From 595e3cc6b84c660eae97e31d62fba0b4e96788b0 Mon Sep 17 00:00:00 2001 From: Serg Melikyan Date: Mon, 18 Nov 2013 12:28:31 +0400 Subject: [PATCH] Added article about Quantum support Change-Id: Ic4e9981a788467be9b6f86271b1784e60748c1dc --- .../src/docbkx/administrators-guide.xml | 1 + .../src/docbkx/content/general.xml | 93 +++++---------- .../src/docbkx/content/quantum-guide.xml | 110 ++++++++++++++++++ 3 files changed, 141 insertions(+), 63 deletions(-) create mode 100644 src/administrators-guide/src/docbkx/content/quantum-guide.xml diff --git a/src/administrators-guide/src/docbkx/administrators-guide.xml b/src/administrators-guide/src/docbkx/administrators-guide.xml index e4c1fb7..8d00bda 100644 --- a/src/administrators-guide/src/docbkx/administrators-guide.xml +++ b/src/administrators-guide/src/docbkx/administrators-guide.xml @@ -33,6 +33,7 @@ + diff --git a/src/administrators-guide/src/docbkx/content/general.xml b/src/administrators-guide/src/docbkx/content/general.xml index ed80adb..e548809 100644 --- a/src/administrators-guide/src/docbkx/content/general.xml +++ b/src/administrators-guide/src/docbkx/content/general.xml @@ -462,74 +462,42 @@ update-rc.d rabbitmq-server-murano defaults - - Don't forget about firewall rules for new RabbitMQ service! - + Don't forget about firewall rules for new RabbitMQ service!
- Configure Quantum -
- Allow subnet ip-range overlapping - - When deploying environments, Murano will create dedicated network for each of them, and every such network will have a subnet created. - All these subnets will have identical ip-ranges. Theoretically this is perfectly fine, as these subnets belong to different isolated Networks - (L2 segments) and are connected to different routers. - - - However, by default Quantum does not allow overlapping IPs for different subnets - even in different Networks. - To override this restriction, change /etc/quantum/quantum.conf: uncomment allow_overlapping_ips parameter - and change its value to True: - - -[DEFAULT] -... -# Enable or disable overlapping IPs for subnets -# Attention: the following parameter MUST be set to False if Neutron is -# being used in conjunction with nova security groups -allow_overlapping_ips = True - - - Then, restart all quantum services: - - -cd /etc/init.d/ -for q in quantum-*; do restart $q; done - -
-
- Specify SecurityGroups quotas - - Default quotas driver used by quantum is - quantum.quota.ConfDriver, all limits set in /etc/quantum/ - quantum.conf - non flexible. To extend functionality and flexibility, default quota driver should be - changed to - quantum.db.quota_db.DbQuotaDrive. - - - - - Change /etc/quantum/quantum.conf with next values: - - + Specify SecurityGroups quotas + + Default quotas driver used by quantum is - quantum.quota.ConfDriver, all limits set in /etc/quantum/ + quantum.conf - non flexible. To extend functionality and flexibility, default quota driver should be + changed to - quantum.db.quota_db.DbQuotaDrive. + + + + + Change /etc/quantum/quantum.conf with next values: + + [QUOTAS] ... #quota_driver = quantum.quota.ConfDriver quota_driver = quantum.db.quota_db.DbQuotaDriver ... - - - - - Restart all quantum services: - - + + + + + Restart all quantum services: + + cd /etc/init.d/ for q in quantum-*; do restart $q; done - - - - - Update required quota with quantum CLI: - - + + + + + Update required quota with quantum CLI: + + quantum quota-update --security_group 100 --tenant-id <tenant_id> +---------------------+-------+ | Field | Value | @@ -542,10 +510,9 @@ quantum quota-update --security_group 100 --tenant-id <tenant_id> | security_group_rule | 100 | | subnet | 10 | +---------------------+-------+ - - - -
+ + +
Reconfigure rate-limits for Nova diff --git a/src/administrators-guide/src/docbkx/content/quantum-guide.xml b/src/administrators-guide/src/docbkx/content/quantum-guide.xml new file mode 100644 index 0000000..f61d522 --- /dev/null +++ b/src/administrators-guide/src/docbkx/content/quantum-guide.xml @@ -0,0 +1,110 @@ + + + + + Quantum Usage +
+ Overview + Murano does support both Nova Network and Quantum, and support advanced network management in case of + Quantum. Advanced network management essentially means explicit (from Murano point of view) network + management per environment. Murano creates private network and attache it to the first found external + network for each environment. This functionality is based on Quantum deployed as + Per-tenant + Routers with Private Networks and not going to work when Quantum is deployed as + Mixed Flat and + Private Network. + + Mixed Flat and Private Network supported in Nova Network and it is default configuration for + Murano v0.3. + + With advanced networking schemes like Per-tenant Routers with Private Networks additional configuration and patches for OpenStack components + are required. Different set of templates for Heat stacks is used in Murano Conductor. +
+
+ Patching Murano + To enable support for advanced network management in Murano we need to replace default templates for + Heat stacks used in Murano Conductor. All necessary templates available in our git repository: + +git clone http://github.com/stackforge/murano-deployment +git checkout 0.3 + + Templates for Heat stacks are located in data directory. Please, overwrite them with + content of quantum_support/conductor/data/templates/cf directory checked out above. + +cp -r quantum_support/conductor/data/* /etc/murano/data/ + +
+
+ Patching OpenStack + OpenStack Grizzly missing a few features that already implemented in the latest Havana release, or merged + to Icehouse. We ported that features to OpenStack Grizzly and they available as set of .patch files. In order to + use advanced network management we need to apply that patches ether to sources or to already installed packages. + + All necessary patches are available in our git repository: + +git clone http://github.com/stackforge/murano-deployment +git checkout 0.3 +cd quantum_support/patches + +
+
+ Configuring Quantum +
+ Allow subnet ip-range overlapping + + When deploying environments, Murano will create dedicated network for each of them, and every such network will have a subnet created. + All these subnets will have identical ip-ranges. Theoretically this is perfectly fine, as these subnets belong to different isolated Networks + (L2 segments) and are connected to different routers. + + + However, by default Quantum does not allow overlapping IPs for different subnets - even in different Networks. + To override this restriction, change /etc/quantum/quantum.conf: uncomment allow_overlapping_ips parameter + and change its value to True: + + +[DEFAULT] +... +# Enable or disable overlapping IPs for subnets +# Attention: the following parameter MUST be set to False if Neutron is +# being used in conjunction with nova security groups +allow_overlapping_ips = True + + + Then, restart all quantum services: + + +cd /etc/init.d/ +for q in quantum-*; do restart $q; done + +
+
+
+ Known Issues + Internet Information Services Web Farm & ASP.NET Application Web Farm services does not work when + Murano configured to support Per-tenant Routers with Private Networks. This services are + based on Heat, particularly on resource called AWS::ElasticLoadBalancing::LoadBalancer, that currently does + not support specification of any network related parameters. Without support for network configuration + specification LoadBalancer does not work on OpenStack deployments with Quantum deployed as + Per-tenant Routers with Private Networks. +
+