x
/
fuel-plugin-vmware-dvs
Code Issues Proposed changes

[docs] Prepare DVS plugin 3.0.0 guide 

This patch reworks the existing guide to fit the validation
template and prepares a first draft of documentation for
DVS 3.0.0 version.

Change-Id: I6de986862677f2c8f7a97e998e0b20368f083c91
This commit is contained in:
Olena Logvinova 2016-06-17 20:06:22 +03:00
parent e0f03b5262
commit ce16b65a46
41 changed files with 720 additions and 391 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

137
docs/README.md Normal file
View File

@ -0,0 +1,137 @@
# Table of Contents
1. [Overview](#id-section1)
* [How to use](#id-section2)
* [How to build documentation] (#id-section3)
2. [Check yourself](#id-section4)
* [Plugin Guide checklist](#id-section5)
<div id='id-section1'/>
# Overview
If you are developing your own plugin for Fuel, you will also need to prepare
the documentation set, which includes Test Plan, Test Report and Plugin Guide.
<div id='id-section2'/>
## How to use
This repo is organized as the doc tree with 2 main folders:
- plugin guide
- testing documentation
- Test Plan
- Test Report
To use these doc templates, follow these steps:
1. Clone the repo:
`git clone git@github.com:Mirantis/fuel-plugin-docs.git`
2. Populate the placeholders of the conf.py files (for Plugin Guide, Test
Plan and Report) with plugin-specific information (e.g. document name,
plugin release).
3. Populate the content of RST files which make up the document structure.
<div id='id-section3'/>
## How to build documentation
Once you're done with editing the conf.py and sample RST files, you should cd
into the corresponding doc dir and run `make latexpdf`.
For example:
```
cd user_guide
make latexpdf
```
The PDF will be found in ./build subdir.
<div id='id-section4'/>
## Check yourself
Please use the checklists below to make sure you documentation
meets the acceptance criteria.
<div id='id-section5'/>
### Plugin Guide
* The Plugin Guide contains plugin version in <fuel-plugin-name>-XX-XXX-X
format.
* The **Overview** section provides information on the following:
* high-level description of plugin functionality/use case
* schemes (optional)
* The **Requirements** section provides information on the following:
* target MOS release (e.g. should be 8.0 not 8.0 and/or higher)
* required compatible proprietary Partner product version
* required compatible proprietary hw/software (if applicable)
* The **Prerequisites** section provides information on what should be done
prior to the solution installation/configuration, specifically:
* List of required HW/SW and how to get it (where to order or how to
download).
* Compatible firmware versions (for HW) and software versions (for SW).
* A link to official documentation and configuration guides of used HW/SH
should be provided.
* How to configure required external hardware/software (e.g. storage devices,
switches and so on) so that user could use them via the the
application/driver. A simple configuration would be enough.
* If the solution can use specific HW/SW in several modes, then there should
be instructions on how to properly configure the hw/software to use this
very mode.
* The **Limitations** should outline the issues that might limit the plugin
usage. Those can be:
* specific networking option available for the plugin (e.g. it can only use
Neutron VXLAN)
* known issues that might affect the plugin's operability (e.g. it's
impossible to use non-ASCII characters)
* The **Release Notes** section should describe how this plugin version
differs from the previous one.
* The **Installing the plugin** section provides commands and estimated output.
* The **Configuring the plugin** section provides the following information:
* It's clarified which MOS environment configuration should be used (how
many controller, computes, which options/services should be enabled). All
links to the official Mirantis OpenStack documentation are present. It's
also okay to provide screenshots.
* It's clarified how to configure MOS environment properly for the plugin
usage (e.g. how to configure interfaces for different logical networks
Fuel uses). It's also okay to provide screenshots.
* If the plugin requires specific role/naming convention, then this is also
outlined.
* UI part of the plugin should have detailed description and instructions on
where to get specific params. This should be done for every field and
example values should be provided.
* If the plugin supports several modes of usage, then there should be a flow
for each mode (e.g. each mode should be presented as the step-by-step
instruction with screenshots with all required UI elements listed in the
correct order): e.g. select plugin checkbox, click a radio button, fill
in the text fields.
* Network verification check is specified as the obligatory step prior to
deployment. If its expected to fail, this fact should be explicitly stated
and a reason should be provided.
* The **User Guide** should contain:
* baseline commands (CLI reference) with the estimated output (e.g. create
volumes, list volumes etc)
* links to external documentation (e.g. if all baseline issues are covered
in open source/proprietary documentation)
* The **Verification** section should explain how to verify that the plugin
works as expected (CLI, expected output).
* The **Troubleshooting** section should deliver specific guidance on:
* how to make sure that all services are running
* how to check network connectivity (if needed)
* logs (where to find those, what to pay attention to)

70
docs/install_guide/configure.rst
View File

@ -1,70 +0,0 @@
Create and Configure an environment with VMware DVS plugin
----------------------------------------------------------
#. `Create a new OpenStack
environment <https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html#create-a-new-openstack-environment>`_
with Fuel UI wizard.
.. image:: _static/create.png
.. raw:: latex
\pagebreak
2. In *Compute* menu, select *vCenter* checkbox:
.. image:: _static/compute.png
#. Select *Neutron with VMware DVS* for *Networking Setup*
.. image:: _static/net.png
.. raw:: latex
\pagebreak
4. Finish environment creation following
`documentation <https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html#create-a-new-openstack-environment>`_.
#. Open the *Nodes* tab and `add
<https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html#configure-your-environment>`__
at least 1 Controller node to the environment:
.. image:: _static/nodes-controller.png
(Optional) You can also add 1 dedicated Compute VMware node:
.. image:: _static/nodes-vmware.png
#. Open the *Networks* tab of the Fuel Web UI and chose the *Other* subtab. Select the
*Neutron VMware DVS ML2 plugin* checkbox and specify the Cluster to VDS mapping :
.. image:: _static/settings.png
and set the checkbox "Use the VMware DVS firewall driver" if you want to use
security groups on your ports.
VMware DVS ML2 plugin does not support DVR feature. Keep Neutron DVR
checkbox on Neutron Advanced Configuration tab at unchecked state.
.. raw:: latex
\pagebreak
7. Fill in the VMware configuration fields on the *VMware* tab:
.. image:: _static/vmware.png
(Optional) Choose Compute VMware node if your environment has the role:
.. image:: _static/vmware2.png
#. The rest of configuration is up to you.
See `Mirantis OpenStack User Guide <https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html>`__
for instructions.
#. Click *Deploy changes* button to finish.
.. raw:: pdf
PageBreak

38
docs/install_guide/index.rst
View File

@ -1,38 +0,0 @@
=====================================================
Guide to the VMware DVS plugin version 2.1.0 for Fuel
=====================================================
Introduction
============
.. toctree::
:maxdepth: 1
purpose
terms
intro
license
prerequisites
requirements
limitations
release_notes
Installation and create an environment
======================================
.. toctree::
:maxdepth: 1
install
remove
configure
User Guide
=========
.. toctree::
:maxdepth: 1
user
verification
troubleshooting

47
docs/install_guide/install.rst
View File

@ -1,47 +0,0 @@
Installing the VMware DVS plugin
--------------------------------
Make sure that:
* you have the installed the
`Fuel Master node <https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html>`__
* all the nodes of your future environment are discovered and functional.
* there is a connectivity to correctly configured vCenter with VDS'es and clusters created.
Please, see the
`Mirantis OpenStack Planning Guide <https://docs.mirantis.com/openstack/fuel/fuel-8.0/mos-planning-guide.html#plan-the-vsphere-integration>`_,
`User Guide <https://docs.mirantis.com/openstack/fuel/fuel-8.0/user-guide.html#vmware-integration-notes>`_
and
`this plugin's specification <https://github.com/openstack/fuel-plugin-vmware-dvs/blob/master/specs/fuel-plugin-vmware-dvs.rst>`_
for information on configuring vCenter.
#. Download the plugin from the
`Fuel Plugin Catalog <https://www.mirantis.com/products/openstack-drivers-and-plugins/fuel-plugins/>`__.
#. Copy the plugin into Fuel Master node:
::
$ scp fuel-plugin-vmware-dvs-2.1-2.1.0-1.noarch.rpm <Fuel Master node ip>:/tmp
#. Log into the Fuel Master node and install the plugin:
::
$ ssh root@<Fuel Master node ip>
[root@nailgun ~]# fuel plugins --install /
/tmp/fuel-plugin-vmware-dvs-2.1-2.1.0-1.noarch.rpm
[root@nailgun  ]# fuel plugins
DEPRECATION WARNING: /etc/fuel/client/config.yaml exists and will
be used as the source for settings. This behavior is deprecated.
Please specify the path to your custom settings file in the
FUELCLIENT_CUSTOM_SETTINGS environment variable.
+------+--------------------------+-----------+--------------------+
| id | name | version | package\_version |
+------+--------------------------+-----------+--------------------+
| 2 | fuel-plugin-vmware-dvs | 2.1.0 | 4.0.0 |
+------+--------------------------+-----------+--------------------+
.. raw:: latex
\pagebreak

18
docs/install_guide/intro.rst
View File

@ -1,18 +0,0 @@
The VMware DVS plugin
---------------------
MOS supports using vCenter as a hypervisor in a vCenter-only or
heterogeneous, mixed with KVM environments. There is the vmware\_dvs
driver for Neutron ML2 plugin which provides usage Neutron for
networking in such environments. Thereby environments receives an
advanced network features:
- Ability to create multi-tier networks (e.g., web tier, db tier, app
tier).
- Control over IP addressing and security groups's rules.
- Ability to insert an configure their own services (e.g., firewall,
IPS)
- VPN/Bridge to remote physical hosting or customer premises.

6
docs/install_guide/limitations.rst
View File

@ -1,6 +0,0 @@
Limitations
+++++++++++
- Only VLANs are supported for tenant network separation.
- Only vSphere 5.5 & 6.0 are supported.

26
docs/install_guide/prerequisites.rst
View File

@ -1,26 +0,0 @@
Prerequisites
++++++++++++
The VMware DVS plugin works via manipulation resources of a VMware vSphere
Distributed Switch. It requires a vCenter service account with the following
minimum permissions:
+----------------+--------------------+------------------------------+
| All privileges | | |
+----------------+--------------------+------------------------------+
| | Distributed switch | Port configuration operation |
+----------------+--------------------+------------------------------+
| | dvPort group | Create |
+----------------+--------------------+------------------------------+
| | | Delete |
+----------------+--------------------+------------------------------+
| | | Modify |
+----------------+--------------------+------------------------------+
| | | Policy operation |
+----------------+--------------------+------------------------------+
The Plugin doesn't create new VDS'es but uses existed ones. It means that it has
to have connectivity to precreated and
`well configured
<https://www.vmware.com/products/vsphere/features/distributed-switch>`__
VDS'es on the vCenter which will be used in this environment.

5
docs/install_guide/puprose.rst
View File

@ -1,5 +0,0 @@
Document purpose
----------------
The purpose of this document is to describe how to install, configure
and use the VMware DVS plugin 2.1.0 for Fuel 8.0.

15
docs/install_guide/release_notes.rst
View File

@ -1,15 +0,0 @@
Release notes
+++++++++++++
Release notes for VMware DVS plugin 2.1.0:
* New architecture with the vmware-dvs neutron agent.
* A name of dvSwitches is limited by 44 symbols.
* Support for remote security groups.
* Enhancement of stability especially in case of multiple simultenously runned
tasks.
* The performance improvement.

19
docs/install_guide/remove.rst
View File

@ -1,19 +0,0 @@
Removing the VMware DVS plugin
------------------------------
To uninstall VMware DVS plugin, follow these steps:
#. Delete all environments in which VMware DVS plugin has been enabled.
#. Uninstall the plugin:
::
# fuel plugins --remove fuel-plugin-vmware-dvs==2.1.0
#. Check if the plugin was uninstalled successfully:
::
+------+--------+-----------+--------------------+
| id | name | version | package_version |
+------+--------+-----------+--------------------+
+------+--------+-----------+--------------------+

10
docs/install_guide/requirements.rst
View File

@ -1,10 +0,0 @@
Requirements
++++++++++++
The plugin has the following requirements for software:
================ ===========
**Requirement** **Version**
Fuel 8.0
vCenter 5.5/6.0
================ ===========

23
docs/install_guide/terms.rst
View File

@ -1,23 +0,0 @@
Key terms, acronyms and abbreviation
-------------------------------------
.. tabularcolumns:: |p{3cm}|p{12.5cm}|
===================== ========================================================
**Term/abbreviation** **Definition**
===================== ========================================================
VM Virtual Machine
MOS Mirantis OpenStack
OVS Open vSwitch
Neutron ML2 plugin The Neutron Modular Layer 2 plugin is a framework
allowing OpenStack Networking to simultaneously
utilize the variety of layer 2 networking technologies
vmware_dvs driver The driver in the Neutron ML2 plugin which provides
interaction with dvSwitch on vCenter
VMware DVS plugin The plugin for Fuel which installs and configures
vmware_dvs driver on a MOS environment
dvSwitch VMware vSphere® Distributed Switch
VMware ESXi bare-metal hypervisor
VMware vCenter Server Central control point for VMware vSphere
VMware vSphere VMwares cloud computing virtualization operating system
===================== ========================================================

45
docs/install_guide/troubleshooting.rst
View File

@ -1,45 +0,0 @@
Troubleshooting
+++++++++++++++
VMware dvs driver consists from two parts: the mechanism driver of neutron and
the agent. Thereby the main source of information for troubleshooting is
/var/log/neutron/server.log and /var/log/neutron/vmware-dvs-agent-....log.
Please to be sure in correctness of configuration in
the /etc/neutron/neutron.conf, /etc/neutron/plugin.ini. and
/etc/neutron/plugins/ml2/vmware_dvs-.....ini It should contain following
values:
neutron.conf::
notification_driver=messagingv2
plugin.ini::
[ml2]
mechanism_drivers =openvswitch,l2population,vmware_dvs
[ml2_vmware]
vsphere_login=<vsphere_user>
vsphere_hostname=<vsphere_ip>
vsphere_password=<vsphere_password>
vmware_dvs-<vcenter AZ>-<service name>.ini::
[DEFAULT]
host=<vcenter AZ>-<service name>
[securitygroup]
enable_security_group = True
firewall_driver=mech_vmware_dvs.agentDVS.vCenter_firewall.DVSFirewallDriver
[ml2_vmware]
vsphere_login=<vsphere_user>
network_maps=physnet2:<VDS>
vsphere_hostname=<vsphere_ip>
vsphere_password=<vsphere_password>
Sure all neutron-dvs-agent should be launched on corresponded nodes. On
controllers --- under corosync and on compute-vmware --- via init script.
Also in case of trouble would be useful to check the
connectivity between controller nodes and vCenter.

62
docs/install_guide/user.rst
View File

@ -1,62 +0,0 @@
Using advanced neutron's possibilities with VMware DVS plugin
-------------------------------------------------------------
#. Once OpenStack has been deployed, we can start using Neutron for
networking. The port group for admin\_internal\_net could appear
on the vCenter (don't worry if any DVS has missing portgroups):
.. image:: _static/net04pg.png
.. raw:: latex
\pagebreak
2. In Horizon, the network topology should look like:
.. image:: _static/topology.png
where VMware is the name of the instance located on the vCenter.
#. You can use Neutron for such instance brand the same way as for KVM-located instances.
#. DVS Security groups functionality differs from KVM implementatin. VMWare DVS does not
support stateful firewall properties and ICMP types. DVS Plugin realises emulation logic
to support the similar behavior. It installs reverse traffic rule for each SG rule.
VMWare DVS plugin state emulation logic uses ephemeral port range filter to rise security
of reverse rules implementation.
Just add only those rules if you want to correctly launch EC2 compatible image with
matadata request and DNS access:
Implement Custom TCP Egress rule to 169.254.169.254/32 CIDR port 80
Implement Custom UDP Egress rule to '<DNS server IP or 0.0.0.0/0>' CIDR port 53
DVS plugin will install four rules:
1. TCP Egress from any IP ports 32768-65535 to metadata IP port 80
#. TCP Ingress from metadata IP port 80 to any IP ports 32768-65535
#. UDP Egress from any IP ports 32768-65535 to DNS IP port 53
#. UDP Ingress from DNS IP port 53 to any IP ports 32768-65535
32768-65535 is the useful ethemetal port range for most Linux kernels and Windows hosts.
Common egress TCP rule looks like this:
TCP Egress to any ports 0.0.0.0/0 CIDR
It works like:
TCP Egress from any IP ports 32768-65535 to any IP any port
TCP Ingress from any IP any port to any IP ports 32768-65535
and private ports of your VM like http or ssh will be closed.
DVS plugin support only symmectric ICMP interaction. If your host can ping destination host,
it means the destination host can ping your host by reverse rules.
#. Sometimes the error at log files happens "Cannot complete operation due to concurrent
modification by another operation." due to absence of concurrent access to modify resources
by vSphere. Do not panic. Driver has special wrapper for this exception.

0
docs/install_guide/Makefile → docs/user_guide/Makefile
View File

0
docs/install_guide/_static/compute.png → docs/user_guide/_static/compute.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 28 KiB

0
docs/install_guide/_static/create.png → docs/user_guide/_static/create.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 48 KiB

After

Width:  |  Height:  |  Size: 48 KiB

0
docs/install_guide/_static/net.png → docs/user_guide/_static/net.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 47 KiB

After

Width:  |  Height:  |  Size: 47 KiB

0
docs/install_guide/_static/net04pg.png → docs/user_guide/_static/net04pg.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 203 KiB

After

Width:  |  Height:  |  Size: 203 KiB

0
docs/install_guide/_static/nodes-controller.png → docs/user_guide/_static/nodes-controller.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 20 KiB

After

Width:  |  Height:  |  Size: 20 KiB

0
docs/install_guide/_static/nodes-vmware.png → docs/user_guide/_static/nodes-vmware.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.9 KiB

After

Width:  |  Height:  |  Size: 6.9 KiB

0
docs/install_guide/_static/settings.png → docs/user_guide/_static/settings.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 27 KiB

After

Width:  |  Height:  |  Size: 27 KiB

0
docs/install_guide/_static/topology.png → docs/user_guide/_static/topology.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 49 KiB

After

Width:  |  Height:  |  Size: 49 KiB

0
docs/install_guide/_static/vmware.png → docs/user_guide/_static/vmware.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 54 KiB

After

Width:  |  Height:  |  Size: 54 KiB

0
docs/install_guide/_static/vmware2.png → docs/user_guide/_static/vmware2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 13 KiB

11
docs/user_guide/appendix.rst Normal file
View File

@ -0,0 +1,11 @@
.. _links:
Useful links
============
For more information about Fuel VMware DVS plugin described in this document,
see:
* `Specification <https://github.com/openstack/fuel-plugin-vmware-dvs/blob/master/specs/fuel-plugin-vmware-dvs.rst>`_
* `GitHub project <https://github.com/openstack/fuel-plugin-vmware-dvs>`_
* `Launchpad project <https://launchpad.net/fuel-plugin-vmware-dvs>`_

80
docs/install_guide/conf.py → docs/user_guide/conf.py
View File

@ -57,16 +57,16 @@ master_doc = 'index'
# General information about the project.
project = u'Fuel VMware DVS plugin'
copyright = u'2015, Mirantis Inc.' # noqa
copyright = u'2016, Mirantis Inc.' # noqa
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '2.1.0'
version = '3.0.0'
# The full version, including alpha/beta/rc tags.
release = '2.1.0'
release = '3.0-3.0.0-1'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
@ -202,8 +202,8 @@ latex_elements = {
# (source start file, target name, title,
# author, documentclass [howto, manual, or own class]).
latex_documents = [
('index', 'FuelVMwareDVSvplugin.tex', u'Fuel VMware DVS plugin user\
guide', u'Mirantis Inc.', 'manual'),
('index', 'FuelVMwareDVSvplugin.tex', u'Fuel VMware DVS Plugin\
Guide', u'Mirantis Inc.', 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
@ -265,3 +265,73 @@ texinfo_documents = [
# Insert footnotes where they are defined instead of at the end.
pdf_inline_footnotes = True
# -- Options for Epub output ----------------------------------------------
# Bibliographic Dublin Core info.
epub_title = u'VMware DVS Plugin for Fuel'
epub_author = u'Mirantis Inc.'
epub_publisher = u'Mirantis Inc.'
epub_copyright = u'2016, Mirantis Inc.'
# The basename for the epub file. It defaults to the project name.
#epub_basename = u'fuel-plugin-openbook'
# The HTML theme for the epub output. Since the default themes are not optimized
# for small screen space, using the same theme for HTML and epub output is
# usually not wise. This defaults to 'epub', a theme designed to save visual
# space.
#epub_theme = 'epub'
# The language of the text. It defaults to the language option
# or en if the language is not set.
#epub_language = ''
# The scheme of the identifier. Typical schemes are ISBN or URL.
#epub_scheme = ''
# The unique identifier of the text. This can be a ISBN number
# or the project homepage.
#epub_identifier = ''
# A unique identification for the text.
#epub_uid = ''
# A tuple containing the cover image and cover page html template filenames.
#epub_cover = ()
# A sequence of (type, uri, title) tuples for the guide element of content.opf.
#epub_guide = ()
# HTML files that should be inserted before the pages created by sphinx.
# The format is a list of tuples containing the path and title.
#epub_pre_files = []
# HTML files shat should be inserted after the pages created by sphinx.
# The format is a list of tuples containing the path and title.
#epub_post_files = []
# A list of files that should not be packed into the epub file.
epub_exclude_files = ['search.html']
# The depth of the table of contents in toc.ncx.
#epub_tocdepth = 3
# Allow duplicate toc entries.
#epub_tocdup = True
# Choose between 'default' and 'includehidden'.
#epub_tocscope = 'default'
# Fix unsupported image types using the PIL.
#epub_fix_images = False
# Scale large images.
#epub_max_image_width = 0
# How to display URL addresses: 'footnote', 'no', or 'inline'.
#epub_show_urls = 'inline'
# If false, no index is generated.
#epub_use_index = True

82
docs/user_guide/config.rst Normal file
View File

@ -0,0 +1,82 @@
.. _configure_env:
Configure an environment with VMware DVS plugin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Configuring and deploying an environment with VMware DVS plugin involves
creating an environment in Fuel and modifying the environment settings.
**To configure an OpenStack environment with VMware DVS plugin:**
#. Using Fuel Web UI, follow steps 1-5 of the `Create a new OpenStack
environment <http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/create-environment/start-create-env.html>`_
instruction.
#. In the :guilabel:`Compute` menu, select :guilabel:`vCenter`:
.. figure:: _static/compute.png
:width: 90%
.. raw:: latex
\pagebreak
3. In the :guilabel:`Networking Setup` menu, select
:guilabel:`Neutron with VMware DVS`:
.. figure:: _static/net.png
:width: 90%
#. Follow steps 8-10 of the `Create a new OpenStack
environment <http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/create-environment/start-create-env.html>`_
instruction.
#. In the :guilabel:`Nodes` tab of the Fuel Web UI, `add
<http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/configure-environment/add-nodes.html>`_
at least 1 :guilabel:`Controller` node to the environment:
.. figure:: _static/nodes-controller.png
:width: 90%
(Optional) You can also add 1 dedicated :guilabel:`Compute VMware` node:
.. figure:: _static/nodes-vmware.png
:width: 90%
.. raw:: latex
\pagebreak
6. In the :guilabel:`Networks` tab, click :guilabel:`Other`:
#. Select the :guilabel:`Neutron VMware DVS ML2 plugin` checkbox.
#. Specify the :guilabel:`Cluster to VDSwitch mapping`.
#. If you want to use security groups on your ports, select
:guilabel:`Use the VMware DVS firewall driver`.
.. figure:: _static/settings.png
:width: 100%
.. caution::
VMware DVS ML2 plugin does not support the Distributed Virtual Routers
(DVR) feature. Therefore, do not select :guilabel:`Neutron DVR` in
:menuselection:`Neutron L3 Configuration -> Neutron Advanced Configuration`.
.. raw:: latex
\pagebreak
7. In the :guilabel:`VMware` tab, fill in the VMware configuration fields:
.. figure:: _static/vmware.png
:width: 90%
#. Make additional configuration adjustments as described in the
`Configure your environment <http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/configure-environment.html>`_
section of Fuel User Guide.
#. Proceed to the `environment deployment <http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-user-guide/deploy-environment.html>`_.
.. raw:: latex
\pagebreak

31
docs/user_guide/definitions.rst Normal file
View File

@ -0,0 +1,31 @@
.. _definitions:
Key terms
~~~~~~~~~
The table below lists the key terms, acronyms, and abbreviations that are used
in this document.
.. tabularcolumns:: |p{4cm}|p{12.5cm}|
====================== ========================================================
**Term/abbreviation** **Definition**
====================== ========================================================
Neutron ML2 plugin The Neutron Modular Layer 2 plugin. It is a framework
allowing OpenStack Networking to simultaneously
utilize the variety of Layer 2 networking technologies.
OVS Open vSwitch
VDS VMware vSphere® Distributed Switch
VM Virtual machine
vmware_dvs driver The driver in the Neutron ML2 plugin which provides
interaction with dvSwitch on vCenter.
VMware DVS plugin The plugin for Fuel that installs and configures
vmware_dvs driver on a Mirantis OpenStack environment.
VMware ESXi Bare-metal hypervisor
VMware vCenter server Central control point for VMware vSphere
VMware vSphere VMware cloud computing virtualization operating system
====================== ========================================================
.. raw:: latex
\pagebreak

38
docs/user_guide/index.rst Normal file
View File

@ -0,0 +1,38 @@
============================
Fuel VMware DVS Plugin Guide
============================
Overview
~~~~~~~~
.. toctree::
:maxdepth: 1
intro
definitions
requirements
prerequisites
limitations
release_notes
license
appendix
Install and configure VMware DVS plugin for Fuel
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. toctree::
:maxdepth: 1
install
remove
config
verification
Use VMware DVS plugin for Fuel
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. toctree::
:maxdepth: 1
using_neutron
troubleshooting

49
docs/user_guide/install.rst Normal file
View File

@ -0,0 +1,49 @@
Install VMware DVS plugin
~~~~~~~~~~~~~~~~~~~~~~~~~
Before you proceed with the VMware DVS plugin installation, verify that:
#. You have completed the :ref:`prereqs` steps.
#. All the nodes of your future environment are :guilabel:`DISCOVERED` on the
Fuel Master node.
#. You have a connectivity to correctly configured vCenter with VDSes and
clusters created.
**To install the VMware DVS plugin:**
#. Download the VMware DVS plugin from the
`Fuel Plugin Catalog <https://www.mirantis.com/products/openstack-drivers-and-plugins/fuel-plugins/>`__.
#. Copy the plugin ``.rpm`` package to the Fuel Master node:
.. code-block:: console
$ scp fuel-plugin-vmware-dvs-3.0-3.0.0-1.noarch.rpm <Fuel Master node ip>:/tmp
#. Log into the Fuel Master node CLI as root.
#. Install the plugin:
.. code-block:: console
# fuel plugins --install /tmp/fuel-plugin-vmware-dvs-3.0-3.0.0-1.noarch.rpm
#. Verify that the plugin was installed successfully:
.. code-block:: console
# fuel plugins
+------+--------------------------+-----------+--------------------+
| id | name | version | package\_version |
+------+--------------------------+-----------+--------------------+
| 2 | fuel-plugin-vmware-dvs | 3.0.0 | 4.0.0 |
+------+--------------------------+-----------+--------------------+
#. Proceed to :ref:`configure_env`.
.. raw:: latex
\pagebreak

21
docs/user_guide/intro.rst Normal file
View File

@ -0,0 +1,21 @@
Introduction
~~~~~~~~~~~~
The purpose of this document is to describe how to install, configure,
and use the VMware DVS plugin 3.0.0 for Fuel 9.0.
Mirantis OpenStack supports using vCenter as a hypervisor on vCenter-only or
heterogeneous environments that are mixed with KVM. The vmware_dvs driver for
Neutron ML2 plugin allows using Neutron for networking in such environments.
Therefore, you get the following advanced network features for your
environment:
- Create multi-tier networks (for example: web tier, database tier,
application tier)
- Control over IP addressing and security groups' rules.
- Add and configure custom services (for example: firewall,
intrusion-prevention system)
- VPN/Bridge to a remote physical hosting or customer premises.

5
docs/install_guide/license.rst → docs/user_guide/license.rst
View File

@ -1,8 +1,9 @@
Licensing information
+++++++++++++++++++++
Licenses
~~~~~~~~
================= ============
**Component** **License**
================= ============
vmware_dvs driver Apache 2.0
VMware DVS plugin Apache 2.0
================= ============

13
docs/user_guide/limitations.rst Normal file
View File

@ -0,0 +1,13 @@
Limitations
~~~~~~~~~~~
The VMware DVS plugin 3.0.0 for Fuel has the following limitations:
* The plugin is enabled only in environments with Neutron as the
networking option.
* Only VLANs are supported for the tenant network separation.
* Only vSphere versions 5.5 and 6.0 are supported.
.. raw:: latex
\pagebreak

52
docs/user_guide/prerequisites.rst Normal file
View File

@ -0,0 +1,52 @@
.. _prereqs:
Prerequisites
~~~~~~~~~~~~~
Before you install and start using VMware DVS plugin on Fuel, complete the
following steps:
#. Install and set up
`Fuel 9.0 <http://docs.openstack.org/developer/fuel-docs/userdocs/fuel-install-guide.html>`__.
#. Read the *Plan the vSphere integration* section in
`Mirantis OpenStack Planning Guide <https://docs.mirantis.com/openstack/fuel/fuel-8.0/mos-planning-guide.html#plan-the-vsphere-integration>`_.
.. seealso::
* `VMware vSphere 5.5 official documentation <http://pubs.vmware.com/vsphere-55/index.jsp>`_
* `VMware vSphere in OpenStack Configuration Reference <http://docs.openstack.org/mitaka/config-reference/compute/hypervisor-vmware.html>`_
#. Create a `vCenter service account <http://pubs.vmware.com/vsphere-55/index.jsp?topic=%2Fcom.vmware.vsphere.vcenterhost.doc%2FGUID-3B5AF2B1-C534-4426-B97A-D14019A8010F.html>`_.
#. In the vCenter service account, apply the following minimum privileges
for :guilabel:`Distributed switch` and :guilabel:`dvPort group`:
.. list-table::
:header-rows: 1
* - Permission
- Privilege
* - dvSwitch
- * Port configuration operation
* - dvPort Group
- * dvPort group.Create
* dvPort group.Delete
* dvPort group.Modify
* dvPort group.Policy operation
It allows the VMware DVS plugin to use manipulation resources of VMware
vSphere Distributed Switch (VDS).
#. Create and properly configure VDSes on vCenter that will be used in
your environment. For details, see the VDS videos in the
:menuselection:`Technical Details -> Resources` section on the
`VMware Distributed Switch page <https://www.vmware.com/products/vsphere/features/distributed-switch>`__.
#. Connect the VMware DVS plugin to the precreated and configured VDSes.
.. note::
The VMware DVS plugin does not create new VDSes but uses the existing ones.
.. raw:: latex
\pagebreak

21
docs/user_guide/release_notes.rst Normal file
View File

@ -0,0 +1,21 @@
Release notes
~~~~~~~~~~~~~
VMware DVS plugin 3.0.0 contains the following updates:
* Implemented a new architecture with the vmware-dvs neutron agent.
* Limited the name of dvSwitch by 44 symbols.
* Added a new consistent engine for remote security groups.
* Enhanced the VMware DVS plugin stability, especially when multiple tasks
run simultaneously.
* Improved the VMware DVS plugin overall performance.
* Improved the VMware DVS plugin documentation.
.. raw:: latex
\pagebreak

30
docs/user_guide/remove.rst Normal file
View File

@ -0,0 +1,30 @@
Uninstall VMware DVS plugin
---------------------------
To uninstall VMware DVS plugin, follow the steps below:
#. Log in to the Fuel Master node CLI.
#. Delete all the environments in which VMware DVS plugin is enabled:
.. code-block:: console
# fuel --env <ENV_ID> env delete
#. Uninstall the plugin:
.. code-block:: console
# fuel plugins --remove fuel-plugin-vmware-dvs==3.0.0
#. Verify whether the VMware DVS plugin was uninstalled successfully:
.. code-block:: console
# fuel plugins
The VMware DVS plugin should not appear in the output list.
.. raw:: latex
\pagebreak

11
docs/user_guide/requirements.rst Normal file
View File

@ -0,0 +1,11 @@
Requirements
~~~~~~~~~~~~
The VMware DVS plugin 3.0.0 for Fuel has the following requirements:
* Fuel 9.0 on Mitaka
* vCenter 5.5/6.0
.. raw:: latex
\pagebreak

55
docs/user_guide/troubleshooting.rst Normal file
View File

@ -0,0 +1,55 @@
Troubleshooting
~~~~~~~~~~~~~~~
VMware DVS driver consists of two parts: the mechanism driver of Neutron and
the VMware DVS agent. Therefore, two main sources of information for
troubleshooting are ``/var/log/neutron/server.log`` and
``/var/log/neutron/vmware-dvs-agent-....log``.
**To verify Neutron configuration files:**
To deliver a stable performance of the VMware DVS plugin, verify that the
Neutron configuration files contain the following values:
* ``/etc/neutron/neutron.conf``:
.. code-block:: ini
notification_driver=messagingv2
* ``/etc/neutron/plugin.ini``:
.. code-block:: ini
[ml2]
mechanism_drivers =openvswitch,l2population,vmware_dvs
[ml2_vmware]
vsphere_login=<vsphere_user>
vsphere_hostname=<vsphere_ip>
vsphere_password=<vsphere_password>
* ``/etc/neutron/plugins/ml2/vmware_dvs-<vcenter AZ>-<service name>.ini``:
.. code-block:: ini
[DEFAULT]
host=<vcenter AZ>-<service name>
[securitygroup]
enable_security_group = True
firewall_driver=mech_vmware_dvs.agentDVS.vCenter_firewall.DVSFirewallDriver
[ml2_vmware]
vsphere_login=<vsphere_user>
network_maps=physnet2:<VDS>
vsphere_hostname=<vsphere_ip>
vsphere_password=<vsphere_password>
Verify that all neutron-dvs-agent services are launched on corresponding nodes:
* On controllers: under corosync
* On compute-vmware: using the init script
Verify the connectivity between controller nodes and vCenter:
.. TODO: add CLI command

91
docs/user_guide/using_neutron.rst Normal file
View File

@ -0,0 +1,91 @@
Using advanced Neutron possibilities with VMware DVS plugin
-----------------------------------------------------------
This section describes the features that you get while using the VMware DVS
plugin as well as outlines the usage aspects of DVS security groups.
Once you deploy an OpenStack environment with VMware DVS plugin, you can
start using Neutron for networking.
The port group for ``admin_internal_net`` is created on clusters when VMs
are attached:
.. figure:: _static/net04pg.png
:width: 100%
.. raw:: latex
\pagebreak
|
In Horizon, the network topology looks like the following:
.. figure:: _static/topology.png
:width: 100%
where *VMware* is the name of the instance located in vCenter. You can use
Neutron for such instance the same way as for KVM-located instances.
.. TODO OL: Update the picture so that it displays the instance name
as mentioned in description.
**DVS security groups**
The functionality of the VMWare DVS plugin security groups differs from the
KVM implementation:
* The VMWare DVS plugin does not support stateful firewall properties and
ICMP types. It realizes the emulation logic to support similar
behavior. The plugin installs a reverse traffic rule for each security group
rule.
* The VMWare DVS plugin state emulation logic uses ephemeral port range filter
to rise the security of reverse rules implementation.
You can only add the reverse rules to correctly launch an EC2-compatible
image with metadata request and DNS access.
**To add reverse rules:**
#. Implement a custom TCP egress rule to 169.254.169.254//32 CIDR port 80.
#. Implement a custom UDP egress rule to <DNS server IP or 0.0.0.0//0>
CIDR port 53.
The VMWare DVS plugin installs four rules:
#. TCP egress from any IP ports 32768-65535 to metadata IP port 80
#. TCP ingress from metadata IP port 80 to any IP ports 32768-65535
#. UDP egress from any IP ports 32768-65535 to DNS IP port 53
#. UDP ingress from DNS IP port 53 to any IP ports 32768-65535
.. note:: 32768-65535 is a useful ephemeral port range for most Linux kernels
and Windows hosts.
Example of a common egress TCP rule:
* TCP egress to any ports 0.0.0.0/0 CIDR
It works in the following way:
* TCP egress from any IP ports 32768-65535 to any IP any port
* TCP ingress from any IP any port to any IP ports 32768-65535
Once applied, the private ports of your VM like HTTP or SSH will be closed.
The VMWare DVS plugin supports only symmetric ICMP interaction. If your host
can ping a destination host, it means that the destination host can ping your
host by reverse rules.
Sometimes, you can see the following error in log files:
*Cannot complete operation due to concurrent modification by another
operation.*
Reason: concurrent access is missing to modify resources by vSphere.
Solution: the VMWare DVS plugin driver has special wrapper for this exception.
Therefore, you can ignore this error.
.. raw:: latex
\pagebreak

0
docs/install_guide/verification.rst → docs/user_guide/verification.rst
View File