stackforge-attic/murano-docs
Code Issues Proposed changes

Merge "Added article about Quantum support" into release-0.3

Browse Source
This commit is contained in:
Jenkins
2013-11-18 09:10:19 +00:00
committed by Gerrit Code Review
parent 9ff59d4974 595e3cc6b8
commit cd266c97ad
3 changed files with 141 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/administrators-guide/src/docbkx/administrators-guide.xml
View File

@@ -33,6 +33,7 @@
</info>
<xi:include href="./content/general.xml" xlink:title="General Deployment Steps"/>
<xi:include href="./content/installation-guide.xml" xlink:title="Install Murano"/>
<xi:include href="./content/quantum-guide.xml" xlink:title="Use Quantum"/>
<xi:include href="./content/image-bulder.xml" xlink:title="Image Builder"/>
<xi:include href="./content/troubleshooting.xml" xlink:title="Troubleshooting"/>
<xi:include href="./content/appendix.xml" xlink:title="Appendix"/>

93
src/administrators-guide/src/docbkx/content/general.xml
View File

@@ -462,74 +462,42 @@ update-rc.d rabbitmq-server-murano defaults
</screen>
</listitem>
</itemizedlist>
<warning>
Don't forget about firewall rules for new RabbitMQ service!
</warning>
<warning><para>Don't forget about firewall rules for new RabbitMQ service!</para></warning>
</section>
<section>
<title>Configure Quantum</title>
<section>
<title>Allow subnet ip-range overlapping</title>
<para>
When deploying environments, Murano will create dedicated network for each of them, and every such network will have a subnet created.
All these subnets will have identical ip-ranges. Theoretically this is perfectly fine, as these subnets belong to different isolated Networks
(L2 segments) and are connected to different routers.
</para>
<para>
However, by default Quantum does not allow overlapping IPs for different subnets - even in different Networks.
To override this restriction, change <filename>/etc/quantum/quantum.conf</filename>: uncomment <filename>allow_overlapping_ips</filename> parameter
and change its value to <filename>True</filename>:
</para>
<screen>
[DEFAULT]
...
# Enable or disable overlapping IPs for subnets
# Attention: the following parameter MUST be set to False if Neutron is
# being used in conjunction with nova security groups
allow_overlapping_ips = True
</screen>
<para>
Then, restart all quantum services:
</para>
<screen>
cd /etc/init.d/
for q in quantum-*; do restart $q; done
</screen>
</section>
<section>
<title>Specify SecurityGroups quotas</title>
<para>
Default quotas driver used by quantum is - <filename>quantum.quota.ConfDriver</filename>, all limits set in <filename>/etc/quantum/
quantum.conf</filename> - non flexible. To extend functionality and flexibility, default quota driver should be
changed to - <filename>quantum.db.quota_db.DbQuotaDrive</filename>.
</para>
<itemizedlist>
<listitem>
<para>
Change <filename>/etc/quantum/quantum.conf</filename> with next values:
</para>
<screen>
<title>Specify SecurityGroups quotas</title>
<para>
Default quotas driver used by quantum is - <filename>quantum.quota.ConfDriver</filename>, all limits set in <filename>/etc/quantum/
quantum.conf</filename> - non flexible. To extend functionality and flexibility, default quota driver should be
changed to - <filename>quantum.db.quota_db.DbQuotaDrive</filename>.
</para>
<itemizedlist>
<listitem>
<para>
Change <filename>/etc/quantum/quantum.conf</filename> with next values:
</para>
<screen>
[QUOTAS]
...
#quota_driver = quantum.quota.ConfDriver
quota_driver = quantum.db.quota_db.DbQuotaDriver
...
</screen>
</listitem>
<listitem>
<para>
Restart all quantum services:
</para>
<screen>
</screen>
</listitem>
<listitem>
<para>
Restart all quantum services:
</para>
<screen>
cd /etc/init.d/
for q in quantum-*; do restart $q; done
</screen>
</listitem>
<listitem>
<para>
Update required quota with quantum CLI:
</para>
<screen>
</screen>
</listitem>
<listitem>
<para>
Update required quota with quantum CLI:
</para>
<screen>
quantum quota-update --security_group 100 --tenant-id &lt;tenant_id&gt;
+---------------------+-------+
| Field | Value |
@@ -542,10 +510,9 @@ quantum quota-update --security_group 100 --tenant-id &lt;tenant_id&gt;
| security_group_rule | 100 |
| subnet | 10 |
+---------------------+-------+
</screen>
</listitem>
</itemizedlist>
</section>
</screen>
</listitem>
</itemizedlist>
</section>
<section>
<title>Reconfigure rate-limits for Nova</title>

110
src/administrators-guide/src/docbkx/content/quantum-guide.xml Normal file
View File

@@ -0,0 +1,110 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 2013 Mirantis, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xlink="http://www.w3.org/1999/xlink"
xsi:schemaLocation="http://docbook.org/ns/docbook http://www.docbook.org/xml/5.0/xsd/docbook.xsd
http://www.w3.org/1999/xlink http://www.w3.org/1999/xlink.xsd"
version="5.0">
<title>Quantum Usage</title>
<section>
<title>Overview</title>
<para>Murano does support both Nova Network and Quantum, and support advanced network management in case of
Quantum. Advanced network management essentially means explicit (from Murano point of view) network
management per environment. Murano creates private network and attache it to the first found external
network for each environment. This functionality is based on Quantum deployed as
<link xlink:href="http://docs.openstack.org/network-admin/admin/content/use_cases_mixed.html">Per-tenant
Routers with Private Networks</link> and not going to work when Quantum is deployed as
<link xlink:href="http://docs.openstack.org/network-admin/admin/content/use_cases_mixed.html">Mixed Flat and
Private Network</link>.
</para>
<para><emphasis>Mixed Flat and Private Network</emphasis> supported in Nova Network and it is default configuration for
Murano v0.3.
</para>
<para>With advanced networking schemes like <emphasis>Per-tenant Routers with Private Networks</emphasis> additional configuration and patches for OpenStack components
are required. Different set of templates for Heat stacks is used in Murano Conductor.</para>
</section>
<section>
<title>Patching Murano</title>
<para>To enable support for advanced network management in Murano we need to replace default templates for
Heat stacks used in Murano Conductor. All necessary templates available in our git repository:</para>
<screen>
git clone http://github.com/stackforge/murano-deployment
git checkout 0.3
</screen>
<para>Templates for Heat stacks are located in <emphasis>data</emphasis> directory. Please, overwrite them with
content of <emphasis>quantum_support/conductor/data/templates/cf</emphasis> directory checked out above.</para>
<screen>
cp -r quantum_support/conductor/data/* /etc/murano/data/
</screen>
</section>
<section>
<title>Patching OpenStack</title>
<para>OpenStack Grizzly missing a few features that already implemented in the latest Havana release, or merged
to Icehouse. We ported that features to OpenStack Grizzly and they available as set of .patch files. In order to
use advanced network management we need to apply that patches ether to sources or to already installed packages.
</para>
<para>All necessary patches are available in our git repository:</para>
<screen>
git clone http://github.com/stackforge/murano-deployment
git checkout 0.3
cd quantum_support/patches
</screen>
</section>
<section>
<title>Configuring Quantum</title>
<section>
<title>Allow subnet ip-range overlapping</title>
<para>
When deploying environments, Murano will create dedicated network for each of them, and every such network will have a subnet created.
All these subnets will have identical ip-ranges. Theoretically this is perfectly fine, as these subnets belong to different isolated Networks
(L2 segments) and are connected to different routers.
</para>
<para>
However, by default Quantum does not allow overlapping IPs for different subnets - even in different Networks.
To override this restriction, change <filename>/etc/quantum/quantum.conf</filename>: uncomment <filename>allow_overlapping_ips</filename> parameter
and change its value to <filename>True</filename>:
</para>
<programlisting>
[DEFAULT]
...
# Enable or disable overlapping IPs for subnets
# Attention: the following parameter MUST be set to False if Neutron is
# being used in conjunction with nova security groups
allow_overlapping_ips = True
</programlisting>
<para>
Then, restart all quantum services:
</para>
<screen>
cd /etc/init.d/
for q in quantum-*; do restart $q; done
</screen>
</section>
</section>
<section>
<title>Known Issues</title>
<para>Internet Information Services Web Farm &amp; ASP.NET Application Web Farm services does not work when
Murano configured to support <emphasis>Per-tenant Routers with Private Networks</emphasis>. This services are
based on Heat, particularly on resource called AWS::ElasticLoadBalancing::LoadBalancer, that currently does
not support specification of any network related parameters. Without support for network configuration
specification LoadBalancer does not work on OpenStack deployments with Quantum deployed as
<emphasis>Per-tenant Routers with Private Networks</emphasis>.</para>
</section>
</chapter>