty sectors." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml196(title) msgid "Checksum calculation I" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml197(para) msgid "" "You should always have the checksum for your backup files. When you transfer" " the same file over the network, you can run a checksum calculation to " "ensure that your file was not corrupted during its transfer. The checksum is" " a unique ID for a file. If the checksums are different, the file is " "corrupted." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml203(para) msgid "" "Run this command to run a checksum for your file and save the result to a " "file:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml207(para) msgid "" "Use the command carefully because the time it takes to " "complete the calculation is directly proportional to the size of the file." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml211(para) msgid "" "For files larger than around 4 to 6 GB, and depending on your CPU, the " "process might take a long time." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml217(title) msgid "After work cleaning" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml218(para) msgid "" "Now that you have an efficient and consistent backup, use this command to " "clean up the file system:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml223(para) msgid "Unmount the volume:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml227(para) msgid "Delete the partition table:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml231(para) msgid "Remove the snapshot:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml235(para) msgid "Repeat these steps for all your volumes." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml238(title) msgid "Automate your backups" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml239(para) msgid "" "Because more and more volumes might be allocated to your Block Storage " "service, you might want to automate your backups. The SCR_5005_V01_NUAC-" "OPENSTACK-EBS-volumes-backup.sh script assists you with this task. " "The script performs the operations from the previous example, but also " "provides a mail report and runs the backup based on the " " setting." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml249(para) msgid "" "Launch this script from the server that runs the Block Storage service." msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml251(para) msgid "This example shows a mail report:" msgstr "" #: ./doc/admin-guide-cloud/section_backup-block-storage-disks.xml265(para) msgid "" "The script also enables you to SSH to your instances and run a " " command into them. To make this work, enable the connection" " to the Compute project keys. If you do not want to run the " " command, you can add enable_mysql_dump=0 to the script " "to turn off this functionality." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml4(title) msgid "Failed to connect volume in FC SAN" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml6(title) #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml10(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml8(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml6(title) #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml6(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml8(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml6(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml6(title) #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml8(title) #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml6(title) msgid "Problem" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml7(para) msgid "" "Compute node failed to connect to a volume in a Fibre Channel (FC) SAN " "configuration. The WWN may not be zoned correctly in your FC SAN that links " "the compute host to the storage array." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml15(title) #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml24(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml14(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml14(title) #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml11(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml43(title) #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml12(title) #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml15(title) #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml20(title) #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml12(title) msgid "Solution" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_connect_vol_FC_SAN.xml16(para) msgid "" "The network administrator must configure the FC SAN fabric by correctly " "zoning the WWN (port names) from your compute node HBAs." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml6(title) msgid "System administration for Object Storage" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml7(para) msgid "" "By understanding Object Storage concepts, you can better monitor and " "administer your storage solution. The majority of the administration " "information is maintained in developer documentation at docs.openstack.org/developer/swift/." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-admin.xml13(para) msgid "" "See the OpenStack Configuration " "Reference for a list of configuration options for Object " "Storage." msgstr "" #: ./doc/admin-guide-cloud/ch_objectstorage.xml6(title) msgid "Object Storage" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml8(title) msgid "Failed to Attach Volume, Missing sg_scan" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml11(para) msgid "" "Failed to attach volume to an instance, sg_scan file " "not found. This warning and error occur when the " "sg3-utils package is not installed on the compute node. " "The IDs in your message are unique to your system:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_vol_attach_miss_sg_scan.xml25(para) msgid "" "Run this command on the compute node to install the " "sg3-utils package:" msgstr "" #. ... Based on a blog, should be replaced with original material... #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml7(title) msgid "Object Storage monitoring" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml9(para) msgid "" "Excerpted from a blog post by Darrell Bishop" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml12(para) msgid "" "An OpenStack Object Storage cluster is a collection of many daemons that " "work together across many nodes. With so many different components, you must" " be able to tell what is going on inside the cluster. Tracking server-level " "metrics like CPU utilization, load, memory consumption, disk usage and " "utilization, and so on is necessary, but not sufficient." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml19(para) msgid "" "What are different daemons are doing on each server? What is the volume of " "object replication on node8? How long is it taking? Are there errors? If so," " when did they happen?" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml22(para) msgid "" "In such a complex ecosystem, you can use multiple approaches to get the " "answers to these questions. This section describes several approaches." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml26(title) msgid "Swift Recon" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml27(para) msgid "" "The Swift Recon middleware (see http://swift.openstack.org/admin_guide.html#cluster-telemetry-" "and-monitoring) provides general machine statistics, such as load " "average, socket statistics, /proc/meminfo contents, and so on, " "as well as Swift-specific metrics:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml35(para) msgid "The MD5 sum of each ring file." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml38(para) msgid "The most recent object replication time." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml41(para) msgid "Count of each type of quarantined file: Account, container, or object." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml45(para) msgid "Count of “async_pendings” (deferred container updates) on disk." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml49(para) msgid "" "Swift Recon is middleware that is installed in the object servers pipeline " "and takes one required option: A local cache directory. To track " "async_pendings, you must set up an additional cron job " "for each object server. You access data by either sending HTTP requests " "directly to the object server or using the command-line " "client." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml57(para) msgid "" "There are some good Object Storage cluster statistics but the general server" " metrics overlap with existing server monitoring systems. To get the Swift-" "specific metrics into a monitoring system, they must be polled. Swift Recon " "essentially acts as a middleware metrics collector. The process that feeds " "metrics to your statistics system, such as collectd and " "gmond, probably already runs on the storage node. So, you" " can choose to either talk to Swift Recon or collect the metrics directly." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml69(title) msgid "Swift-Informant" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml70(para) msgid "" "Florian Hines developed the Swift-Informant middleware (see http://pandemicsyn.posterous.com/swift-informant-statsd-" "getting-realtime-telem) to get real-time visibility into Object " "Storage client requests. It sits in the pipeline for the proxy server, and " "after each request to the proxy server, sends three metrics to a StatsD " "server (see http://codeascraft.etsy.com/2011/02/15" "/measure-anything-measure-everything/):" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml82(para) msgid "" "A counter increment for a metric like obj.GET.200 or " "cont.PUT.404." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml87(para) msgid "" "Timing data for a metric like acct.GET.200 or " "obj.GET.200. [The README says the metrics look like " "duration.acct.GET.200, but I do not see the " "duration in the code. I am not sure what the Etsy server " "does but our StatsD server turns timing metrics into five derivative metrics" " with new segments appended, so it probably works as coded. The first metric" " turns into acct.GET.200.lower, " "acct.GET.200.upper, acct.GET.200.mean, " "acct.GET.200.upper_90, and acct.GET.200.count]." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml104(para) msgid "" "A counter increase by the bytes transferred for a metric like " "tfer.obj.PUT.201." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml109(para) msgid "" "This is good for getting a feel for the quality of service clients are " "experiencing with the timing metrics, as well as getting a feel for the " "volume of the various permutations of request server type, command, and " "response code. Swift-Informant also requires no change to core Object " "Storage code because it is implemented as middleware. However, it gives you " "no insight into the workings of the cluster past the proxy server. If the " "responsiveness of one storage node degrades, you can only see that some of " "your requests are bad, either as high latency or error status codes. You do " "not know exactly why or where that request tried to go. Maybe the container " "server in question was on a good node but the object server was on a " "different, poorly-performing node." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml125(title) msgid "Statsdlog" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml126(para) msgid "" "Florian’s Statsdlog project " "increments StatsD counters based on logged events. Like Swift-Informant, it " "is also non-intrusive, but statsdlog can track events from all Object " "Storage daemons, not just proxy-server. The daemon listens to a UDP stream " "of syslog messages and StatsD counters are incremented when a log line " "matches a regular expression. Metric names are mapped to regex match " "patterns in a JSON file, allowing flexible configuration of what metrics are" " extracted from the log stream." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml137(para) msgid "" "Currently, only the first matching regex triggers a StatsD counter " "increment, and the counter is always incremented by one. There is no way to " "increment a counter by more than one or send timing data to StatsD based on " "the log line content. The tool could be extended to handle more metrics for " "each line and data extraction, including timing data. But a coupling would " "still exist between the log textual format and the log parsing regexes, " "which would themselves be more complex to support multiple matches for each " "line and data extraction. Also, log processing introduces a delay between " "the triggering event and sending the data to StatsD. It would be preferable " "to increment error counters where they occur and send timing data as soon as" " it is known to avoid coupling between a log string and a parsing regex and " "prevent a time delay between events and sending data to StatsD." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml153(para) msgid "" "The next section describes another method for gathering Object Storage " "operational metrics." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml157(title) msgid "Swift StatsD logging" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml158(para) msgid "" "StatsD (see http://codeascraft.etsy.com/2011/02/15" "/measure-anything-measure-everything/) was designed for application " "code to be deeply instrumented; metrics are sent in real-time by the code " "that just noticed or did something. The overhead of sending a metric is " "extremely low: a sendto of one UDP packet. If that overhead is " "still too high, the StatsD client library can send only a random portion of " "samples and StatsD approximates the actual number when flushing metrics " "upstream." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml169(para) msgid "" "To avoid the problems inherent with middleware-based monitoring and after-" "the-fact log processing, the sending of StatsD metrics is integrated into " "Object Storage itself. The submitted change set (see https://review.openstack.org/#change,6058)" " currently reports 124 metrics across 15 Object Storage daemons and the " "tempauth middleware. Details of the metrics tracked are in the Administrator's" " Guide." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml180(para) msgid "" "The sending of metrics is integrated with the logging framework. To enable, " "configure log_statsd_host in the relevant config file. You can " "also specify the port and a default sample rate. The specified default " "sample rate is used unless a specific call to a statsd logging method (see " "the list below) overrides it. Currently, no logging calls override the " "sample rate, but it is conceivable that some metrics may require accuracy " "(sample_rate == 1) while others may not." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml195(para) msgid "" "Then the LogAdapter object returned by get_logger(), usually " "stored in self.logger, has these new methods:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml201(para) msgid "" "set_statsd_prefix(self, prefix) Sets the client library stat " "prefix value which gets prefixed to every metric. The default prefix is the " "“name” of the logger (such as, . “object-server”, “container-auditor”, " "etc.). This is currently used to turn “proxy-server” into one of “proxy-" "server.Account”, “proxy-server.Container”, or “proxy-server.Object” as soon " "as the Controller object is determined and instantiated for the request." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml213(para) msgid "" "update_stats(self, metric, amount, sample_rate=1) Increments " "the supplied metric by the given amount. This is used when you need to add " "or subtract more that one from a counter, like incrementing “suffix.hashes” " "by the number of computed hashes in the object replicator." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml222(para) msgid "" "increment(self, metric, sample_rate=1) Increments the given " "counter metric by one." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml227(para) msgid "" "decrement(self, metric, sample_rate=1) Lowers the given counter" " metric by one." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml232(para) msgid "" "timing(self, metric, timing_ms, sample_rate=1) Record that the " "given metric took the supplied number of milliseconds." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml238(para) msgid "" "timing_since(self, metric, orig_time, sample_rate=1) " "Convenience method to record a timing metric whose value is “now” minus an " "existing timestamp." msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml244(para) msgid "" "Note that these logging methods may safely be called anywhere you have a " "logger object. If StatsD logging has not been configured, the methods are " "no-ops. This avoids messy conditional logic each place a metric is recorded." " These example usages show the new logging methods:" msgstr "" #: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml287(para) msgid "" "The development team of StatsD wanted to use the pystatsd client library " "(not to be confused with a similar-looking project also hosted on GitHub), but the released " "version on PyPi was missing two desired features the latest version in " "GitHub had: the ability to configure a metrics prefix in the client object " "and a convenience method for sending timing data between “now” and a “start”" " timestamp you already have. So they just implemented a simple StatsD client" " library from scratch with the same interface. This has the nice fringe " "benefit of not introducing another external library dependency into Object " "Storage." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml5(title) #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml5(title) msgid "Failed to attach volume after detaching" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml9(para) msgid "Failed to attach a volume after detaching the same volume." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml15(para) msgid "" "You must change the device name on the command. The VM " "might not clean up after a command runs. This example shows" " how the command fails when you use the vdb, " "vdc, or vdd device names:" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_after_detach.xml34(para) msgid "" "You might also have this problem after attaching and detaching the same " "volume from the same VM with the same mount point multiple times. In this " "case, restart the KVM host." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml4(title) msgid "Non-existent host" msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml7(para) msgid "" "This error could be caused by a volume being exported outside of OpenStack " "using a host name different from the system name that OpenStack expects. " "This error could be displayed with the IQN if the host was exported using " "iSCSI." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_host.xml15(para) msgid "" "Host names constructed by the driver use just the local hostname, not the " "fully qualified domain name (FQDN) of the Compute host. For example, if the " "FQDN was myhost.example.com, just " "myhost would be used as the 3PAR hostname. IP addresses" " are not allowed as host names on the 3PAR storage server." msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml6(title) msgid "Networking" msgstr "" #: ./doc/admin-guide-cloud/ch_networking.xml7(para) msgid "" "Learn OpenStack Networking concepts, architecture, and basic and advanced " " and command-line interface (CLI) commands." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml8(title) msgid "OpenStack Cloud Administrator Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml10(titleabbrev) msgid "Cloud Administrator Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml18(orgname) #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml23(holder) msgid "OpenStack Foundation" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml22(year) msgid "2013" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml25(releaseinfo) msgid "havana" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml26(productname) msgid "OpenStack" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml30(remark) msgid "Copyright details are filled in by the template." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml36(remark) msgid "Remaining licensing details are filled in by the template." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml41(para) msgid "" "OpenStack offers open source software for cloud administrators to manage and" " troubleshoot an OpenStack cloud." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml48(date) msgid "2013-11-12" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml52(para) msgid "" "Adds options for tuning operational status synchronization in the NSX plug-" "in." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml60(date) msgid "2013-10-17" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml64(para) msgid "Havana release." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml70(date) msgid "2013-09-05" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml74(para) msgid "Moves object storage monitoring section to this guide." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml78(para) msgid "Removes redundant object storage information." msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml85(date) msgid "2013-09-03" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml89(para) msgid "" "Moved all but configuration and installation information from these " "component guides to create the new guide:" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml95(para) msgid "OpenStack Compute Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml99(para) msgid "OpenStack Networking Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml103(para) msgid "OpenStack Object Storage Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml107(para) msgid "OpenStack Block Storage Service Administration Guide" msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml4(title) msgid "Cannot find suitable emulator for x86_64" msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml7(para) msgid "" "When you attempt to create a VM, the error shows the VM is in the " "BUILD then ERROR state." msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml12(para) msgid "" "On the KVM host run, cat /proc/cpuinfo. Make sure the " "vme and svm flags are set." msgstr "" #: ./doc/admin-guide-cloud/section_ts_no_emulator_x86_64.xml14(para) msgid "" "Follow the instructions in the enabling KVM " "section of the Configuration Reference to " "enable hardware virtualization support in your BIOS." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml5(title) msgid "Configure a GlusterFS back end" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml6(para) msgid "" "This section explains how to configure OpenStack Block Storage to use " "GlusterFS as a back end. You must be able to access the GlusterFS shares " "from the server that hosts the cinder volume service." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml14(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml12(para) msgid "" "The cinder volume service is " "named openstack-cinder-volume on the following " "distributions:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml19(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml194(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml17(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml100(para) msgid "CentOS" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml20(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml197(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml18(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml103(para) msgid "Fedora" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml21(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml200(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml19(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml106(para) msgid "openSUSE" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml22(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml203(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml20(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml109(para) msgid "Red Hat Enterprise Linux" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml24(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml206(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml22(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml112(para) msgid "SUSE Linux Enterprise" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml27(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml25(para) msgid "" "In Ubuntu and Debian distributions, the cinder volume service is named cinder-volume." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml31(para) msgid "" "Mounting GlusterFS volumes requires utilities and libraries from the " "glusterfs-fuse package. This package must be installed on" " all systems that will access volumes backed by GlusterFS." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml38(para) msgid "" "The utilities and libraries required for mounting GlusterFS volumes on " "Ubuntu and Debian distributions are available from the glusterfs-" "client package instead." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml44(para) msgid "" "For information on how to install and configure GlusterFS, refer to the " "GlusterDocumentation" " page." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml49(title) msgid "Configure GlusterFS for OpenStack Block Storage" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml50(para) msgid "" "The GlusterFS server must also be configured accordingly in order to allow " "OpenStack Block Storage to use GlusterFS shares:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml55(para) msgid "Log in as root to the GlusterFS server." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml61(para) msgid "" "Set each Gluster volume to use the same UID and GID as the " "cinder user:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml65(replaceable) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml66(replaceable) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml88(replaceable) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml129(replaceable) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml153(replaceable) msgid "VOL_NAME" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml65(replaceable) msgid "cinder-uid" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml66(replaceable) msgid "cinder-gid" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml67(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml130(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml52(para) msgid "Where:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml69(para) msgid "VOL_NAME is the Gluster volume name." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml71(para) msgid "" "cinder-uid is the UID of the " "cinder user." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml72(para) msgid "" "cinder-gid is the GID of the " "cinder user." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml75(para) msgid "" "The default UID and GID of the cinder user is " "165 on most distributions." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml83(para) msgid "" "Configure each Gluster volume to accept libgfapi " "connections. To do this, set each Gluster volume to allow insecure ports:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml91(para) msgid "" "Enable client connections from unprivileged ports. To do this, add the " "following line to /etc/glusterfs/glusterd.vol:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml99(para) msgid "Restart the glusterd service:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml106(title) msgid "Configure Block Storage to use a GlusterFS back end" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml107(para) msgid "After you configure the GlusterFS service, complete these steps:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml112(para) msgid "" "Log in as root to the system hosting the cinder " "volume service." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml118(para) msgid "" "Create a text file named glusterfs in " "/etc/cinder/." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml124(para) msgid "" "Add an entry to /etc/cinder/glusterfs for each " "GlusterFS share that OpenStack Block Storage should use for back end " "storage. Each entry should be a separate line, and should use the following " "format:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml129(replaceable) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml153(replaceable) #: ./doc/admin-guide-cloud/section_nfs_backend.xml51(replaceable) msgid "HOST" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml135(para) msgid "" "HOST is the IP address or host name of the Red " "Hat Storage server." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml141(para) msgid "" "VOL_NAME is the name an existing and accessible " "volume on the GlusterFS server." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml148(para) msgid "" "Optionally, if your environment requires additional mount options for a " "share, you can add them to the share's entry:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml153(replaceable) #: ./doc/admin-guide-cloud/section_nfs_backend.xml131(replaceable) msgid "OPTIONS" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml154(para) msgid "" "Replace OPTIONS with a comma-separated list of " "mount options." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml160(para) msgid "" "Set /etc/cinder/glusterfs to be owned by the " "root user and the cinder " "group." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml167(para) msgid "" "Set /etc/cinder/glusterfs to be readable by members of " "the cinder group:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml171(replaceable) msgid "FILE" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml174(para) msgid "" "Configure OpenStack Block Storage to use the " "/etc/cinder/glusterfs file created earlier. To do so, " "open the /etc/cinder/cinder.conf configuration file and" " set the glusterfs_shares_config configuration key to " "/etc/cinder/glusterfs." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml182(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml219(para) #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml263(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml88(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml125(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml150(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml191(para) msgid "" "On distributions that include openstack-config, " "you can configure this by running the following command instead:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml189(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml95(para) msgid "" "The following distributions include openstack-" "config:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml211(para) msgid "" "Configure OpenStack Block Storage to use the correct volume driver, namely " "cinder.volume.drivers.glusterfs. To do so, open the " "/etc/cinder/cinder.conf configuration file and set the " "volume_driver configuration key to " "cinder.volume.drivers.glusterfs." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml227(para) #: ./doc/admin-guide-cloud/section_nfs_backend.xml158(para) msgid "You can now restart the service to apply the configuration." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml230(para) msgid "" "To restart the cinder volume " "service on CentOS, Fedora, openSUSE, RedHat Enterprise Linux, or SUSE Linux " "Enterprise, run:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml235(para) msgid "" "To restart the cinder volume " "service on Ubuntu or Debian, run:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml240(para) msgid "OpenStack Block Storage is now configured to use a GlusterFS back end." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml243(para) msgid "" "In /etc/cinder/cinder.conf, the " "glusterfs_sparsed_volumes configuration key determines " "whether volumes are created as sparse files and grown as needed or fully " "allocated up front. The default and recommended value of this key is " "true, which ensures volumes are initially created as " "sparse files." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml252(para) msgid "" "Setting glusterfs_sparsed_volumes to " "false will result in volumes being fully allocated at the" " time of creation. This leads to increased delays in volume creation." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml258(para) msgid "" "However, should you choose to set " "glusterfs_sparsed_volumes to false, " "you can do so directly in /etc/cinder/cinder.conf." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml272(para) msgid "" "If a client host has SELinux enabled, the " "virt_use_fusefs Boolean should also be enabled if " "the host requires access to GlusterFS volumes on an instance. To enable this" " Boolean, run the following command as the root " "user:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_backend.xml279(para) msgid "" "This command also makes the Boolean persistent across reboots. Run this " "command on all client hosts that require access to GlusterFS volumes on an " "instance. This includes all compute nodes." msgstr "" #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml9(para) msgid "" "These errors appear in the cinder-volume.log file." msgstr "" #: ./doc/admin-guide-cloud/section_ts_HTTP_bad_req_in_cinder_vol_log.xml44(para) msgid "" "You need to update your copy of the hp_3par_fc.py " "driver which contains the synchronization code." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml4(title) msgid "Non-existent VLUN" msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml7(para) msgid "" "This error occurs if the 3PAR host exists with the correct host name that " "the OpenStack Block Storage drivers expect but the volume was created in a " "different Domain." msgstr "" #: ./doc/admin-guide-cloud/section_ts_non_existent_vlun.xml13(para) msgid "" "The hp3par_domain configuration items either need to be updated" " to use the domain the 3PAR host currently resides in, or the 3PAR host " "needs to be moved to the domain that the volume was created in." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml5(title) msgid "Gracefully remove a GlusterFS volume from usage" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml6(para) msgid "" "Configuring the cinder volume service to use " "GlusterFS involves creating a shares file (for example, " "/etc/cinder/glusterfs). This shares file lists each " "GlusterFS volume (with its corresponding storage server) that the " "cinder volume service can use for back end storage." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml13(para) msgid "" "To remove a GlusterFS volume from usage as a back end, delete the volume's " "corresponding entry from the shares file. After doing so, restart the Block " "Storage services." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml16(para) msgid "" "To restart the Block Storage services on CentOS, Fedora, openSUSE, Red Hat " "Enterprise Linux, or SUSE Linux Enterprise, run:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml20(para) msgid "To restart the Block Storage services on Ubuntu or Debian, run:" msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml23(para) msgid "" "Restarting the Block Storage services will prevent the " "cinder volume service from exporting the deleted " "GlusterFS volume. This will prevent any instances from mounting the volume " "from that point onwards." msgstr "" #: ./doc/admin-guide-cloud/section_glusterfs_removal.xml28(para) msgid "" "However, the removed GlusterFS volume might still be mounted on an instance " "at this point. Typically, this is the case when the volume was already " "mounted while its entry was deleted from the shares file. Whenever this " "occurs, you will have to unmount the volume as normal after the Block " "Storage services are restarted." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml4(title) msgid "Failed to attach volume, systool is not installed" msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml7(para) msgid "" "This warning and error occurs if you do not have the required " "sysfsutils package installed on the compute node." msgstr "" #: ./doc/admin-guide-cloud/section_ts_failed_attach_vol_no_sysfsutils.xml16(para) msgid "" "Run the following command on the compute node to install the " "sysfsutils packages." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml5(title) msgid "Configure a multiple-storage back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml6(para) msgid "" "This section presents the multi back-end storage feature introduced with the" " Grizzly release. Multi back-end allows the creation of several back-end " "storage solutions serving the same OpenStack Compute configuration. " "Basically, multi back-end launches one cinder-" "volume for each back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml12(para) msgid "" "In a multi back-end configuration, each back-end has a name " "(volume_backend_name). Several back-ends can have the " "same name. In that case, the scheduler properly decides which back-end the " "volume has to be created in." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml17(para) msgid "" "The name of the back-end is declared as an extra-specification of a volume " "type (such as, volume_backend_name=LVM_iSCSI). When a " "volume is created, the scheduler chooses an appropriate back-end to handle " "the request, according to the volume type specified by the user." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml24(title) msgid "Enable multi back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml25(para) msgid "" "To enable a multi back-end configuration, you must set the " " flag in the " "cinder.conf file. This flag defines the names " "(separated by a comma) of the configuration groups for the different back-" "ends: one name is associated to one configuration group for a back-end (such" " as, [lvmdriver-1])." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml33(para) msgid "" "The configuration group name is not related to the " "volume_backend_name." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml36(para) msgid "" "The options for a configuration group must be defined in the group (or " "default options are used). All the standard Block Storage configuration " "options (volume_group, volume_driver, " "and so on) might be used in a configuration group. Configuration values in " "the [DEFAULT] configuration group are not used." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml44(para) msgid "These examples show three back-ends:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml59(para) msgid "" "In this configuration, lvmdriver-1 and " "lvmdriver-2 have the same " "volume_backend_name. If a volume creation requests the " "LVM_iSCSI back-end name, the scheduler uses the capacity " "filter scheduler to choose the most suitable driver, which is either " "lvmdriver-1 or lvmdriver-2. The " "capacity filter scheduler is enabled by default. The next section provides " "more information. In addition, this example presents a " "lvmdriver-3 back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml72(title) msgid "Configure Block Storage scheduler multi back-end" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml73(para) msgid "" "You must enable the option to use multi " "back-end. Filter scheduler acts in two steps:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml78(para) msgid "" "The filter scheduler filters the available back-ends. By default, " "AvailabilityZoneFilter, CapacityFilter" " and CapabilitiesFilter are enabled." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml86(para) msgid "" "The filter scheduler weighs the previously filtered back-ends. By default, " "CapacityWeigher is enabled. The " "CapacityWeigher attributes higher scores to back-ends " "with the most available." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml94(para) msgid "" "The scheduler uses the filtering and weighing process to pick the best back-" "end to handle the request, and explicitly creates volumes on specific back-" "ends through the use of volume types." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml99(para) msgid "" "To enable the filter scheduler, add this line to the " "cinder.conf configuration file:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml103(para) msgid "" "While the Block Storage Scheduler defaults to " " in Grizzly, this setting is not required." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml110(title) msgid "Volume type" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml111(para) msgid "" "Before using it, a volume type has to be declared to Block Storage. This can" " be done by the following command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml114(para) msgid "" "Then, an extra-specification has to be created to link the volume type to a " "back-end name. Run this command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml118(para) msgid "" "This example creates a lvm volume type with " "volume_backend_name=LVM_iSCSI as extra-specifications." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml121(para) msgid "Create another volume type:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml124(para) msgid "" "This second volume type is named lvm_gold and has " "LVM_iSCSI_b as back-end name." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml129(para) msgid "To list the extra-specifications, use this command:" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml134(para) msgid "" "If a volume type points to a volume_backend_name that " "does not exist in the Block Storage configuration, the " "filter_scheduler returns an error that it cannot find a " "valid host with the suitable back-end." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml143(title) msgid "Usage" msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml144(para) msgid "" "When you create a volume, you must specify the volume type. The extra-" "specifications of the volume type are used to determine which back-end has " "to be used. Considering the cinder.conf " "described previously, the scheduler creates this volume on " "lvmdriver-1 or lvmdriver-2." msgstr "" #: ./doc/admin-guide-cloud/section_multi_backend.xml153(para) msgid "This second volume is created on lvmdriver-3." msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml6(title) msgid "Multipath Call Failed Exit" msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml9(para) msgid "" "Multipath call failed exit. This warning occurs in the Compute log if you do" " not have the optional multipath-tools package " "installed on the compute node. This is an optional package and the volume " "attachment does work without the multipath tools installed. If the multipath-tools package is installed on the compute node, it is " "used to perform the volume attachment. The IDs in your message are unique to" " your system." msgstr "" #: ./doc/admin-guide-cloud/section_ts_multipath_warn.xml21(para) msgid "" "Run the following command on the compute node to install the multipath-tools packages." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml6(title) msgid "Migrate volumes" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml7(para) msgid "" "The Havana release of OpenStack introduces the ability to migrate volumes " "between back-ends. Migrating a volume transparently moves its data from the " "current back-end for the volume to a new one. This is an administrator " "function, and can be used for functions including storage evacuation (for " "maintenance or decommissioning), or manual optimizations (for example, " "performance, reliability, or cost)." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml14(para) msgid "These workflows are possible for a migration:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml17(para) msgid "" "If the storage can migrate the volume on its own, it is given the " "opportunity to do so. This allows the Block Storage driver to enable " "optimizations that the storage might be able to perform. If the back-end is " "not able to perform the migration, the Block Storage uses one of two generic" " flows, as follows." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml25(para) msgid "" "If the volume is not attached, the Block Storage service creates a volume " "and copies the data from the original to the new volume." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml29(para) msgid "" "While most back-ends support this function, not all do. See the driver " "documentation in the OpenStack Configuration " "Reference for more details." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml38(para) msgid "" "If the volume is attached to a VM instance, the Block Storage creates a " "volume, and calls Compute to copy the data from the original to the new " "volume. Currently this is supported only by the Compute libvirt driver." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml45(para) msgid "" "As an example, this scenario shows two LVM back-ends and migrates an " "attached volume from one to the other. This scenario uses the third " "migration flow." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml48(para) msgid "First, list the available back-ends:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml52(para) msgid "" "Next, as the admin user, you can see the current status of the volume " "(replace the example ID with your own):" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml76(para) msgid "Note these attributes:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml79(para) msgid "" "os-vol-host-attr:host - the volume's current back-end." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml83(para) msgid "" "os-vol-mig-status-attr:migstat - the status of this " "volume's migration (None means that a migration is not " "currently in progress)." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml88(para) msgid "" "os-vol-mig-status-attr:name_id - the volume ID that this " "volume's name on the back-end is based on. Before a volume is ever migrated," " its name on the back-end storage may be based on the volume's ID (see the " " configuration parameter). For example," " if is kept as the default value " "(volume-%s), your first LVM back-end has a logical volume" " named volume-6088f80a-f116-4331-ad48-9afb0dfb196c. " "During the course of a migration, if you create a volume and copy over the " "data, the volume get the new name but keeps its original ID. This is exposed" " by the name_id attribute." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml106(para) msgid "" "If you plan to decommission a block storage node, you must stop the " "cinder volume service on the node" " after performing the migration." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml109(para) msgid "" "On nodes that run CentOS, Fedora, openSUSE, RedHat Enterprise Linux, or SUSE" " Linux Enterprise, run:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml114(para) msgid "On nodes that run Ubuntu or Debian, run:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml118(para) msgid "" "Stopping the cinder volume service will prevent " "volumes from being allocated to the node." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml121(para) msgid "Migrate this volume to the second LVM back-end:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml123(para) msgid "" "You can use the command to see the status of the migration." " While migrating, the migstat attribute shows states such" " as migrating or completing. On error," " migstat is set to None and the " "host attribute shows the original host. On success, in " "this example, the output looks like:" msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml154(para) msgid "" "Note that migstat is None, host is the" " new host, and name_id holds the ID of the volume created" " by the migration. If you look at the second LVM back end, you find the " "logical volume volume-133d1f56-9ffc-" "4f57-8798-d5217d851862." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml161(para) msgid "" "The migration is not visible to non-admin users (for example, through the " "volume status). However, some operations are not allowed " "while a migration is taking place, such as attaching/detaching a volume and " "deleting a volume. If a user performs such an action during a migration, an " "error is returned." msgstr "" #: ./doc/admin-guide-cloud/section_volume-migration.xml169(para) msgid "Migrating volumes that have snapshots are currently not allowed." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml5(title) msgid "Configure an NFS storage back end" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml6(para) msgid "" "This section explains how to configure OpenStack Block Storage to use NFS " "storage. You must be able to access the NFS shares from the server that " "hosts the cinder volume service." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml30(title) msgid "Configure Block Storage to use an NFS storage back end" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml32(para) msgid "" "Log in as root to the system hosting the " "cinder volume service." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml37(para) msgid "" "Create a text file named nfsshares in " "/etc/cinder/." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml43(para) msgid "" "Add an entry to /etc/cinder/nfsshares for each NFS " "share that the cinder volume " "service should use for back end storage. Each entry should be a separate " "line, and should use the following format:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml51(replaceable) msgid "SHARE" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml54(para) msgid "" "HOST is the IP address or host name of the NFS " "server." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml56(para) msgid "" "SHARE is the absolute path to an existing and " "accessible NFS share." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml62(para) msgid "" "Set /etc/cinder/nfsshares to be owned by the " "root user and the cinder " "group:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml70(para) msgid "" "Set /etc/cinder/nfsshares to be readable by members of " "the cinder group:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml78(para) msgid "" "Configure the cinder volume " "service to use the /etc/cinder/nfsshares file created " "earlier. To do so, open the /etc/cinder/cinder.conf " "configuration file and set the nfs_shares_config " "configuration key to /etc/cinder/nfsshares." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml117(para) msgid "" "Optionally, provide any additional NFS mount options required in your " "environment in the nfs_mount_options configuration key of" " /etc/cinder/cinder.conf. If your NFS shares do not " "require any additional mount options (or if you are unsure), skip this step." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml132(para) msgid "" "Replace OPTIONS with the mount options to be used" " when accessing NFS shares. See the manual page for NFS for more information" " on available mount options ()." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml140(para) msgid "" "Configure the cinder volume " "service to use the correct volume driver, namely " "cinder.volume.drivers.nfs.NfsDriver. To do so, open the " "/etc/cinder/cinder.conf configuration file and set the " "volume_driver configuration key to " "cinder.volume.drivers.nfs.NfsDriver." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml161(para) msgid "" "To restart the cinder volume " "service on CentOS, Fedora, openSUSE, Red Hat Enterprise Linux, or SUSE Linux" " Enterprise, run:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml166(para) msgid "" "To restart the cinder volume service on Ubuntu or " "Debian, run:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml172(para) msgid "" "The nfs_sparsed_volumes configuration key determines " "whether volumes are created as sparse files and grown as needed or fully " "allocated up front. The default and recommended value is " "true, which ensures volumes are initially created as " "sparse files." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml180(para) msgid "" "Setting nfs_sparsed_volumes to false " "will result in volumes being fully allocated at the time of creation. This " "leads to increased delays in volume creation." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml186(para) msgid "" "However, should you choose to set nfs_sparsed_volumes to " "false, you can do so directly in " "/etc/cinder/cinder.conf." msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml200(para) msgid "" "If a client host has SELinux enabled, the " "virt_use_nfs Boolean should also be enabled if the " "host requires access to NFS volumes on an instance. To enable this Boolean, " "run the following command as the root user:" msgstr "" #: ./doc/admin-guide-cloud/section_nfs_backend.xml207(para) msgid "" "This command also makes the Boolean persistent across reboots. Run this " "command on all client hosts that require access to NFS volumes on an " "instance. This includes all Compute nodes." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml6(title) #: ./doc/admin-guide-cloud/ch_compute.xml407(title) msgid "Dashboard" msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml7(para) msgid "" "The OpenStack dashboard is a web-based interface that allows you to manage " "OpenStack resources and services. The dashboard allows you to interact with " "the OpenStack Compute cloud controller using the OpenStack APIs. For more " "information about installing and configuring the dashboard, see the " "OpenStack Installation Guide for your operating " "system." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml19(para) msgid ", for customizing the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml23(para) msgid "" ", for setting up session storage for " "the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml27(para) msgid "" "The " " Horizon documentation, for deploying the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml31(para) msgid "" "The OpenStack End User Guide, for" " launching instances with the dashboard.." msgstr "" #: ./doc/admin-guide-cloud/ch_dashboard.xml15(para) msgid "For more information about using the dashboard, see: " msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml4(title) msgid "Duplicate 3PAR host" msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml7(para) msgid "" "This error may be caused by a volume being exported outside of OpenStack " "using a host name different from the system name that OpenStack expects. " "This error could be displayed with the IQN if the host was exported using " "iSCSI." msgstr "" #: ./doc/admin-guide-cloud/section_ts_duplicate_3par_host.xml13(para) msgid "" "Change the 3PAR host name to match the one that OpenStack expects. The 3PAR " "host constructed by the driver uses just the local hostname, not the fully " "qualified domain name (FQDN) of the compute host. For example, if the FQDN " "was myhost.example.com, just " "myhost would be used as the 3PAR hostname. IP addresses" " are not allowed as host names on the 3PAR storage server." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml12(title) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml102(title) msgid "Compute" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml13(para) msgid "" "The OpenStack Compute service allows you to control an Infrastructure-" "as-a-Service (IaaS) cloud computing platform. It gives you control over " "instances and networks, and allows you to manage access to the cloud through" " users and projects." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml18(para) msgid "" "Compute does not include virtualization software. Instead, it defines " "drivers that interact with underlying virtualization mechanisms that run on " "your host operating system, and exposes functionality over a web-based API." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml23(title) msgid "System architecture" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml24(para) msgid "OpenStack Compute contains several main components." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml28(para) msgid "" "The cloud controller represents the global state and " "interacts with the other components. The API server acts " "as the web services front end for the cloud controller. The compute" " controller provides compute server resources and usually also " "contains the Compute service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml35(para) msgid "" "The object store is an optional component that provides " "storage services; you can also instead use OpenStack Object Storage." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml39(para) msgid "" "An auth manager provides authentication and authorization" " services when used with the Compute system; you can also instead use " "OpenStack Identity as a separate authentication service." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml44(para) msgid "" "A volume controller provides fast and permanent block-" "level storage for the compute servers." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml49(para) msgid "" "The network controller provides virtual networks to " "enable compute servers to interact with each other and with the public " "network. You can also instead use OpenStack Networking." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml54(para) msgid "" "The scheduler is used to select the most suitable compute" " controller to host an instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml61(para) msgid "" "Compute uses a messaging-based, shared nothing " "architecture. All major components exist on multiple servers, including the " "compute,volume, and network controllers, and the object store or image " "service. The state of the entire system is stored in a database. The cloud " "controller communicates with the internal object store using HTTP, but it " "communicates with the scheduler, network controller, and volume controller " "using AMQP (advanced message queueing protocol). To avoid blocking a " "component while waiting for a response, Compute uses asynchronous calls, " "with a callback that is triggered when a response is received." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml71(title) msgid "Hypervisors" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml72(para) msgid "" "Compute controls hypervisors through an API server. Selecting the best " "hypervisor to use can be difficult, and you must take budget, resource " "constraints, supported features, and required technical specifications into " "account. However, the majority of OpenStack development is done on systems " "using KVM and Xen-based hypervisors. For a detailed list of features and " "support across different hypervisors, see http://wiki.openstack.org/HypervisorSupportMatrix." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml79(para) msgid "" "You can also orchestrate clouds using multiple hypervisors in different " "availability zones. Compute supports the following hypervisors:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml84(link) msgid "Baremetal" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml88(link) msgid "Docker" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml93(link) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml386(th) msgid "Hyper-V" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml97(link) msgid "Kernel-based Virtual Machine (KVM)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml102(link) msgid "Linux Containers (LXC)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml106(link) msgid "Quick Emulator (QEMU)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml110(link) msgid "User Mode Linux (UML)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml117(link) msgid "VMWare vSphere" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml121(link) msgid "Xen" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml125(para) msgid "" "For more information about hypervisors, see the Hypervisors section in the " "OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml132(title) msgid "Tenants, users, and roles" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml133(para) msgid "" "The Compute system is designed to be used by different consumers in the form" " of tenants on a shared system, and role-based access assignments. Roles " "control the actions that a user is allowed to perform." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml137(para) msgid "" "Tenants are isolated resource containers that form the principal " "organizational structure within the Compute service. They consist of an " "individual VLAN, and volumes, instances, images, keys, and users. A user can" " specify the tenant by appending :project_id to their " "access key. If no tenant is specified in the API request, Compute attempts " "to use a tenant with the same ID as the user." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml145(para) msgid "For tenants, you can use quota controls to limit the:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml148(para) msgid "Number of volumes that may be launched." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml151(para) msgid "Number of processor cores and the amount of RAM that can be allocated." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml154(para) msgid "" "Floating IP addresses assigned to any instance when it launches. This allows" " instances to have the same publicly accessible IP addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml158(para) msgid "" "Fixed IP addresses assigned to the same instance when it launches. This " "allows instances to have the same publicly or privately accessible IP " "addresses." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml162(para) msgid "" "Roles control the actions a user is allowed to perform. By default, most " "actions do not require a particular role, but you can configure them by " "editing the policy.json file for user roles. For " "example, a rule can be defined so that a user must have the " "admin role in order to be able to allocate a public " "IP address." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml169(para) msgid "" "A tenant limits users' access to particular images. Each user is assigned a " "username and password. Keypairs granting access to an instance are enabled " "for each user, but quotas are set, so that each tenant can control resource " "consumption across available hardware resources." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml176(para) msgid "" "Earlier versions of OpenStack used the term project instead of tenant. Because of this legacy terminology, " "some command-line tools use --project_id where you " "would normally expect to enter a tenant ID." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml188(title) msgid "Block storage" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml189(para) msgid "" "OpenStack provides two classes of block storage: ephemeral storage and " "persistent volumes. Volumes are persistent virtualized block devices " "independent of any particular instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml193(para) msgid "" "Ephemeral storage is associated with a single unique instance, and it exists" " only for the life of that instance. The amount of ephemeral storage is " "defined by the flavor of the instance. Generally, the root file system for " "an instance will be stored on ephemeral storage. It persists across reboots " "of the guest operating system, but when the instance is deleted, the " "ephemeral storage is also removed." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml201(para) msgid "" "In addition to the ephemeral root volume, all flavors except the smallest, " "m1.tiny, also provide an additional ephemeral block " "device of between 20 and 160 GB. These sizes can be configured to suit your " "environment. This is presented as a raw block device with no partition table" " or file system. Cloud-aware operating system images can discover, format, " "and mount these storage devices. For example, the cloud-init package included in Ubuntu's stock" " cloud images format this space as an ext3 file system " "and mount it on /mnt. This is a feature of the guest " "operating system you are using, and is not an OpenStack mechanism. OpenStack" " only provisions the raw storage." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml216(para) msgid "" "Persistent volumes are created by users and their size is limited only by " "the user's quota and availability limits. Upon initial creation, volumes are" " raw block devices without a partition table or a file system. To partition " "or format volumes, you must attach them to an instance. Once they are " "attached to an instance, you can use persistent volumes in much the same way" " as you would use external hard disk drive. You can attach volumes to only " "one instance at a time, although you can detach and reattach volumes to as " "many different instances as you like." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml227(para) msgid "" "You can configure persistent volumes as bootable and use them to provide a " "persistent virtual instance similar to traditional non-cloud-based " "virtualization systems. Typically, the resulting instance can also still " "have ephemeral storage depending on the flavor selected, but the root file " "system can be on the persistent volume and its state maintained even if the " "instance is shut down. For more information about this type of " "configuration, see the OpenStack Configuration " "Reference." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml237(para) msgid "" "Persistent volumes do not provide concurrent access from multiple instances." " That type of configuration requires a traditional network file system like " "NFS or CIFS, or a cluster file system such as GlusterFS. These systems can " "be built within an OpenStack cluster or provisioned outside of it, but " "OpenStack software does not provide these features." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml247(title) msgid "EC2 compatibility API" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml248(para) msgid "" "In addition to the native compute API, OpenStack provides an EC2-compatible " "API. This API allows EC2 legacy workflows built for EC2 to work with " "OpenStack. The OpenStack Configuration " "Reference lists configuration options for customizing " "this compatibility API on your OpenStack cloud." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml255(para) msgid "" "Numerous third-party tools and language-specific SDKs can be used to " "interact with OpenStack clouds, using both native and compatibility APIs. " "Some of the more popular third-party tools are:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml261(term) msgid "Euca2ools" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml263(para) msgid "" "A popular open source command-line tool for interacting with the EC2 API. " "This is convenient for multi-cloud environments where EC2 is the common API," " or for transitioning from EC2-based clouds to OpenStack. For more " "information, see the euca2ools " "site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml274(term) msgid "Hybridfox" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml276(para) msgid "" "A Firefox browser add-on that provides a graphical interface to many popular" " public and private cloud technologies, including OpenStack. For more " "information, see the " "hybridfox site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml285(term) msgid "boto" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml287(para) msgid "" "A Python library for interacting with Amazon Web Services. It can be used to" " access OpenStack through the EC2 compatibility API. For more information, " "see the boto project page on " "GitHub." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml296(term) msgid "fog" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml298(para) msgid "" "A Ruby cloud services library. It provides methods for interacting with a " "large number of cloud and virtualization platforms, including OpenStack. For" " more information, see the fog" " site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml307(term) msgid "php-opencloud" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml309(para) msgid "" "A PHP SDK designed to work with most OpenStack- based cloud deployments, as " "well as Rackspace public cloud. For more information, see the php-opencloud site." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml320(title) msgid "Building blocks" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml321(para) msgid "" "In OpenStack the base operating system is usually copied from an image " "stored in the OpenStack Image Service. This is the most common case and " "results in an ephemeral instance that starts from a known template state and" " loses all accumulated states on shutdown. It is also possible to put an " "operating system on a persistent volume in the Nova-Volume or Cinder volume " "system. This gives a more traditional persistent system that accumulates " "states, which are preserved across restarts. To get a list of available " "images on your system run: " msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml340(para) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml24(para) msgid "The displayed image attributes are:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml343(literal) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml27(literal) msgid "ID" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml345(para) msgid "Automatically generated UUID of the image" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml350(literal) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml33(literal) msgid "Name" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml352(para) msgid "Free form, human-readable name for image" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml357(literal) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml39(literal) msgid "Status" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml359(para) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml41(para) msgid "" "The status of the image. Images marked ACTIVE are " "available for use." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml365(literal) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml47(literal) msgid "Server" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml367(para) #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml49(para) msgid "" "For images that are created as snapshots of running instances, this is the " "UUID of the instance the snapshot derives from. For uploaded images, this " "field is blank." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml375(para) msgid "" "Virtual hardware templates are called flavors. The " "default installation provides five flavors. By default, these are " "configurable by admin users, however that behavior can be changed by " "redefining the access controls for " "compute_extension:flavormanage in " "/etc/nova/policy.json on the compute-" "api server." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml383(para) msgid "For a list of flavors that are available on your system:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml400(title) msgid "Admin password injection" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml401(para) msgid "" "You can configure Compute to generate a random administrator (root) password" " and inject that password into the instance. If this feature is enabled, a " "user can to an instance without an " "keypair. The random password appears in the output of the " "command. You can also view and set the admin password " "from the dashboard." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml408(para) msgid "" "The dashboard is configured by default to display the " "admin password and allow the user to modify it." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml410(para) msgid "" "If you do not want to support password injection, we recommend disabling the" " password fields by editing your Dashboard " "local_settings file (file location will vary by Linux " "distribution, on Fedora/RHEL/CentOS: /etc/openstack-" "dashboard/local_settings, on Ubuntu and Debian: /etc" "/openstack-dashboard/local_settings.py and on openSUSE and SUSE " "Linux Enterprise Server: /srv/www/openstack-" "dashboard/openstack_dashboard/local/local_settings.py) " "" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml426(title) msgid "Libvirt-based hypervisors (KVM, QEMU, LXC)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml427(para) msgid "" "For hypervisors such as KVM that use the libvirt backend, " "admin password injection is disabled by default. To " "enable it, set the following option in " "/etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml434(para) msgid "" "When enabled, Compute will modify the password of the root account by " "editing the /etc/shadow file inside of the virtual " "machine instance." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml439(para) msgid "Users can only ssh to the instance by using the admin password if:" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml443(para) msgid "The virtual machine image is a Linux distribution" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml447(para) msgid "" "The virtual machine has been configured to allow users to " "as the root user. This is not the case for Ubuntu cloud images, which disallow " " to the root account by default." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml457(title) msgid "XenAPI (XenServer/XCP)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml458(para) msgid "" "Compute uses the XenAPI agent to inject passwords into guests when using the" " XenAPI hypervisor backend. The virtual-machine image must be configured " "with the agent for password injection to work." msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml463(title) msgid "Windows images (all hypervisors)" msgstr "" #: ./doc/admin-guide-cloud/ch_compute.xml464(para) msgid "" "To support the admin password for Windows virtual " "machines, you must configure the Windows image to retrieve the " "admin password on boot by installing an agent such as " "cloudbase-" "init." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml7(title) msgid "Instance building blocks" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml8(para) msgid "" "In OpenStack, the base operating system is usually copied from an image " "stored in the OpenStack Image Service. This is the most common case and " "results in an ephemeral instance that starts from a known template state and" " loses all accumulated states on shutdown." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml11(para) msgid "" "You can also put an operating system on a persistent volume in Compute or " "the Block Storage volume system. This gives a more traditional, persistent " "system that accumulates states, which are preserved across restarts. To get " "a list of available images on your system, run: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml29(para) msgid "Automatically generated UUID of the image." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml35(para) msgid "Free form, human-readable name for image." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml56(para) msgid "" "Virtual hardware templates are called flavors. The " "default installation provides five flavors. By default, these are " "configurable by administrative users. However, you can change this behavior " "by redefining the access controls for " "compute_extension:flavormanage in " "/etc/nova/policy.json on the compute-" "api server." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml62(para) msgid "For a list of flavors that are available on your system, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml6(title) msgid "Image management" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml7(para) msgid "" "The OpenStack Image Service discovers, registers, and retrieves virtual " "machine images. The service also includes a RESTful API that allows you to " "query VM image metadata and retrieve the actual image with HTTP requests. " "For more information about the API, see the OpenStack API Complete " "Reference and the Python API." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml16(para) msgid "" "The OpenStack Image Service can be controlled using a command-line tool. For" " more information about the using OpenStack Image command-line tool, see the" " Manage Images section in the " "OpenStack End User Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml22(para) msgid "" "Virtual images that have been made available through the Image Service can " "be stored in a variety of ways. In order to use these services, you must " "have a working installation of the Image Service, with a working endpoint, " "and users that have been created in OpenStack Identity. Additionally, you " "must meet the environment variables required by the Compute and Image " "Service clients." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml29(para) msgid "The Image Service supports these back-end stores:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml32(term) msgid "File system" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml34(para) msgid "" "The OpenStack Image Service stores virtual machine images in the file system" " back end by default. This simple back end writes image files to the local " "file system." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml41(term) msgid "Object Storage service" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml43(para) msgid "The OpenStack highly available service for storing objects." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml48(term) msgid "S3" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml50(para) msgid "The Amazon S3 service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml54(term) msgid "HTTP" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml56(para) msgid "" "OpenStack Image Service can read virtual machine images that are available " "on the internet using HTTP. This store is read only." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml62(term) msgid "Rados block device (RBD)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml64(para) msgid "" "Stores images inside of a Ceph storage cluster using Ceph's RBD interface." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml69(term) msgid "GridFS" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml71(para) msgid "Stores images using MongoDB." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml7(para) msgid "" "The root wrapper enables an unprivileged user to run a number of Compute " "actions as the root user in the safest manner possible. Historically, " "Compute used a specific sudoers file that listed every " "command that the Compute user was allowed to run, and used " "to run that command as root. However this was difficult " "to maintain (the sudoers file was in packaging), and " "did not enable complex filtering of parameters (advanced filters). The " "rootwrap was designed to solve those issues." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml17(para) msgid "" "Instead of calling , Compute services start with a " " call; for example, . A generic sudoers " "entry lets the Compute user run as root. The " " code looks for filter definition directories in its " "configuration file, and loads command filters from them. Then it checks if " "the command requested by Compute matches one of those filters, in which case" " it executes the command (as root). If no filter matches, it denies the " "request." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml25(para) msgid "" "To use , you must be aware of the issues with using NFS and " "root-owned files. The NFS share must be configured with the " " option enabled." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml32(para) msgid "" "The escalation path is fully controlled by the root user. A sudoers entry " "(owned by root) allows Compute to run (as root) a specific rootwrap " "executable, and only with a specific configuration file (which should be " "owned by root). imports the Python modules it needs from a " "cleaned (and system-default) PYTHONPATH. The " "configuration file (also root-owned) points to root-owned filter definition " "directories, which contain root-owned filters definition files. This chain " "ensures that the Compute user itself is not in control of the configuration " "or modules used by the executable." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml44(para) msgid "" "You configure in the rootwrap.conf " "file. Because it's in the trusted security path, it must be owned and " "writable by only the root user. The file's location is specified both in the" " sudoers entry and in the nova.conf configuration file " "with the rootwrap_config=entry." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml49(para) msgid "" "The rootwrap.conf file uses an INI file format with " "these sections and parameters:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml81(para) msgid "" "Filters definition files contain lists of filters that will" " use to allow or deny a specific command. They are generally suffixed by " ".filters. Since they are in the trusted security path, they need to be owned" " and writable only by the root user. Their location is specified in the " "rootwrap.conf file." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml86(para) msgid "" "Filter definition files use an INI file format with a [Filters] section and " "several lines, each with a unique parameter name (different for each filter " "that you define):" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml91(caption) msgid ".filters configuration options" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml9(title) msgid "Configure Compute to use IPv6 addresses" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml10(para) msgid "" "If you are using OpenStack Compute with nova-" "network, you can put Compute into IPv4/IPv6 dual-stack mode, so" " that it uses both IPv4 and IPv6 addresses for communication. In IPv4/IPv6 " "dual-stack mode, instances can acquire their IPv6 global unicast address by " "using a stateless address auto configuration mechanism [RFC 4862/2462]. " "IPv4/IPv6 dual-stack mode works with both VlanManager and" " FlatDHCPManager networking modes. In " "VlanManager, each project uses a different 64-bit global " "routing prefix. In FlatDHCPManager, all instances use one" " 64-bit global routing prefix." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml18(para) msgid "" "This configuration was tested with VM images that have an IPv6 stateless " "address auto configuration capability. This capability is required for any " "VM you want to run with an IPv6 address. You must use EUI-64 address for " "stateless address auto configuration. Each node that executes a " "nova-* service must have python-" "netaddr and radvd installed." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml25(title) msgid "Switch into IPv4/IPv6 dual-stack mode" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml26(para) msgid "" "On all nodes running a nova-* service, install " "python-netaddr:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml29(para) msgid "" "On all nova-network nodes, install " "radvd and configure IPv6 networking:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml34(para) msgid "" "Edit the nova.conf file on all nodes to specify " "use_ipv6 = True." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml36(para) msgid "Restart all nova-* services." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml38(para) msgid "" "You can add a fixed range for IPv6 addresses to the " "command. Specify or after " "the parameter." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml41(replaceable) msgid "fixed_range_v4" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml41(replaceable) msgid "vlan_id" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml41(replaceable) msgid "vpn_start" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml41(replaceable) msgid "fixed_range_v6" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml42(para) msgid "" "You can set IPv6 global routing prefix by using the " " parameter. The default value for the " "parameter is: fd00::/48." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml47(para) msgid "" "When you use FlatDHCPManager, the command uses the " "original value. For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml52(para) msgid "" "When you use VlanManager, the command increments the " "subnet ID to create subnet prefixes. Guest VMs use this prefix to generate " "their IPv6 global unicast address. For example:" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml604(None) msgid "" "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-" "manager.jpg'; md5=31f7e15a45d042bd9d6499631e2f3ccc" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml614(None) msgid "" "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-" "DHCP-manager.jpg'; md5=0f33a228f1dec4a4e4424dd5ee81bde8" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml624(None) msgid "" "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-VLAN-" "manager.jpg'; md5=0acaf3e2041f941d8fee2d111f37e7ac" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml7(title) msgid "Networking with nova-network" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml8(para) msgid "" "Understanding the networking configuration options helps you design the best" " configuration for your Compute instances." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml11(para) msgid "" "You can choose to either install and configure nova-network for networking between VMs or use the OpenStack" " Networking service (neutron) for networking. To configure Compute " "networking options with OpenStack Networking, see the ." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml16(title) msgid "Networking concepts" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml17(para) msgid "" "This section offers a brief overview of networking concepts for Compute." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml18(para) msgid "" "Compute assigns a private IP address to each VM instance. (Currently, " "Compute with nova-network only " "supports Linux bridge networking that enables the virtual interfaces to " "connect to the outside network through the physical interface.) Compute " "makes a distinction between fixed IPs " "and floating IPs. Fixed IPs are IP " "addresses that are assigned to an instance on creation and stay the same " "until the instance is explicitly terminated. By contrast, floating IPs are " "addresses that can be dynamically associated with an instance. A floating IP" " address can be disassociated and associated with another instance at any " "time. A user can reserve a floating IP for their project." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml28(para) msgid "" "The network controller with nova-" "network provides virtual networks to enable compute servers to " "interact with each other and with the public network. Compute with " "nova-network supports the " "following network modes, which are implemented as “Network Manager” types." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml34(term) msgid "Flat Network Manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml35(para) msgid "" "In Flat mode, a network administrator " "specifies a subnet. IP addresses for VM instances are assigned from the " "subnet, and then injected into the image on launch. Each instance receives a" " fixed IP address from the pool of available addresses. A system " "administrator must create the Linux networking bridge (typically named " "br100, although this is configurable) on the systems " "running the nova-network service." " All instances of the system are attached to the same bridge, and this is " "configured manually by the network administrator." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml45(para) msgid "" "Configuration injection currently only works on Linux-style systems that " "keep networking configuration in " "/etc/network/interfaces." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml50(term) msgid "Flat DHCP Network Manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml51(para) msgid "" "In FlatDHCP mode, OpenStack starts a DHCP" " server (dnsmasq) to allocate IP addresses to VM " "instances from the specified subnet, in addition to manually configuring the" " networking bridge. IP addresses for VM instances are assigned from a subnet" " specified by the network administrator." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml56(para) msgid "" "Like Flat Mode, all instances are attached to a single bridge on the compute" " node. Additionally, a DHCP server is running to configure instances " "(depending on single-/multi-host mode, alongside each nova-network). In this mode, Compute does a " "bit more configuration in that it attempts to bridge into an ethernet device" " (flat_interface, eth0 by default). For every instance, " "Compute allocates a fixed IP address and configures dnsmasq with the MAC/IP " "pair for the VM. Dnsmasq does not take part in the IP address allocation " "process, it only hands out IPs according to the mapping done by Compute. " "Instances receive their fixed IPs by doing a . These IPs are" " not assigned to any of the host's " "network interfaces, only to the VM's guest-side interface." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml69(para) msgid "" "In any setup with flat networking, the hosts providing the nova-network service are responsible for " "forwarding traffic from the private network. They also run and configure " "dnsmasq as a DHCP server listening on this bridge, " "usually on IP address 10.0.0.1 (see DHCP " "server: dnsmasq ). Compute can determine the NAT entries for each " "network, although sometimes NAT is not used, such as when configured with " "all public IPs or a hardware router is used (one of the HA options). Such " "hosts need to have br100 configured and physically " "connected to any other nodes that are hosting VMs. You must set the " "flat_network_bridge option or create networks with the " "bridge parameter in order to avoid raising an error. Compute nodes have " "iptables/ebtables entries created for each project and instance to protect " "against IP/MAC address spoofing and ARP poisoning." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml84(para) msgid "" "In single-host Flat DHCP mode you will " "be able to ping VMs through their fixed IP from the nova-" "network node, but you cannot ping them from the compute nodes. This is " "expected behavior." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml91(term) msgid "VLAN Network Manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml92(para) msgid "" "VLANManager mode is the default mode for " "OpenStack Compute. In this mode, Compute creates a VLAN and bridge for each " "tenant. For multiple-machine installation, the VLAN Network Mode requires a " "switch that supports VLAN tagging (IEEE 802.1Q). The tenant gets a range of " "private IPs that are only accessible from inside the VLAN. In order for a " "user to access the instances in their tenant, a special VPN instance (code " "named cloudpipe) needs to be created. Compute generates a certificate and " "key for the user to access the VPN and starts the VPN automatically. It " "provides a private network segment for each tenant's instances that can be " "accessed through a dedicated VPN connection from the Internet. In this mode," " each tenant gets its own VLAN, Linux networking bridge, and subnet." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml103(para) msgid "" "The subnets are specified by the network administrator, and are assigned " "dynamically to a tenant when required. A DHCP Server is started for each " "VLAN to pass out IP addresses to VM instances from the subnet assigned to " "the tenant. All instances belonging to one tenant are bridged into the same " "VLAN for that tenant. OpenStack Compute creates the Linux networking bridges" " and VLANs when required." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml111(para) msgid "" "These network managers can co-exist in a cloud system. However, because you " "cannot select the type of network for a given tenant, you cannot configure " "multiple network types in a single Compute installation." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml114(para) msgid "" "All network managers configure the network using network drivers. For example, the Linux L3 driver" " (l3.py and linux_net.py), which makes" " use of iptables, route and other " "network management facilities, and libvirt's network filtering " "facilities. The driver is not tied to any particular network manager;" " all network managers use the same driver. The driver usually initializes " "(creates bridges and so on) only when the first VM lands on this host node." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml122(para) msgid "" "All network managers operate in either single-" "host or multi-host mode. " "This choice greatly influences the network configuration. In single-host " "mode, a single nova-network " "service provides a default gateway for VMs and hosts a single DHCP server " "(dnsmasq). In multi-host mode, each compute node " "runs its own nova-network " "service. In both cases, all traffic between VMs and the outer world flows " "through nova-network. Each mode " "has its pros and cons (see the Network Topology " "section in the OpenStack Operations Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml134(para) msgid "" "All networking options require network connectivity to be already set up " "between OpenStack physical nodes. OpenStack does not configure any physical " "network interfaces. All network managers automatically create VM virtual " "interfaces. Some, but not all, managers create network bridges such as " "br100." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml139(para) msgid "" "All machines must have a public and " "internal network interface (controlled " "by the options: public_interface for the public " "interface, and flat_interface and " "vlan_interface for the internal interface with flat / " "VLAN managers). This guide refers to the public network as the external " "network and the private network as the internal or tenant network." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml151(para) msgid "" "The internal network interface is used for communication with VMs; the " "interface should not have an IP address attached to it before OpenStack " "installation (it serves merely as a fabric where the actual endpoints are " "VMs and dnsmasq). Also, you must put the internal network interface in " "promiscuous mode, because it must " "receive packets whose target MAC address is of the guest VM, not of the " "host." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml157(para) msgid "" "Throughout this documentation, the public network is sometimes referred to " "as the external network, while the internal network is also sometimes " "referred to as the private network or tenant network." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml163(para) msgid "" "For flat and flat DHCP modes, use the following command to create a network:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml168(para) msgid " specifies the network subnet." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml171(para) msgid "" " specifies a range of fixed IP addresses to " "allocate, and can be a subset of the " "argument." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml176(para) msgid "" " specifies the bridge device to which this network " "is connected on every compute node." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml166(para) msgid "Where:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml182(title) msgid "DHCP server: dnsmasq" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml183(para) msgid "" "The Compute service uses dnsmasq as the" " DHCP server when running with either that Flat DHCP Network Manager or the " "VLAN Network Manager. The nova-" "network service is responsible for starting up " "dnsmasq processes." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml188(para) msgid "" "The behavior of dnsmasq can be customized by " "creating a dnsmasq configuration file. Specify the " "configuration file using the dnsmasq_config_file " "configuration option. For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml193(para) msgid "" "For an example of how to change the behavior of " "dnsmasq using a dnsmasq " "configuration file, see the OpenStack Configuration " "Reference. The dnsmasq " "documentation also has a more comprehensive dnsmasq" " configuration file example." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml200(para) msgid "" "dnsmasq also acts as a caching DNS server for " "instances. You can explicitly specify the DNS server that " "dnsmasq should use by setting the " "dns_server configuration option in " "/etc/nova/nova.conf. The following example would " "configure dnsmasq to use Google's public DNS " "server:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml206(para) msgid "" "Logging output for dnsmasq goes to the " "syslog (typically " "/var/log/syslog or " "/var/log/messages, depending on Linux distribution). " "dnsmasq logging output can be useful for " "troubleshooting if VM instances boot successfully but are not reachable over" " the network." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml211(para) msgid "" "A network administrator can run nova-manage fixed reserve " "--address=x.x.x.x to specify the starting " "point IP address (x.x.x.x) to reserve with the DHCP server. This reservation" " only affects which IP address the VMs start at, not the fixed IP addresses " "that the nova-network service " "places on the bridges." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml223(title) msgid "Metadata service" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml225(title) msgid "Introduction" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml226(para) msgid "" "The Compute service uses a special metadata service to enable virtual " "machine instances to retrieve instance-specific data. Instances access the " "metadata service at http://169.254.169.254. The metadata " "service supports two sets of APIs: an OpenStack metadata API and an " "EC2-compatible API. Each of the APIs is versioned by date." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml234(para) msgid "" "To retrieve a list of supported versions for the OpenStack metadata API, " "make a GET request to http://169.254.169.254/openstack " "For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml241(para) msgid "" "To list supported versions for the EC2-compatible metadata API, make a GET " "request to http://169.254.169.254." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml244(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml268(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml278(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml295(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml325(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml331(para) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml518(para) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml47(para) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml61(para) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml461(para) msgid "For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml256(para) msgid "" "If you write a consumer for one of these APIs, always attempt to access the " "most recent API version supported by your consumer first, then fall back to " "an earlier version if the most recent one is not available." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml263(title) msgid "OpenStack metadata API" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml264(para) msgid "" "Metadata from the OpenStack API is distributed in JSON format. To retrieve " "the metadata, make a GET request to " "http://169.254.169.254/openstack/2012-08-10/meta_data.json." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml271(para) msgid "" "Instances also retrieve user data (passed as the " "user_data parameter in the API call or by the " "--user_data flag in the command) through" " the metadata service, by making a GET request to " "http://169.254.169.254/openstack/2012-08-10/user_data." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml284(title) msgid "EC2 metadata API" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml285(para) msgid "" "The metadata service has an API that is compatible with version 2009-04-04 " "of the Amazon EC2 metadata service; virtual " "machine images that are designed for EC2 work properly with OpenStack." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml291(para) msgid "" "The EC2 API exposes a separate URL for each metadata. You can retrieve a " "listing of these elements by making a GET query to " "http://169.254.169.254/2009-04-04/meta-data/" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml321(para) msgid "" "Instances can retrieve the public SSH key (identified by keypair name when a" " user requests a new instance) by making a GET request to " "http://169.254.169.254/2009-04-04/meta-data/public-keys/0/openssh-" "key." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml328(para) msgid "" "Instances can retrieve user data by making a GET request to " "http://169.254.169.254/2009-04-04/user-data." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml337(title) msgid "Run the metadata service" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml338(para) msgid "" "The metadata service is implemented by either the nova-api service or the nova-api-metadata service. (The nova-api-metadata service is generally only " "used when running in multi-host mode, it retrieves instance-specific " "metadata). If you are running the nova-" "api service, you must have metadata as one " "of the elements of the list of the enabled_apis " "configuration option in /etc/nova/nova.conf. The " "default enabled_apis configuration setting includes the " "metadata service, so you should not need to modify it." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml349(para) msgid "" "Hosts access the service at 169.254.169.254:80, and this " "is translated to metadata_host:metadata_port by an " "iptables rule established by the nova-" "network servce. In multi-host mode, you can set " " to 127.0.0.1." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml354(para) msgid "" "To enable instances to reach the metadata service, the nova-network service configures iptables to " "NAT port 80 of the 169.254.169.254 " "address to the IP address specified in " "(default $my_ip, which is the IP address of the " "nova-network service) and port " "specified in (default " "8775) in /etc/nova/nova.conf." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml368(para) msgid "" "The metadata_host configuration option must be an IP " "address, not a host name." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml373(para) msgid "" "The default Compute service settings assume that the nova-network service and the nova-api service are running on the same " "host. If this is not the case, you must make this change in the " "/etc/nova/nova.conf file on the host running the " "nova-network service:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml384(para) msgid "" "Set the metadata_host configuration option to the IP " "address of the host where the nova-" "api service runs." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml395(title) msgid "Enable ping and SSH on VMs" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml396(para) msgid "" "Be sure you enable access to your VMs by using the or " " command. These commands enable you to and " " to your VMs:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml402(para) msgid "" "You must run these commands as root only if the credentials used to interact" " with nova-api are in " "/root/.bashrc. If the EC2 credentials are the " ".bashrc file for another user, you must run these " "commands as the user." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml410(para) msgid "Run commands:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml413(para) msgid "Using euca2ools:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml416(para) msgid "" "If you still cannot ping or SSH your instances after issuing the " " commands, look at the number of dnsmasq " "processes that are running. If you have a running instance, check to see " "that TWO dnsmasq processes are running. If not, perform " "the following commands as root:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml425(title) msgid "Configure public (floating) IP addresses" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml427(para) msgid "" "If you are using Compute's nova-" "network instead of OpenStack Networking (neutron) for " "networking in OpenStack, use procedures in this section to configure " "floating IP addresses. For instructions on how to configure OpenStack " "Networking (neutron) to provide access to instances through floating IP " "addresses, see ." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml433(title) msgid "Private and public IP addresses" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml434(para) msgid "" "Every virtual instance is automatically assigned a private IP address. You " "can optionally assign public IP addresses to instances. The term floating IP refers to an IP " "address, typically public, that you can dynamically add to a running virtual" " instance. OpenStack Compute uses Network Address Translation (NAT) to " "assign floating IPs to virtual instances." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml444(para) msgid "" "If you plan to use this feature, you must add edit the " "/etc/nova/nova.conf file to specify to which interface " "the nova-network service binds " "public IP addresses, as follows:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml450(replaceable) msgid "vlan100" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml451(para) msgid "" "If you make changes to the /etc/nova/nova.conf file " "while the nova-network service is" " running, you must restart the service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml457(title) msgid "Traffic between VMs using floating IPs" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml459(para) msgid "" "Because floating IPs are implemented by using a source NAT (SNAT rule in " "iptables), security groups can display inconsistent behavior if VMs use " "their floating IP to communicate with other VMs, particularly on the same " "physical host. Traffic from VM to VM across the fixed network does not have " "this issue, and so this is the recommended path. To ensure that traffic does" " not get SNATed to the floating range, explicitly set: The " "x.x.x.x/y value specifies the range of floating IPs for " "each pool of floating IPs that you define. If the VMs in the source group " "have floating IPs, this configuration is also required." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml472(title) msgid "Enable IP forwarding" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml473(para) msgid "" "By default, IP forwarding is disabled on most Linux distributions. To use " "the floating IP feature, you must enable IP forwarding." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml477(para) msgid "" "You must enable IP forwarding only on the nodes that run the nova-network service. If you use " "multi_host mode, ensure that you enable it on all compute" " nodes. Otherwise, enable it on only the node that runs the nova-network service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml483(para) msgid "To check whether forwarding is enabled, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml486(para) msgid "Alternatively, you can run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml489(para) msgid "" "In the previous example, IP forwarding is disabled. To enable it dynamically, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml492(para) msgid "Or:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml494(para) msgid "" "To make the changes permanent, edit the " "/etc/sysctl.conf file and update the IP forwarding " "setting:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml498(para) msgid "Save the file and run the following command to apply the changes:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml500(para) msgid "You can also update the setting by restarting the network service:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml503(para) msgid "On Ubuntu, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml507(para) msgid "On RHEL/Fedora/CentOS, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml513(title) msgid "Create a list of available floating IP addresses" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml515(para) msgid "" "Compute maintains a list of floating IP addresses that you can assign to " "instances. Use the command to add entries to this list." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml520(para) msgid "" "You can use the following commands to perform floating IP " "operations:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml526(para) msgid "Lists the floating IP addresses in the pool." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml530(replaceable) msgid "[pool name]" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml530(replaceable) #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml535(replaceable) msgid "[CIDR]" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml531(para) msgid "Creates specific floating IPs for either a single address or a subnet." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml536(para) msgid "" "Removes floating IP addresses using the same parameters as the create " "command." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml541(para) msgid "" "For information about how administrators can associate floating IPs with " "instances, see Manage IP addresses in the " "OpenStack Admin User Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml549(title) msgid "Automatically add floating IPs" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml550(para) msgid "" "You can configure the nova-" "network service to automatically allocate and assign a floating" " IP address to virtual instances when they are launched. Add the following " "line to the /etc/nova/nova.conf file and restart the " "nova-network service:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml560(para) msgid "" "If you enable this option and all floating IP addresses have already been " "allocated, the command fails." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml568(title) msgid "Remove a network from a project" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml569(para) msgid "" "You cannot remove a network that has already been associated to a project by" " simply deleting it." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml571(para) msgid "" "To determine the project ID, you must have administrative rights. You can " "disassociate the project from the network with a scrub command and the " "project ID as the final parameter:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml574(replaceable) msgid "<id>" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml577(title) msgid "Multiple interfaces for your instances (multinic)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml580(para) msgid "" "The multinic feature allows you to plug more than one interface to your " "instances, making it possible to make several use cases available:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml584(para) msgid "SSL Configurations (VIPs)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml587(para) msgid "Services failover/ HA" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml590(para) msgid "Bandwidth Allocation" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml593(para) msgid "Administrative/ Public access to your instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml599(title) msgid "multinic flat manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml609(title) msgid "multinic flatdhcp manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml619(title) msgid "multinic VLAN manager" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml597(para) msgid "" "Each VIF is representative of a separate network with its own IP block. " "Every network mode introduces its own set of changes regarding the multinic " "usage: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml630(title) msgid "Use the multinic feature" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml631(para) msgid "" "In order to use the multinic feature, first create two networks, and attach " "them to your tenant (still named 'project' on the command line): " " Now every time you spawn a new instance, it gets two IP " "addresses from the respective DHCP servers:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml644(para) msgid "" "Make sure to power up the second interface on the instance, otherwise that " "last won't be reachable through its second IP. Here is an example of how to " "setup the interfaces within the instance (this is the configuration that " "needs to be applied inside the image):" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml650(filename) msgid "/etc/network/interfaces" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml662(para) msgid "" "If the Virtual Network Service Neutron is installed, it is possible to " "specify the networks to attach to the respective interfaces by using the " "--nic flag when invoking the nova " "command: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml674(title) msgid "Troubleshoot Networking" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml676(title) msgid "Cannot reach floating IPs" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml677(para) msgid "" "If you cannot reach your instances through the floating IP address, check " "the following:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml679(para) msgid "" "Ensure the default security group allows ICMP (ping) and SSH (port 22), so " "that you can reach the instances:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml689(para) msgid "" "Ensure the NAT rules have been added to iptables on" " the node that nova-network is running on, as root:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml694(para) msgid "" "Check that the public address, in this example \"68.99.26.170\", has been " "added to your public interface. You should see the address in the listing " "when you enter \"ip addr\" at the command prompt." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml704(para) msgid "" "Note that you cannot SSH to an instance with a public IP from within the " "same server as the routing configuration won't allow it." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml707(para) msgid "" "You can use to identify if packets are being routed to the " "inbound interface on the compute host. If the packets are reaching the " "compute hosts but the connection is failing, the issue may be that the " "packet is being dropped by reverse path filtering. Try disabling reverse-" "path filtering on the inbound interface. For example, if the inbound " "interface is eth2, as root, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml713(replaceable) msgid "eth2" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml714(para) msgid "" "If this solves your issue, add the following line to " "/etc/sysctl.conf so that the reverse-path filter is " "disabled the next time the compute host reboots: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml721(title) msgid "Disable firewall" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml722(para) msgid "" "To help debug networking issues with reaching VMs, you can disable the " "firewall by setting the following option in " "/etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml727(para) msgid "" "We strongly recommend you remove this line to re-enable the firewall once " "your networking issues have been resolved." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml732(title) msgid "Packet loss from instances to nova-network server (VLANManager mode)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml734(para) msgid "" "If you can SSH to your instances but you find that the network interactions " "to your instance is slow, or if you find that running certain operations are" " slower than they should be (for example, ), then there may " "be packet loss occurring on the connection to the instance." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml741(para) msgid "" "Packet loss can be caused by Linux networking configuration settings related" " to bridges. Certain settings can cause packets to be dropped between the " "VLAN interface (for example, vlan100) and the associated " "bridge interface (for example, br100) on the host running" " the nova-network service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml750(para) msgid "" "One way to check whether this is the issue in your setup, is to open up " "three terminals and run the following commands:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml755(para) msgid "" "In the first terminal, on the host running nova-network, use " " on the VLAN interface to monitor DNS-related traffic (UDP, " "port 53). As root, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml760(para) msgid "" "In the second terminal, also on the host running nova-network, use " " to monitor DNS-related traffic on the bridge interface. As " "root, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml764(para) msgid "" "In the third terminal, SSH inside of the instance and generate DNS requests " "by using the command:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml768(para) msgid "" "The symptoms may be intermittent, so try running multiple " "times. If the network configuration is correct, the command should return " "immediately each time. If it is not functioning properly, the command hangs " "for several seconds." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml774(para) msgid "" "If the command sometimes hangs, and there are packets that " "appear in the first terminal but not the second, then the problem may be due" " to filtering done on the bridges. Try to disable filtering, run the " "following commands as root:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml781(para) msgid "" "If this solves your issue, add the following line to " "/etc/sysctl.conf so that these changes take effect the " "next time the host reboots:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml791(title) msgid "KVM: Network connectivity works initially, then fails" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml793(para) msgid "" "Some administrators have observed an issue with the KVM hypervisor where " "instances running Ubuntu 12.04 sometimes loses network connectivity after " "functioning properly for a period of time. Some users have reported success " "with loading the vhost_net kernel module as a workaround for this issue (see" " bug " "#997978) . This kernel module may also improve network performance on KVM. To load " "the kernel module, as root:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml808(para) msgid "Loading the module has no effect on running instances." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml64(None) msgid "" "@@image: '../../common/figures/instance-life-1.png'; " "md5=c7e56263f9ffb5a5cffb59fbc5ffba35" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml83(None) msgid "" "@@image: '../../common/figures/instance-life-2.png'; " "md5=84aed8a4c2575548c2f8bacf496465ac" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml121(None) msgid "" "@@image: '../../common/figures/instance-life-3.png'; " "md5=e25d1bd617373f95e1b8a12605a65ac6" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml7(title) msgid "Images and instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml8(para) msgid "" "Disk images provide templates for virtual machine file systems. The Image " "Service manages storage and management of images." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml11(para) msgid "" "Instances are the individual virtual machines that run on physical compute " "nodes. Users can launch any number of instances from the same image. Each " "launched instance runs from a copy of the base image so that any changes " "made to the instance do not affect the base image. You can take snapshots of" " running instances to create an image based on the current disk state of a " "particular instance. The Compute services manages instances." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml19(para) msgid "" "When you launch an instance, you must choose a flavor, " "which represents a set of virtual resources. Flavors define how many virtual" " CPUs an instance has and the amount of RAM and size of its ephemeral disks." " OpenStack provides a number of predefined flavors that you can edit or add " "to. Users must select from the set of available flavors defined on their " "cloud." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml26(para) msgid "" "For more information about creating and troubleshooting images, see the " "OpenStack Virtual Machine Image " "Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml33(para) msgid "" "For more information about image configuration options, see the Image Services section" " of the OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml39(para) msgid "" "For more information about flavors, see or the Flavors section in the " "OpenStack Operations Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml45(para) msgid "" "You can add and remove additional resources from running instances, such as " "persistent volume storage, or public IP addresses. The example used in this " "chapter is of a typical virtual system within an OpenStack cloud. It uses " "the cinder-volume service, which " "provides persistent block storage, instead of the ephemeral storage provided" " by the selected instance flavor." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml53(para) msgid "" "This diagram shows the system state prior to launching an instance. The " "image store, fronted by the Image service (glance) has a number of " "predefined images. Inside the cloud, a compute node contains the available " "vCPU, memory, and local disk resources. Additionally, the cinder-volume service provides a number of " "predefined volumes." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml59(title) msgid "Base image state with no running instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml68(para) msgid "" "To launch an instance, select an image, a flavor, and other optional " "attributes. The selected flavor provides a root volume, labeled " "vda in this diagram, and additional ephemeral storage, " "labeled vdb. In this example, the cinder-volume store is mapped to the third " "virtual disk on this instance, vdc." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml77(title) msgid "Instance creation from image and runtime state" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml87(para) msgid "" "The base image is copied from the image store to the local disk. The local " "disk is the first disk that the instance accesses, and is labeled " "vda. By using smaller images, your instances start up " "faster as less data needs to be copied across the network." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml92(para) msgid "" "A new empty disk, labeled vdb is also created. This is an" " empty ephemeral disk, which is destroyed when you delete the instance." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml95(para) msgid "" "The compute node is attached to the cinder-" "volume using iSCSI, and maps to the third disk, " "vdc. The vCPU and memory resources are provisioned and " "the instance is booted from vda. The instance runs and " "changes data on the disks as indicated in red in the diagram." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml105(para) msgid "" "Some of the details in this example scenario might be different in your " "environment. For example, you might use a different type of back-end storage" " or different network protocols. One common variant is that the ephemeral " "storage used for volumes vda and vdb " "could be backed by network storage rather than a local disk." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml111(para) msgid "" "When the instance is deleted, the state is reclaimed with the exception of " "the persistent volume. The ephemeral storage is purged; memory and vCPU " "resources are released. The image remains unchanged throughout." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml115(title) msgid "End state of image and volume after instance exits" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml130(title) msgid "Control where instances run" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml131(para) msgid "" "The OpenStack Configuration " "Reference provides detailed information on controlling " "where your instances run, including ensuring a set of instances run on " "different compute nodes for service resiliency or on the same node for high " "performance inter-instance communications." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml141(replaceable) msgid "availability-zone" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml141(replaceable) msgid "compute-host" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml139(para) msgid "" "Admin users can specify an exact compute node to run on using the command " "" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml15(title) msgid "Configure Compute service groups" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml16(para) msgid "" "To effectively manage and utilize compute nodes, the Compute service must " "know their statuses. For example, when a user launches a new VM, the Compute" " scheduler sends the request to a live node; the Compute service queries the" " ServiceGroup API to get information about whether a node is alive." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml20(para) msgid "" "When a compute worker (running the nova-" "compute daemon) starts, it calls the " "join API to join the compute group. Any interested " "service (for example, the scheduler) can query the group's membership and " "the status of its nodes. Internally, the " "ServiceGroup client driver automatically updates " "the compute worker status." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml25(para) msgid "The database, ZooKeeper, and Memcache drivers are available." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml27(title) msgid "Database ServiceGroup driver" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml28(para) msgid "" "By default, Compute uses the database driver to track node liveness. In a " "compute worker, this driver periodically sends a command to" " the database, saying I'm OK with a timestamp. Compute uses a" " pre-defined timeout (service_down_time) to determine " "whether a node is dead." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml32(para) msgid "" "The driver has limitations, which can be an issue depending on your setup. " "The more compute worker nodes that you have, the more pressure you put on " "the database. By default, the timeout is 60 seconds so it might take some " "time to detect node failures. You could reduce the timeout value, but you " "must also make the database update more frequently, which again increases " "the database workload." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml37(para) msgid "" "The database contains data that is both transient (whether the node is " "alive) and persistent (for example, entries for VM owners). With the " "ServiceGroup abstraction, Compute can treat each type separately." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml42(title) msgid "ZooKeeper ServiceGroup driver" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml43(para) msgid "" "The ZooKeeper ServiceGroup driver works by using ZooKeeper ephemeral nodes. " "ZooKeeper, in contrast to databases, is a distributed system. Its load is " "divided among several servers. At a compute worker node, after establishing " "a ZooKeeper session, the driver creates an ephemeral znode in the group " "directory. Ephemeral znodes have the same lifespan as the session. If the " "worker node or the nova-compute " "daemon crashes, or a network partition is in place between the worker and " "the ZooKeeper server quorums, the ephemeral znodes are removed " "automatically. The driver gets the group membership by running the " " command in the group directory." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml53(para) msgid "" "To use the ZooKeeper driver, you must install ZooKeeper servers and client " "libraries. Setting up ZooKeeper servers is outside the scope of this guide " "(for more information, see Apache Zookeeper)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml57(para) msgid "" "To use ZooKeeper, you must install client-side Python libraries on every " "nova node: python-zookeeper – the official Zookeeper " "Python binding and evzookeeper – the library to make the " "binding work with the eventlet threading model." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml61(para) msgid "" "The following example assumes the ZooKeeper server addresses and ports are " "192.168.2.1:2181, 192.168.2.2:2181, " "and 192.168.2.3:2181." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml64(para) msgid "" "The following values in the /etc/nova/nova.conf file " "(on every node) are required for the ZooKeeper " "driver:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml71(para) msgid "" "To customize the Compute Service groups, use the following configuration " "option settings:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml76(title) msgid "Memcache ServiceGroup driver" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml77(para) msgid "" "The memcache ServiceGroup driver uses memcached, " "which is a distributed memory object caching system that is often used to " "increase site performance. For more details, see memcached.org." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml81(para) msgid "" "To use the memcache driver, you must install " "memcached. However, because " "memcached is often used for both OpenStack Object " "Storage and OpenStack dashboard, it might already be installed. If " "memcached is not installed, refer to the OpenStack Installation Guide " "for more information." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml89(para) msgid "" "The following values in the /etc/nova/nova.conf file " "(on every node) are required for the memcache " "driver:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml7(title) msgid "Recover from a failed compute node" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml8(para) msgid "" "If you deployed Compute with a shared file system, you can quickly recover " "from a failed compute node. Of the two methods covered in these sections, " "evacuating is the preferred method even in the absence of shared storage. " "Evacuating provides many benefits over manual recovery, such as re-" "attachment of volumes and floating IPs." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml14(title) msgid "Manual recovery" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml15(para) msgid "" "To recover a KVM/libvirt compute node, see the previous section. Use the " "following procedure for all other hypervisors." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml18(title) msgid "Review host information" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml20(para) msgid "" "Identify the VMs on the affected hosts, using tools such as a combination of" " nova list and nova show or euca-describe-instances. For example, the following output " "displays information about instance i-000015b9 that" " is running on node np-rcc54:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml29(para) msgid "" "Review the status of the host by querying the Compute database. Some of the " "important information is highlighted below. The following example converts " "an EC2 API instance ID into an OpenStack ID; if you used the " "nova commands, you can substitute the ID directly. You " "can find the credentials for your database in " "/etc/nova.conf." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml55(title) msgid "Recover the VM" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml57(para) msgid "" "After you have determined the status of the VM on the failed host, decide to" " which compute host the affected VM should be moved. For example, run the " "following database command to move the VM to np-" "rcc46:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml64(para) msgid "" "If using a hypervisor that relies on libvirt (such as KVM), it is a good " "idea to update the libvirt.xml file (found in " "/var/lib/nova/instances/[instance ID]). The important " "changes to make are:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml71(para) msgid "" "Change the DHCPSERVER value to the host IP address of the" " compute host that is now the VM's new home." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml76(para) msgid "" "Update the VNC IP, if it isn't already updated, to: " "0.0.0.0." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml83(para) msgid "Reboot the VM:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml87(para) msgid "" "In theory, the above database update and nova reboot " "command are all that is required to recover a VM from a failed host. " "However, if further problems occur, consider looking at recreating the " "network filter configuration using virsh, restarting the " "Compute services or updating the vm_state and " "power_state in the Compute database." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml95(title) msgid "Recover from a UID/GID mismatch" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml96(para) msgid "" "When running OpenStack Compute, using a shared file system or an automated " "configuration tool, you could encounter a situation where some files on your" " compute node are using the wrong UID or GID. This causes a number of " "errors, such as being unable to do live migration or start virtual machines." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml100(para) msgid "" "The following procedure runs on nova-" "compute hosts, based on the KVM hypervisor, and could help to " "restore the situation:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml104(title) msgid "To recover from a UID/GID mismatch" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml106(para) msgid "" "Ensure you do not use numbers that are already used for some other " "user/group." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml110(para) msgid "" "Set the nova uid in /etc/passwd to the same number in " "all hosts (for example, 112)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml114(para) msgid "" "Set the libvirt-qemu uid in /etc/passwd to the same " "number in all hosts (for example, 119)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml120(para) msgid "" "Set the nova group in /etc/group file to the same " "number in all hosts (for example, 120)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml126(para) msgid "" "Set the libvirtd group in /etc/group file to the same " "number in all hosts (for example, 119)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml132(para) msgid "Stop the services on the compute node." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml136(para) msgid "" "Change all the files owned by user nova or by group" " nova. For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml142(para) msgid "" "Repeat the steps for the libvirt-qemu owned files if those needed to change." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml146(para) msgid "Restart the services." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml149(para) msgid "" "Now you can run the command to verify that all files using " "the correct identifiers." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml156(title) msgid "Recover cloud after disaster" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml157(para) msgid "" "Use the following procedures to manage your cloud after a disaster, and to " "easily back up its persistent storage volumes. Backups are mandatory, even outside of disaster scenarios." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml160(para) msgid "" "For a DRP definition, see http://en.wikipedia.org/wiki/Disaster_Recovery_Plan." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml164(title) msgid "Disaster recovery example" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml165(para) msgid "" "A disaster could happen to several components of your architecture (for " "example, a disk crash, a network loss, or a power cut). In this example, the" " following components are configured:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml170(para) msgid "" "A cloud controller (nova-api, nova-" "objectstore, nova-network)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml175(para) msgid "A compute node (nova-compute)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml180(para) msgid "" "A Storage Area Network (SAN) used by OpenStack Block Storage (cinder-volumes)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml184(para) msgid "" "The worst disaster for a cloud is a power loss, which applies to all three " "components. Before a power loss:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml188(para) msgid "" "From the SAN to the cloud controller, we have an active iSCSI session (used " "for the \"cinder-volumes\" LVM's VG)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml192(para) msgid "" "From the cloud controller to the compute node, we also have active iSCSI " "sessions (managed by cinder-" "volume)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml197(para) msgid "" "For every volume, an iSCSI session is made (so 14 ebs volumes equals 14 " "sessions)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml201(para) msgid "" "From the cloud controller to the compute node, we also have iptables/ " "ebtables rules which allow access from the cloud controller to the running " "instance." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml206(para) msgid "" "And at least, from the cloud controller to the compute node; saved into " "database, the current state of the instances (in that case \"running\" ), " "and their volumes attachment (mount point, volume ID, volume status, and so " "on.)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml212(para) msgid "After the power loss occurs and all hardware components restart:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml215(para) msgid "From the SAN to the cloud, the iSCSI session no longer exists." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml218(para) msgid "" "From the cloud controller to the compute node, the iSCSI sessions no longer " "exist." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml222(para) msgid "" "From the cloud controller to the compute node, the iptables and ebtables are" " recreated, since at boot, nova-network reapplies " "configurations." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml227(para) msgid "" "From the cloud controller, instances are in a shutdown state (because they " "are no longer running)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml231(para) msgid "" "In the database, data was not updated at all, since Compute could not have " "anticipated the crash." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml235(para) msgid "" "Before going further, and to prevent the administrator from making fatal " "mistakes, instances won't be lost, " "because no \"\" or \"\" command was invoked," " so the files for the instances remain on the compute node." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml240(para) msgid "Do not add any extra steps at this stage." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml239(para) msgid "Perform these tasks in the following order. " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml244(para) msgid "" "Get the current relation from a volume to its instance, so that you can " "recreate the attachment." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml249(para) msgid "" "Update the database to clean the stalled state. (After that, you cannot " "perform the first step)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml254(para) msgid "" "Restart the instances. In other words, go from a shutdown to running state." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml259(para) msgid "" "After the restart, reattach the volumes to their respective instances " "(optional)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml263(para) msgid "SSH into the instances to reboot them." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml269(title) msgid "Recover after a disaster" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml271(title) msgid "To perform disaster recovery" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml273(title) msgid "Get the instance-to-volume relationship" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml275(para) msgid "" "You must determine the current relationship from a volume to its instance, " "because you will re-create the attachment." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml277(para) msgid "" "You can find this relationship by running . Note that the " " client includes the ability to get volume information from " "OpenStack Block Storage." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml283(title) msgid "Update the database" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml284(para) msgid "" "Update the database to clean the stalled state. You must restore for every " "volume, using these queries to clean up the database:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml291(para) msgid "You can then run commands to list all volumes." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml295(title) msgid "Restart instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml297(replaceable) msgid "$instance" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml296(para) msgid "Restart the instances using the command." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml298(para) msgid "" "At this stage, depending on your image, some instances completely reboot and" " become reachable, while others stop on the \"plymouth\" stage." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml303(title) msgid "DO NOT reboot a second time" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml304(para) msgid "" "Do not reboot instances that are stopped at this point. Instance state " "depends on whether you added an /etc/fstab entry for " "that volume. Images built with the cloud-init package " "remain in a pending state, while others skip the missing volume and start. " "The idea of that stage is only to ask Compute to reboot every instance, so " "the stored state is preserved. For more information about cloud-" "init, see help.ubuntu.com/community/CloudInit." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml315(title) msgid "Reattach volumes" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml316(para) msgid "" "After the restart, and Compute has restored the right status, you can " "reattach the volumes to their respective instances using the " " command. The following snippet uses a file of listed " "volumes to reattach them:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml330(para) msgid "" "At this stage, instances that were pending on the boot sequence " "(plymouth) automatically continue their boot, and" " restart normally, while the ones that booted see the volume." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml335(title) msgid "SSH into instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml336(para) msgid "" "If some services depend on the volume, or if a volume has an entry into " "fstab, you should now simply restart the instance. " "This restart needs to be made from the instance itself, not through " "." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml340(para) msgid "SSH into the instance and perform a reboot:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml344(para) msgid "By completing this procedure, you can successfully recover your cloud." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml347(para) msgid "Follow these guidelines:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml350(para) msgid "" "Use the errors=remount parameter in the " "fstab file, which prevents data corruption." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml353(para) msgid "" "The system locks any write to the disk if it detects an I/O error. This " "configuration option should be added into the cinder-volume server (the one which performs the iSCSI " "connection to the SAN), but also into the instances' " "fstab file." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml360(para) msgid "" "Do not add the entry for the SAN's disks to the cinder-volume's fstab file." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml363(para) msgid "" "Some systems hang on that step, which means you could lose access to your " "cloud-controller. To re-run the session manually, run the following command " "before performing the mount: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml369(para) msgid "" "For your instances, if you have the whole /home/ " "directory on the disk, leave a user's directory with the user's bash files " "and the authorized_keys file (instead of emptying the " "/home directory and mapping the disk on it)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml374(para) msgid "" "This enables you to connect to the instance, even without the volume " "attached, if you allow only connections through public keys." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml381(title) msgid "Script the DRP" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml382(para) msgid "" "You can download from here a bash script " "which performs the following steps:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml386(para) msgid "An array is created for instances and their attached volumes." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml387(para) msgid "The MySQL database is updated." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml388(para) msgid "Using euca2ools, all instances are restarted." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml389(para) msgid "The volume attachment is made." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml390(para) msgid "" "An SSH connection is performed into every instance using Compute " "credentials." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml392(para) msgid "" "The \"test mode\" allows you to perform that whole sequence for only one " "instance." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml395(para) msgid "" "To reproduce the power loss, connect to the compute node which runs that " "same instance and close the iSCSI session. Do not detach the volume using " "the command; instead, manually close the iSCSI session. For" " the following example command uses an iSCSI session with the number 15:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml400(para) msgid "" "Do not forget the -r flag. Otherwise, you close ALL " "sessions." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml7(title) msgid "Instance management tools" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml8(para) msgid "" "OpenStack provides command-line, web-based, and API-based instance " "management tools. Additionally, a number of third-party management tools are" " available, using either the native API or the provided EC2-compatible API." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml13(para) msgid "" "The OpenStack python-novaclient package provides " "a basic command-line utility, which uses the command. This " "is available as a native package for most Linux distributions, or you can " "install the latest version using the pip python " "package installer:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml22(para) msgid "" "For more information about python-novaclient and " "other available command-line tools, see the OpenStack End User " "Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml7(title) msgid "System administration" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml8(para) msgid "" "By understanding how the different installed nodes interact with each other," " you can administer the Compute installation. Compute offers many ways to " "install using multiple servers but the general idea is that you can have " "multiple compute nodes that control the virtual servers and a cloud " "controller node that contains the remaining Compute services." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml15(para) msgid "" "The Compute cloud works through the interaction of a series of daemon " "processes named nova-* that reside persistently on " "the host machine or machines. These binaries can all run on the same machine" " or be spread out on multiple boxes in a large deployment. The " "responsibilities of services and drivers are:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml22(para) msgid "Services:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml25(para) msgid "" "nova-api. Receives xml requests " "and sends them to the rest of the system. It is a wsgi app that routes and " "authenticate requests. It supports the EC2 and OpenStack APIs. There is a " "nova-api.conf file created when you install Compute." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml32(para) msgid "nova-cert. Provides the certificate manager." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml36(para) msgid "" "nova-compute. Responsible for " "managing virtual machines. It loads a Service object which exposes the " "public methods on ComputeManager through Remote Procedure Call (RPC)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml42(para) msgid "" "nova-conductor. Provides database-access support " "for Compute nodes (thereby reducing security risks)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml46(para) msgid "" "nova-consoleauth. Handles console authentication." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml50(para) msgid "" "nova-objectstore: The nova-objectstore service is an ultra simple " "file-based storage system for images that replicates most of the S3 API. It " "can be replaced with OpenStack Image Service and a simple image manager or " "use OpenStack Object Storage as the virtual machine image storage facility. " "It must reside on the same node as nova-" "compute." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml59(para) msgid "" "nova-network. Responsible for " "managing floating and fixed IPs, DHCP, bridging and VLANs. It loads a " "Service object which exposes the public methods on one of the subclasses of " "NetworkManager. Different networking strategies are available to the service" " by changing the network_manager configuration option to FlatManager, " "FlatDHCPManager, or VlanManager (default is VLAN if no other is specified)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml68(para) msgid "" "nova-scheduler. Dispatches requests for new virtual" " machines to the correct node." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml72(para) msgid "" "nova-novncproxy. Provides a VNC proxy for browsers " "(enabling VNC consoles to access virtual machines)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml78(para) msgid "" "Some services have drivers that change how the service implements the core " "of its functionality. For example, the nova-compute" " service supports drivers that let you choose with which hypervisor type it " "will talk. nova-network and nova-" "scheduler also have drivers." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml87(title) msgid "Compute service architecture" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml88(para) msgid "" "The following basic categories describe the service architecture and what's " "going on within the cloud controller." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml91(title) msgid "API server" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml92(para) msgid "" "At the heart of the cloud framework is an API server. This API server makes " "command and control of the hypervisor, storage, and networking " "programmatically available to users." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml95(para) msgid "" "The API endpoints are basic HTTP web services which handle authentication, " "authorization, and basic command and control functions using various API " "interfaces under the Amazon, Rackspace, and related models. This enables API" " compatibility with multiple existing tool sets created for interaction with" " offerings from other vendors. This broad compatibility prevents vendor " "lock-in." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml106(title) msgid "Message queue" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml107(para) msgid "" "A messaging queue brokers the interaction between compute nodes " "(processing), the networking controllers (software which controls network " "infrastructure), API endpoints, the scheduler (determines which physical " "hardware to allocate to a virtual resource), and similar components. " "Communication to and from the cloud controller is by HTTP requests through " "multiple API endpoints." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml116(para) msgid "" "A typical message passing event begins with the API server receiving a " "request from a user. The API server authenticates the user and ensures that " "the user is permitted to issue the subject command. The availability of " "objects implicated in the request is evaluated and, if available, the " "request is routed to the queuing engine for the relevant workers. Workers " "continually listen to the queue based on their role, and occasionally their " "type host name. When an applicable work request arrives on the queue, the " "worker takes assignment of the task and begins its execution. Upon " "completion, a response is dispatched to the queue which is received by the " "API server and relayed to the originating user. Database entries are " "queried, added, or removed as necessary throughout the process." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml128(title) msgid "Compute worker" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml129(para) msgid "" "Compute workers manage computing instances on host machines. The API " "dispatches commands to compute workers to complete these tasks:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml134(para) msgid "Run instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml137(para) msgid "Terminate instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml140(para) msgid "Reboot instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml143(para) msgid "Attach volumes" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml146(para) msgid "Detach volumes" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml149(para) msgid "Get console output" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml154(title) msgid "Network Controller" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml155(para) msgid "" "The Network Controller manages the networking resources on host machines. " "The API server dispatches commands through the message queue, which are " "subsequently processed by Network Controllers. Specific operations include:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml162(para) msgid "Allocate fixed IP addresses" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml165(para) msgid "Configuring VLANs for projects" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml168(para) msgid "Configuring networks for compute nodes" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml175(title) msgid "Manage Compute users" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml176(para) msgid "" "Access to the Euca2ools (ec2) API is controlled by an access and secret key." " The user’s access key needs to be included in the request, and the request " "must be signed with the secret key. Upon receipt of API requests, Compute " "verifies the signature and runs commands on behalf of the user." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml182(para) msgid "" "To begin using Compute, you must create a user with the Identity Service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml186(title) msgid "Manage the cloud" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml187(para) msgid "" "A system administrator can use the client and the " " commands to manage the cloud." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml189(para) msgid "" "Both nova client and euca2ools can be used by all users, though specific " "commands might be restricted by Role Based Access Control in the Identity " "Service." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml192(title) msgid "To use the nova client" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml194(para) msgid "" "Installing the python-novaclient package gives you a " "nova shell command that enables Compute API interactions from " "the command line. Install the client, and then provide your user name and " "password (typically set as environment variables for convenience), and then " "you have the ability to send commands to your cloud on the command line." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml199(para) msgid "" "To install python-novaclient, download the tarball from " "http://pypi.python.org/pypi/python-" "novaclient/2.6.3#downloads and then install it in your favorite " "python environment." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml207(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml554(para) msgid "As root execute:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml211(para) msgid "Confirm the installation by running:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml226(para) msgid "" "This command returns a list of commands and parameters. To " "obtain help for a subcommand, run:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml228(replaceable) msgid "subcommand" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml229(para) msgid "" "You can also refer to the OpenStack Command-Line " "Reference for a complete listing of " "commands and parameters." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml236(para) msgid "" "Set the required parameters as environment variables to make running " "commands easier. For example, you can add --os-" "username as a option, or set it as an " "environment variable. To set the user name, password, and tenant as " "environment variables, use:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml245(para) msgid "" "Using the Identity Service, you are supplied with an authentication " "endpoint, which Compute recognizes as the OS_AUTH_URL." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml254(title) msgid "Use the euca2ools commands" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml255(para) msgid "" "For a command-line interface to EC2 API calls, use the " "command-line tool. See http://open.eucalyptus.com/wiki/Euca2oolsGuide_v1.3" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml264(title) msgid "Manage logs" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml266(title) msgid "Logging module" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml267(para) msgid "" "To specify a configuration file to change the logging behavior, add this " "line to the /etc/nova/nova.conf file . To change the " "logging level, such as DEBUG, INFO, " "WARNING, ERROR), use: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml272(para) msgid "" "The logging configuration file is an ini-style configuration file, which " "must contain a section called logger_nova, which controls" " the behavior of the logging facility in the nova-* " "services. For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml282(para) msgid "" "For more details on the logging configuration syntax, including the meaning " "of the handlers and quaname variables," " see the Python documentation on logging configuration " "file format f." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml290(para) msgid "" "For an example logging.conf file with various defined " "handlers, see the OpenStack Configuration " "Reference." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml279(para) msgid "" "This example sets the debugging level to INFO (which less" " verbose than the default DEBUG setting). " "" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml299(title) msgid "Syslog" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml300(para) msgid "" "You can configure OpenStack Compute services to send logging information to " "syslog. This is useful if you want to use " "rsyslog, which forwards the logs to a remote " "machine. You need to separately configure the Compute service (nova), the " "Identity service (keystone), the Image Service (glance), and, if you are " "using it, the Block Storage service (cinder) to send log messages to " "syslog. To do so, add the following lines to:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml309(filename) msgid "/etc/nova/nova.conf" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml312(filename) msgid "/etc/keystone/keystone.conf" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml315(filename) msgid "/etc/glance/glance-api.conf" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml318(filename) msgid "/etc/glance/glance-registry.conf" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml321(filename) msgid "/etc/cinder/cinder.conf" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml330(para) msgid "" "Although the example above uses the same local facility for each service " "(LOG_LOCAL0, which corresponds to " "syslog facility LOCAL0), we " "recommend that you configure a separate local facility for each service, as " "this provides better isolation and more flexibility. For example, you may " "want to capture logging information at different severity levels for " "different services. syslog allows you to define up " "to seven local facilities, LOCAL0, LOCAL1, ..., LOCAL7. " "For more details, see the syslog documentation." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml328(para) msgid "" "In addition to enabling syslog, these settings also" " turn off more verbose output and debugging output from the " "log." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml343(title) msgid "Rsyslog" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml344(para) msgid "" "rsyslog is a useful tool for setting up a " "centralized log server across multiple machines. We briefly describe the " "configuration to set up an rsyslog server; a full " "treatment of rsyslog is beyond the scope of this " "document. We assume rsyslog has already been " "installed on your hosts (default for most Linux distributions)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml350(para) msgid "" "This example provides a minimal configuration for " "/etc/rsyslog.conf on the log server host, which " "receives the log files:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml356(para) msgid "" "Add a filter rule to /etc/rsyslog.conf which looks for " "a host name. The example below uses compute-01 as" " an example of a compute host name:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml359(replaceable) msgid "compute-01" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml360(para) msgid "" "On each compute host, create a file named " "/etc/rsyslog.d/60-nova.conf, with the following " "content:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml367(para) msgid "" "Once you have created this file, restart your " "rsyslog daemon. Error-level log messages on the " "compute hosts should now be sent to your log server." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml375(title) msgid "Migrate instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml376(para) msgid "" "Before starting migrations, review the Configure migrations section." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml377(para) msgid "" "Migration provides a scheme to migrate running instances from one OpenStack " "Compute server to another OpenStack Compute server." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml381(title) msgid "To migrate instances" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml383(para) msgid "" "Look at the running instances, to get the ID of the instance you wish to " "migrate." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml394(para) msgid "" "Look at information associated with that instance. This example uses 'vm1' " "from above." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml410(para) msgid "In this example, vm1 is running on HostB." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml413(para) msgid "Select the server to which instances will be migrated:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml426(para) msgid "" "In this example, HostC can be picked up because nova-compute is running on it." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml431(para) msgid "Ensure that HostC has enough resources for migration." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml446(para) msgid "cpu:the number of cpu" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml451(para) msgid "" "memory_mb:total amount of memory (in MB)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml455(para) msgid "" "disk_gb:total amount of space for NOVA-" "INST-DIR/instances (in GB)" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml459(para) msgid "" "1st line shows total amount of resources " "for the physical server." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml463(para) msgid "" "2nd line shows currently used resources." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml467(para) msgid "3rd line shows maximum used resources." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml471(para) msgid "" "4th line and under shows the resource for" " each project." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml479(replaceable) msgid "server" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml479(replaceable) msgid "host_name" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml478(para) msgid "" "Use the command to migrate the instances:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml480(para) msgid "" "Where server can be either the server's ID or " "name. For example:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml488(para) msgid "" "Although the command is called , under the " "default Compute configuration options the instances are suspended before " "migration." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml492(para) msgid "" "For more details, see Configure " "migrations in OpenStack Configuration " "Reference." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml484(para) msgid "" "Ensure instances are migrated successfully with . If " "instances are still running on HostB, check log files (src/dest nova-compute and nova-scheduler) to determine why. " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-security.xml10(title) msgid "Security hardening" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-security.xml11(para) msgid "" "OpenStack Compute can be integrated with various third-party technologies to" " increase security. For more information, see the OpenStack Security " "Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml10(title) msgid "Configure migrations" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml12(para) msgid "" "Only cloud administrators can perform live migrations. If your cloud is " "configured to use cells, you can perform live migration within but not " "between cells." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml16(para) msgid "" "Migration enables an administrator to move a virtual-machine instance from " "one compute host to another. This feature is useful when a compute host " "requires maintenance. Migration can also be useful to redistribute the load " "when many VM instances are running on a specific physical machine." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml20(para) msgid "The migration types are:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml23(para) msgid "" "Migration (or non-live migration). The " "instance is shut down (and the instance knows that it was rebooted) for a " "period of time to be moved to another hypervisor." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml34(para) msgid "" "Shared storage-based live migration. Both" " hypervisors have access to shared storage." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml39(para) msgid "" "Block live migration. No shared storage " "is required." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml43(para) msgid "" "Volume-backed live migration. When " "instances are backed by volumes rather than ephemeral disk, no shared " "storage is required, and migration is supported (currently only in libvirt-" "based hypervisors)." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml29(para) msgid "" "Live migration (or true live migration). " "Almost no instance downtime. Useful when the instances must be kept running " "during the migration. The types of live migration " "are: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml53(para) msgid "" "The following sections describe how to configure your hosts and compute " "nodes for migrations by using the KVM and XenServer hypervisors." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml57(title) msgid "KVM-Libvirt" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml59(title) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml264(title) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml339(title) msgid "Prerequisites" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml61(para) msgid "Hypervisor: KVM with libvirt" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml65(para) msgid "" "Shared storage:NOVA-INST-DIR/instances/ (for example, " "/var/lib/nova/instances) has to be mounted by shared " "storage. This guide uses NFS but other options, including the OpenStack" " Gluster Connector are available." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml74(para) msgid "" "Instances: Instance can be migrated with " "iSCSI based volumes" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml81(para) msgid "" "Because the Compute service does not use the libvirt live migration " "functionality by default, guests are suspended before migration and might " "experience several minutes of downtime. For details, see ." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml88(para) msgid "" "This guide assumes the default value for in " "your nova.conf file (NOVA-INST-" "DIR/instances). If you have changed the " "state_path or instances_path " "variables, modify accordingly." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml97(para) msgid "" "You must specify vncserver_listen=0.0.0.0 or live " "migration does not work correctly." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml104(title) msgid "Example Compute installation environment" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml110(para) msgid "" "HostA is the Cloud Controller, and should run these services: " "nova-api, nova-scheduler, nova-" "network, cinder-volume," " and nova-objectstore." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml118(para) msgid "" "HostB and HostC are the compute nodes that run nova-compute." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml107(para) msgid "" "Prepare at least three servers; for example, HostA, " "HostB, and HostC: " msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml123(para) msgid "" "Ensure that NOVA-INST-DIR (set" " with state_path in the nova.conf " "file) is the same on all hosts." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml128(para) msgid "" "In this example, HostA is the NFSv4 server that exports " "NOVA-INST-DIR/instances, and" " HostB and HostC mount it." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml136(title) msgid "To configure your system" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml138(para) msgid "" "Configure your DNS or /etc/hosts and ensure it is " "consistent across all hosts. Make sure that the three hosts can perform name" " resolution with each other. As a test, use the command to " "ping each host from one another." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml148(para) msgid "" "Ensure that the UID and GID of your Compute and libvirt users are identical " "between each of your servers. This ensures that the permissions on the NFS " "mount works correctly." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml153(para) msgid "" "Export NOVA-INST-" "DIR/instances from HostA, and " "have it readable and writable by the Compute user on " "HostB and HostC." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml156(para) msgid "" "For more information, see: SettingUpNFSHowTo" " or CentOS / Redhat: Setup NFS v4.0 File Server" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml163(para) msgid "" "Configure the NFS server at HostA by adding the following" " line to the /etc/exports file:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml165(replaceable) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml180(replaceable) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml185(replaceable) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml191(replaceable) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml195(replaceable) msgid "NOVA-INST-DIR" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml166(para) msgid "" "Change the subnet mask (255.255.0.0) to the appropriate " "value to include the IP addresses of HostB and " "HostC. Then restart the NFS server:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml174(para) msgid "Set the 'execute/search' bit on your shared directory." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml176(para) msgid "" "On both compute nodes, make sure to enable the 'execute/search' bit to allow" " qemu to be able to use the images within the directories. On all hosts, run" " the following command:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml183(para) msgid "" "Configure NFS at HostB and HostC by adding the following line to the " "/etc/fstab file:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml186(para) msgid "Ensure that you can mount the exported directory can be mounted:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml188(para) msgid "" "Check that HostA can see the \"NOVA-INST-" "DIR/instances/\" directory:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml191(filename) #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml195(filename) msgid "/instances/" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml193(para) msgid "" "Perform the same check at HostB and HostC, paying special attention to the " "permissions (Compute should be able to write):" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml208(para) msgid "" "Update the libvirt configurations so that the calls can be made securely. " "These methods enable remote access over TCP and are not documented here, " "please consult your network administrator for assistance in deciding how to " "configure access." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml212(para) msgid "SSH tunnel to libvirtd's UNIX socket" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml213(para) msgid "libvirtd TCP socket, with GSSAPI/Kerberos for auth+data encryption" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml215(para) msgid "" "libvirtd TCP socket, with TLS for encryption and x509 client certs for " "authentication" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml216(para) msgid "" "libvirtd TCP socket, with TLS for encryption and Kerberos for authentication" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml220(para) msgid "" "Restart libvirt. After you run the command, ensure that libvirt is " "successfully restarted:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml227(para) msgid "Configure your firewall to allow libvirt to communicate between nodes." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml229(para) msgid "" "By default, libvirt listens on TCP port 16509, and an ephemeral TCP range " "from 49152 to 49261 is used for the KVM communications. Based on the secure " "remote access TCP configuration you chose, be careful choosing what ports " "you open and understand who has access. For information about ports that are" " used with libvirt, see the " "libvirt documentation." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml237(para) msgid "" "You can now configure options for live migration. In most cases, you do not " "need to configure any options. The following chart is for advanced usage " "only." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml245(title) msgid "Enable true live migration" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml246(para) msgid "" "By default, the Compute service does not use the libvirt live migration " "functionality. To enable this functionality, add the following line to the " "nova.conf file:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml251(para) msgid "" "The Compute service does not use libvirt's live migration by default because" " there is a risk that the migration process never ends. This can happen if " "the guest operating system dirties blocks on the disk faster than they can " "migrated." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml260(title) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml384(th) msgid "XenServer" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml262(title) msgid "Shared storage" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml266(para) msgid "" "Compatible XenServer hypervisors. For " "more information, see the Requirements" " for Creating Resource Pools section of the XenServer " "Administrator's Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml275(para) msgid "" "Shared storage. An NFS export, visible to" " all XenServer hosts." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml278(para) msgid "" "For the supported NFS versions, see the NFS" " VHD section of the XenServer Administrator's " "Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml285(para) msgid "" "To use shared storage live migration with XenServer hypervisors, the hosts " "must be joined to a XenServer pool. To create that pool, a host aggregate " "must be created with special metadata. This metadata is used by the XAPI " "plug-ins to establish the pool." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml291(title) msgid "To use shared storage live migration with XenServer hypervisors" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml294(para) msgid "" "Add an NFS VHD storage to your master XenServer, and set it as default SR. " "For more information, please refer to the NFS" " VHD section in the XenServer Administrator's " "Guide." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml302(para) msgid "" "Configure all the compute nodes to use the default sr for pool operations. " "Add this line to your nova.conf configuration files " "across your compute nodes:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml309(para) msgid "Create a host aggregate:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml311(para) msgid "" "The command displays a table that contains the ID of the newly created " "aggregate." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml313(para) msgid "" "Now add special metadata to the aggregate, to mark it as a hypervisor pool:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml317(para) msgid "Make the first compute node part of that aggregate:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml320(para) msgid "At this point, the host is part of a XenServer pool." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml324(para) msgid "Add additional hosts to the pool:" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml327(para) msgid "" "At this point, the added compute node and the host are shut down, to join " "the host to the XenServer pool. The operation fails, if any server other " "than the compute node is running/suspended on your host." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml337(title) msgid "Block migration" msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml341(para) msgid "" "Compatible XenServer hypervisors. The " "hypervisors must support the Storage XenMotion feature. See your XenServer " "manual to make sure your edition has this feature." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml350(para) msgid "" "To use block migration, you must use the CHANGE THIS == ==block-" "migrate parameter with the live migration command." msgstr "" #: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml355(para) msgid "" "Block migration works only with EXT local storage SRs, and the server must " "not have any volumes attached." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml6(title) msgid "Introduction to Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml7(para) msgid "" "The Networking service, code-named Neutron, provides an API that lets you " "define network connectivity and addressing in the cloud. The Networking " "service enables operators to leverage different networking technologies to " "power their cloud networking. The Networking service also provides an API to" " configure and manage a variety of network services ranging from L3 " "forwarding and NAT to load balancing, edge firewalls, and IPSEC VPN." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml15(para) msgid "" "For a detailed description of the Networking API abstractions and their " "attributes, see the OpenStack Networking API v2.0 " "Reference." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml21(title) msgid "Networking API" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml22(para) msgid "" "Networking is a virtual network service that provides a powerful API to " "define the network connectivity and IP addressing that devices from other " "services, such as Compute, use." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml26(para) msgid "" "The Compute API has a virtual server abstraction to describe computing " "resources. Similarly, the Networking API has virtual network, subnet, and " "port abstractions to describe networking resources." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml31(caption) msgid "Networking resources" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml36(th) msgid "Resource" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml37(th) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml191(th) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml34(th) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml138(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml47(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml173(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml376(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml438(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml761(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml808(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1076(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1211(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1289(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1526(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1904(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2013(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2056(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml62(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml126(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml199(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml303(th) msgid "Description" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml42(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml137(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml68(emphasis) msgid "Network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml43(td) msgid "" "An isolated L2 segment, analogous to VLAN in the physical networking world." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml47(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml77(emphasis) msgid "Subnet" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml48(td) msgid "A block of v4 or v6 IP addresses and associated configuration state." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml52(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml89(emphasis) msgid "Port" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml53(td) msgid "" "A connection point for attaching a single device, such as the NIC of a " "virtual server, to a virtual network. Also describes the associated network " "configuration, such as the MAC and IP addresses to be used on that port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml62(para) msgid "" "You can configure rich network topologies by creating and configuring " "networks and subnets, and then instructing other OpenStack services like " "Compute to attach virtual devices to ports on these networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml66(para) msgid "" "In particular, Networking supports each tenant having multiple private " "networks, and allows tenants to choose their own IP addressing scheme (even " "if those IP addresses overlap with those that other tenants use). The " "Networking service:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml73(para) msgid "" "Enables advanced cloud networking use cases, such as building multi-tiered " "web applications and enabling migration of applications to the cloud without" " changing IP addresses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml79(para) msgid "" "Offers flexibility for the cloud administrator to customize network " "offerings." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml83(para) msgid "" "Enables developers to extend the Networking API. Over time, the extended " "functionality becomes part of the core Networking API." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml90(title) msgid "Configure SSL support for networking API" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml91(para) msgid "" "OpenStack Networking supports SSL for the Networking API server. By default," " SSL is disabled but you can enable it in the " "neutron.conf file." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml94(para) msgid "Set these options to configure SSL:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml97(code) msgid "use_ssl = True" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml99(para) msgid "Enables SSL on the networking API server." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml103(replaceable) msgid "/path/to/certfile" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml103(code) msgid "ssl_cert_file = " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml105(para) msgid "" "Certificate file that is used when you securely start the Networking API " "server." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml110(replaceable) msgid "/path/to/keyfile" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml110(code) msgid "ssl_key_file = " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml112(para) msgid "" "Private key file that is used when you securely start the Networking API " "server." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml117(replaceable) msgid "/path/to/cafile" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml117(code) msgid "ssl_ca_file = " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml119(para) msgid "" "Optional. CA certificate file that is used when you securely start the " "Networking API server. This file verifies connecting clients. Set this " "option when API clients must authenticate to the API server by using SSL " "certificates that are signed by a trusted CA." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml129(code) msgid "tcp_keepidle = 600" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml131(para) msgid "" "The value of TCP_KEEPIDLE, in seconds, for each server socket when starting " "the API server. Not supported on OS X." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml137(code) msgid "retry_until_window = 30" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml139(para) msgid "Number of seconds to keep retrying to listen." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml143(code) msgid "backlog = 4096" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml145(para) msgid "Number of backlog requests with with to configure the socket." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml152(title) msgid "Load Balancing-as-a-Service (LBaaS) overview" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml153(para) msgid "" "Load Balancing-as-a-Service (LBaaS) enables " "Networking to distribute incoming requests evenly between designated " "instances. This ensures the workload is shared predictably among instances, " "and allows more effective use of system resources. Incoming requests are " "distributed using one of these load balancing methods:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml161(term) msgid "Round robin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml163(para) msgid "Rotates requests evenly between multiple instances." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml168(term) msgid "Source IP" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml170(para) msgid "" "Requests from a unique source IP address are consistently directed to the " "same instance." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml176(term) msgid "Least connections" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml178(para) msgid "" "Allocates requests to the instance with the least number of active " "connections." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml185(caption) msgid "LBaaS features" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml190(th) msgid "Feature" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml197(glossterm) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml202(glossterm) msgid "Monitors" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml198(td) msgid "" "LBaaS provides availability monitoring with the , TCP, HTTP " "and HTTPS GET methods. are implemented to determine whether" " pool members are available to handle requests." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml208(emphasis) msgid "Management" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml210(systemitem) msgid "REST API" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml209(td) msgid "" "LBaaS is managed using a variety of tool sets. The is " "available for programmatic administration and scripting. Users perform " "administrative management of load balancers through either the CLI " "() or the OpenStack dashboard." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml217(emphasis) msgid "Connection limits" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml218(emphasis) msgid "connection limits" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml218(td) msgid "" "Ingress traffic can be shaped with . This feature allows " "workload control, and can also assist with mitigating DoS (Denial of " "Service) attacks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml224(emphasis) msgid "Session persistence" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml226(para) msgid "" "LBaaS supports session persistence by ensuring incoming requests are routed " "to the same instance within a pool of multiple instances. LBaaS supports " "routing decisions based on cookies and source IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml236(title) msgid "Plug-in architecture" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml237(para) msgid "" "The original Compute network implementation assumed a basic model of " "isolation through Linux VLANs and IP tables. Networking introduces support " "for vendor plug-ins, which offer a custom back-end " "implementation of the Networking API. A plug-in can use a variety of " "technologies to implement the logical API requests. Some Networking plug-ins" " might use basic Linux VLANs and IP tables, while others might use more " "advanced technologies, such as L2-in-L3 tunneling or OpenFlow, to provide " "similar benefits." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml248(caption) msgid "Available networking plug-ins" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml253(th) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml382(th) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml12(th) msgid "Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml254(th) msgid "Documentation" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml259(emphasis) msgid "Big Switch Plug-in (Floodlight REST Proxy)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml263(link) msgid "" "http://www.openflowhub.org/display/floodlightcontroller/Neutron+REST+Proxy+Plugin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml261(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml268(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml326(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml333(td) msgid "This guide and " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml266(emphasis) msgid "Brocade Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml270(link) msgid "https://wiki.openstack.org/wiki/Brocade-neutron-plugin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml273(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml408(td) msgid "Cisco" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml276(link) msgid "http://wiki.openstack.org/cisco-neutron" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml279(emphasis) msgid "Cloudbase Hyper-V Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml283(link) msgid "http://www.cloudbase.it/quantum-hyper-v-plugin/" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml286(emphasis) msgid "Linux Bridge Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml290(link) msgid "http://wiki.openstack.org/Neutron-Linux-Bridge-Plugin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml293(emphasis) msgid "Mellanox Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml297(link) msgid "https://wiki.openstack.org/wiki/Mellanox-Neutron/" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml300(emphasis) msgid "Midonet Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml303(link) msgid "http://www.midokura.com/" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml306(emphasis) msgid "ML2 (Modular Layer 2) Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml310(link) msgid "https://wiki.openstack.org/wiki/Neutron/ML2" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml313(emphasis) msgid "NEC OpenFlow Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml317(link) msgid "http://wiki.openstack.org/Quantum-NEC-OpenFlow-Plugin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml320(emphasis) msgid "Open vSwitch Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml322(td) msgid "This guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml325(emphasis) msgid "PLUMgrid" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml328(link) msgid "https://https://wiki.openstack.org/wiki/PLUMgrid-Neutron" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml331(emphasis) msgid "Ryu Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml335(link) msgid "https://github.com/osrg/ryu/wiki/OpenStack" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml339(emphasis) msgid "VMware NSX Plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml343(link) msgid "NSX Product Overview" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml345(link) msgid "NSX Product Support" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml341(td) msgid "This guide and , " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml349(para) msgid "" "Plug-ins can have different properties for hardware requirements, features, " "performance, scale, or operator tools. Because Networking supports a large " "number of plug-ins, the cloud administrator can weigh options to decide on " "the right networking technology for the deployment." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml355(para) msgid "" "In the Havana release, OpenStack Networking introduces the Modular Layer 2 (ML2) " "plug-in that enables the use of multiple concurrent mechanism " "drivers. This capability aligns with the complex requirements typically " "found in large heterogeneous environments. It currently works with the " "existing Open vSwitch, Linux Bridge, and Hyper-v L2 agents. The ML2 " "framework simplifies the addition of support for new L2 technologies and " "reduces the effort that is required to add and maintain them compared to " "earlier large plug-ins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml368(title) msgid "Plug-in deprecation notice" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml369(para) msgid "" "The Open vSwitch and Linux Bridge plug-ins are deprecated in the Havana " "release and will be removed in the Icehouse release. The features in these " "plug-ins are now part of the ML2 plug-in in the form of mechanism drivers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml375(para) msgid "" "Not all Networking plug-ins are compatible with all possible Compute " "drivers:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml378(caption) msgid "Plug-in compatibility with Compute drivers" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml383(th) msgid "Libvirt (KVM/QEMU)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml385(th) msgid "VMware" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml387(th) msgid "Bare-metal" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml392(td) msgid "Big Switch / Floodlight" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml393(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml401(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml409(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml420(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml425(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml433(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml441(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml449(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml452(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml457(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml465(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml473(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml475(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml481(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml489(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml490(td) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml491(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1910(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1919(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1928(td) msgid "Yes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml400(td) msgid "Brocade" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml416(td) msgid "Cloudbase Hyper-V" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml424(td) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml102(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml29(td) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml452(title) msgid "Linux Bridge" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml432(td) msgid "Mellanox" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml440(td) msgid "Midonet" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml448(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml19(td) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml662(title) msgid "ML2" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml456(td) msgid "NEC OpenFlow" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml464(td) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml79(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml24(td) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml12(title) msgid "Open vSwitch" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml472(td) msgid "Plumgrid" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml480(td) msgid "Ryu" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml488(td) msgid "VMware NSX" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml498(title) msgid "Plug-in configurations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml499(para) msgid "" "For configurations options, see Networking configuration " "options in Configuration Reference. These " "sections explain how to configure specific plug-ins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml506(title) msgid "Configure Big Switch, Floodlight REST Proxy plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml509(title) msgid "To use the REST Proxy plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml512(para) msgid "" "Edit the /etc/neutron/neutron.conf file and add this " "line:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml517(para) msgid "" "Edit the plug-in configuration file, " "/etc/neutron/plugins/bigswitch/restproxy.ini, and " "specify a comma-separated list of " "controller_ip:port pairs:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml523(para) msgid "" "For database configuration, see Install Networking Services in " "the Installation Guide in the OpenStack Documentation index. " "(The link defaults to the Ubuntu version.)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml534(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml898(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml975(para) msgid "" "Restart neutron-server to apply " "the new settings:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml543(title) msgid "Configure Brocade plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml545(title) msgid "To use the Brocade plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml548(para) msgid "" "Install the Brocade-modified Python netconf client (ncclient) library, which" " is available at https://github.com/brocade/ncclient:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml558(para) msgid "" "Edit the /etc/neutron/neutron.conf file and set the " "following option:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml564(para) msgid "" "Edit the /etc/neutron/plugins/brocade/brocade.ini " "configuration file for the Brocade plug-in and specify the admin user name, " "password, and IP address of the Brocade switch:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml571(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml836(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml837(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml848(replaceable) msgid "admin" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml572(replaceable) msgid "password" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml573(replaceable) msgid "switch mgmt ip address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml575(para) msgid "" "For database configuration, see Install Networking Services in " "any of the Installation Guides in the OpenStack Documentation index. " "(The link defaults to the Ubuntu version.)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml586(para) msgid "" "Restart the neutron-server " "service to apply the new settings:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml595(title) msgid "Configure OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml596(para) msgid "" "If you use the Open vSwitch (OVS) plug-in in a deployment with multiple " "hosts, you must use either tunneling or vlans to isolate traffic from " "multiple networks. Tunneling is easier to deploy because it does not require" " configuring VLANs on network switches." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml602(para) msgid "This procedure uses tunneling:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml604(title) msgid "To configure OpenStack Networking to use the OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml607(para) msgid "" "Edit /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini " " to specify these values (for database configuration, see Install Networking Services in " "Installation Guide):" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml622(para) msgid "" "If you use the neutron DHCP agent, add these lines to the " "/etc/neutron/dhcp_agent.ini file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml629(para) msgid "" "Create /etc/neutron/dnsmasq-neutron.conf, and add these" " values to lower the MTU size on instances and prevent packet fragmentation " "over the GRE tunnel:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml637(para) msgid "Restart to apply the new settings:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml644(title) msgid "Configure NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml646(title) msgid "To configure OpenStack Networking to use the NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml648(para) msgid "" "While the instructions in this section refer to the VMware NSX platform, " "this is formerly known as Nicira NVP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml652(para) msgid "Install the NSX plug-in, as follows:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml657(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml873(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml916(para) msgid "Edit /etc/neutron/neutron.conf and set:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml661(para) msgid "Example neutron.conf file for NSX:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml669(para) msgid "" "To configure the NSX controller cluster for the OpenStack Networking " "Service, locate the [default] section in the " "/etc/neutron/plugins/vmware/nsx.ini file, and add the " "following entries (for database configuration, see Install Networking Services in " "Installation Guide):" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml682(para) msgid "" "To establish and configure the connection with the controller cluster you " "must set some parameters, including NSX API endpoints, access credentials, " "and settings for HTTP redirects and retries in case of connection failures:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml697(para) msgid "" "To ensure correct operations, the nsx_user user must have" " administrator credentials on the NSX platform." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml702(para) msgid "" "A controller API endpoint consists of the IP address and port for the " "controller; if you omit the port, port 443 is used. If multiple API " "endpoints are specified, it is up to the user to ensure that all these " "endpoints belong to the same controller cluster. The OpenStack Networking " "VMware NSX plug-in does not perform this check, and results might be " "unpredictable." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml713(para) msgid "" "When you specify multiple API endpoints, the plug-in load-balances requests " "on the various API endpoints." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml719(para) msgid "" "The UUID of the NSX Transport Zone that should be used by default when a " "tenant creates a network. You can get this value from the NSX Manager's " "Transport Zones page:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml730(para) msgid "" "Ubuntu packaging currently does not update the Neutron init script to point " "to the NSX configuration file. Instead, you must manually update " "/etc/default/neutron-server to add this line:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml743(para) msgid "" "Restart neutron-server to apply " "new settings:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml749(para) msgid "Example nsx.ini file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml758(para) msgid "" "To debug nsx.ini configuration issues, run this command" " from the host that runs neutron-" "server:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml763(para) msgid "" "This command tests whether neutron-" "server can log into all of the NSX Controllers and the SQL " "server, and whether all UUID values are correct." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml771(title) msgid "Load Balancer-as-a-Service and Firewall-as-a-Service" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml773(para) msgid "" "The NSX LBaaS and FWaaS services use the standard OpenStack API with the " "exception of requiring routed-insertion extension support." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml777(para) msgid "" "The main differences between the NSX implementation and the community " "reference implementation of these services are:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml782(para) msgid "" "The NSX LBaaS and FWaaS plug-ins require the routed-insertion extension, " "which adds the router_id attribute to the VIP (Virtual IP " "address) and firewall resources and binds these services to a logical " "router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml791(para) msgid "" "The community reference implementation of LBaaS only supports a one-arm " "model, which restricts the VIP to be on the same subnet as the back-end " "servers. The NSX LBaaS plug-in only supports a two-arm model between north-" "south traffic, which means that you can create the VIP on only the external " "(physical) network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml803(para) msgid "" "The community reference implementation of FWaaS applies firewall rules to " "all logical routers in a tenant, while the NSX FWaaS plug-in applies " "firewall rules only to one logical router according to the " "router_id of the firewall entity." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml814(title) msgid "" "To configure Load Balancer-as-a-Service and Firewall-as-a-Service with NSX:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml818(para) msgid "Edit /etc/neutron/neutron.conf file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml826(para) msgid "Edit /etc/neutron/plugins/vmware/nsx.ini file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml829(para) msgid "" "In addition to the original NSX configuration, the " "default_l3_gw_service_uuid is required for the NSX Advanced " "plug-in and you must add a vcns section:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml838(replaceable) msgid "10.37.1.137:443" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml839(replaceable) msgid "aae63e9b-2e4e-4efe-81a1-92cf32e308bf" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml840(replaceable) msgid "2702f27a-869a-49d1-8781-09331a0f6b9e" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml845(replaceable) msgid "https://10.24.106.219" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml851(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1537(td) msgid "default" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml854(replaceable) msgid "f2c023cf-76e2-4625-869b-d0dabcfcc638" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml868(title) msgid "Configure PLUMgrid plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml870(title) msgid "To use the PLUMgrid plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml879(para) msgid "" "Edit /etc/neutron/plugins/plumgrid/plumgrid.ini under " "the [PLUMgridDirector] section, and specify the IP " "address, port, admin user name, and password of the PLUMgrid Director:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml891(para) msgid "" "For database configuration, see Install Networking Services in " "the Installation Guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml906(title) msgid "Configure Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml908(title) msgid "To use the Ryu plug-in with OpenStack Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml911(para) msgid "Install the Ryu plug-in, as follows:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml922(para) msgid "" "Edit the /etc/neutron/plugins/ryu/ryu.ini file and " "update these options in the [ovs] section for the " "ryu-neutron-agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml930(para) msgid "" "openflow_rest_api. Defines where Ryu is listening " "for REST API. Substitute ip-address and port-no based on your Ryu setup." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml939(para) msgid "" "ovsdb_interface. Enables Ryu to access the ovsdb-server. Substitute eth0 based on your" " setup. The IP address is derived from the interface name. If you want to " "change this value irrespective of the interface name, you can specify " "ovsdb_ip. If you use a non-default port for " "ovsdb-server, you can specify " "ovsdb_port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml955(para) msgid "" "tunnel_interface. Defines which IP address is used " "for tunneling. If you do not use tunneling, this value is ignored. The IP " "address is derived from the network interface name." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml963(para) msgid "" "For database configuration, see Install Networking Services in " "Installation Guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml968(para) msgid "" "You can use the same configuration file for many compute nodes by using a " "network interface name with a different IP address:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml985(title) msgid "Configure neutron agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml986(para) msgid "" "Plug-ins typically have requirements for particular software that must be " "run on each node that handles data packets. This includes any node that runs" " nova-compute and nodes that run " "dedicated OpenStack Networking service agents such as neutron-" "dhcp-agent, neutron-l3-agent, " "neutron-metering-agent or neutron-" "lbaas-agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml995(para) msgid "" "A data-forwarding node typically has a network interface with an IP address " "on the “management network” and another interface on the “data network”." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml998(para) msgid "" "This section shows you how to install and configure a subset of the " "available plug-ins, which might include the installation of switching " "software (for example, Open vSwitch) and as agents used to communicate with " "the neutron-server process " "running elsewhere in the data center." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1006(title) msgid "Configure data-forwarding nodes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1008(title) msgid "Node set up: OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1011(para) msgid "" "This section also applies to the ML2 plug-in when Open vSwitch is used as a " "mechanism driver." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1009(para) msgid "" "If you use the Open vSwitch plug-in, you must install Open " "vSwitch and the neutron-plugin-openvswitch-agent " "agent on each data-forwarding node:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1019(para) msgid "" "Do not install the openvswitch-brcompat package because " "it prevents the security group functionality from operating correctly." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1025(title) msgid "To set up each node for the OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1028(para) msgid "" "Install the OVS agent package. This action also installs the Open vSwitch " "software as a dependency:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1034(para) msgid "" "On each node that runs the neutron-plugin-openvswitch-" "agent, complete these steps:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1038(para) msgid "" "Replicate the ovs_neutron_plugin.ini file that you " "created on the node." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1044(para) msgid "" "If you use tunneling, update the ovs_neutron_plugin.ini" " file for the node with the IP address that is configured on the data " "network for the node by using the local_ip value." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1055(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1154(para) msgid "Restart Open vSwitch to properly load the kernel module:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1060(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1159(para) msgid "Restart the agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1064(para) msgid "" "All nodes that run neutron-plugin-openvswitch-agent" " must have an OVS br-int bridge. To create the bridge, " "run:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1074(title) msgid "Node set up: NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1075(para) msgid "" "If you use the NSX plug-in, you must also install Open vSwitch on each data-" "forwarding node. However, you do not need to install an additional agent on " "each node." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1080(para) msgid "" "It is critical that you are running an Open vSwitch version that is " "compatible with the current version of the NSX Controller software. Do not " "use the Open vSwitch version that is installed by default on Ubuntu. " "Instead, use the Open vSwitch version that is provided on the VMware support" " portal for your NSX Controller version." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1090(title) msgid "To set up each node for the NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1093(para) msgid "" "Ensure that each data-forwarding node has an IP address on the management " "network, and an IP address on the \"data network\" that is used for " "tunneling data traffic. For full details on configuring your forwarding " "node, see the NSX Administrator Guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1103(para) msgid "" "Use the NSX Administrator Guide to add the node as a " "Hypervisor by using the NSX Manager GUI. Even if your forwarding node has no" " VMs and is only used for services agents like neutron-dhcp-" "agent or neutron-lbaas-agent, it " "should still be added to NSX as a Hypervisor." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1115(para) msgid "" "After following the NSX Administrator Guide, use the " "page for this Hypervisor in the NSX Manager GUI to confirm that the node is " "properly connected to the NSX Controller Cluster and that the NSX Controller" " Cluster can see the br-int integration bridge." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1128(title) msgid "Node set up: Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1129(para) msgid "" "If you use the Ryu plug-in, you must install both Open vSwitch and Ryu, in " "addition to the Ryu agent package:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1133(title) msgid "To set up each node for the Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1136(para) msgid "Install Ryu (there isn't currently an Ryu package for Ubuntu):" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1141(para) msgid "Install the Ryu agent and Open vSwitch packages:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1146(para) msgid "" "Replicate the ovs_ryu_plugin.ini and " "neutron.conf files created in the above step on all " "nodes running neutron-plugin-ryu-agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1163(para) msgid "" "All nodes running neutron-plugin-ryu-agent also " "require that an OVS bridge named \"br-int\" exists on each node. To create " "the bridge, run:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1174(title) msgid "Configure DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1175(para) msgid "" "The DHCP service agent is compatible with all existing plug-ins and is " "required for all deployments where VMs should automatically receive IP " "addresses through DHCP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1180(title) msgid "To install and configure the DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1182(para) msgid "" "You must configure the host running the neutron-dhcp-" "agent as a \"data forwarding node\" according to the " "requirements for your plug-in (see )." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1189(para) msgid "Install the DHCP agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1193(para) msgid "" "Finally, update any options in the " "/etc/neutron/dhcp_agent.ini file that depend on the " "plug-in in use (see the sub-sections)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1200(para) msgid "" "If you reboot a node that runs the DHCP agent, you must run the " " command before the neutron-" "dhcp-agent service starts." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1206(para) msgid "" "On Red Hat-based systems, the neutron-ovs-" "cleanup service runs the command automatically." " However, on Debian-based systems such as Ubuntu, you must manually run this" " command or write your own system script that runs on boot before the " " neutron-dhcp-agent service " "starts." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1218(title) msgid "DHCP agent setup: OVS plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1219(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the OVS plug-in:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1228(title) msgid "DHCP agent setup: NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1229(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the NSX plug-in:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1239(title) msgid "DHCP agent setup: Ryu plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1240(para) msgid "" "These DHCP agent options are required in the " "/etc/neutron/dhcp_agent.ini file for the Ryu plug-in:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1249(title) msgid "Configure L3 agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1250(para) msgid "" "The OpenStack Networking Service has a widely used API extension to allow " "administrators and tenants to create routers to interconnect L2 networks, " "and floating IPs to make ports on private networks publicly accessible." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1255(para) msgid "" "Many plug-ins rely on the L3 service agent to implement the L3 " "functionality. However, the following plug-ins already have built-in L3 " "capabilities:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1260(para) msgid "NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1263(para) msgid "" "Big Switch/Floodlight plug-in, which supports both the open source Floodlight " "controller and the proprietary Big Switch controller." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1269(para) msgid "" "Only the proprietary BigSwitch controller implements L3 functionality. When " "using Floodlight as your OpenFlow controller, L3 functionality is not " "available." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1277(para) msgid "PLUMgrid plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1281(para) msgid "" "Do not configure or use neutron-l3-agent if you use one" " of these plug-ins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1286(title) msgid "To install the L3 agent for all other plug-ins" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1289(para) msgid "" "Install the neutron-l3-agent binary on the network " "node:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1295(para) msgid "" "To uplink the node that runs neutron-l3-agent to " "the external network, create a bridge named \"br-ex\" and attach the NIC for" " the external network to this bridge." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1300(para) msgid "" "For example, with Open vSwitch and NIC eth1 connected to the external " "network, run:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1304(para) msgid "" "Do not manually configure an IP address on the NIC connected to the external" " network for the node running neutron-l3-agent. " "Rather, you must have a range of IP addresses from the external network that" " can be used by OpenStack Networking for routers that uplink to the external" " network. This range must be large enough to have an IP address for each " "router in the deployment, as well as each floating IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1317(para) msgid "" "The neutron-l3-agent uses the Linux IP stack and " "iptables to perform L3 forwarding and NAT. In order to support multiple " "routers with potentially overlapping IP addresses, " "neutron-l3-agent defaults to using Linux network " "namespaces to provide isolated forwarding contexts. As a result, the IP " "addresses of routers are not visible simply by running the " "or command on the node. Similarly, you cannot directly " " fixed IPs." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1332(para) msgid "" "To do either of these things, you must run the command within a particular " "network namespace for the router. The namespace has the name " "\"qrouter-<UUID of the router>. These example commands run in the " "router namespace with UUID 47af3868-0fa8-4447-85f6-1304de32153b:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1344(para) msgid "" "If you reboot a node that runs the L3 agent, you must run the " " command before the neutron-l3-agent service starts." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1350(para) msgid "" "On Red Hat-based systems, the neutron-ovs-" "cleanup service runs the command " "automatically. However, on Debian-based systems such as Ubuntu, you must " "manually run this command or write your own system script that runs on boot " "before the neutron-l3-agent " "service starts." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1363(title) msgid "Configure metering agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1364(para) msgid "" "Starting with the Havana release, the Neutron Metering resides beside " "neutron-l3-agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1367(title) msgid "To install the metering agent and configure the node" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1370(para) msgid "Install the agent by running:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1374(para) msgid "" "If you use one of the following plugins, you need to configure the metering " "agent with these lines as well:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1377(para) msgid "An OVS-based plug-in such as OVS, NSX, Ryu, NEC, BigSwitch/Floodlight:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1383(para) msgid "A plug-in that uses LinuxBridge:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1389(para) msgid "To use the reference implementation, you must set:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1394(para) #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1475(para) msgid "" "Set this parameter in the neutron.conf file on the host" " that runs neutron-server:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1402(title) msgid "Configure Load-Balancing-as-a-Service (LBaaS)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1403(para) msgid "" "Configure Load-Balancing-as-a-Service (LBaas) with the Open vSwitch or Linux" " Bridge plug-in. The Open vSwitch LBaaS driver is required when enabling " "LBaaS for OVS-based plug-ins, including BigSwitch, Floodlight, NEC, NSX, and" " Ryu." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1410(para) msgid "Install the agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1414(para) msgid "" "Enable the HAProxy plug-in using the " " parameter in the " "/etc/neutron/neutron.conf file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1421(para) msgid "" "Enable the load balancer plugin using in the" " /etc/neutron/neutron.conf file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1426(para) msgid "" "Enable the HAProxy load balancer in the " "/etc/neutron/lbaas_agent.ini file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1431(para) msgid "" "Select the required driver in the " "/etc/neutron/lbaas_agent.ini file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1433(para) msgid "Enable the Open vSwitch LBaaS driver:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1435(para) msgid "Or enable the Linux Bridge LBaaS driver:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1437(para) msgid "" "Apply the new settings by restarting the neutron-" "server and neutron-lbaas-agent " "services." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1441(title) msgid "Upgrade from Havana to Icehouse" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1442(para) msgid "" "There were changes in LBaaS server-agent communications in Icehouse so " "during Havana to Icehouse transition make sure to upgrade both server and " "agent sides before actual use of the load balancing service." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1450(para) msgid "" "Enable Load Balancing in the Project section of the " "Dashboard user interface:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1452(para) msgid "" "Change the option to True " "in the /etc/openstack-dashboard/local_settings file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1457(para) msgid "" "Apply the new settings by restarting the httpd " "service. You can now view the Load Balancer management options in " "dashboard's Project view." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1465(title) msgid "Configure FWaaS agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1466(para) msgid "" "The Firewall-as-a-Service (FWaaS) agent is co-located with the Neutron L3 " "agent and does not require any additional packages apart from those required" " for the Neutron L3 agent. You can enable the FWaaS functionality by setting" " the configuration, as follows." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1473(title) msgid "To configure FWaaS service and agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml1482(para) msgid "" "To use the reference implementation, you must also add a FWaaS driver " "configuration to the neutron.conf file on every node " "where the Neutron L3 agent is deployed:" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml32(None) msgid "" "@@image: '../../common/figures/demo_multiple_dhcp_agents.png'; " "md5=7e9abc4226d6b6cb9a6a3b3ec7435805" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml6(title) msgid "Scalable and highly available DHCP agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml7(para) msgid "" "This section describes how to use the agent management (alias agent) and " "scheduler (alias agent_scheduler) extensions for DHCP agents scalability and" " HA." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml11(para) msgid "" "Use the client command to check if these extensions are " "enabled: " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml47(para) msgid "" "Runs the Neutron, Keystone, and Nova services that are required to deploy " "VMs. The node must have at least one network interface that is connected to " "the Management Network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml52(para) msgid "" "Note that nova-network should not" " be running because it is replaced by Neutron." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml35(para) msgid "" "There will be three hosts in the setup.
Hosts " "for " "demo
HostDescription
OpenStack" " Controller host - " "controlnode
HostARuns Nova " "compute, the Neutron L2 agent and DHCP " "agent
HostBSame as HostA
" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml71(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml16(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml458(title) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml146(th) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml221(td) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml256(td) msgid "Configuration" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml73(title) msgid "controlnode: Neutron Server" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml75(para) #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml100(para) msgid "" "Neutron configuration file /etc/neutron/neutron.conf:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml85(para) #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml109(para) msgid "" "Update the plug-in configuration file " "/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml98(title) msgid "HostA and HostB: L2 Agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml121(para) msgid "" "Update the nova configuration file /etc/nova/nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml136(title) msgid "HostA and HostB: DHCP Agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml138(para) msgid "" "Update the DHCP configuration file " "/etc/neutron/dhcp_agent.ini:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml146(title) msgid "Commands in agent management and scheduler extensions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml148(para) msgid "" "The following commands require the tenant running the command to have an " "admin role." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml151(para) msgid "" "Ensure that the following environment variables are set. These are used by " "the various clients to access Keystone." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml160(title) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml68(caption) msgid "Settings" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml161(para) msgid "To experiment, you need VMs and a neutron network:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml181(title) msgid "Manage agents in neutron deployment" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml182(para) msgid "" "Every agent which supports these extensions will register itself with the " "neutron server when it starts up." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml186(para) msgid "List all agents:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml197(para) msgid "" "The output shows information for four agents. The alive " "field shows :-) if the agent reported its state within " "the period defined by the option in the " "neutron.conf file. Otherwise the " " is xxx." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml209(para) msgid "List the DHCP agents that host a specified network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml211(para) msgid "" "In some deployments, one DHCP agent is not enough to hold all network data. " "In addition, you must have a backup for it even when the deployment is " "small. The same network can be assigned to more than one DHCP agent and one " "DHCP agent can host more than one network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml218(para) msgid "List DHCP agents that host a specified network:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml229(para) msgid "List the networks hosted by a given DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml231(para) msgid "This command is to show which networks a given dhcp agent is managing." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml242(para) msgid "Show agent details." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml243(para) msgid "The command shows details for a specified agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml271(para) msgid "" "In this output, heartbeat_timestamp is the time on the " "neutron server. You do not need to synchronize all agents to this time for " "this extension to run correctly. configurations describes" " the static configuration for the agent or run time data. This agent is a " "DHCP agent and it hosts one network, one subnet, and three ports." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml281(para) msgid "" "Different types of agents show different details. The following output shows" " information for a Linux bridge agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml306(para) msgid "" "The output shows bridge-mapping and the number of virtual" " network devices on this L2 agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml313(title) msgid "Manage assignment of networks to DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml314(para) msgid "" "Now that you have run the and commands, " "you can add a network to a DHCP agent and remove one from it." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml320(para) msgid "Default scheduling." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml321(para) msgid "" "When you create a network with one port, you can schedule it to an active " "DHCP agent. If many active DHCP agents are running, select one randomly. You" " can design more sophisticated scheduling algorithms in the same way as " "nova-schedule later on." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml339(para) msgid "" "It is allocated to DHCP agent on HostA. If you want to validate the behavior" " through the command, you must create a subnet for the " "network because the DHCP agent starts the dnsmasq service only if there is a DHCP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml349(para) msgid "Assign a network to a given DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml351(para) msgid "To add another DHCP agent to host the network, run this command:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml362(para) msgid "Both DHCP agents host the net2 network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml367(para) msgid "Remove a network from a specified DHCP agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml369(para) msgid "" "This command is the sibling command for the previous one. Remove " "net2 from the DHCP agent for HostA:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml381(para) msgid "" "You can see that only the DHCP agent for HostB is hosting the " "net2 network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml388(title) msgid "HA of DHCP agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml389(para) msgid "" "Boot a VM on net2. Let both DHCP agents host net2. Fail " "the agents in turn to see if the VM can still get the desired IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml394(para) msgid "Boot a VM on net2." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml415(para) msgid "Make sure both DHCP agents hosting 'net2'." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml417(para) msgid "Use the previous commands to assign the network to agents." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml429(title) msgid "Test the HA" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml431(para) msgid "" "Log in to the myserver4 VM, and run " "udhcpc, dhclient or other DHCP client." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml438(para) msgid "" "Stop the DHCP agent on HostA. Besides stopping the neutron-dhcp-" "agent binary, you must stop the processes." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml446(para) msgid "Run a DHCP client in VM to see if it can get the wanted IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml451(para) msgid "Stop the DHCP agent on HostB too." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml455(para) msgid "Run in the VM; it cannot get the wanted IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml460(para) msgid "Start DHCP agent on HostB. The VM gets the wanted IP again." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml465(title) msgid "Disable and remove an agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml466(para) msgid "" "An administrator might want to disable an agent if a system hardware or " "software upgrade is planned. Some agents that support scheduling also " "support disabling and enabling agents, such as L3 and DHCP agents. After the" " agent is disabled, the scheduler does not schedule new resources to the " "agent. After the agent is disabled, you can safely remove the agent. Remove " "the resources on the agent before you delete the agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml475(para) msgid "To run the following commands, you must stop the DHCP agent on HostA." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml497(para) msgid "" "After deletion, if you restart the DHCP agent, it appears on the agent list " "again." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml6(title) msgid "Authentication and authorization" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml7(para) msgid "" "Networking uses the Identity Service as the default authentication service. " "When the Identity Service is enabled, users who submit requests to the " "Networking service must provide an authentication token in X-Auth-" "Token request header. Users obtain this token by authenticating " "with the Identity Service endpoint. For more information about " "authentication with the Identity Service, see OpenStack Identity Service API v2.0 " "Reference. When the Identity Service is enabled, it is " "not mandatory to specify the tenant ID for resources in create requests " "because the tenant ID is derived from the authentication token." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml22(para) msgid "" "The default authorization settings only allow administrative users to create" " resources on behalf of a different tenant. Networking uses information " "received from Identity to authorize user requests. Networking handles two " "kind of authorization policies:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml30(para) msgid "" "Operation-based policies specify access " "criteria for specific operations, possibly with fine-grained control over " "specific attributes;" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml36(para) msgid "" "Resource-based policies specify whether " "access to specific resource is granted or not according to the permissions " "configured for the resource (currently available only for the network " "resource). The actual authorization policies enforced in Networking might " "vary from deployment to deployment." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml45(para) msgid "" "The policy engine reads entries from the policy.json " "file. The actual location of this file might vary from distribution to " "distribution. Entries can be updated while the system is running, and no " "service restart is required. Every time the policy file is updated, the " "policies are automatically reloaded. Currently the only way of updating such" " policies is to edit the policy file. In this section, the terms policy and rule refer to objects that are specified in the " "same way in the policy file. There are no syntax differences between a rule " "and a policy. A policy is something that is matched directly from the " "Networking policy engine. A rule is an element in a policy, which is " "evaluated. For instance in create_subnet: " "[[\"admin_or_network_owner\"]], create_subnet is a policy, and admin_or_network_owner is a rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml64(para) msgid "" "Policies are triggered by the Networking policy engine whenever one of them " "matches an Networking API operation or a specific attribute being used in a " "given operation. For instance the create_subnet policy is " "triggered every time a POST /v2.0/subnets request is sent to " "the Networking server; on the other hand create_network:shared " "is triggered every time the shared " "attribute is explicitly specified (and set to a value different from its " "default) in a POST /v2.0/networks request. It is also worth " "mentioning that policies can be also related to specific API extensions; for" " instance extension:provider_network:set is be triggered if the" " attributes defined by the Provider Network extensions are specified in an " "API request." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml79(para) msgid "" "An authorization policy can be composed by one or more rules. If more rules " "are specified, evaluation policy succeeds if any of the rules evaluates " "successfully; if an API operation matches multiple policies, then all the " "policies must evaluate successfully. Also, authorization rules are " "recursive. Once a rule is matched, the rule(s) can be resolved to another " "rule, until a terminal rule is reached." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml86(para) msgid "" "The Networking policy engine currently defines the following kinds of " "terminal rules:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml90(para) msgid "" "Role-based rules evaluate successfully if" " the user who submits the request has the specified role. For instance " "\"role:admin\" is successful if the user who submits the " "request is an administrator." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml98(para) msgid "" "Field-based rules evaluate successfully " "if a field of the resource specified in the current request matches a " "specific value. For instance \"field:networks:shared=True\" is " "successful if the shared attribute of the " "network resource is set to true." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml108(para) msgid "" "Generic rules compare an attribute in the" " resource with an attribute extracted from the user's security credentials " "and evaluates successfully if the comparison is successful. For instance " "\"tenant_id:%(tenant_id)s\" is successful if the tenant " "identifier in the resource is equal to the tenant identifier of the user " "submitting the request." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml119(para) msgid "" "This extract is from the default policy.json file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml139(para) msgid "" "A rule that evaluates successfully if the current user is an administrator " "or the owner of the resource specified in the request (tenant identifier is " "equal)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml145(para) msgid "" "The default policy that is always evaluated if an API operation does not " "match any of the policies in policy.json." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml150(para) msgid "" "This policy evaluates successfully if either admin_or_owner, or shared evaluates successfully." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml156(para) msgid "" "This policy restricts the ability to manipulate the shared attribute for a network to administrators " "only." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml161(para) msgid "" "This policy restricts the ability to manipulate the mac_address attribute for a port only to " "administrators and the owner of the network where the port is attached." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_auth.xml168(para) msgid "" "In some cases, some operations are restricted to administrators only. This " "example shows you how to modify a policy file to permit tenants to define " "networks and see their resources and permit administrative users to perform " "all other operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml6(title) msgid "Advanced configuration options" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml7(para) msgid "" "This section describes advanced configuration options for various system " "components. For example, configuration options where the default works but " "that the user wants to customize options. After installing from packages, " "$NEUTRON_CONF_DIR is /etc/neutron." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml13(title) msgid "OpenStack Networking server with plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml14(para) msgid "" "This is the web server that runs the OpenStack Networking API Web Server. It" " is responsible for loading a plug-in and passing the API calls to the plug-" "in for processing. The neutron-server should receive one of more " "configuration files as it its input, for example:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml20(para) msgid "" "The neutron config contains the common neutron configuration parameters. The" " plug-in config contains the plug-in specific flags. The plug-in that is run" " on the service is loaded through the core_plugin " "configuration parameter. In some cases a plug-in might have an agent that " "performs the actual networking." msgstr "" #. Specific #. configuration details can be seen in the Appendix - #. Configuration File Options. #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml31(para) msgid "" "Most plug-ins require a SQL database. After you install and start the " "database server, set a password for the root account and delete the " "anonymous accounts:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml37(para) msgid "Create a database and user account specifically for plug-in:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml43(para) msgid "" "Once the above is done you can update the settings in the relevant plug-in " "configuration files. The plug-in specific configuration files can be found " "at $NEUTRON_CONF_DIR/plugins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml47(para) msgid "" "Some plug-ins have a L2 agent that performs the actual networking. That is, " "the agent will attach the virtual machine NIC to the OpenStack Networking " "network. Each node should have an L2 agent running on it. Note that the " "agent receives the following input parameters:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml53(para) msgid "Two things need to be done prior to working with the plug-in:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml57(para) msgid "Ensure that the core plug-in is updated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml60(para) msgid "Ensure that the database connection is correctly set." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml64(para) msgid "" "The following table contains examples for these settings. Some Linux " "packages might provide installation utilities that configure these." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml73(th) msgid "Parameter" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml74(th) msgid "Value" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml84(td) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml107(td) msgid "core_plugin ($NEUTRON_CONF_DIR/neutron.conf)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml86(td) msgid "neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml90(code) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml113(code) msgid "[database]" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml89(td) msgid "" "connection (in the plugin configuration file, section )" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml91(td) msgid "" "mysql://<username>:<password>@localhost/ovs_neutron?charset=utf8" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml94(td) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml117(td) msgid "Plug-in Configuration File" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml95(td) msgid "$NEUTRON_CONF_DIR/plugins/openvswitch/ovs_neutron_plugin.ini" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml98(td) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml121(td) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml33(th) msgid "Agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml99(td) msgid "neutron-openvswitch-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml109(td) msgid "neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml112(td) msgid "" "connection (in the plug-in configuration file, section )" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml114(td) msgid "" "mysql://<username>:<password>@localhost/neutron_linux_bridge?charset=utf8" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml118(td) msgid "$NEUTRON_CONF_DIR/plugins/linuxbridge/linuxbridge_conf.ini" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml122(td) msgid "neutron-linuxbridge-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml126(para) msgid "" "All plug-in configuration files options can be found in the Appendix - " "Configuration File Options." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml130(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml201(title) msgid "DHCP agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml131(para) msgid "" "There is an option to run a DHCP server that will allocate IP addresses to " "virtual machines running on the network. When a subnet is created, by " "default, the subnet has DHCP enabled." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml135(para) msgid "The node that runs the DHCP agent should run:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml138(para) msgid "" "Currently the DHCP agent uses dnsmasq to perform that static address " "assignment." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml140(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/dhcp_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
Linux " "Bridge
interface_driver " "($NEUTRON_CONF_DIR/dhcp_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml175(title) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml264(title) #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml386(title) msgid "Namespace" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml176(para) msgid "" "By default the DHCP agent makes use of Linux network namespaces in order to " "support overlapping IP addresses. Requirements for network namespaces " "support are described in the Limitations section." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml182(para) msgid "" "If the Linux installation does not support network " "namespace, you must disable using network namespace in the DHCP agent config" " file (The default value of use_namespaces is True)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml192(title) msgid "L3 Agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml193(para) msgid "" "There is an option to run a L3 agent that will give enable layer 3 " "forwarding and floating IP support. The node that runs the L3 agent should " "run:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml198(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service. The driver is used to create the routing interface.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/l3_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
external_network_bridge" " ($NEUTRON_CONF_DIR/l3_agent.ini)br-ex
Linux Bridge
interface_driver" " " "($NEUTRON_CONF_DIR/l3_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge" " ($NEUTRON_CONF_DIR/l3_agent.ini)This field must be empty (or the " "bridge name for the external network).
" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml250(para) msgid "OpenStack Identity authentication:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml252(para) msgid "For example," msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml256(para) msgid "Admin user details:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml246(para) msgid "" "The L3 agent communicates with the OpenStack Networking server via the " "OpenStack Networking API, so the following configuration is required: " "" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml265(para) msgid "" "By default the L3 agent makes use of Linux network namespaces in order to " "support overlapping IP addresses. Requirements for network namespaces " "support are described in the Limitation section." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml271(para) msgid "" "If the Linux installation does not support network " "namespace, you must disable using network namespace in the L3 agent config " "file (The default value of use_namespaces is True)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml278(para) msgid "" "When use_namespaces is set to False, only one router ID can be supported per" " node. This must be configured via the configuration variable " "router_id." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml285(para) msgid "" "To configure it, you need to run the OpenStack Networking service and create" " a router, and then set an ID of the router created to " "router_id in the L3 agent configuration file." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml305(title) msgid "Multiple floating IP pools" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml306(para) msgid "" "The L3 API in OpenStack Networking supports multiple floating IP pools. In " "OpenStack Networking, a floating IP pool is represented as an external " "network and a floating IP is allocated from a subnet associated with the " "external network. Since each L3 agent can be associated with at most one " "external network, we need to invoke multiple L3 agent to define multiple " "floating IP pools. 'gateway_external_network_id' in L3 agent " "configuration file indicates the external network that the L3 agent handles." " You can run multiple L3 agent instances on one host." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml318(para) msgid "" "In addition, when you run multiple L3 agents, make sure that handle_internal_only_routers is set to True only for one L3 agent in an OpenStack " "Networking deployment and set to False " "for all other L3 agents. Since the default value of this parameter is True, " "you need to configure it carefully." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml327(para) msgid "" "Before starting L3 agents, you need to create routers and external networks," " then update the configuration files with UUID of external networks and " "start L3 agents." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml331(para) msgid "" "For the first agent, invoke it with the following l3_agent.ini where " "handle_internal_only_routers is True." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml340(para) msgid "" "For the second (or later) agent, invoke it with the following l3_agent.ini " "where handle_internal_only_routers is False." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml349(title) msgid "L3 Metering Agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml350(para) msgid "" "There is an option to run a L3 metering agent that will enable layer 3 " "traffic metering. In general case the metering agent should be launched on " "all nodes that run the L3 agent:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml355(para) msgid "" "A driver needs to be configured that matches the plug-in running on the " "service. The driver is used to add metering to the routing interface.
Basic settings
ParameterValue
Open " "vSwitch
interface_driver " "($NEUTRON_CONF_DIR/metering_agent.ini)neutron.agent.linux.interface.OVSInterfaceDriver
Linux " "Bridge
interface_driver " "($NEUTRON_CONF_DIR/metering_agent.ini)neutron.agent.linux.interface.BridgeInterfaceDriver
" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml387(para) msgid "" "The metering agent and the L3 agent have to have the same configuration " "regarding to the network namespaces setting." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml389(para) msgid "" "If the Linux installation does not support network namespace, you must " "disable using network namespace in the L3 metering config file (The default " "value of is True)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml396(title) msgid "L3 metering driver" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml397(para) msgid "" "A driver which implements the metering abstraction needs to be configured. " "Currently there is only one implementation which is based on iptables." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml402(title) msgid "L3 metering service driver" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml403(para) msgid "" "To enable L3 metering you have to be sure to set the following parameter in " "neutron.conf on the host that runs neutron-server:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml410(title) msgid "Limitations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml413(para) msgid "" "No equivalent for nova-network --multi_host flag: Nova-" "network has a model where the L3, NAT, and DHCP processing happen on the " "compute node itself, rather than a dedicated networking node. OpenStack " "Networking now support running multiple l3-agent and dhcp-agents with load " "being split across those agents, but the tight coupling of that scheduling " "with the location of the VM is not supported in Grizzly. The Havana release " "is expected to include an exact replacement for the --multi_host flag in " "nova-network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml427(para) msgid "" "Linux network namespace required on nodes running neutron-l3-agent or " "neutron-dhcp-" "agent if overlapping IPs are in use: . In order to " "support overlapping IP addresses, the OpenStack Networking DHCP and L3 " "agents use Linux network namespaces by default. The hosts running these " "processes must support network namespaces. To support network namespaces, " "the following are required:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml445(para) msgid "" "Linux kernel 2.6.24 or newer (with CONFIG_NET_NS=y in kernel configuration) " "and" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml450(para) msgid "" "iproute2 utilities ('ip' command) version 3.1.0 (aka 20111117) or newer" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml455(para) msgid "" "To check whether your host supports namespaces try running the following as " "root:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml459(para) msgid "" "If the preceding commands do not produce errors, your platform is likely " "sufficient to use the dhcp-agent or l3-agent with namespace. In our " "experience, Ubuntu 12.04 or later support namespaces as does Fedora 17 and " "new, but some older RHEL platforms do not by default. It may be possible to " "upgrade the iproute2 package on a platform that does not support namespaces " "by default." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml468(para) msgid "" "If you need to disable namespaces, make sure the " "neutron.conf used by neutron-server has the following " "setting:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml472(para) msgid "" "and that the dhcp_agent.ini and l3_agent.ini have the following setting:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml476(para) msgid "" "If the host does not support namespaces then the neutron-l3-agent and neutron-dhcp-agent should be run on different" " hosts. This is due to the fact that there is no isolation between the IP " "addresses created by the L3 agent and by the DHCP agent. By manipulating the" " routing the user can ensure that these networks have access to one another." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml488(para) msgid "" "If you run both L3 and DHCP services on the same node, you should enable " "namespaces to avoid conflicts with routes:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml496(para) msgid "" "No IPv6 support for L3 agent: The neutron-l3-agent, used by many " "plug-ins to implement L3 forwarding, supports only IPv4 forwarding. " "Currently, there are no errors provided if you configure IPv6 addresses via " "the API." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml507(para) msgid "" "ZeroMQ support is experimental: Some agents, including " "neutron-dhcp-agent, neutron-openvswitch-agent, and neutron-linuxbridge-agent use RPC to " "communicate. ZeroMQ is an available option in the configuration file, but " "has not been tested and should be considered experimental. In particular, " "issues might occur with ZeroMQ and the dhcp agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml522(para) msgid "" "MetaPlugin is experimental: This release includes a " "MetaPlugin that is intended to support multiple plug-ins at the same time " "for different API requests, based on the content of those API requests. The " "core team has not thoroughly reviewed or tested this functionality. Consider" " this functionality to be experimental until further validation is " "performed." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml6(title) msgid "Plug-in pagination and sorting support" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml8(caption) msgid "Plug-ins that support native pagination and sorting" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml13(th) msgid "Support Native Pagination" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml14(th) msgid "Support Native Sorting" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml20(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml21(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml25(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml26(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml30(td) #: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml31(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml396(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1191(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1324(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml133(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml234(td) msgid "True" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml6(title) msgid "High availability" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml7(para) msgid "" "The use of high availability in a Networking deployment helps mitigate the " "impact of individual node failures. In general, you can run neutron-server and neutron-dhcp-agent in an active/active fashion. " "You can run the neutron-l3-agent " "service as active/passive, which avoids IP conflicts with " "respect to gateway IP addresses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml21(title) msgid "Networking high availability with Pacemaker" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml22(para) msgid "" "You can run some Networking services in a cluster configuration " "(active/passive or active/active for Networking server only) with Pacemaker." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml25(para) msgid "Download the latest resources agents:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml28(para) msgid "" "neutron-server: https://github.com/madkiss" "/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml33(para) msgid "" "neutron-dhcp-agent: https://github.com/madkiss/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml38(para) msgid "" "neutron-l3-agent: https://github.com/madkiss/openstack-resource-agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml44(para) msgid "" "For information about how to build a cluster, see Pacemaker " "documentation." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml6(title) msgid "Advanced operational features" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml8(title) msgid "Logging settings" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml9(para) msgid "" "Networking components use Python logging module to do logging. Logging " "configuration can be provided in neutron.conf or as " "command-line options. Command options override ones in " "neutron.conf." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml14(para) msgid "" "To configure logging for Networking components, use one of these methods:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml18(para) msgid "Provide logging settings in a logging configuration file." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml20(para) msgid "" "See Python logging " "how-to to learn more about logging." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml24(para) msgid "Provide logging setting in neutron.conf" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml49(title) msgid "Notifications" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml50(para) msgid "" "Notifications can be sent when Networking resources such as network, subnet " "and port are created, updated or deleted." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml54(title) msgid "Notification options" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml55(para) msgid "" "To support DHCP agent, rpc_notifier driver must be set. To set up the " "notification, edit notification options in " "neutron.conf:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml85(title) msgid "Setting cases" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml87(title) msgid "Logging and RPC" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml88(para) msgid "" "These options configure the Networking server to send notifications through " "logging and RPC. The logging options are described in OpenStack " "Configuration Reference . RPC notifications go to " "'notifications.info' queue bound to a topic exchange defined by " "'control_exchange' in neutron.conf." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml127(title) msgid "Multiple RPC topics" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml128(para) msgid "" "These options configure the Networking server to send notifications to " "multiple RPC topics. RPC notifications go to 'notifications_one.info' and " "'notifications_two.info' queues bound to a topic exchange defined by " "'control_exchange' in neutron.conf." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml41(None) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml485(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1.png'; " "md5=6c8c80ff7e23cc2c7c7e1aa66e1fd8c0" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml80(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-compute.png'; " "md5=46509fcb546df0f43adb5350f2dd9fab" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml173(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-network.png'; " "md5=8eea1c1dbde433c46666c985751c3276" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml253(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-netns.png'; " "md5=de52650e491e4dc2946e827cd93e0a85" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml299(None) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml582(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2.png'; " "md5=148feb87744e7b04da21ec4f17503c75" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml341(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-compute.png'; " "md5=94603b4ec7904ac04bc1ed81a2d38f79" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml356(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-network.png'; " "md5=80aa67268b5ce7deddc41845e6313634" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml365(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-netns.png'; " "md5=d8878beff47037240d6f8c48f8d4d4c3" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml388(None) msgid "" "@@image: '../../common/figures/OVStunneling.png'; " "md5=16566954148d880dacbb570aafd48f14" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml525(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-" "compute.png'; md5=8270a65d291a628c7091997414046167" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml563(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-" "network.png'; md5=bd78453eb11ffebddf55484ca2cd125e" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml570(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-" "netns.png'; md5=915d10e90cbb18e887b4d5eb5ea15e58" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml625(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-" "compute.png'; md5=f68f0baeba932b219574e55853bd2300" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml640(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-" "network.png'; md5=25f818f7f9148152e5a8dbf6d530dcf6" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml648(None) msgid "" "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-" "netns.png'; md5=cdc0bd4b3e7988f7fedffefae4dae9d0" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml694(None) msgid "" "@@image: '../../common/figures/ml2_without_l2pop_full_mesh.png'; " "md5=881485c0686f20b82967d5b817932952" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml709(None) msgid "" "@@image: '../../common/figures/ml2_without_l2pop_partial_mesh.png'; " "md5=66fe83560a3e1880ffe3a85d80538f83" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml6(title) msgid "Networking scenarios" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml7(para) msgid "" "This chapter describes two networking scenarios and how the Open vSwitch " "plug-in and the Linux Bridge plug-in implement these scenarios." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml13(para) msgid "" "This section describes how the Open vSwitch plug-in implements the " "Networking abstractions." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml17(para) msgid "" "This example uses VLAN segmentation on the switches to isolate tenant " "networks. This configuration labels the physical network associated with the" " public network as physnet1, and the physical network " "associated with the data network as physnet2, which leads" " to the following configuration options in " "ovs_neutron_plugin.ini: " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml32(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml475(title) msgid "Scenario 1: one tenant, two networks, one router" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml33(para) msgid "" "The first scenario has two private networks (net01, and " "net02), each with one subnet " "(net01_subnet01: 192.168.101.0/24, " "net02_subnet01, 192.168.102.0/24). Both private networks " "are attached to a router that connects them to the public network " "(10.64.201.0/24)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml44(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml488(para) msgid "" "Under the service tenant, create the shared router, " "define the public network, and set it as the default gateway of the " "router" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml55(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml499(para) msgid "" "Under the demo user tenant, create the private network " "net01 and corresponding subnet, and connect it to the " "router01 router. Configure it to use VLAN ID 101 on the " "physical switch." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml66(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml510(para) msgid "" "Similarly, for net02, using VLAN ID 102 on the physical " "switch:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml76(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml519(title) msgid "Scenario 1: Compute host config" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml77(para) msgid "" "The following figure shows how to configure various Linux networking devices" " on the compute host:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml85(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml530(title) msgid "Types of network devices" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml86(para) msgid "" "There are four distinct type of virtual networking devices: TAP devices, " "veth pairs, Linux bridges, and Open vSwitch bridges. For an ethernet frame " "to travel from eth0 of virtual machine " "vm01 to the physical network, it must pass through nine " "devices inside of the host: TAP vnet0, Linux bridge " "qbrnnn, veth pair " "(qvbnnn, " "qvonnn), Open vSwitch bridge br-int, veth pair (int-br-eth1, phy-br-eth1), " "and, finally, the physical network interface card eth1." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml97(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml539(para) msgid "" "A TAP device, such as " "vnet0 is how hypervisors such as KVM and Xen implement a " "virtual network interface card (typically called a VIF or vNIC). An ethernet" " frame sent to a TAP device is received by the guest operating system." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml101(para) msgid "" "A veth pair is a pair of directly " "connected virtual network interfaces. An ethernet frame sent to one end of a" " veth pair is received by the other end of a veth pair. Networking uses veth" " pairs as virtual patch cables to make connections between virtual bridges." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml105(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml552(para) msgid "" "A Linux bridge behaves like a hub: you " "can connect multiple (physical or virtual) network interfaces devices to a " "Linux bridge. Any ethernet frames that come in from one interface attached " "to the bridge is transmitted to all of the other devices." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml109(para) msgid "" "An Open vSwitch bridge behaves like a " "virtual switch: network interface devices connect to Open vSwitch bridge's " "ports, and the ports can be configured much like a physical switch's ports, " "including VLAN configurations." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml115(title) msgid "Integration bridge" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml116(para) msgid "" "The br-int Open vSwitch bridge is the integration bridge:" " all guests running on the compute host connect to this bridge. Networking " "implements isolation across these guests by configuring the br-" "int ports." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml122(title) msgid "Physical connectivity bridge" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml123(para) msgid "" "The br-eth1 bridge provides connectivity to the physical " "network interface card, eth1. It connects to the " "integration bridge by a veth pair: (int-br-eth1, phy-br-" "eth1)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml128(title) msgid "VLAN translation" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml129(para) msgid "" "In this example, net01 and net02 have VLAN ids of 1 and 2, respectively. " "However, the physical network in our example only supports VLAN IDs in the " "range 101 through 110. The Open vSwitch agent is responsible for configuring" " flow rules on br-int and br-eth1 to " "do VLAN translation. When br-eth1 receives a frame marked" " with VLAN ID 1 on the port associated with phy-br-eth1, " "it modifies the VLAN ID in the frame to 101. Similarly, when br-" "int receives a frame marked with VLAN ID 101 on the port " "associated with int-br-eth1, it modifies the VLAN ID in " "the frame to 1." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml140(title) msgid "Security groups: iptables and Linux bridges" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml141(para) msgid "" "Ideally, the TAP device vnet0 would be connected directly" " to the integration bridge, br-int. Unfortunately, this " "isn't possible because of how OpenStack security groups are currently " "implemented. OpenStack uses iptables rules on the TAP devices such as " "vnet0 to implement security groups, and Open vSwitch is " "not compatible with iptables rules that are applied directly on TAP devices " "that are connected to an Open vSwitch port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml148(para) msgid "" "Networking uses an extra Linux bridge and a veth pair as a workaround for " "this issue. Instead of connecting vnet0 to an Open " "vSwitch bridge, it is connected to a Linux bridge, " "qbrXXX. This bridge is " "connected to the integration bridge, br-int, through the " "(qvbXXX, " "qvoXXX) veth pair." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml158(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml559(title) msgid "Scenario 1: Network host config" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml159(para) msgid "" "The network host runs the neutron-openvswitch-plugin-agent, the neutron-" "dhcp-agent, neutron-l3-agent, and neutron-metadata-agent services." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml161(para) msgid "" "On the network host, assume that eth0 is connected to the external network, " "and eth1 is connected to the data network, which leads to the following " "configuration in the ovs_neutron_plugin.ini file: " " The following figure shows the network devices on the " "network host:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml176(para) msgid "" "As on the compute host, there is an Open vSwitch integration bridge " "(br-int) and an Open vSwitch bridge connected to the data" " network (br-eth1), and the two are connected by a veth " "pair, and the neutron-openvswitch-plugin-agent configures the ports on both " "switches to do VLAN translation." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml181(para) msgid "" "An additional Open vSwitch bridge, br-ex, connects to the" " physical interface that is connected to the external network. In this " "example, that physical interface is eth0." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml184(para) msgid "" "While the integration bridge and the external bridge are connected by a veth" " pair (int-br-ex, phy-br-ex), this example uses layer 3 " "connectivity to route packets from the internal networks to the public " "network: no packets traverse that veth pair in this example." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml188(title) msgid "Open vSwitch internal ports" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml189(para) msgid "" "The network host uses Open vSwitch internal " "ports. Internal ports enable you to assign one or more IP " "addresses to an Open vSwitch bridge. In previous example, the br-" "int bridge has four internal ports: " "tapXXX, " "qr-YYY, " "qr-ZZZ, and " "tapWWW. Each internal port has" " a separate IP address associated with it. An internal port, qg-" "VVV, is on the br-ex bridge." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml202(para) msgid "" "By default, The Networking DHCP agent uses a process called dnsmasq to " "provide DHCP services to guests. Networking must create an internal port for" " each network that requires DHCP services and attach a dnsmasq process to " "that port. In the previous example, the " "tapXXX interface is on " "net01_subnet01, and the " "tapWWW interface is on " "net02_subnet01." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml212(title) msgid "L3 agent (routing)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml213(para) msgid "" "The Networking L3 agent uses Open vSwitch internal ports to implement " "routing and relies on the network host to route the packets across the " "interfaces. In this example, the qr-YYY interface is on " "net01_subnet01 and has the IP address 192.168.101.1/24. " "The qr-ZZZ, interface is on " "net02_subnet01 and has the IP address " "192.168.102.1/24. The " "qg-VVV interface has the IP " "address 10.64.201.254/24. Because each of these " "interfaces is visible to the network host operating system, the network host" " routes the packets across the interfaces, as long as an administrator has " "enabled IP forwarding." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml225(para) msgid "" "The L3 agent uses iptables to implement floating IPs to do the network " "address translation (NAT)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml229(title) msgid "Overlapping subnets and network namespaces" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml230(para) msgid "" "One problem with using the host to implement routing is that one of the " "Networking subnets might overlap with one of the physical networks that the " "host uses. For example, if the management network is implemented on " "eth2 and also happens to be on the " "192.168.101.0/24 subnet, routing problems will occur " "because the host can't determine whether to send a packet on this subnet to " "qr-YYY or eth2. If end users are " "permitted to create their own logical networks and subnets, you must design " "the system so that such collisions do not occur." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml239(para) msgid "" "Networking uses Linux network namespaces " "to prevent collisions between the physical networks on the " "network host, and the logical networks used by the virtual machines. It also" " prevents collisions across different logical networks that are not routed " "to each other, as the following scenario shows." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml244(para) msgid "" "A network namespace is an isolated environment with its own networking " "stack. A network namespace has its own network interfaces, routes, and " "iptables rules. Consider it a chroot jail, except for networking instead of " "for a file system. LXC (Linux containers) use network namespaces to " "implement networking virtualization." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml249(para) msgid "" "Networking creates network namespaces on the network host to avoid subnet " "collisions." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml258(para) msgid "" "qdhcp-aaa: contains the " "tapXXX interface and the " "dnsmasq process that listens on that interface to provide DHCP services for " "net01_subnet01. This allows overlapping IPs between " "net01_subnet01 and any other subnets on the network host." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml268(para) msgid "" "qrouter-bbbb: contains the " "qr-YYY, " "qr-ZZZ, and " "qg-VVV interfaces, and the " "corresponding routes. This namespace implements router01 " "in our example." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml277(para) msgid "" "qdhcp-ccc: contains the " "tapWWW interface and the " "dnsmasq process that listens on that interface, to provide DHCP services for" " net02_subnet01. This allows overlapping IPs between " "net02_subnet01 and any other subnets on the network host." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml256(para) msgid "" "In this example, there are three network namespaces, as shown in the figure " "above:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml291(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml576(title) msgid "Scenario 2: two tenants, two networks, two routers" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml293(para) msgid "" "In this scenario, tenant A and tenant B each have a network with one subnet " "and one router that connects the tenants to the public Internet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml302(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml585(para) msgid "" "Under the service tenant, define the public " "network:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml310(para) msgid "" "Under the tenantA user tenant, create the tenant router " "and set its gateway for the public network. Then, define " "private network net01 using VLAN ID 101 on the physical " "switch, along with its subnet, and connect it to the router. " "" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml323(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml606(para) msgid "" "Similarly, for tenantB, create a router and another " "network, using VLAN ID 102 on the physical switch:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml336(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml619(title) msgid "Scenario 2: Compute host config" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml337(para) msgid "" "The following figure shows how to configure Linux networking devices on the " "compute host:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml344(para) msgid "" "The compute host configuration resembles the configuration in scenario 1. " "However, in scenario 1, a guest connects to two subnets while in this " "scenario, the subnets belong to different tenants." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml351(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml635(title) msgid "Scenario 2: Network host config" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml352(para) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml636(para) msgid "" "The following figure shows the network devices on the network host for the " "second scenario." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml359(para) msgid "" "In this configuration, the network namespaces are organized to isolate the " "two subnets from each other as shown in the following figure." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml368(para) msgid "" "In this scenario, there are four network namespaces " "(qhdcp-aaa, " "qrouter-bbbb, " "qrouter-cccc, and " "qhdcp-dddd), instead of three." " Since there is no connectivity between the two networks, and so each router" " is implemented by a separate namespace." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml378(title) msgid "Configure Open vSwitch tunneling" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml379(para) msgid "" "Tunneling encapsulates network traffic between physical Networking hosts and" " allows VLANs to span multiple physical hosts. Instances communicate as if " "they share the same layer 2 network. Open vSwitch supports tunneling with " "the VXLAN and GRE encapsulation protocols." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml385(title) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml391(phrase) msgid "Example VXLAN tunnel" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml395(para) msgid "" "This diagram shows two instances running on separate hosts connected by a " "VXLAN tunnel. The required physical and virtual components are also " "illustrated. The following procedure creates a VXLAN or GRE tunnel between " "two Open vSwitches running on separate Networking hosts:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml401(title) msgid "Example tunnel configuration" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml403(para) msgid "Create a virtual bridge named OVS-BR0 on each participating host:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml412(para) msgid "" "Create a tunnel to link the OVS-BR0 virtual bridges. Run the ovs-vsctl " "command on HOST1 to create the tunnel and link it to the bridge on HOST2:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml415(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml433(emphasis) msgid "GRE tunnel command:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml421(emphasis) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml439(emphasis) msgid "VXLAN tunnel command:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml429(para) msgid "" "Run the ovs-vsctl command on HOST1 to create the tunnel and link it to the " "bridge on HOST2." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml447(para) msgid "" "Successful completion of these steps results in the two instances sharing a " "layer 2 network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml453(para) msgid "" "This section describes how the Linux Bridge plug-in implements the " "Networking abstractions. For information about DHCP and L3 agents, see ." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml459(para) msgid "" "This example uses VLAN isolation on the switches to isolate tenant networks." " This configuration labels the physical network associated with the public " "network as physnet1, and the physical network associated " "with the data network as physnet2, which leads to the " "following configuration options in " "linuxbridge_conf.ini: " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml476(para) msgid "" "The first scenario has two private networks (net01, and " "net02), each with one subnet " "(net01_subnet01: 192.168.101.0/24, " "net02_subnet01, 192.168.102.0/24). Both private networks " "are attached to a router that contains them to the public network " "(10.64.201.0/24)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml520(para) msgid "" "The following figure shows how to configure the various Linux networking " "devices on the compute host." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml531(para) msgid "" "There are three distinct type of virtual networking devices: TAP devices, " "VLAN devices, and Linux bridges. For an ethernet frame to travel from " "eth0 of virtual machine vm01, to the " "physical network, it must pass through four devices inside of the host: TAP " "vnet0, Linux bridge " "brqXXX, VLAN " "eth1.101), and, finally, the physical network interface " "card eth1." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml543(para) msgid "" "A VLAN device is associated with a VLAN" " tag attaches to an existing interface device and adds or removes VLAN tags." " In the preceding example, VLAN device eth1.101 is " "associated with VLAN ID 101 and is attached to interface " "eth1. Packets received from the outside by " "eth1 with VLAN tag 101 will be passed to device " "eth1.101, which will then strip the tag. In the other " "direction, any ethernet frame sent directly to eth1.101 will have VLAN tag " "101 added and will be forward to eth1 for sending out to " "the network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml560(para) msgid "The following figure shows the network devices on the network host." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml566(para) msgid "" "The following figure shows how the Linux Bridge plug-in uses network " "namespaces to provide isolation." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml567(para) msgid "" "veth pairs form connections between the Linux bridges and the network " "namespaces." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml577(para) msgid "" "The second scenario has two tenants (A, B). Each tenant has a network with " "one subnet, and each one has a router that connects them to the public " "Internet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml593(para) msgid "" "Under the tenantA user tenant, create the tenant router " "and set its gateway for the public network. Then, define " "private network net01 using VLAN ID 102 on the physical " "switch, along with its subnet, and connect it to the router. " "" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml620(para) msgid "" "The following figure shows how the various Linux networking devices would be" " configured on the compute host under this scenario." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml628(para) msgid "" "The configuration on the compute host is very similar to the configuration " "in scenario 1. The only real difference is that scenario 1 had a guest " "connected to two subnets, and in this scenario the subnets belong to " "different tenants." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml643(para) msgid "" "The main difference between the configuration in this scenario and the " "previous one is the organization of the network namespaces, in order to " "provide isolation across the two subnets, as shown in the following figure." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml651(para) msgid "" "In this scenario, there are four network namespaces " "(qhdcp-aaa, " "qrouter-bbbb, " "qrouter-cccc, and " "qhdcp-dddd), instead of three." " Each router is implemented by a separate namespace, since there is no " "connectivity between the two networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml663(para) msgid "" "The Modular Layer 2 plug-in allows OpenStack Networking to simultaneously " "utilize the variety of layer 2 networking technologies found in complex " "real-world data centers. It currently includes drivers for the local, flat, " "VLAN, GRE and VXLAN network types and works with the existing Open" " vSwitch, Linux Bridge , and " "HyperV L2 agents. The ML2 plug-in " "can be extended through mechanism drivers, allowing multiple mechanisms to " "be used simultaneously. This section describes different " "ML2 plug-in and agent configurations with different " "type drivers and mechanism drivers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml675(para) msgid "" "Previously, Networking deployments were only able to use the plug-in that " "had been selected at implementation time. For example, a deployment running " "the Open vSwitch plug-in was only able to use Open vSwitch exclusively; it " "wasn't possible to simultaneously run another plug-in such as Linux Bridge. " "This was found to be a limitation in environments with heterogeneous " "requirements." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml682(title) msgid "ML2 with L2 population mechanism driver" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml683(para) msgid "" "The L2 Population driver enables broadcast, multicast, and unicast traffic " "to scale out on large overlay networks. This traffic is sent to the relevant" " agent via encapsulation as a targeted unicast." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml687(para) msgid "" "Current Open vSwitch and Linux " "Bridge tunneling implementations broadcast to every agent, even " "if they don’t host the corresponding network as illustrated below." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml697(para) msgid "" "As broadcast emulation on overlay is costly, it may be better to avoid its " "use for MAC learning and ARP resolution. This supposes the use of proxy ARP " "on the agent to answer VM requests, and to populate forwarding table. " "Currently only the Linux Bridge Agent implements an ARP" " proxy. The prepopulation limits L2 broadcasts in overlay, however it may " "anyway be necessary to provide broadcast emulation. This is achieved by " "broadcasting packets via unicast only to the relevant agents as illustrated " "below.The partial-mesh is available with the Open " "vSwitch and Linux Bridge agents. The " "following scenarios will use the L2 population mechanism driver with an " "Open vSwitch agent and a Linux " "Bridge agent. Enable the l2 population driver by adding it to the" " list of mechanism drivers. In addition, a tunneling driver must be " "selected. Supported options are GRE, VXLAN, or a combination of both. " "Configuration settings are enabled in " "ml2_conf.ini:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml726(title) msgid "Scenario 1: L2 population with Open vSwitch agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml732(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml746(replaceable) msgid "192.168.1.10" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml735(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml186(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml193(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml210(literal) msgid "gre" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml735(replaceable) msgid "vxlan" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml727(para) msgid "" "Enable the l2 population extension in the Open vSwitch " "agent, and configure the and " " parameters in the " "ml2_conf.ini file: " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml739(title) msgid "Scenario 2: L2 population with Linux Bridge agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml740(para) msgid "" "Enable the l2 population extension on the Linux Bridge " "agent. Enable VXLAN and configure the local_ip parameter in " "ml2_conf.ini. " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml750(title) msgid "Enable security group API" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml751(para) msgid "" "Since the ML2 plug-in can concurrently support different L2 agents (or other" " mechanisms) with different configuration files, the actual " " value in the " "ml2_conf.ini file does not matter in the server, but " " must be set to a non-default value in the " "ml2 configuration to enable the securitygroup extension. To enable " "securitygroup API, edit the ml2_conf.ini " "file: Each L2 agent configuration file (such as " "ovs_neutron_plugin.ini or " "linuxbridge_conf.ini) should contain the appropriate " " value for that agent. To disable " "securitygroup API, edit theml2_conf.ini " "file: Also, each L2 agent configuration file (such as " "ovs_neutron_plugin.ini or " "linuxbridge_conf.ini) should contain this value in " " parameter for that agent." msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml123(None) msgid "" "@@image: '../../common/figures/Neutron-PhysNet-Diagram.png'; " "md5=ea581fd58c57da1a6c9512b82027a195" msgstr "" #. When image changes, this message will be marked fuzzy or untranslated for #. you. #. It doesn't matter what you translate it to: it's not used at all. #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml199(None) msgid "" "@@image: '../../common/figures/NetworkTypes.png'; " "md5=32a77fe63881b8bd9871c0a086dfaf59" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml4(title) msgid "Networking architecture" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml5(para) msgid "" "Before you deploy Networking, it's useful to understand the Networking " "services and how they interact with the OpenStack components." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml9(title) msgid "Overview" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml10(para) msgid "" "Networking is a standalone component in the OpenStack modular architecture. " "It's positioned alongside OpenStack components such as Compute, Image " "Service, Identity, or the Dashboard. Like those components, a deployment of " "Networking often involves deploying several services to a variety of hosts." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml15(para) msgid "" "The Networking server uses the neutron-" "server daemon to expose the Networking API and enable " "administration of the configured Networking plug-in. Typically, the plug-in " "requires access to a database for persistent storage (also similar to other " "OpenStack services)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml21(para) msgid "" "If your deployment uses a controller host to run centralized Compute " "components, you can deploy the Networking server to that same host. However," " Networking is entirely standalone and can be deployed to a dedicated host. " "Depending on your configuration, Networking can also include the following " "agents:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml28(caption) msgid "Networking agents" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml39(emphasis) msgid "plug-in agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml41(literal) msgid "neutron-*-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml39(td) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml48(td) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml55(td) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml63(td) msgid " ()" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml42(td) msgid "" "Runs on each hypervisor to perform local vSwitch configuration. The agent " "that runs depends on the plug-in that you use. Certain plug-ins do not " "require an agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml48(emphasis) msgid "dhcp agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml50(literal) msgid "neutron-dhcp-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml51(td) msgid "" "Provides DHCP services to tenant networks. Required by certain plug-ins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml55(emphasis) msgid "l3 agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml57(literal) msgid "neutron-l3-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml58(td) msgid "" "Provides L3/NAT forwarding to provide external network access for VMs on " "tenant networks. Required by certain plug-ins." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml63(emphasis) msgid "metering agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml64(literal) msgid "neutron-metering-agent" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml65(td) msgid "Provides L3 traffic metering for tenant networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml70(para) msgid "" "These agents interact with the main neutron process through RPC (for " "example, RabbitMQ or Qpid) or through the standard Networking API. In " "addition, Networking integrates with OpenStack components in a number of " "ways:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml76(para) msgid "" "Networking relies on the Identity service (Keystone) for the authentication " "and authorization of all API requests." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml81(para) msgid "" "Compute (Nova) interacts with Networking through calls to its standard API." "  As part of creating a VM, the nova-" "compute service communicates with the Networking API to plug " "each virtual NIC on the VM into a particular network. " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml90(para) msgid "" "The Dashboard (Horizon) integrates with the Networking API, enabling " "administrators and tenant users to create and manage network services " "through a web-based GUI." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml98(title) msgid "Place services on physical hosts" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml99(para) msgid "" "Like other OpenStack services, Networking enables you to run services across" " multiple physical devices. It is also possible to run all service daemons " "on a single physical host for evaluation purposes. Alternatively, you can " "run each service on a dedicated physical host and replicate certain services" " across multiple hosts for redundancy purposes. For more information, see " "the OpenStack Configuration Reference." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml107(para) msgid "" "A standard architectural design includes a cloud controller host, a network " "gateway host, and a number of hypervisors for hosting virtual machines. The " "cloud controller and network gateway can be on the same host. However, if " "you expect VMs to send significant traffic to or from the Internet, a " "dedicated network gateway host helps avoid CPU contention between the " "neutron-l3-agent and other " "OpenStack services that forward packets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml118(title) msgid "Network connectivity for physical hosts" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml126(para) msgid "" "A standard Networking deployment includes one or more of the following " "physical networks:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml131(caption) msgid "General distinct physical data center networks" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml143(emphasis) msgid "Management network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml145(td) msgid "" "Provides internal communication between OpenStack components. IP addresses " "on this network should be reachable only within the data center." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml151(emphasis) msgid "Data network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml153(td) msgid "" "Provides VM data communication within the cloud deployment. The IP " "addressing requirements of this network depend on the Networking plug-in " "that is used." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml160(emphasis) msgid "External network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml162(td) msgid "" "Provides VMs with Internet access in some deployment scenarios. Anyone on " "the Internet can reach IP addresses on this network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml168(emphasis) msgid "API network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml170(td) msgid "" "Exposes all OpenStack APIs, including the Networking API, to tenants. IP " "addresses on this network should be reachable by anyone on the Internet. The" " API network might be the same as the external network, because it is " "possible to create an external-network subnet that is allocated IP ranges " "that use less than the full range of IP addresses in an IP block." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml187(title) #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml195(title) msgid "Tenant and provider networks" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml188(para) msgid "" "The following diagram presents an overview of the tenant and provider " "network types, and illustrates how they interact within the overall " "Networking topology:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml205(title) msgid "Tenant networks" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml206(para) msgid "" "Tenant networks are created by users for connectivity within projects; they " "are fully isolated by default and are not shared with other projects. " "Networking supports a range of tenant network types:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml214(term) msgid "Flat" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml216(para) msgid "" "All instances reside on the same network, which can also be shared with the " "hosts. No VLAN tagging or other network segregation takes place." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml223(term) msgid "Local" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml225(para) msgid "" "Instances reside on the local compute host and are effectively isolated from" " any external networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml231(term) msgid "VLAN" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml233(para) msgid "" "Networking allows users to create multiple provider or tenant networks using" " VLAN IDs (802.1Q tagged) that correspond to VLANs present in the physical " "network. This allows instances to communicate with each other across the " "environment. They can also communicate with dedicated servers, firewalls, " "load balancers and other networking infrastructure on the same layer 2 VLAN." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml243(term) msgid "VXLAN and GRE" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml245(para) msgid "" "VXLAN and GRE use network overlays to support private communication between " "instances. A Networking router is required to enable traffic to traverse " "outside of the GRE or VXLAN tenant network. A router is also required to " "connect directly-connected tenant networks with external networks, including" " the Internet; the router provides the ability to connect to instances " "directly from an external network using floating IP addresses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml258(title) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml12(title) msgid "Provider networks" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_arch.xml259(para) msgid "" "Provider networks are created by the OpenStack administrator and map " "directly to an existing physical network in the data center. Useful network " "types in this category are flat (untagged) and VLAN (802.1Q tagged). It is " "possible to allow provider networks to be shared among tenants as part of " "the network creation process." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml6(title) msgid "Advanced features through API extensions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml7(para) msgid "" "Several plug-ins implement API extensions that provide capabilities similar " "to what was available in nova-network: These plug-ins are likely to be of " "interest to the OpenStack community." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml13(para) msgid "" "Networks can be categorized as either \"tenant networks\" or \"provider " "networks\". Tenant networks are created by normal users, and details about " "how they are physically realized are hidden from those users. Provider " "networks are created with administrative credentials, specifying the details" " of how the network is physically realized, usually to match some existing " "network in the data center." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml18(para) msgid "" "Provider networks enable cloud administrators to create Networking networks " "that map directly to the physical networks in the data center. This is " "commonly used to give tenants direct access to a public network that can be " "used to reach the Internet. It might also be used to integrate with VLANs in" " the network that already have a defined meaning (for example, enable a VM " "from the \"marketing\" department to be placed on the same VLAN as bare-" "metal marketing hosts in the same data center)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml24(para) msgid "" "The provider extension allows administrators to explicitly manage the " "relationship between Networking virtual networks and underlying physical " "mechanisms such as VLANs and tunnels. When this extension is supported, " "Networking client users with administrative privileges see additional " "provider attributes on all virtual networks, and are able to specify these " "attributes in order to create provider networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml32(para) msgid "" "The provider extension is supported by the Open vSwitch and Linux Bridge " "plug-ins. Configuration of these plug-ins requires familiarity with this " "extension." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml36(title) msgid "Terminology" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml37(para) msgid "" "A number of terms are used in the provider extension and in the " "configuration of plug-ins supporting the provider extension:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml41(caption) msgid "Provider extension terminology" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml46(th) msgid "Term" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml52(emphasis) msgid "virtual network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml54(td) msgid "" "An Networking L2 network (identified by a UUID and optional name) whose " "ports can be attached as vNICs to Compute instances and to various " "Networking agents. The Open vSwitch and Linux Bridge plug-ins each support " "several different mechanisms to realize virtual networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml63(emphasis) msgid "physical network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml65(td) msgid "" "A network connecting virtualization hosts (such as compute nodes) with each " "other and with other network resources. Each physical network might support " "multiple virtual networks. The provider extension and the plug-in " "configurations identify physical networks using simple string names." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml75(emphasis) msgid "tenant network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml77(td) msgid "" "A virtual network that a tenant or an administrator creates. The physical " "details of the network are not exposed to the tenant." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml83(emphasis) msgid "provider network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml85(td) msgid "" "A virtual network administratively created to map to a specific network in " "the data center, typically to enable direct access to non-OpenStack " "resources on that network. Tenants can be given access to provider networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml93(emphasis) msgid "VLAN network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml95(td) msgid "" "A virtual network implemented as packets on a specific physical network " "containing IEEE 802.1Q headers with a specific VID field value. VLAN " "networks sharing the same physical network are isolated from each other at " "L2, and can even have overlapping IP address spaces. Each distinct physical " "network supporting VLAN networks is treated as a separate VLAN trunk, with a" " distinct space of VID values. Valid VID values are 1 through 4094." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml109(emphasis) msgid "flat network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml111(td) msgid "" "A virtual network implemented as packets on a specific physical network " "containing no IEEE 802.1Q header. Each physical network can realize at most " "one flat network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml118(emphasis) msgid "local network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml120(td) msgid "" "A virtual network that allows communication within each host, but not across" " a network. Local networks are intended mainly for single-node test " "scenarios, but can have other uses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml127(emphasis) msgid "GRE network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml132(emphasis) msgid "tunnels" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml129(td) msgid "" "A virtual network implemented as network packets encapsulated using GRE. GRE" " networks are also referred to as . GRE tunnel packets are " "routed by the IP routing table for the host, so GRE networks are not " "associated by Networking with specific physical networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml139(emphasis) msgid "Virtual Extensible LAN (VXLAN) network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml141(td) msgid "" "VXLAN is a proposed encapsulation protocol for running an overlay network on" " existing Layer 3 infrastructure. An overlay network is a virtual network " "that is built on top of existing network Layer 2 and Layer 3 technologies to" " support elastic compute architectures." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml151(para) msgid "" "The ML2, Open vSwitch, and Linux Bridge plug-ins support VLAN networks, flat" " networks, and local networks. Only the ML2 and Open vSwitch plug-ins " "currently support GRE and VXLAN networks, provided that the required " "features exist in the hosts Linux kernel, Open vSwitch, and iproute2 " "packages." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml159(title) msgid "Provider attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml160(para) msgid "" "The provider extension extends the Networking network resource with these " "attributes:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml163(caption) msgid "Provider network attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml170(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml373(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml435(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml758(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml805(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1073(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1208(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1286(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1523(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1901(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2010(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2053(th) msgid "Attribute name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml171(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml374(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml436(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml759(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml806(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1074(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1209(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1287(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1524(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2011(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2054(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml124(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml197(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml301(th) msgid "Type" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml172(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml375(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml437(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml760(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml807(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1075(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1210(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1288(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1525(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2012(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2055(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml198(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml302(th) msgid "Default Value" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml178(td) msgid "provider:network_type" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml179(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml199(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml388(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml403(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml773(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml782(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml827(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml834(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml853(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1096(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1103(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1133(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1183(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1231(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1238(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1309(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1316(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1331(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1547(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1567(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2025(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2032(td) msgid "String" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml180(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml216(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml404(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml411(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml459(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml467(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml493(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml790(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml828(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml874(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1089(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1224(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1302(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1332(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1561(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1581(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2040(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2076(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2095(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml165(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml179(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml220(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml276(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml283(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml361(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml368(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml375(td) msgid "N/A" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml183(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml203(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml223(literal) msgid "flat" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml184(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml192(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml204(literal) msgid "vlan" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml185(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml194(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml209(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml224(literal) msgid "local" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml181(td) msgid "" "The physical mechanism by which the virtual network is implemented. Possible" " values are , , , and " ", corresponding to flat networks, VLAN networks, local " "networks, and GRE networks as defined above. All types of provider networks " "can be created by administrators, while tenant networks can be implemented " "as , , or network types " "depending on plug-in configuration." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml198(td) msgid "provider:physical_network" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml200(td) msgid "" "If a physical network named \"default\" has been configured, and if " "provider:network_type is or , then " "\"default\" is used." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml206(td) msgid "" "The name of the physical network over which the virtual network is " "implemented for flat and VLAN networks. Not applicable to the " " or network types." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml214(td) msgid "provider:segmentation_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml215(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml841(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml847(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1173(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1553(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1560(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1574(td) msgid "Integer" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml217(td) msgid "" "For VLAN networks, the VLAN VID on the physical network that realizes the " "virtual network. Valid VLAN VIDs are 1 through 4094. For GRE networks, the " "tunnel ID. Valid tunnel IDs are any 32 bit unsigned integer. Not applicable " "to the or network types." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml229(para) msgid "" "To view or set provider extended attributes, a client must be authorized for" " the extension:provider_network:view and " "extension:provider_network:set actions in the Networking policy" " configuration. The default Networking configuration authorizes both actions" " for users with the admin role. An authorized client or an administrative " "user can view and set the provider extended attributes through Networking " "API calls. See for details on " "policy configuration." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml242(title) msgid "Provider extension API operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml243(para) msgid "" "To use the provider extension with the default policy settings, you must " "have the administrative role." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml246(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "provider extension API operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml250(caption) msgid "Basic provider extension API operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml256(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml516(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml893(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml971(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1599(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2116(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml401(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml482(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml614(th) msgid "Operation" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml257(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml517(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml894(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml972(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1600(th) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2117(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml402(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml483(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml542(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml615(th) msgid "Command" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml263(para) msgid "Shows all attributes of a network, including provider attributes." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml272(para) msgid "Creates a local provider network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml280(para) msgid "" "Creates a flat provider network. When you create flat networks, <phys-" "net-name> must be known to the plug-in. See the OpenStack " "Configuration Reference for details." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml295(para) msgid "" "Creates a VLAN provider network. When you create VLAN networks, <phys-" "net-name> must be known to the plug-in. See the OpenStack " "Configuration Reference for details on configuring " "network_vlan_ranges to identify all physical networks. When you create VLAN " "networks, <VID> can fall either within or outside any configured " "ranges of VLAN IDs from which tenant networks are allocated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml316(para) msgid "" "Creates a GRE provider network. When you create GRE networks, <tunnel-" "id> can be either inside or outside any tunnel ID ranges from which " "tenant networks are allocated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml322(para) msgid "" "After you create provider networks, you can allocate subnets, which you can " "use in the same way as other virtual networks, subject to authorization " "policy based on the specified <tenant_id>." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml338(title) msgid "L3 routing and NAT" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml339(para) msgid "" "The Networking API provides abstract L2 network segments that are decoupled " "from the technology used to implement the L2 network. Networking includes an" " API extension that provides abstract L3 routers that API users can " "dynamically provision and configure. These Networking routers can connect " "multiple L2 Networking networks, and can also provide a gateway that " "connects one or more private L2 networks to a shared external network. For " "example, a public network for access to the Internet. See the " "OpenStack Configuration Reference for details on " "common models of deploying Networking L3 routers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml352(para) msgid "" "The L3 router provides basic NAT capabilities on gateway ports that uplink " "the router to external networks. This router SNATs all traffic by default, " "and supports floating IPs, which creates a static one-to-one mapping from a " "public IP on the external network to a private IP on one of the other " "subnets attached to the router. This allows a tenant to selectively expose " "VMs on private networks to other hosts on the external network (and often to" " all hosts on the Internet). You can allocate and map floating IPs from one " "port to another, as needed." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml364(title) msgid "L3 API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml366(caption) msgid "Router" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml381(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml443(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml766(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml813(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1081(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1216(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1294(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1531(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2018(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2061(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml140(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml255(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml340(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml422(option) msgid "id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml382(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml410(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml444(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml458(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml466(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml475(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml492(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml767(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml789(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml814(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml873(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1082(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1088(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1217(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1223(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1295(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1301(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1532(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1580(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2019(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2039(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2062(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2075(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml141(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml178(td) msgid "uuid-str" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml383(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml445(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml768(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml815(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1083(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1218(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1296(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1533(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2020(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2063(td) msgid "generated" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml384(td) msgid "UUID for the router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml387(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml772(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1095(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1230(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1308(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1546(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2024(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml146(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml267(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml352(option) msgid "name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml389(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml774(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml783(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml835(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml842(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml848(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml854(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml861(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1097(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1104(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1134(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1146(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1152(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1160(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1168(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1174(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1232(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1239(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1256(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1310(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1317(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1361(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1548(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2026(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2033(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml148(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml269(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml318(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml326(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml354(td) msgid "None" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml390(td) msgid "Human-readable name for the router. Might not be unique." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml394(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1322(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml131(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml308(option) msgid "admin_state_up" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml395(td) msgid "Bool" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml397(td) msgid "" "The administrative state of router. If false (down), the router does not " "forward packets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml402(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1330(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml163(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml366(option) msgid "status" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml405(para) msgid "Indicates whether router is currently operational." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml409(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml491(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml788(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml872(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1087(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1222(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1300(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1579(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2038(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml177(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml281(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml373(option) msgid "tenant_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml412(td) msgid "" "Owner of the router. Only admin users can specify a tenant_id other than its" " own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml417(td) msgid "external_gateway_info" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml418(td) msgid "dict contain 'network_id' key-value pair" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml420(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml476(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml484(td) msgid "Null" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml421(td) msgid "" "External network that this router connects to for gateway services (for " "example, NAT)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml428(caption) msgid "Floating IP" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml446(td) msgid "UUID for the floating IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml449(td) msgid "floating_ip_address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml450(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml483(td) msgid "string (IP address)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml451(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml821(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1112(td) msgid "allocated by Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml452(td) msgid "" "The external network IP address available to be mapped to an internal IP " "address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml457(td) msgid "floating_network_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml460(para) msgid "" "The network indicating the set of subnets from which the floating IP should " "be allocated" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml465(td) msgid "router_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml468(td) msgid "" "Read-only value indicating the router that connects the external network to " "the associated internal port, if a port is associated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml474(td) msgid "port_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml477(td) msgid "" "Indicates the internal Networking port associated with the external floating" " IP." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml482(td) msgid "fixed_ip_address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml485(td) msgid "" "Indicates the IP address on the internal port that is mapped to by the " "floating IP (since an Networking port might have more than one IP address)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml494(td) msgid "" "Owner of the Floating IP. Only admin users can specify a tenant_id other " "than its own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml503(title) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml511(caption) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2111(caption) msgid "Basic L3 operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml504(para) msgid "" "External networks are visible to all users. However, the default policy " "settings enable only administrative users to create, update, and delete " "external networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml508(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "L3 operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml523(para) msgid "Creates external networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml532(para) msgid "Lists external networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml538(para) msgid "" "Creates an internal-only router that connects to multiple L2 networks " "privately." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml553(para) msgid "" "Connects a router to an external network, which enables that router to act " "as a NAT gateway for external connectivity." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml559(para) msgid "" "The router obtains an interface with the gateway_ip address of the subnet, " "and this interface is attached to a port on the L2 Networking network " "associated with the subnet. The router also gets a gateway interface to the " "specified external network. This provides SNAT connectivity to the external " "network as well as support for floating IPs allocated on that external " "networks. Commonly an external network maps to a network in the provider" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml576(para) msgid "Lists routers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml583(para) msgid "Shows information for a specified router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml591(para) msgid "Shows all internal interfaces for a router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml597(para) msgid "" "Identifies the port-id that represents the VM NIC to " "which the floating IP should map." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml603(para) msgid "" "This port must be on an Networking subnet that is attached to a router " "uplinked to the external network used to create the floating IP. " "Conceptually, this is because the router must be able to perform the " "Destination NAT (DNAT) rewriting of packets from the Floating IP address " "(chosen from a subnet on the external network) to the internal Fixed IP " "(chosen from a private subnet that is behind the router)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml619(para) msgid "Creates a floating IP address and associates it with a port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml628(para) msgid "" "Creates a floating IP address and associates it with a port, in a single " "step." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml637(para) msgid "Lists floating IPs." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml644(para) msgid "Finds floating IP for a specified VM port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml652(para) msgid "Disassociates a floating IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml660(para) msgid "Deletes the floating IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml668(para) msgid "Clears the gateway." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml675(para) msgid "Removes the interfaces from the router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml683(para) msgid "Deletes the router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml694(title) msgid "Security groups" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml695(para) msgid "" "Security groups and security group rules allows administrators and tenants " "the ability to specify the type of traffic and direction (ingress/egress) " "that is allowed to pass through a port. A security group is a container for " "security group rules." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml700(para) msgid "" "When a port is created in Networking it is associated with a security group." " If a security group is not specified the port is associated with a " "'default' security group. By default, this group drops all ingress traffic " "and allows all egress. Rules can be added to this group in order to change " "the behaviour." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml706(para) msgid "" "To use the Compute security group APIs or use Compute to orchestrate the " "creation of ports for instances on specific security groups, you must " "complete additional configuration. You must configure the " "/etc/nova/nova.conf file and set the " "security_group_api=neutron option on every node that runs " "nova-compute and nova-api. After you make this change, restart" " nova-api and nova-compute to pick up this change. Then, " "you can use both the Compute and OpenStack Network security group APIs at " "the same time." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml723(para) msgid "" "To use the Compute security group API with Networking, the Networking plug-" "in must implement the security group API. The following plug-ins currently " "implement this: ML2, Open vSwitch, Linux Bridge, NEC, Ryu, and VMware NSX." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml731(para) msgid "" "You must configure the correct firewall driver in the " "securitygroup section of the plug-in/agent configuration " "file. Some plug-ins and agents, such as Linux Bridge Agent and Open vSwitch " "Agent, use the no-operation driver as the default, which results in non-" "working security groups." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml740(para) msgid "" "When using the security group API through Compute, security groups are " "applied to all ports on an instance. The reason for this is that Compute " "security group APIs are instances based and not port based as Networking." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml749(title) msgid "Security group API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml751(caption) msgid "Security group attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml769(td) msgid "UUID for the security group." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml775(td) msgid "" "Human-readable name for the security group. Might not be unique. Cannot be " "named default as that is automatically created for a tenant." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml781(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1102(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1237(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1315(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2031(td) msgid "description" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml784(td) msgid "Human-readable description of a security group." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml791(td) msgid "" "Owner of the security group. Only admin users can specify a tenant_id other " "than their own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml798(caption) msgid "Security group rules" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml816(td) msgid "UUID for the security group rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml819(td) msgid "security_group_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml820(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml866(td) msgid "uuid-str or Integer" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml822(td) msgid "The security group to associate rule with." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml826(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2067(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2161(replaceable) msgid "direction" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml829(td) msgid "The direction the traffic is allow (ingress/egress) from a VM." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml833(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1132(td) msgid "protocol" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml836(td) msgid "IP Protocol (icmp, tcp, udp, and so on)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml840(td) msgid "port_range_min" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml843(td) msgid "Port at start of range" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml846(td) msgid "port_range_max" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml849(td) msgid "Port at end of range" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml852(td) msgid "ethertype" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml855(td) msgid "ethertype in L2 packet (IPv4, IPv6, and so on)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml859(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2093(td) msgid "remote_ip_prefix" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml860(td) msgid "string (IP cidr)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml862(td) msgid "CIDR for address range" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml865(td) msgid "remote_group_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml867(td) msgid "allocated by Networking or Compute" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml868(td) msgid "Source security group to apply to rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml875(td) msgid "" "Owner of the security group rule. Only admin users can specify a tenant_id " "other than its own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml883(title) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml888(caption) msgid "Basic security group operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml884(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "security group operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml900(para) msgid "Creates a security group for our web servers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml906(para) msgid "Lists security groups." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml912(para) msgid "Creates a security group rule to allow port 80 ingress." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml919(para) msgid "Lists security group rules." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml925(para) msgid "Deletes a security group rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml932(para) msgid "Deletes a security group." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml938(para) msgid "Creates a port and associates two security groups." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml945(para) msgid "Removes security groups from a port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml956(title) msgid "Basic Load-Balancer-as-a-Service operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml958(para) msgid "" "The Load-Balancer-as-a-Service (LBaaS) API provisions and configures load " "balancers. The Havana release offers a reference implementation that is " "based on the HAProxy software load balancer." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml963(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "LBaaS operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml966(caption) msgid "Basic LBaaS operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml978(para) msgid "Creates a load balancer pool by using specific provider." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml980(para) msgid "" "--provider is an optional argument. If not used, the " "pool is created with default provider for LBaaS service. You should " "configure the default provider in the [service_providers]" " section of neutron.conf file. If no default provider " "is specified for LBaaS, the --provider option is " "required for pool creation." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml994(parameter) msgid "--provider <provider_name>" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml998(para) msgid "Associates two web servers with pool." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1006(para) msgid "" "Creates a health monitor which checks to make sure our instances are still " "running on the specified protocol-port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1014(para) msgid "Associates a health monitor with pool." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1021(para) msgid "" "Creates a virtual IP (VIP) address that, when accessed through the load " "balancer, directs the requests to one of the pool members." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1034(title) msgid "Firewall-as-a-Service" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1035(para) msgid "" "The Firewall-as-a-Service (FWaaS) API is an experimental API that enables " "early adopters and vendors to test their networking implementations." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1038(para) msgid "" "The FWaaS is backed by a reference " "implementation that works with the Networking OVS plug-in and " "provides perimeter firewall functionality. It leverages the footprint of the" " Networking OVS L3 agent and an IPTables driver to apply the firewall rules " "contained in a particular firewall policy. This reference implementation " "supports one firewall policy and consequently one logical firewall instance " "for each tenant. This is not a constraint of the resource model, but of the " "current reference implementation. The firewall is present on a Networking " "virtual router. If a tenant has multiple routers, the firewall is present on" " all the routers. If a tenant does not have any router, the firewall is in " "PENDING_CREATE state until a router is created and the first " "interface is added to the router. At that point the firewall policy is " "immediately applied to the router and the firewall changes to " "ACTIVE state." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1058(para) msgid "" "Because this is the first iteration of this implementation, it should " "probably not be run in production environments without adequate testing." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1064(title) msgid "Firewall-as-a-Service API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1066(caption) msgid "Firewall rules" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1084(td) msgid "UUID for the firewall rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1090(td) msgid "" "Owner of the firewall rule. Only admin users can specify a tenant_id other " "than its own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1098(td) msgid "Human readable name for the firewall rule (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1105(td) msgid "" "Human readable description for the firewall rule (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1110(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1359(td) msgid "firewall_policy_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1111(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1360(td) msgid "uuid-str or None" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1113(td) msgid "" "This is a read-only attribute that gets populated with the uuid of the " "firewall policy when this firewall rule is associated with a firewall " "policy. A firewall rule can be associated with only one firewall policy at a" " time. However, the association can be changed to a different firewall " "policy." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1123(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1245(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml153(option) msgid "shared" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1124(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1190(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1246(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1264(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1323(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1538(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2084(td) msgid "Boolean" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1125(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1247(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1265(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1842(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2085(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml155(td) msgid "False" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1126(td) msgid "" "When set to True makes this firewall rule visible to tenants other than its " "owner, and it can be used in firewall policies not owned by its tenant." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1135(td) msgid "IP Protocol (icmp, tcp, udp, None)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1138(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml261(option) msgid "ip_version" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1139(td) msgid "Integer or String" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1140(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml263(td) msgid "4" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1141(td) msgid "IP Version (4, 6)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1144(td) msgid "source_ip_address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1145(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1151(td) msgid "String (IP address or CIDR)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1147(td) msgid "Source IP address or CIDR." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1150(td) msgid "destination_ip_address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1153(td) msgid "Destination IP address or CIDR." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1156(td) msgid "source_port" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1157(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1165(td) msgid "" "Integer or String (either as a single port number or in the format of a ':' " "separated range)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1161(td) msgid "Source port number or a range." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1164(td) msgid "destination_port" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1169(td) msgid "Destination port number or a range." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1172(td) msgid "position" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1175(td) msgid "" "This is a read-only attribute that gets assigned to this rule when the rule " "is associated with a firewall policy. It indicates the position of this rule" " in that firewall policy." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1182(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1927(td) msgid "action" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1184(td) msgid "deny" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1185(td) msgid "Action to be performed on the traffic matching the rule (allow, deny)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1189(td) msgid "enabled" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1192(td) msgid "" "When set to False, disables this rule in the firewall policy. Facilitates " "selectively turning off rules without having to disassociate the rule from " "the firewall policy." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1201(caption) msgid "Firewall policies" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1219(td) msgid "UUID for the firewall policy." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1225(td) msgid "" "Owner of the firewall policy. Only admin users can specify a tenant_id other" " their own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1233(td) msgid "Human readable name for the firewall policy (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1240(td) msgid "" "Human readable description for the firewall policy (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1248(td) msgid "" "When set to True makes this firewall policy visible to tenants other than " "its owner, and can be used to associate with firewalls not owned by its " "tenant." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1254(td) msgid "firewall_rules" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1255(td) msgid "List of uuid-str or None" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1257(td) msgid "" "This is an ordered list of firewall rule uuids. The firewall applies the " "rules in the order in which they appear in this list." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1263(td) msgid "audited" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1266(td) msgid "" "When set to True by the policy owner indicates that the firewall policy has " "been audited. This attribute is meant to aid in the firewall policy audit " "workflows. Each time the firewall policy or the associated firewall rules " "are changed, this attribute is set to False and must be explicitly set to " "True through an update operation." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1279(caption) msgid "Firewalls" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1297(td) msgid "UUID for the firewall." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1303(td) msgid "" "Owner of the firewall. Only admin users can specify a tenant_id other than " "its own." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1311(td) msgid "Human readable name for the firewall (255 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1318(td) msgid "Human readable description for the firewall (1024 characters limit)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1325(td) msgid "" "The administrative state of the firewall. If False (down), the firewall does" " not forward any packets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1333(para) msgid "" "Indicates whether the firewall is currently operational. Possible values " "include:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1338(para) msgid "ACTIVE" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1341(para) msgid "DOWN" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1344(para) msgid "PENDING_CREATE" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1347(para) msgid "PENDING_UPDATE" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1350(para) msgid "PENDING_DELETE" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1353(para) msgid "ERROR" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1362(td) msgid "" "The firewall policy uuid that this firewall is associated with. This " "firewall implements the rules contained in the firewall policy represented " "by this uuid." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1372(title) msgid "Basic Firewall-as-a-Service operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1375(para) msgid "Create a firewall rule:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1377(para) msgid "" "The CLI requires that a protocol value be provided. If the rule is protocol " "agnostic, the 'any' value can be used." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1380(para) msgid "" "In addition to the protocol attribute, other attributes can be specified in " "the firewall rule. See the previous section for the supported attributes." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1386(para) msgid "Create a firewall policy:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1388(para) msgid "" "The order of the rules specified above is important. A firewall policy can " "be created without any rules and rules can be added later either via the " "update operation (if adding multiple rules) or via the insert-rule operation" " (if adding a single rule). Please check the CLI help for more details on " "these operations." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1397(para) msgid "" "The reference implementation always adds a default deny all rule at the end " "of each policy. This implies that if a firewall policy is created without " "any rules and is associated with a firewall, that firewall blocks all " "traffic." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1406(para) msgid "Create a firewall:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1411(para) msgid "" "The FWaaS features and the above workflow can also be accessed from the " "Horizon user interface. This support is disabled by default, but can be " "enabled by configuring " "#HORIZON_DIR/openstack_dashboard/local/local_settings.py " " and setting:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1423(title) msgid "Allowed-address-pairs" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1424(para) msgid "" "Allowed-address-pairs is an API extension that extends the port attribute. " "This extension allows one to specify arbitrary mac_address/ip_address(cidr) " "pairs that are allowed to pass through a port regardless of subnet. The main" " use case for this is to enable the ability to use protocols such as VRRP " "which floats an ip address between two instances to enable fast data plane " "failover." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1432(para) msgid "" "The allowed-address-pairs extension is currently only supported by these " "plug-ins: ML2, Open vSwitch, and VMware NSX." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1437(title) msgid "Basic allowed address pairs operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1440(para) msgid "Create a port with a specific allowed-address-pairs:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1445(para) msgid "Update a port adding allowed-address-pairs:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1451(para) msgid "" "Setting an allowed-address-pair that matches the mac_address and ip_address " "of a port is prevented. This is because that would have no effect since " "traffic matching the mac_address and ip_address is already allowed to pass " "through the port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1458(para) msgid "" "If your plug-in implements the port-security extension port-security-enabled" " must be set to True on the port in order to have allowed-address-pairs on a" " port. The reason for this is because if port-security-enabled is set to " "False this allows all traffic to be passed through the port thus having " "allowed-address-pairs would have no effect." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1471(title) msgid "Plug-in specific extensions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1473(para) msgid "" "Each vendor can choose to implement additional API extensions to the core " "API. This section describes the extensions for each plug-in." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1477(title) msgid "VMware NSX extensions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1478(para) msgid "These sections explain NSX plug-in extensions." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1481(title) msgid "VMware NSX QoS extension" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1482(para) msgid "" "The VMware NSX QoS extension rate-limits network ports to guarantee a " "specific amount of bandwidth for each port. This extension, by default, is " "only accessible by a tenant with an admin role but is configurable through " "the policy.json file. To use this extension, create a " "queue and specify the min/max bandwidth rates (kbps) and optionally set the " "QoS Marking and DSCP value (if your network fabric uses these values to make" " forwarding decisions). Once created, you can associate a queue with a " "network. Then, when ports are created on that network they are automatically" " created and associated with the specific queue size that was associated " "with the network. Because one size queue for a every port on a network might" " not be optimal, a scaling factor from the Nova flavor 'rxtx_factor' is " "passed in from Compute when creating the port to scale the queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1501(para) msgid "" "Lastly, if you want to set a specific baseline QoS policy for the amount of " "bandwidth a single port can use (unless a network queue is specified with " "the network a port is created on) a default queue can be created in " "Networking which then causes ports created to be associated with a queue of " "that size times the rxtx scaling factor. Note that after a network or " "default queue is specified, queues are added to ports that are subsequently " "created but are not added to existing ports." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1514(title) msgid "VMware NSX QoS API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1516(caption) msgid "VMware NSX QoS attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1534(td) msgid "UUID for the QoS queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1539(td) msgid "False by default" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1540(td) msgid "" "If True, ports are created with this queue size unless the network port is " "created or associated with a queue at port creation time." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1549(td) msgid "Name for QoS queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1552(td) msgid "min" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1554(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1575(td) msgid "0" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1555(td) msgid "Minimum Bandwidth Rate (kbps)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1559(td) msgid "max" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1562(td) msgid "Maximum Bandwidth Rate (kbps)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1566(td) msgid "qos_marking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1568(td) msgid "untrusted by default" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1569(td) msgid "Whether QoS marking should be trusted or untrusted." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1573(td) msgid "dscp" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1576(td) msgid "DSCP Marking value." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1582(td) msgid "The owner of the QoS queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1588(title) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1593(caption) msgid "Basic VMware NSX QoS operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1589(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "queue operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1606(para) msgid "Creates QoS Queue (admin-only)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1614(para) msgid "Associates a queue with a network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1622(para) msgid "Creates a default system queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1628(para) msgid "Lists QoS queues." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1635(para) msgid "Deletes a QoS queue." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1646(title) msgid "VMware NSX provider networks extension" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1647(para) msgid "" "Provider networks can be implemented in different ways by the underlying NSX" " platform." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1650(para) msgid "" "The FLAT and VLAN network types " "use bridged transport connectors. These network types enable the attachment " "of large number of ports. To handle the increased scale, the NSX plug-in can" " back a single OpenStack Network with a chain of NSX logical switches. You " "can specify the maximum number of ports on each logical switch in this chain" " on the max_lp_per_bridged_ls parameter, which has a " "default value of 5,000." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1662(para) msgid "" "The recommended value for this parameter varies with the NSX version running" " in the back-end, as shown in the following table." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1666(caption) msgid "Recommended values for max_lp_per_bridged_ls" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1672(td) msgid "NSX version" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1673(td) msgid "Recommended Value" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1678(td) msgid "2.x" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1679(td) msgid "64" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1682(td) msgid "3.0.x" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1683(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1687(td) msgid "5,000" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1686(td) msgid "3.1.x" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1690(td) msgid "3.2.x" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1691(td) msgid "10,000" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1695(para) msgid "" "In addition to these network types, the NSX plug-in also supports a special " "l3_ext network type, which maps external networks to " "specific NSX gateway services as discussed in the next section." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1703(title) msgid "VMware NSX L3 extension" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1704(para) msgid "" "NSX exposes its L3 capabilities through gateway services which are usually " "configured out of band from OpenStack. To use NSX with L3 capabilities, " "first create a L3 gateway service in the NSX Manager. Next, in " "/etc/neutron/plugins/vmware/nsx.ini set " "default_l3_gw_service_uuid to this value. By default, " "routers are mapped to this gateway service." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1714(title) msgid "VMware NSX L3 extension operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1715(para) msgid "Create external network and map it to a specific NSX gateway service:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1719(para) msgid "Terminate traffic on a specific VLAN from a NSX gateway service:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1726(title) msgid "Operational status synchronization in the VMware NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1728(para) msgid "" "Starting with the Havana release, the VMware NSX plug-in provides an " "asynchronous mechanism for retrieving the operational status for neutron " "resources from the NSX back-end; this applies to " "network, port, and " "router resources." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1735(para) msgid "" "The back-end is polled periodically, and the status for every resource is " "retrieved; then the status in the Networking database is updated only for " "the resources for which a status change occurred. As operational status is " "now retrieved asynchronously, performance for GET " "operations is consistently improved." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1743(para) msgid "" "Data to retrieve from the back-end are divided in chunks in order to avoid " "expensive API requests; this is achieved leveraging NSX APIs response paging" " capabilities. The minimum chunk size can be specified using a configuration" " option; the actual chunk size is then determined dynamically according to: " "total number of resources to retrieve, interval between two synchronization " "task runs, minimum delay between two subsequent requests to the NSX back-" "end." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1754(para) msgid "" "The operational status synchronization can be tuned or disabled using the " "configuration options reported in this table; it is however worth noting " "that the default values work fine in most cases." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1760(caption) msgid "" "Configuration options for tuning operational status synchronization in the " "NSX plug-in" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1770(th) msgid "Option name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1771(th) msgid "Group" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1772(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml125(th) msgid "Default value" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1773(th) msgid "Type and constraints" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1774(th) msgid "Notes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1779(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1786(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1810(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1828(literal) msgid "state_sync_interval" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1780(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1795(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1807(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1820(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1841(literal) msgid "nsx_sync" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1781(td) msgid "120 seconds" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1782(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1822(td) msgid "Integer; no constraint." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1783(td) msgid "" "Interval in seconds between two run of the synchronization task. If the " "synchronization task takes more than seconds to execute, a " "new instance of the task is started as soon as the other is completed. " "Setting the value for this option to 0 will disable the synchronization " "task." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1794(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1801(literal) msgid "max_random_sync_delay" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1796(td) msgid "0 seconds" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1798(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1806(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1830(literal) msgid "min_sync_req_delay" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1797(td) msgid "Integer. Must not exceed " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1799(td) msgid "" "When different from zero, a random delay between 0 and will" " be added before processing the next chunk." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1808(td) msgid "10 seconds" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1809(td) msgid "Integer. Must not exceed ." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1811(td) msgid "" "The value of this option can be tuned according to the observed load on the " "NSX controllers. Lower values will result in faster synchronization, but " "might increase the load on the controller cluster." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1819(literal) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1834(literal) msgid "min_chunk_size" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1821(td) msgid "500 resources" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1823(td) msgid "" "Minimum number of resources to retrieve from the back-end for each " "synchronization chunk. The expected number of synchronization chunks is " "given by the ratio between and . This size " "of a chunk might increase if the total number of resources is such that more" " than resources must be fetched in one chunk with the " "current number of chunks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1840(literal) msgid "always_read_status" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1843(td) msgid "Boolean; no constraint." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1847(literal) msgid "GET" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1844(td) msgid "" "When this option is enabled, the operational status will always be retrieved" " from the NSX back-end ad every request. In this case it is" " advisable to disable the synchronization task." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1853(para) msgid "" "When running multiple OpenStack Networking server instances, the status " "synchronization task should not run on every node; doing so sends " "unnecessary traffic to the NSX back-end and performs unnecessary DB " "operations. Set the configuration " "option to a non-zero value exclusively on a node designated for back-end " "status synchronization." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1862(para) msgid "" "The fields=status parameter in Networking API " "requests always triggers an explicit query to the NSX back end, even when " "you enable asynchronous state synchronization. For example, GET " "/v2.0/networks/<net-id>?fields=status&fields=name." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1871(title) msgid "Big Switch plug-in extensions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1872(para) msgid "" "This section explains the Big Switch Neutron plug-in-specific extension." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1875(title) msgid "Big Switch router rules" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1876(para) msgid "" "Big Switch allows router rules to be added to each tenant router. These " "rules can be used to enforce routing policies such as denying traffic " "between subnets or traffic to external networks. By enforcing these at the " "router level, network segmentation policies can be enforced across many VMs " "that have differing security groups." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1884(title) msgid "Router rule attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1885(para) msgid "" "Each tenant router has a set of router rules associated with it. Each router" " rule has the attributes in this table. Router rules and their attributes " "can be set using the command, through the Horizon interface" " or the Neutron API." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1893(caption) msgid "Big Switch Router rule attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1902(th) msgid "Required" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1903(th) msgid "Input Type" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1909(td) msgid "source" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1911(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1920(td) msgid "A valid CIDR or one of the keywords 'any' or 'external'" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1913(td) msgid "" "The network that a packet's source IP must match for the rule to be applied" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1918(td) msgid "destination" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1922(td) msgid "" "The network that a packet's destination IP must match for the rule to be " "applied" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1929(td) msgid "'permit' or 'deny'" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1930(td) msgid "" "Determines whether or not the matched packets will allowed to cross the " "router" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1935(td) msgid "nexthop" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1936(td) msgid "No" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1939(literal) msgid "1.1.1.1+1.1.1.2" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1937(td) msgid "" "A plus-separated (+) list of next-hop IP addresses. For example, " "." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1940(td) msgid "" "Overrides the default virtual router used to handle traffic for packets that" " match the rule" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1949(title) msgid "Order of rule processing" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1950(para) msgid "" "The order of router rules has no effect. Overlapping rules are evaluated " "using longest prefix matching on the source and destination fields. The " "source field is matched first so it always takes higher precedence over the " "destination field. In other words, longest prefix matching is used on the " "destination field only if there are multiple matching rules with the same " "source." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1962(title) msgid "Big Switch router rules operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1963(para) msgid "" "Router rules are configured with a router update operation in OpenStack " "Networking. The update overrides any previous rules so all rules must be " "provided at the same time." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1968(para) msgid "" "Update a router with rules to permit traffic by default but block traffic " "from external networks to the 10.10.10.0/24 subnet:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1971(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1976(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1981(replaceable) msgid "Router-UUID" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1974(para) msgid "Specify alternate next-hop addresses for a specific subnet:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1979(para) msgid "Block traffic between two subnets while allowing everything else:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1989(title) msgid "L3 metering" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1990(para) msgid "" "The L3 metering API extension enables administrators to configure IP ranges " "and assign a specified label to them to be able to measure traffic that goes" " through a virtual router." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml1994(para) msgid "" "The L3 metering extension is decoupled from the technology that implements " "the measurement. Two abstractions have been added: One is the metering label" " that can contain metering rules. Because a metering label is associated " "with a tenant, all virtual routers in this tenant are associated with this " "label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2001(title) msgid "L3 metering API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2003(caption) msgid "Label" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2021(td) msgid "UUID for the metering label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2027(td) msgid "Human-readable name for the metering label. Might not be unique." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2034(td) msgid "The optional description for the metering label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2041(td) msgid "Owner of the metering label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2046(caption) msgid "Rules" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2064(td) msgid "UUID for the metering rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2068(td) msgid "String (Either ingress or egress)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2069(td) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2162(replaceable) msgid "ingress" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2070(td) msgid "" "The direction in which metering rule is applied, either ingress or egress." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2074(td) msgid "metering_label_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2078(para) msgid "The metering label ID to associate with this metering rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2083(td) msgid "excluded" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2086(td) msgid "" "Specify whether the remote_ip_prefix will be excluded or not from traffic " "counters of the metering label (for example, to not count the traffic of a " "specific IP address of a range)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2094(td) msgid "String (CIDR)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2096(td) msgid "Indicates remote IP prefix to be associated with this metering rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2104(title) msgid "Basic L3 metering operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2105(para) msgid "Only administrators can manage the L3 metering labels and rules." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2107(para) msgid "" "This table shows example commands that enable you to " "complete basic L3 metering operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2123(para) msgid "Creates a metering label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2126(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2144(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2153(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2162(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2163(replaceable) msgid "label1" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2126(replaceable) msgid "\"description of label1\"" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2131(para) msgid "Lists metering labels." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2139(para) msgid "Shows information for a specified label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2143(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2152(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2161(replaceable) msgid "label-uuid" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2149(para) msgid "Deletes a metering label." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2158(para) msgid "Creates a metering rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2161(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml207(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml218(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml241(option) msgid "cidr" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2162(replaceable) msgid "10.0.0.0/24" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2163(replaceable) msgid "20.0.0.0/24" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2168(para) msgid "Lists metering all label rules." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2177(para) msgid "Shows information for a specified label rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2181(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2187(replaceable) msgid "rule-uuid" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml2185(td) msgid "Deletes a metering label rule." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml6(title) msgid "Configure Identity Service for Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml8(title) msgid "To configure the Identity Service for use with Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml11(title) msgid "Create the get_id() function" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml12(para) msgid "" "The get_id() function stores the ID of created objects," " and removes the need to copy and paste object IDs in later steps:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml16(para) msgid "Add the following function to your .bashrc file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml23(para) msgid "Source the .bashrc file:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml29(title) msgid "Create the Networking service entry" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml30(para) msgid "" "Networking must be available in the Compute service catalog. Create the " "service:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml34(title) msgid "Create the Networking service endpoint entry" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml36(para) msgid "" "The way that you create a Networking endpoint entry depends on whether you " "are using the SQL or the template catalog driver:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml40(para) msgid "" "If you use the SQL driver, run the following command " "with the specified region ($REGION), IP address of the " "Networking server ($IP), and service ID " "($NEUTRON_SERVICE_ID, obtained in the previous step)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml52(para) msgid "" "If you are using the template driver, specify the " "following parameters in your Compute catalog template file " "(default_catalog.templates), along with the region " "($REGION) and IP address of the Networking server " "($IP)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml70(title) msgid "Create the Networking service user" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml71(para) msgid "" "You must provide admin user credentials that Compute and some internal " "Networking components can use to access the Networking API. Create a special" " service tenant and a neutron user " "within this tenant, and assign an admin role to this " "role." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml77(para) msgid "Create the admin role:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml82(para) msgid "Create the neutron user:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml87(para) msgid "Create the service tenant:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml91(para) msgid "Establish the relationship among the tenant, user, and role:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml98(para) msgid "" "For information about how to create service entries and users, see the " "OpenStack Installation Guide for your distribution " "(docs.openstack.org)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml103(para) msgid "" "If you use Networking, do not run the Compute nova-network service (like you do in traditional Compute " "deployments). Instead, Compute delegates most network-related decisions to " "Networking. Compute proxies tenant-facing API calls to manage security " "groups and floating IPs to Networking APIs. However, operator-facing tools " "such as nova-manage, are not " "proxied and should not be used." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml110(para) msgid "" "When you configure networking, you must use this guide. Do not rely on " "Compute networking documentation or past experience with Compute. If a " " command or configuration option related to networking is " "not mentioned in this guide, the command is probably not supported for use " "with Networking. In particular, you cannot use CLI tools like " " and to manage networks or IP addressing, " "including both fixed and floating IPs, with Networking." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml118(para) msgid "" "Uninstall nova-network and reboot" " any physical nodes that have been running nova-network before using them to run Networking. " "Inadvertently running the nova-" "network process while using Networking can cause problems, as " "can stale iptables rules pushed down by previously running nova-network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml126(para) msgid "" "To ensure that Compute works properly with Networking (rather than the " "legacy nova-network mechanism), " "you must adjust settings in the nova.conf configuration" " file." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml133(title) msgid "Networking API and credential configuration" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml134(para) msgid "" "Each time you provision or de-provision a VM in Compute, nova-* services communicate with Networking " "using the standard API. For this to happen, you must configure the following" " items in the nova.conf file (used by each nova-compute and nova-api instance)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml140(caption) msgid "nova.conf API and credential settings" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml145(th) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml220(td) #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml255(td) msgid "Item" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml151(literal) msgid "network_api_class" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml153(para) msgid "" "Modify from the default to " "nova.network.neutronv2.api.API, to indicate that " "Networking should be used rather than the traditional nova-network networking model." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml161(literal) msgid "neutron_url" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml162(para) msgid "" "Update to the hostname/IP and port of the neutron-server instance for this deployment." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml168(literal) msgid "neutron_auth_strategy" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml169(para) msgid "" "Keep the default keystone value for all production " "deployments." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml173(literal) msgid "neutron_admin_tenant_name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml175(para) msgid "" "Update to the name of the service tenant created in the above section on " "Identity configuration." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml180(literal) msgid "neutron_admin_username" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml182(para) msgid "" "Update to the name of the user created in the above section on Identity " "configuration." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml187(literal) msgid "neutron_admin_password" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml189(para) msgid "" "Update to the password of the user created in the above section on Identity " "configuration." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml194(literal) msgid "neutron_admin_auth_url" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml196(para) msgid "" "Update to the Identity server IP and port. This is the Identity (keystone) " "admin API server IP and port value, and not the Identity service API IP and " "port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml206(title) msgid "Configure security groups" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml207(para) msgid "" "The Networking Service provides security group functionality using a " "mechanism that is more flexible and powerful than the security group " "capabilities built into Compute. Therefore, if you use Networking, you " "should always disable built-in security groups and proxy all security group " "calls to the Networking API . If you do not, security policies will conflict" " by being simultaneously applied by both services." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml212(para) msgid "" "To proxy security groups to Networking, use the following configuration " "values in nova.conf:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml215(caption) msgid "nova.conf security group settings" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml226(literal) msgid "firewall_driver" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml227(para) msgid "" "Update to nova.virt.firewall.NoopFirewallDriver, so that " "nova-compute does not perform " "iptables-based filtering itself." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml234(literal) msgid "security_group_api" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml235(para) msgid "" "Update to neutron, so that all security group requests " "are proxied to the Network Service." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml242(title) msgid "Configure metadata" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml243(para) msgid "" "The Compute service allows VMs to query metadata associated with a VM by " "making a web request to a special 169.254.169.254 address. Networking " "supports proxying those requests to nova-" "api, even when the requests are made from isolated networks, or" " from multiple networks that use overlapping IP addresses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml247(para) msgid "" "To enable proxying the requests, you must update the following fields in " "nova.conf." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml250(caption) msgid "nova.conf metadata settings" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml261(literal) msgid "service_neutron_metadata_proxy" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml263(para) msgid "" "Update to true, otherwise nova-api will not properly respond to requests from the " "neutron-metadata-agent." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml270(literal) msgid "neutron_metadata_proxy_shared_secret" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml272(para) msgid "" "Update to a string \"password\" value. You must also configure the same " "value in the metadata_agent.ini file, to authenticate " "requests made for metadata." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml276(para) msgid "" "The default value of an empty string in both files will allow metadata to " "function, but will not be secure if any non-trusted entities have access to " "the metadata APIs exposed by nova-" "api." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml285(para) msgid "" "As a precaution, even when using " "neutron_metadata_proxy_shared_secret, it is recommended " "that you do not expose metadata using the same nova-api instances that are used for tenants. Instead, you " "should run a dedicated set of nova-" "api instances for metadata that are available only on your " "management network. Whether a given nova-" "api instance exposes metadata APIs is determined by the value " "of enabled_apis in its nova.conf." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml300(title) msgid "" "Example nova.conf (for nova-" "compute and nova-" "api)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml303(para) msgid "" "Example values for the above settings, assuming a cloud controller node " "running Compute and Networking with an IP address of 192.168.1.2:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml5(title) msgid "Use Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml6(para) msgid "" "You can manage OpenStack Networking services using the " "service command. For example:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml13(para) msgid "" "Log files are in the /var/log/neutron directory." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml16(para) msgid "" "Configuration files are in the /etc/neutron " "directory." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml19(para) msgid "You can use Networking in the following ways:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml22(para) msgid "" "Expose the Networking API to cloud tenants, enabling them to build rich " "network topologies." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml26(para) msgid "" "Have the cloud administrator, or an automated administrative tool, create " "network connectivity on behalf of tenants." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml31(para) msgid "" "A tenant or cloud administrator can both perform the following procedures." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml34(title) msgid "Core Networking API features" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml35(para) msgid "" "After you install and run Networking, tenants and administrators can perform" " create-read-update-delete (CRUD) API networking operations by using the " "Networking API directly or the neutron command-line interface (CLI). The " "neutron CLI is a wrapper around the Networking API. Every Networking API " "call has a corresponding neutron command." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml42(para) msgid "" "The CLI includes a number of options. For details, refer to the OpenStack " "End User Guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml48(title) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml56(caption) msgid "API abstractions" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml49(para) msgid "" "The Networking v2.0 API provides control over both L2 network topologies and" " their allocated IP addresses (IP Address Management or IPAM). There is also" " an extension to cover basic L3 forwarding and NAT, which provides " "capabilities similar to ." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml61(th) msgid "Abstraction" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml69(td) msgid "" "An isolated L2 network segment (similar to a VLAN) that forms the basis for " "describing the L2 network topology available in an Networking deployment." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml78(td) msgid "" "Associates a block of IP addresses and other network configuration, such as " "default gateways or dns-servers, with an Networking network. Each subnet " "represents an IPv4 or IPv6 address block, and each Networking network can " "have multiple subnets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml90(td) msgid "" "Represents an attachment port to a L2 Networking network. When a port is " "created on the network, by default it is allocated an available fixed IP " "address out of one of the designated subnets for each IP version (if one " "exists). When the port is destroyed, its allocated addresses return to the " "pool of available IPs on the subnet. Users of the Networking API can either " "choose a specific IP address from the block, or let Networking choose the " "first available IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml109(para) msgid "" "This table summarizes the attributes available for each networking " "abstraction. For information about API abstraction and operations, see the " "Networking API v2.0 Reference." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml116(caption) msgid "Network attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml123(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml196(th) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml300(th) msgid "Attribute" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml132(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml154(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml233(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml309(td) msgid "bool" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml134(td) msgid "" "Administrative state of the network. If specified as False (down), this " "network does not forward packets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml142(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml257(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml342(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml348(td) msgid "Generated" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml143(td) msgid "UUID for this network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml147(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml164(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml219(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml240(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml268(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml317(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml325(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml347(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml353(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml367(td) msgid "string" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml149(td) msgid "Human-readable name for this network; is not required to be unique." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml156(td) msgid "" "Specifies whether this network resource can be accessed by any tenant. The " "default policy setting restricts usage of this attribute to administrative " "users only." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml166(td) msgid "Indicates whether this network is currently operational." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml170(option) msgid "subnets" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml171(td) msgid "list(uuid-str)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml172(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml227(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml249(td) msgid "Empty list" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml173(td) msgid "List of subnets associated with this network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml180(td) msgid "" "Tenant owner of the network. Only administrative users can set the tenant " "identifier; this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml189(caption) msgid "Subnet attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml204(option) msgid "allocation_pools" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml205(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml248(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml332(td) msgid "list(dict)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml208(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml239(option) msgid "gateway_ip" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml206(td) msgid "" "Every address in , excluding (if " "configured)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml210(para) msgid "" "List of cidr sub-ranges that are available for dynamic allocation to ports. " "Syntax:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml221(td) msgid "IP range for this subnet, based on the IP version." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml225(option) msgid "dns_nameservers" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml226(td) msgid "list(string)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml228(td) msgid "List of DNS name servers used by hosts in this subnet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml232(option) msgid "enable_dhcp" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml235(td) msgid "Specifies whether DHCP is enabled for this subnet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml241(td) msgid "First address in " msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml243(td) msgid "Default gateway used by devices in this subnet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml247(option) msgid "host_routes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml250(td) msgid "" "Routes that should be used by devices with IPs from this subnet (not " "including local subnet route)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml256(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml275(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml282(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml341(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml360(td) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml374(td) msgid "uuid-string" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml258(td) msgid "UUID representing this subnet." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml262(td) msgid "int" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml264(td) msgid "IP version." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml270(td) msgid "Human-readable name for this subnet (might not be unique)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml274(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml359(option) msgid "network_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml277(td) msgid "Network with which this subnet is associated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml284(td) msgid "" "Owner of network. Only administrative users can set the tenant identifier; " "this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml293(caption) msgid "Port attributes" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml310(td) msgid "true" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml311(td) msgid "" "Administrative state of this port. If specified as False (down), this port " "does not forward packets." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml316(option) msgid "device_id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml319(td) msgid "" "Identifies the device using this port (for example, a virtual server's ID)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml324(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml424(option) msgid "device_owner" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml327(td) msgid "Identifies the entity using this port (for example, a dhcp agent)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml331(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml423(option) msgid "fixed_ips" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml333(td) msgid "Automatically allocated from pool" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml334(td) msgid "" "Specifies IP addresses for this port; associates the port with the subnets " "containing the listed IP addresses." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml343(td) msgid "UUID for this port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml346(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml568(option) msgid "mac_address" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml349(td) msgid "Mac address to use on this port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml355(td) msgid "Human-readable name for this port (might not be unique)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml362(td) msgid "Network with which this port is associated." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml369(td) msgid "Indicates whether the network is currently operational." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml376(td) msgid "" "Owner of the network. Only administrative users can set the tenant " "identifier; this cannot be changed using authorization policies." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml386(title) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml396(caption) msgid "Basic Networking operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml387(para) msgid "" "To learn about advanced capabilities available through the neutron command-" "line interface (CLI), read the networking section in the OpenStack " "End User Guide." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml392(para) msgid "" "This table shows example neutron commands that enable you to complete basic " "network operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml407(td) msgid "Creates a network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml411(td) msgid "Creates a subnet that is associated with net1." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml416(td) msgid "Lists ports for a specified tenant." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml421(td) msgid "" "Lists ports for a specified tenant and displays the , " ", and columns." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml430(td) msgid "Shows information for a specified port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml432(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml574(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml627(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml631(replaceable) msgid "port-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml437(para) msgid "" "The field describes who owns the port. A port " "whose begins with:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml443(para) msgid "network is created by Networking." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml447(para) msgid "compute is created by Compute." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml454(title) msgid "Administrative operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml455(para) msgid "" "The cloud administrator can run any command on behalf of " "tenants by specifying an Identity in the command," " as follows:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml460(replaceable) msgid "tenant-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml460(replaceable) msgid "network-name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml464(para) msgid "" "To view all tenant IDs in Identity, run the following command as an Identity" " Service admin user:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml472(title) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml477(caption) msgid "Advanced Networking operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml473(para) msgid "" "This table shows example Networking commands that enable you to complete " "advanced network operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml488(td) msgid "Creates a network that all tenants can use." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml493(td) msgid "Creates a subnet with a specified gateway IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml498(td) msgid "Creates a subnet that has no gateway IP address." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml503(td) msgid "Creates a subnet with DHCP disabled." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml508(td) msgid "Creates a subnet with a specified set of host routes." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml513(td) msgid "Creates a subnet with a specified set of dns name servers." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml518(td) msgid "Displays all ports and IPs allocated on a network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml520(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml553(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml629(option) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml630(replaceable) msgid "net-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml528(title) msgid "Use Compute with Networking" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml530(title) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml535(caption) msgid "Basic Compute and Networking operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml531(para) msgid "" "This table shows example neutron and nova commands that enable you to " "complete basic VM networking operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml541(th) msgid "Action" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml547(td) msgid "Checks available networks." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml551(td) msgid "Boots a VM with a single NIC on a selected Networking network." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml553(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml621(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml631(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml640(replaceable) msgid "img" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml553(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml621(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml631(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml640(replaceable) msgid "flavor" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml553(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml621(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml631(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml640(replaceable) msgid "vm-name" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml557(para) msgid "" "Searches for ports with a that matches the " "Compute instance UUID. See ." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml564(replaceable) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml569(replaceable) msgid "vm-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml567(td) msgid "Searches for ports, but shows only the of the port." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml572(td) msgid "Temporarily disables a port from sending traffic." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml579(para) msgid "The can also be a logical router ID." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml583(title) msgid "Create and delete VMs" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml586(para) msgid "" "When you boot a Compute VM, a port on the network that corresponds to the VM" " NIC is automatically created and associated with the default security " "group. You can configure security " "group rules to enable users to access the VM." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml596(para) msgid "" "When you delete a Compute VM, the underlying Networking port is " "automatically deleted." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml604(title) #: ./doc/admin-guide-cloud/networking/section_networking-use.xml609(caption) msgid "Advanced VM creation operations" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml605(para) msgid "" "This table shows example nova and neutron commands that enable you to " "complete advanced VM creation operations:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml620(td) msgid "Boots a VM with multiple NICs." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml621(replaceable) msgid "net1-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml621(replaceable) msgid "net2-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml624(td) msgid "" "Boots a VM with a specific IP address. First, create an Networking port with" " a specific IP address. Then, boot a VM specifying a rather" " than a ." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml630(replaceable) msgid "subnet-id" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml630(replaceable) msgid "IP" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml638(parameter) msgid "--nic" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml635(td) msgid "" "Boots a VM that connects to all networks that are accessible to the tenant " "who submits the request (without the option)." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml646(para) msgid "" "Networking does not currently support the v4-fixed-ip" " parameter of the --nic option for the " " command." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml653(title) msgid "Enable ping and SSH on VMs (security groups)" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml655(para) msgid "" "You must configure security group rules depending on the type of plug-in you" " are using. If you are using a plug-in that:" msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml660(para) msgid "" "Implements Networking security groups, you can configure security group " "rules directly by using . This example enables " " and access to your VMs." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml674(para) msgid "" "Does not implement Networking security groups, you can configure security " "group rules by using the or command. These" " commands enable and " "access to your VMs." msgstr "" #: ./doc/admin-guide-cloud/networking/section_networking-use.xml688(para) msgid "" "If your plug-in implements Networking security groups, you can also leverage" " Compute security groups by setting security_group_api = " "neutron in the nova.conf file. After you set " "this option, all Compute security group commands are proxied to Networking." msgstr "" #: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml6(title) msgid "Image property protection" msgstr "" #: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml7(para) msgid "" "There are currently two types of properties in the Image Service: \"core " "properties,\" which are defined by the system, and \"additional " "properties,\" which are arbitrary key/value pairs that can be set on an " "image." msgstr "" #: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml11(para) msgid "" "With the Havana release, any such property can be protected through " "configuration. When you put protections on a property, it limits the users " "who can perform CRUD operations on the property based on their user role. " "The use case is to enable the cloud provider to maintain extra properties on" " images. Typically this would be performed by an administrator who has " "access to protected properties, managed in the " "policy.json file. The extra property could be licensing" " information or billing information, for example." msgstr "" #: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml20(para) msgid "" "Properties that don't have protections defined for them will act as they do " "now: the administrator can control core properties, with the image owner " "having control over additional properties." msgstr "" #: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml23(para) msgid "" "Property protection can be set in /etc/glance/property-" "protections.conf, using roles found in " "policy.json." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml6(title) msgid "Configure Identity service for token binding" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml7(para) msgid "" "Token binding embeds information from an external authentication mechanism, " "such as a Kerberos server, inside a token. By using token binding, a client " "can enforce the use of a specified external authentication mechanism with " "the token. This additional security mechanism ensures that if a token is " "stolen, for example, it is not usable without external authentication." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml14(para) msgid "" "You configure the authentication types for a token binding in the " "keystone.conf file:" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml18(para) msgid "Currently only kerberos is supported." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml20(para) msgid "" "To enforce checking of token binding, set the " " option to one of these modes:" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml25(literal) msgid "disabled" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml26(para) msgid "Disables token bind checking." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml29(literal) msgid "permissive" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml30(para) msgid "" "Enables bind checking. If a token is bound to an unknown authentication " "mechanism, the server ignores it. The default is this mode." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml35(literal) msgid "strict" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml36(para) msgid "" "Enables bind checking. If a token is bound to an unknown authentication " "mechanism, the server rejects it." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml40(literal) msgid "required" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml41(para) msgid "" "Enables bind checking. Requires use of at least authentication mechanism for" " tokens." msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml45(literal) msgid "named" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml46(para) msgid "" "Enables bind checking. Requires use of the specified authentication " "mechanism for tokens:" msgstr "" #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml53(para) msgid "" "Do not set enforce_token_bind = named. The " "named authentication mechanism does not exist." msgstr "" #. Put one translator per line, in the form of NAME , YEAR1, YEAR2 #: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml0(None) msgid "translator-credits" msgstr ""