update the README after refactoring and align it with other cookbooks

Change-Id: I6ba2d2279c6494d45092a8e94fd2e0a924cbbccf
This commit is contained in:
Jan Klare 2016-04-22 11:05:56 -05:00 committed by Christoph Albers
parent 0e9af30bd1
commit 05638d06d7
2 changed files with 139 additions and 172 deletions

304
README.md
View File

@ -1,13 +1,12 @@
Description
===========
TODO: (jklare) needs refactoring too
This cookbook installs the **OpenStack Network** service (formerly project-named Quantum, current name is Neutron)
as part of a Chef reference deployment of OpenStack.
This cookbook installs the OpenStack Network service **Neutron** as part of a
Chef reference deployment of OpenStack. The
https://github.com/openstack/openstack-chef-repo contains documentation for using this cookbook in the context of a full OpenStack deployment.
More information about the OpenStack Network service is available
[here](http://docs.openstack.org/trunk/openstack-network/admin/content/index.html)
[here](http://docs.openstack.org/mitaka/config-reference/networking.html)
Usage
=====
@ -18,182 +17,156 @@ L3 networking for various hardware vendors and standards.
Requirements
============
Chef 11.4.4 or higher required (for Chef environment use)
- Chef 12 or higher
- chefdk 0.9.0 for testing (also includes berkshelf for cookbook dependency
resolution)
Platform
========
- ubuntu
- redhat
- centos
Cookbooks
---------
=========
The following cookbooks are dependencies:
* openstack-identity
* openstack-common
Recipes
=======
client
------
- Install the network client packages
server
------
- Installs the openstack-network API server
dhcp\_agent
--------
- Installs the DHCP agent
l3\_agent
--------
- Installs the L3 agent and metadata agent
vpn\_agent
--------
- Installs the VPN agent
Identity-registration
---------------------
- Registers the OpenStack Network API endpoint and service user with Keystone
hyperv
------
- Install the drivers for hyperv needed by OpenStack network.
- The networking-hyperv has not been included by linux distributions, it needs been created by users.
- The source code of networking-hyperv maintains in https://github.com/stackforge/networking-hyperv.
- 'openstack-common', '>= 13.0.0'
- 'openstack-identity', '>= 13.0.0'
Attributes
==========
* `openstack['network']['service_provider']` - Array of service providers (drivers) for advanced services like loadbalancer, VPN, Firewall.
* `openstack['network']['api']['auth']['version']` - Select v2.0 or v3.0. Default v2.0. The auth API version used to interact with identity service.
* `openstack['network']["misc_neutron"]` - Array of strings to be added to neutron.conf
* `openstack['network']['api']['auth']['memcached_servers']` - A list of memcached server(s) for caching
* `openstack['network']['api']['auth']['memcache_security_strategy']` - Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT.
* `openstack['network']['api']['auth']['memcache_secret_key']` - This string is used for key derivation.
* `openstack['network']['api']['auth']['hash_algorithms']` - Hash algorithms to use for hashing PKI tokens.
* `openstack['network']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections.
* `openstack['network']['api']['auth']['insecure']` - Whether to allow the client to perform insecure SSL (https) requests.
* `openstack['network']['dbsync_timeout']` - Set dbsync command timeout value
Please see the extensive inline documentation in `attributes/*.rb` for
descriptions of all the settable attributes for this cookbook.
TODO
* `openstack["network"]["service_plugins"]` - Array of Python classes to be used as `service_plugins` in neutron.conf (default: []). Set it to ['neutron.plugins.services.agent_loadbalancer.plugin.LoadBalancerPlugin'] to include the load balancer plugin.
Note that all attributes are in the `default['openstack']` "namespace"
Neutron Nova interactions
-------------------------
* `openstack["network"]["nova"]["cafile"]` - CA file for novaclient to verify server certificates
* `openstack["network"]["nova"]["insecure"]` - Boolean to control ignoring SSL errors on the nova url
The usage of attributes to generate the neutron.conf is described in the
openstack-common cookbook.
MQ attributes
-------------
* `openstack["network"]["mq"]["service_type"]` - Select qpid or rabbitmq. default rabbitmq
TODO: move rabbit parameters under openstack["network"]["mq"]
* `openstack["network"]["rabbit"]["username"]` - Username for nova rabbit access
* `openstack["network"]["rabbit"]["vhost"]` - The rabbit vhost to use
* `openstack["network"]["rabbit"]["port"]` - The rabbit port to use
* `openstack["network"]["rabbit"]["host"]` - The rabbit host to use (must set when `openstack["network"]["rabbit"]["ha"]` false).
* `openstack["network"]["rabbit"]["ha"]` - Whether or not to use rabbit ha
* `openstack["network"]["mq"]["qpid"]["host"]` - The qpid host to use
* `openstack["network"]["mq"]["qpid"]["port"]` - The qpid port to use
* `openstack["network"]["mq"]["qpid"]["qpid_hosts"]` - Qpid hosts. TODO. use only when ha is specified.
* `openstack["network"]["mq"]["qpid"]["username"]` - Username for qpid connection
* `openstack["network"]["mq"]["qpid"]["password"]` - Password for qpid connection
* `openstack["network"]["mq"]["qpid"]["sasl_mechanisms"]` - Space separated list of SASL mechanisms to use for auth
* `openstack["network"]["mq"]["qpid"]["reconnect_timeout"]` - The number of seconds to wait before deciding that a reconnect attempt has failed.
* `openstack["network"]["mq"]["qpid"]["reconnect_limit"]` - The limit for the number of times to reconnect before considering the connection to be failed.
* `openstack["network"]["mq"]["qpid"]["reconnect_interval_min"]` - Minimum number of seconds between connection attempts.
* `openstack["network"]["mq"]["qpid"]["reconnect_interval_max"]` - Maximum number of seconds between connection attempts.
* `openstack["network"]["mq"]["qpid"]["reconnect_interval"]` - Equivalent to setting qpid_reconnect_interval_min and qpid_reconnect_interval_max to the same value.
* `openstack["network"]["mq"]["qpid"]["heartbeat"]` - Seconds between heartbeat messages sent to ensure that the connection is still alive.
* `openstack["network"]["mq"]["qpid"]["protocol"]` - Protocol to use. Default tcp.
* `openstack["network"]["mq"]["qpid"]["tcp_nodelay"]` - Disable the Nagle algorithm. default disabled.
Linuxbridge plugin attributes
-----------------------------
* `openstack['openstack']['network']['linuxbridge']['tenant_network_type']` - Type of network to allocate for tenant networks. (default 'local')
* `openstack['openstack']['network']['linuxbridge']['network_vlan_ranges']` - Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges of VLAN IDs
* `openstack['openstack']['network']['linuxbridge']['physical_interface_mappings']` - (ListOpt) Comma-separated list of <physical_network>:<physical_interface> tuples mapping physical network names
* `openstack['openstack']['network']['linuxbridge']['enable_vxlan']` - (BoolOpt) enable VXLAN on the agent. (default false)
* `openstack['openstack']['network']['linuxbridge']['ttl']` - (IntOpt) use specific TTL for vxlan interface protocol packets
* `openstack['openstack']['network']['linuxbridge']['tos']` - (IntOpt) use specific TOS for vxlan interface protocol packets
* `openstack['openstack']['network']['linuxbridge']['vxlan_group']` - (StrOpt) multicast group to use for broadcast emulation. (default '224.0.0.1')
* `openstack['openstack']['network']['linuxbridge']['l2_population']` - (BoolOpt) Flag to enable l2population extension. (default false)
* `openstack['openstack']['network']['linuxbridge']['polling_interval']` - Agent polling interval in seconds. (default 2)
* `openstack['openstack']['network']['linuxbridge']['rpc_support_old_agents']` - (BoolOpt) Enable server RPC compatibility with old (pre-havana). (default false)
* `openstack['openstack']['network']['linuxbridge']['firewall_driver']` - Firewall driver for realizing neutron security group function
Modular Layer 2 Plugin Configuration
------------------------------------
* `openstack['openstack']['network']['ml2']['type_drivers']` - (ListOpt) List of network type driver entrypoints to be loaded from the neutron.ml2.type_drivers namespace.
* `openstack['openstack']['network']['ml2']['tenant_network_types']` - (ListOpt) Ordered list of net work_types to allocate as tenant networks. (default local)
* `openstack['openstack']['network']['ml2']['mechanism_drivers']` - (ListOpt) Ordered list of networ king mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.
* `openstack['openstack']['network']['ml2']['flat_networks']` - (ListOpt) List of physical_network names with which flat networks can be created.
* `openstack['openstack']['network']['ml2']['network_vlan_ranges']` - (ListOpt) List of <physical_network>[:<vlan_min>:<vlan_max>] tuples specifying physical_network names usable for VLAN provider and tenant networks
* `openstack['openstack']['network']['ml2']['tunnel_id_ranges']` - (ListOpt) Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation
* `openstack['openstack']['network']['ml2']['vni_ranges']` - (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation.
* `openstack['openstack']['network']['ml2']['vxlan_group']` - (StrOpt) Multicast group for the VXLAN interface.
DHCP Agent Configuration
------------------------
* `openstack['openstack']['network']['dhcp']['dhcp_delete_namespaces']` - (StrOpt) If True, namespaces will be deleted when a dhcp server is disabled.
* `openstack['openstack']['network']['dhcp']['dhcp_agents_per_network']` - (IntOpt) Set the number of dhcp agents for each network. (default 1)
L3 Agent Configuration
----------------------
* `openstack['openstack']['network']['l3']['router_delete_namespaces']` - (StrOpt) If True, namespaces will be deleted when a router is destroyed.
* `openstack['openstack']['network']['l3']['ha']['l3_ha']` - (BoolOpt) If True, virtual router will be created as ha by default. (default False)
* `openstack['openstack']['network']['l3']['ha']['max_l3_agents_per_router']` - (IntOpt) The maximum number of l3 agents for each ha router. (default 3)
* `openstack['openstack']['network']['l3']['ha']['ha_vrrp_advert_int']` - (IntOpt) The advertisement interval in seconds. (default 2)
* `openstack['openstack']['network']['l3']['router_distributed'] - Both true(bool) and 'true'(str) will set DVR(Distributed Virtual Router) configure enabled. Setting 'auto' will do a simple check then decide whether or not to enable DVR, default is enabled with OVS.
* `openstack['openstack']['network']['l3']['router_delete_namespaces'] - (StrOpt) If True, namespaces will be deleted when a router is destroyed.
VPN Agent Configuration
----------------------
* `openstack['openstack']['network']['enable_vpn'] - (BoolOpt) Used to enable VPN agent, if true, namespaces must be enabled. (default false)
* `openstack['openstack']['network']['vpn']['vpn_device_driver'] - (ListOpt) Comma-separated list of VPN device drivers which VPN agent will use
* `openstack['openstack']['network']['vpn']['ipsec_status_check_interval'] - (IntOpt) Status check interval for ipsec VPN
LBaaS Agent Configuration
----------------------
* `openstack['openstack']['network']['lbaas']['custom_interface_driver']` - Custom plugin to support new interface drivers
* `openstack['openstack']['network']['lbaas']['ovs_use_veth']` - (BoolOpt) Used to enable veth pairs for OVS based plugins
The following attributes are defined in attributes/default.rb of the common cookbook, but are documented here due to their relevance:
* `openstack['endpoints']['network-api-bind']['host']` - The IP address to bind the api service to
* `openstack['endpoints']['network-api-bind']['port']` - The port to bind the api service to
* `openstack['endpoints']['network-api-bind']['bind_interface']` - The interface name to bind the api service to
If the value of the 'bind_interface' attribute is non-nil, then the network service will be bound to the first IP address on that interface. If the value of the 'bind_interface' attribute is nil, then the network service will be bound to the IP address specified in the host attribute.
Templates
=========
* `neutron.conf.erb` - Config file for OpenStack Network server
* `ml2_conf.ini.erb` - Configuration of Network ML2 Plugins
* `vpn_agent.ini.erb` - Config file for Network VPN agent
Testing
Recipes
=======
Please refer to the [TESTING.md](TESTING.md) for instructions for testing the cookbook.
## openstack-network::client
- Install the network client packages
Berkshelf
=====
## openstack-network::db_migration
- Migrates the neutron database
Berks will resolve version requirements and dependencies on first run and
store these in Berksfile.lock. If new cookbooks become available you can run
`berks update` to update the references in Berksfile.lock. Berksfile.lock will
be included in stable branches to provide a known good set of dependencies.
Berksfile.lock will not be included in development branches to encourage
development against the latest cookbooks.
## openstack-network::default
- Configures common pieces needed for all neutron services and create the
neutron.conf
## openstack-network::dhcp_agent
- Installs the DHCP agent
The configuration for neutron-dhcp-agent is generated from the attributes in
using the same template as for the neutron.conf
```
node['openstack']['network_dhcp']['conf']
```
## openstack-network::fwaas
**This is a 'work in progress' recipe and is currently not tested**
- Installs the Firewall as a Service
## openstack-network::identity_registration
- Registers the OpenStack Network API endpoint and service user with Keystone
## openstack-network::l3_agent
- Installs the L3 agent
The configuration for neutron-l3-agent is generated from the attributes in using
the same template as for the neutron.conf
```
node['openstack']['network_l3']['conf']
```
## openstack-network::lbaas
- Installs the Loadbalancer as a Service
The configuration for neutron-lbaas-agent is generated from the attributes in
using the same template as for the neutron.conf
```
node['openstack']['network_lbaas']['conf']
```
## openstack-network::metadata_agent
- Installs the metadata agent
The configuration for neutron-metadata-agent is generated from the attributes in
using the same template as for the neutron.conf
```
node['openstack']['network_metadata']['conf']
```
## openstack-network::metering_agent
- Installs the metering agent
The configuration for neutron-metadata-agent is generated from the attributes in
using the same template as for the neutron.conf
```
node['openstack']['network_metering']['conf']
```
## openstack-network::ml2_core_plugin
- Configure the ml2_core_plugin
## openstack-network::ml2_linuxbridge
- Configure the ml2 linuxbridge plugin
## openstack-network::ml2_openvswitch
- Configure the ml2 openvswitch plugin
## openstack-network::openvswitch
- Installs openvswitch
## openstack-network::openvswitch_agent
- Installs the openvswitch agent
## openstack-network::plugin_config
- Generates all the needed plugin configurations directly from the attributes
in:
```
node['openstack']['network']['plugins'][myplugin]
```
The final configuration file is generated exactly like all OpenStack service
configuration files (e.g. neutron.conf), but the attribute mentioned above
allows you additionally to define the file name and patch with:
```
# this will also generate the path recursively if not already existent
node['openstack']['network']['plugins'][myplugin]['path']
# this defines the filename for the plugin config (e.g. ml2_conf.ini)
node['openstack']['network']['plugins'][myplugin]['filename']
```
In the examples above, the variable 'myplugin' can be used to generate multiple
plugin configurations with different configs and filenames. Please refer to the
recipe openstack-network::ml2_openvswitch for an full example on the usage of
this attributes.
## openstack-network::server
- Installs the openstack-network API server (currently aka neutron-server)
## openstack-network::vpnaas
- Installs the VPN as a Service
The configuration for neutron-vpn-agent is generated from the attributes in
using the same template as for the neutron.conf
```
node['openstack']['network_vpnaas']['conf']
```
License and Author
==================
@ -209,6 +182,7 @@ License and Author
| | Mark Vanderwiel(<vanderwl@us.ibm.com>) |
| | Eric Zhou(<zyouzhou@cn.ibm.com>) |
| | Jan Klare (<j.klare@x-ion.de>) |
| | Christoph Albers (<c.albers@x-ion.de>) |
| | |
| **Copyright** | Copyright (c) 2013, AT&T Services, Inc. |
| | Copyright (c) 2013-2014, SUSE Linux GmbH |

View File

@ -6,13 +6,6 @@ license 'Apache 2.0'
description 'Installs and configures the OpenStack Network API Service and various agents and plugins'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '13.0.0'
recipe 'openstack-network::client', 'Install packages required for network client'
recipe 'openstack-network::server', 'Installs packages required for a OpenStack Network server'
recipe 'openstack-network::openvswitch', 'Installs packages required for OVS'
recipe 'openstack-network::metadata_agent', 'Installs packages required for a OpenStack Network Metadata Agent'
recipe 'openstack-network::identity_registration', 'Registers OpenStack Network endpoints and service user with Keystone'
recipe 'openstack-network::vpn_agent', 'Installs packages required for Network VPN Agent'
recipe 'openstack-network::hyperv', 'Installs packages required for OpenStack Network Hyperv drivers'
%w(ubuntu redhat centos).each do |os|
supports os