Skip to content

Commit

Permalink
Release candidate updates for Networking chapter
Browse files Browse the repository at this point in the history 
As part of the installation guide improvement project, I performed
the following operations on the Networking chapter:

1) Moved Neutron ML2 sections before OVS sections and updated
   associated notes to steer users toward ML2.
2) Removed database population steps because Neutron populates the
   database at first run.
3) Moved 'enable_security_group' key to [securitygroup] section.
4) Removed extraneous colons from procedure titles.
5) Added command output to Neutron initial networks section.
6) Added command output to Nova initial networks section.

Change-Id: Ie677d199d2c64ef2a564eaa551295e1a321db02c
Partial-Bug: #1291071
Implements: blueprint networking-install-guide-improvements
  • Loading branch information
@ionosphere80
ionosphere80 committed Apr 11, 2014
1 parent b419664 commit 17fc8c8
Show file tree
Hide file tree
Showing 10 changed files with 164 additions and 95 deletions.
32 changes: 17 additions & 15 deletions doc/install-guide/ch_networking.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
</warning>
<para>Configuring networking in OpenStack can be a bewildering
experience. This guide provides step-by-step instructions for both
OpenStack Networking (neutron) and the legacy (nova) networking
OpenStack Networking (neutron) and the legacy networking (nova-network)
service. If you are unsure which to use, we recommend trying
OpenStack Networking because it offers a considerable number of
features and flexibility including <glossterm baseform="plug-in"
Expand All @@ -32,26 +32,28 @@
<section xml:id="section_neutron-networking">
<title>Networking (neutron)</title>
<xi:include href="section_neutron-concepts.xml"/>
<section xml:id="section_neutron-networking-ovs">
<title>Open vSwitch (OVS) plug-in</title>
<note>
<para>We recommend using the Open vSwitch (OVS) plug-in until we
complete documentation for the Modular Layer 2 (ML2) plug-in.</para>
</note>
<xi:include href="section_neutron-controller-node.xml"/>
<xi:include href="section_neutron-network-node.xml"/>
<xi:include href="section_neutron-compute-node.xml"/>
</section>
<section xml:id="section_neutron-networking-ml2">
<title>Modular Layer 2 (ML2) plug-in</title>
<warning>
<para>We are adding this documentation for Icehouse. Until complete,
we recommend using the Open vSwitch (OVS) plug-in.</para>
</warning>
<note>
<para>We primarily tested the Modular Layer 2 (ML2) plug-in on
Icehouse and suggest that you implement it instead of the
traditional Open vSwitch (OVS) plug-in.</para>
</note>
<xi:include href="section_neutron-ml2-controller-node.xml"/>
<xi:include href="section_neutron-ml2-network-node.xml"/>
<xi:include href="section_neutron-ml2-compute-node.xml"/>
</section>
<section xml:id="section_neutron-networking-ovs">
<title>Open vSwitch (OVS) plug-in</title>
<warning>
<para>We suggest that you implement the Modular Layer 2 (ML2) plug-in
on Icehouse until we completely test the traditional Open vSwitch
(OVS) plug-in.</para>
</warning>
<xi:include href="section_neutron-ovs-controller-node.xml"/>
<xi:include href="section_neutron-ovs-network-node.xml"/>
<xi:include href="section_neutron-ovs-compute-node.xml"/>
</section>
<xi:include href="section_neutron-initial-networks.xml"/>
</section>
<section xml:id="section_nova-networking">
Expand Down
103 changes: 90 additions & 13 deletions doc/install-guide/section_neutron-initial-networks.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,30 @@
<para>Perform these commands on the controller node.</para>
</note>
<procedure>
<title>To create the external network:</title>
<title>To create the external network</title>
<step>
<para>Source the <literal>admin</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source admin-openrc.sh</userinput></screen>
</step>
<step>
<para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --shared --router:external=True</userinput></screen>
<screen><prompt>$</prompt> <userinput>neutron net-create ext-net --shared --router:external=True</userinput>
<computeroutput>Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 893aebb9-1c1e-48be-8908-6b947f3237b3 |
| name | ext-net |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 1 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | 54cd044c64d5408b83f843d63624e0d8 |
+---------------------------+--------------------------------------+</computeroutput></screen>
</step>
</procedure>
<para>Like a physical network, a virtual network requires a
Expand All @@ -70,7 +86,7 @@
instances do not connect directly to the external network and floating
IP addresses require manual assignment.</para>
<procedure>
<title>To create a subnet on the external network:</title>
<title>To create a subnet on the external network</title>
<step>
<para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
Expand All @@ -81,7 +97,25 @@
<literal>203.0.113.200</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=203.0.113.101,end=203.0.113.200 \
--disable-dhcp --gateway 203.0.113.1 203.0.113.0/24</userinput></screen>
--disable-dhcp --gateway 203.0.113.1 203.0.113.0/24</userinput>
<computeroutput>Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "203.0.113.101", "end": "203.0.113.200"} |
| cidr | 203.0.113.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 203.0.113.1 |
| host_routes | |
| id | 9159f0dc-2b63-41cf-bd7a-289309da1391 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | ext-subnet |
| network_id | 893aebb9-1c1e-48be-8908-6b947f3237b3 |
| tenant_id | 54cd044c64d5408b83f843d63624e0d8 |
+-------------------+------------------------------------------------------+</computeroutput></screen>
</step>
</procedure>
</section>
Expand All @@ -95,14 +129,26 @@
<para>Perform these commands on the controller node.</para>
</note>
<procedure>
<title>To create the tenant network:</title>
<title>To create the tenant network</title>
<step>
<para>Source the <literal>demo</literal> tenant credentials:</para>
<screen><prompt>$</prompt> <userinput>source demo-openrc.sh</userinput></screen>
</step>
<step>
<para>Create the network:</para>
<screen><prompt>$</prompt> <userinput>neutron net-create demo-net</userinput></screen>
<screen><prompt>$</prompt> <userinput>neutron net-create demo-net</userinput>
<computeroutput>Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | ac108952-6096-4243-adf4-bb6615b3de28 |
| name | demo-net |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+----------------+--------------------------------------+</computeroutput></screen>
</step>
</procedure>
<para>Like the external network, your tenant network also requires
Expand All @@ -115,14 +161,32 @@
default, this subnet will use DHCP so your instances can obtain IP
addresses.</para>
<procedure>
<title>To create a subnet on the tenant network:</title>
<title>To create a subnet on the tenant network</title>
<step>
<para>Create the subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway <replaceable>TENANT_NETWORK_GATEWAY</replaceable> <replaceable>TENANT_NETWORK_CIDR</replaceable></userinput></screen>
<para>Example using <literal>192.168.1.0/24</literal>:</para>
<screen><prompt>$</prompt> <userinput>neutron subnet-create demo-net --name demo-subnet \
--gateway 192.168.1.1 192.168.1.0/24</userinput></screen>
--gateway 192.168.1.1 192.168.1.0/24</userinput>
<computeroutput>Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.1.2", "end": "192.168.1.254"} |
| cidr | 192.168.1.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.1.1 |
| host_routes | |
| id | 69d38773-794a-4e49-b887-6de6734e792d |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | demo-subnet |
| network_id | ac108952-6096-4243-adf4-bb6615b3de28 |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+-------------------+------------------------------------------------------+</computeroutput></screen>
</step>
</procedure>
<para>A virtual router passes network traffic between two or more virtual
Expand All @@ -132,20 +196,33 @@
a router and attach your tenant and external networks to it.</para>
<procedure>
<title>To create a router on the tenant network and attach the external
and tenant networks to it:</title>
and tenant networks to it</title>
<step>
<para>Create the router:</para>
<screen><prompt>$</prompt> <userinput>neutron router-create demo-router</userinput></screen>
<screen><prompt>$</prompt> <userinput>neutron router-create demo-router</userinput>
<computeroutput>Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 635660ae-a254-4feb-8993-295aa9ec6418 |
| name | demo-router |
| status | ACTIVE |
| tenant_id | cdef0071a0194d19ac6bb63802dc9bae |
+-----------------------+--------------------------------------+</computeroutput></screen>
</step>
<step>
<para>Attach the router to the <literal>demo</literal> tenant
subnet:</para>
<screen><prompt>$</prompt> <userinput>neutron router-interface-add demo-router demo-subnet</userinput></screen>
<screen><prompt>$</prompt> <userinput>neutron router-interface-add demo-router demo-subnet</userinput>
<computeroutput>Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router.</computeroutput></screen>
</step>
<step>
<para>Attach the router to the external network by setting it as
the gateway:</para>
<screen><prompt>$</prompt> <userinput>neutron router-gateway-set demo-router ext-net</userinput></screen>
<screen><prompt>$</prompt> <userinput>neutron router-gateway-set demo-router ext-net</userinput>
<computeroutput>Set gateway for router demo-router</computeroutput></screen>
</step>
</procedure>
</section>
Expand All @@ -165,7 +242,7 @@
external network.</para>
</note>
<procedure>
<title>To verify network connectivity:</title>
<title>To verify network connectivity</title>
<step>
<para>Ping the tenant router gateway:</para>
<screen><prompt>$</prompt> <userinput>ping -c 4 203.0.113.101</userinput>
Expand Down
32 changes: 14 additions & 18 deletions doc/install-guide/section_neutron-ml2-compute-node.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step>
</procedure>
<procedure>
<title>To install the Networking components:</title>
<title>To install the Networking components</title>
<step>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-common neutron-plugin-ml2 neutron-plugin-openvswitch-agent \
openvswitch-datapath-dkms</userinput></screen>
Expand All @@ -39,17 +39,17 @@ net.ipv4.conf.default.rp_filter=0</programlisting>
</step>
</procedure>
<procedure>
<title>To configure the Networking common components:</title>
<title>To configure the Networking common components</title>
<para>The Networking common component configuration includes the
authentication mechanism, messaging service, and plug-in.</para>
authentication mechanism, message broker, and plug-in.</para>
<step os="debian">
<para>Respond to prompts for
<link linkend="debconf-dbconfig-common">database management</link>,
<link linkend="debconf-keystone_authtoken">Identity service
credentials</link>,
<link linkend="debconf-api-endpoints">service endpoint
registration</link>, and
<link linkend="debconf-rabbitqm">messaging service
<link linkend="debconf-rabbitqm">message broker
credentials</link>.</para>
</step>
<step os="rhel;centos;fedora;sles;opensuse">
Expand Down Expand Up @@ -104,7 +104,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
</substeps>
</step>
<step os="opensuse;sles">
<para>Configure Networking to use the messaging service:</para>
<para>Configure Networking to use the message broker:</para>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the password
you chose for the <literal>guest</literal> account in
<application>RabbitMQ</application>.</para>
Expand All @@ -118,7 +118,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step>
<step os="rhel;centos;fedora">
<para>Configure Networking to use the messaging service:</para>
<para>Configure Networking to use the message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
Expand All @@ -131,7 +131,7 @@ admin_password = <replaceable>NEUTRON_PASS</replaceable></programlisting>
qpid_password <replaceable>guest</replaceable></userinput></screen>
</step>
<step os="ubuntu">
<para>Configure Networking to use the messaging service:</para>
<para>Configure Networking to use the message broker:</para>
<substeps>
<step>
<para>Edit the <filename>/etc/neutron/neutron.conf</filename> file
Expand All @@ -152,9 +152,9 @@ rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
<para>Configure Networking to use the Modular Layer 2 (ML2) plug-in
and associated services:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin neutron.plugins.ml2.plugin.Ml2Plugin</userinput>
core_plugin ml2</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin</userinput></screen>
service_plugins router</userinput></screen>
<warning>
<para>You must comment out any lines in the
<literal>[service_providers]</literal> section.</para>
Expand Down Expand Up @@ -194,7 +194,7 @@ allow_overlapping_ips = True</programlisting>
</step>
</procedure>
<procedure>
<title>To configure the Modular Layer 2 (ML2) plug-in:</title>
<title>To configure the Modular Layer 2 (ML2) plug-in</title>
<para>The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to
build the virtual networking framework for instances.</para>
<step os="rhel;centos;fedora;sles;opensuse">
Expand Down Expand Up @@ -253,16 +253,12 @@ enable_tunneling = True</programlisting>
following keys to it:</para>
<programlisting language="ini">[securitygroup]
...
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting>
<para>Add the following key to the
<literal>[securitygroup]</literal> section:</para>
<programlisting language="ini">[securitygroup]
...
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True</programlisting>
</step>
</procedure>
<procedure>
<title>To configure the Open vSwitch (OVS) service:</title>
<title>To configure the Open vSwitch (OVS) service</title>
<para>The OVS service provides the underlying virtual networking framework
for instances. The integration bridge <literal>br-int</literal> handles
internal instance network traffic within OVS.</para>
Expand Down Expand Up @@ -292,7 +288,7 @@ enable_security_group = True</programlisting>
</step>
</procedure>
<procedure>
<title>To configure Compute to use Networking:</title>
<title>To configure Compute to use Networking</title>
<para>By default, most distributions configure Compute to use legacy
networking. You must reconfigure Compute to manage networks through
OpenStack Networking.</para>
Expand Down Expand Up @@ -357,7 +353,7 @@ security_group_api = neutron</programlisting>
</step>
</procedure>
<procedure>
<title>To finalize the installation:</title>
<title>To finalize the installation</title>
<step os="rhel;centos;fedora">
<para>The Networking service initialization scripts expect a symbolic
link <filename>/etc/neutron/plugin.ini</filename> pointing to the
Expand Down
Loading

0 comments on commit 17fc8c8

Please sign in to comment.