update the README after refactoring and align it with other cookbooks
Change-Id: I6ba2d2279c6494d45092a8e94fd2e0a924cbbccf
This commit is contained in:
parent
0e9af30bd1
commit
05638d06d7
304
README.md
304
README.md
|
@ -1,13 +1,12 @@
|
|||
Description
|
||||
===========
|
||||
|
||||
TODO: (jklare) needs refactoring too
|
||||
|
||||
This cookbook installs the **OpenStack Network** service (formerly project-named Quantum, current name is Neutron)
|
||||
as part of a Chef reference deployment of OpenStack.
|
||||
This cookbook installs the OpenStack Network service **Neutron** as part of a
|
||||
Chef reference deployment of OpenStack. The
|
||||
https://github.com/openstack/openstack-chef-repo contains documentation for using this cookbook in the context of a full OpenStack deployment.
|
||||
|
||||
More information about the OpenStack Network service is available
|
||||
[here](http://docs.openstack.org/trunk/openstack-network/admin/content/index.html)
|
||||
[here](http://docs.openstack.org/mitaka/config-reference/networking.html)
|
||||
|
||||
Usage
|
||||
=====
|
||||
|
@ -18,182 +17,156 @@ L3 networking for various hardware vendors and standards.
|
|||
Requirements
|
||||
============
|
||||
|
||||
Chef 11.4.4 or higher required (for Chef environment use)
|
||||
- Chef 12 or higher
|
||||
- chefdk 0.9.0 for testing (also includes berkshelf for cookbook dependency
|
||||
resolution)
|
||||
|
||||
Platform
|
||||
========
|
||||
|
||||
- ubuntu
|
||||
- redhat
|
||||
- centos
|
||||
|
||||
Cookbooks
|
||||
---------
|
||||
=========
|
||||
|
||||
The following cookbooks are dependencies:
|
||||
|
||||
* openstack-identity
|
||||
* openstack-common
|
||||
|
||||
Recipes
|
||||
=======
|
||||
|
||||
client
|
||||
------
|
||||
|
||||
- Install the network client packages
|
||||
|
||||
server
|
||||
------
|
||||
|
||||
- Installs the openstack-network API server
|
||||
|
||||
dhcp\_agent
|
||||
--------
|
||||
|
||||
- Installs the DHCP agent
|
||||
|
||||
l3\_agent
|
||||
--------
|
||||
|
||||
- Installs the L3 agent and metadata agent
|
||||
|
||||
vpn\_agent
|
||||
--------
|
||||
|
||||
- Installs the VPN agent
|
||||
|
||||
Identity-registration
|
||||
---------------------
|
||||
|
||||
- Registers the OpenStack Network API endpoint and service user with Keystone
|
||||
|
||||
hyperv
|
||||
------
|
||||
|
||||
- Install the drivers for hyperv needed by OpenStack network.
|
||||
- The networking-hyperv has not been included by linux distributions, it needs been created by users.
|
||||
- The source code of networking-hyperv maintains in https://github.com/stackforge/networking-hyperv.
|
||||
- 'openstack-common', '>= 13.0.0'
|
||||
- 'openstack-identity', '>= 13.0.0'
|
||||
|
||||
Attributes
|
||||
==========
|
||||
|
||||
* `openstack['network']['service_provider']` - Array of service providers (drivers) for advanced services like loadbalancer, VPN, Firewall.
|
||||
* `openstack['network']['api']['auth']['version']` - Select v2.0 or v3.0. Default v2.0. The auth API version used to interact with identity service.
|
||||
* `openstack['network']["misc_neutron"]` - Array of strings to be added to neutron.conf
|
||||
* `openstack['network']['api']['auth']['memcached_servers']` - A list of memcached server(s) for caching
|
||||
* `openstack['network']['api']['auth']['memcache_security_strategy']` - Whether token data should be authenticated or authenticated and encrypted. Acceptable values are MAC or ENCRYPT.
|
||||
* `openstack['network']['api']['auth']['memcache_secret_key']` - This string is used for key derivation.
|
||||
* `openstack['network']['api']['auth']['hash_algorithms']` - Hash algorithms to use for hashing PKI tokens.
|
||||
* `openstack['network']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections.
|
||||
* `openstack['network']['api']['auth']['insecure']` - Whether to allow the client to perform insecure SSL (https) requests.
|
||||
* `openstack['network']['dbsync_timeout']` - Set dbsync command timeout value
|
||||
Please see the extensive inline documentation in `attributes/*.rb` for
|
||||
descriptions of all the settable attributes for this cookbook.
|
||||
|
||||
TODO
|
||||
* `openstack["network"]["service_plugins"]` - Array of Python classes to be used as `service_plugins` in neutron.conf (default: []). Set it to ['neutron.plugins.services.agent_loadbalancer.plugin.LoadBalancerPlugin'] to include the load balancer plugin.
|
||||
Note that all attributes are in the `default['openstack']` "namespace"
|
||||
|
||||
Neutron Nova interactions
|
||||
-------------------------
|
||||
* `openstack["network"]["nova"]["cafile"]` - CA file for novaclient to verify server certificates
|
||||
* `openstack["network"]["nova"]["insecure"]` - Boolean to control ignoring SSL errors on the nova url
|
||||
The usage of attributes to generate the neutron.conf is described in the
|
||||
openstack-common cookbook.
|
||||
|
||||
MQ attributes
|
||||
-------------
|
||||
* `openstack["network"]["mq"]["service_type"]` - Select qpid or rabbitmq. default rabbitmq
|
||||
TODO: move rabbit parameters under openstack["network"]["mq"]
|
||||
* `openstack["network"]["rabbit"]["username"]` - Username for nova rabbit access
|
||||
* `openstack["network"]["rabbit"]["vhost"]` - The rabbit vhost to use
|
||||
* `openstack["network"]["rabbit"]["port"]` - The rabbit port to use
|
||||
* `openstack["network"]["rabbit"]["host"]` - The rabbit host to use (must set when `openstack["network"]["rabbit"]["ha"]` false).
|
||||
* `openstack["network"]["rabbit"]["ha"]` - Whether or not to use rabbit ha
|
||||
|
||||
* `openstack["network"]["mq"]["qpid"]["host"]` - The qpid host to use
|
||||
* `openstack["network"]["mq"]["qpid"]["port"]` - The qpid port to use
|
||||
* `openstack["network"]["mq"]["qpid"]["qpid_hosts"]` - Qpid hosts. TODO. use only when ha is specified.
|
||||
* `openstack["network"]["mq"]["qpid"]["username"]` - Username for qpid connection
|
||||
* `openstack["network"]["mq"]["qpid"]["password"]` - Password for qpid connection
|
||||
* `openstack["network"]["mq"]["qpid"]["sasl_mechanisms"]` - Space separated list of SASL mechanisms to use for auth
|
||||
* `openstack["network"]["mq"]["qpid"]["reconnect_timeout"]` - The number of seconds to wait before deciding that a reconnect attempt has failed.
|
||||
* `openstack["network"]["mq"]["qpid"]["reconnect_limit"]` - The limit for the number of times to reconnect before considering the connection to be failed.
|
||||
* `openstack["network"]["mq"]["qpid"]["reconnect_interval_min"]` - Minimum number of seconds between connection attempts.
|
||||
* `openstack["network"]["mq"]["qpid"]["reconnect_interval_max"]` - Maximum number of seconds between connection attempts.
|
||||
* `openstack["network"]["mq"]["qpid"]["reconnect_interval"]` - Equivalent to setting qpid_reconnect_interval_min and qpid_reconnect_interval_max to the same value.
|
||||
* `openstack["network"]["mq"]["qpid"]["heartbeat"]` - Seconds between heartbeat messages sent to ensure that the connection is still alive.
|
||||
* `openstack["network"]["mq"]["qpid"]["protocol"]` - Protocol to use. Default tcp.
|
||||
* `openstack["network"]["mq"]["qpid"]["tcp_nodelay"]` - Disable the Nagle algorithm. default disabled.
|
||||
|
||||
Linuxbridge plugin attributes
|
||||
-----------------------------
|
||||
* `openstack['openstack']['network']['linuxbridge']['tenant_network_type']` - Type of network to allocate for tenant networks. (default 'local')
|
||||
* `openstack['openstack']['network']['linuxbridge']['network_vlan_ranges']` - Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges of VLAN IDs
|
||||
* `openstack['openstack']['network']['linuxbridge']['physical_interface_mappings']` - (ListOpt) Comma-separated list of <physical_network>:<physical_interface> tuples mapping physical network names
|
||||
* `openstack['openstack']['network']['linuxbridge']['enable_vxlan']` - (BoolOpt) enable VXLAN on the agent. (default false)
|
||||
* `openstack['openstack']['network']['linuxbridge']['ttl']` - (IntOpt) use specific TTL for vxlan interface protocol packets
|
||||
* `openstack['openstack']['network']['linuxbridge']['tos']` - (IntOpt) use specific TOS for vxlan interface protocol packets
|
||||
* `openstack['openstack']['network']['linuxbridge']['vxlan_group']` - (StrOpt) multicast group to use for broadcast emulation. (default '224.0.0.1')
|
||||
* `openstack['openstack']['network']['linuxbridge']['l2_population']` - (BoolOpt) Flag to enable l2population extension. (default false)
|
||||
* `openstack['openstack']['network']['linuxbridge']['polling_interval']` - Agent polling interval in seconds. (default 2)
|
||||
* `openstack['openstack']['network']['linuxbridge']['rpc_support_old_agents']` - (BoolOpt) Enable server RPC compatibility with old (pre-havana). (default false)
|
||||
* `openstack['openstack']['network']['linuxbridge']['firewall_driver']` - Firewall driver for realizing neutron security group function
|
||||
|
||||
Modular Layer 2 Plugin Configuration
|
||||
------------------------------------
|
||||
* `openstack['openstack']['network']['ml2']['type_drivers']` - (ListOpt) List of network type driver entrypoints to be loaded from the neutron.ml2.type_drivers namespace.
|
||||
* `openstack['openstack']['network']['ml2']['tenant_network_types']` - (ListOpt) Ordered list of net work_types to allocate as tenant networks. (default local)
|
||||
* `openstack['openstack']['network']['ml2']['mechanism_drivers']` - (ListOpt) Ordered list of networ king mechanism driver entrypoints to be loaded from the neutron.ml2.mechanism_drivers namespace.
|
||||
* `openstack['openstack']['network']['ml2']['flat_networks']` - (ListOpt) List of physical_network names with which flat networks can be created.
|
||||
* `openstack['openstack']['network']['ml2']['network_vlan_ranges']` - (ListOpt) List of <physical_network>[:<vlan_min>:<vlan_max>] tuples specifying physical_network names usable for VLAN provider and tenant networks
|
||||
* `openstack['openstack']['network']['ml2']['tunnel_id_ranges']` - (ListOpt) Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation
|
||||
* `openstack['openstack']['network']['ml2']['vni_ranges']` - (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation.
|
||||
* `openstack['openstack']['network']['ml2']['vxlan_group']` - (StrOpt) Multicast group for the VXLAN interface.
|
||||
|
||||
DHCP Agent Configuration
|
||||
------------------------
|
||||
* `openstack['openstack']['network']['dhcp']['dhcp_delete_namespaces']` - (StrOpt) If True, namespaces will be deleted when a dhcp server is disabled.
|
||||
* `openstack['openstack']['network']['dhcp']['dhcp_agents_per_network']` - (IntOpt) Set the number of dhcp agents for each network. (default 1)
|
||||
|
||||
L3 Agent Configuration
|
||||
----------------------
|
||||
* `openstack['openstack']['network']['l3']['router_delete_namespaces']` - (StrOpt) If True, namespaces will be deleted when a router is destroyed.
|
||||
* `openstack['openstack']['network']['l3']['ha']['l3_ha']` - (BoolOpt) If True, virtual router will be created as ha by default. (default False)
|
||||
* `openstack['openstack']['network']['l3']['ha']['max_l3_agents_per_router']` - (IntOpt) The maximum number of l3 agents for each ha router. (default 3)
|
||||
* `openstack['openstack']['network']['l3']['ha']['ha_vrrp_advert_int']` - (IntOpt) The advertisement interval in seconds. (default 2)
|
||||
* `openstack['openstack']['network']['l3']['router_distributed'] - Both true(bool) and 'true'(str) will set DVR(Distributed Virtual Router) configure enabled. Setting 'auto' will do a simple check then decide whether or not to enable DVR, default is enabled with OVS.
|
||||
* `openstack['openstack']['network']['l3']['router_delete_namespaces'] - (StrOpt) If True, namespaces will be deleted when a router is destroyed.
|
||||
|
||||
VPN Agent Configuration
|
||||
----------------------
|
||||
* `openstack['openstack']['network']['enable_vpn'] - (BoolOpt) Used to enable VPN agent, if true, namespaces must be enabled. (default false)
|
||||
* `openstack['openstack']['network']['vpn']['vpn_device_driver'] - (ListOpt) Comma-separated list of VPN device drivers which VPN agent will use
|
||||
* `openstack['openstack']['network']['vpn']['ipsec_status_check_interval'] - (IntOpt) Status check interval for ipsec VPN
|
||||
|
||||
LBaaS Agent Configuration
|
||||
----------------------
|
||||
* `openstack['openstack']['network']['lbaas']['custom_interface_driver']` - Custom plugin to support new interface drivers
|
||||
* `openstack['openstack']['network']['lbaas']['ovs_use_veth']` - (BoolOpt) Used to enable veth pairs for OVS based plugins
|
||||
|
||||
The following attributes are defined in attributes/default.rb of the common cookbook, but are documented here due to their relevance:
|
||||
|
||||
* `openstack['endpoints']['network-api-bind']['host']` - The IP address to bind the api service to
|
||||
* `openstack['endpoints']['network-api-bind']['port']` - The port to bind the api service to
|
||||
* `openstack['endpoints']['network-api-bind']['bind_interface']` - The interface name to bind the api service to
|
||||
|
||||
If the value of the 'bind_interface' attribute is non-nil, then the network service will be bound to the first IP address on that interface. If the value of the 'bind_interface' attribute is nil, then the network service will be bound to the IP address specified in the host attribute.
|
||||
|
||||
|
||||
Templates
|
||||
=========
|
||||
* `neutron.conf.erb` - Config file for OpenStack Network server
|
||||
* `ml2_conf.ini.erb` - Configuration of Network ML2 Plugins
|
||||
* `vpn_agent.ini.erb` - Config file for Network VPN agent
|
||||
|
||||
Testing
|
||||
Recipes
|
||||
=======
|
||||
|
||||
Please refer to the [TESTING.md](TESTING.md) for instructions for testing the cookbook.
|
||||
## openstack-network::client
|
||||
- Install the network client packages
|
||||
|
||||
Berkshelf
|
||||
=====
|
||||
## openstack-network::db_migration
|
||||
- Migrates the neutron database
|
||||
|
||||
Berks will resolve version requirements and dependencies on first run and
|
||||
store these in Berksfile.lock. If new cookbooks become available you can run
|
||||
`berks update` to update the references in Berksfile.lock. Berksfile.lock will
|
||||
be included in stable branches to provide a known good set of dependencies.
|
||||
Berksfile.lock will not be included in development branches to encourage
|
||||
development against the latest cookbooks.
|
||||
## openstack-network::default
|
||||
- Configures common pieces needed for all neutron services and create the
|
||||
neutron.conf
|
||||
|
||||
## openstack-network::dhcp_agent
|
||||
- Installs the DHCP agent
|
||||
|
||||
The configuration for neutron-dhcp-agent is generated from the attributes in
|
||||
using the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_dhcp']['conf']
|
||||
```
|
||||
|
||||
## openstack-network::fwaas
|
||||
**This is a 'work in progress' recipe and is currently not tested**
|
||||
- Installs the Firewall as a Service
|
||||
|
||||
## openstack-network::identity_registration
|
||||
- Registers the OpenStack Network API endpoint and service user with Keystone
|
||||
|
||||
## openstack-network::l3_agent
|
||||
- Installs the L3 agent
|
||||
|
||||
The configuration for neutron-l3-agent is generated from the attributes in using
|
||||
the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_l3']['conf']
|
||||
```
|
||||
|
||||
## openstack-network::lbaas
|
||||
- Installs the Loadbalancer as a Service
|
||||
|
||||
The configuration for neutron-lbaas-agent is generated from the attributes in
|
||||
using the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_lbaas']['conf']
|
||||
```
|
||||
|
||||
## openstack-network::metadata_agent
|
||||
- Installs the metadata agent
|
||||
|
||||
The configuration for neutron-metadata-agent is generated from the attributes in
|
||||
using the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_metadata']['conf']
|
||||
```
|
||||
|
||||
## openstack-network::metering_agent
|
||||
- Installs the metering agent
|
||||
|
||||
The configuration for neutron-metadata-agent is generated from the attributes in
|
||||
using the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_metering']['conf']
|
||||
```
|
||||
|
||||
## openstack-network::ml2_core_plugin
|
||||
- Configure the ml2_core_plugin
|
||||
|
||||
## openstack-network::ml2_linuxbridge
|
||||
- Configure the ml2 linuxbridge plugin
|
||||
|
||||
## openstack-network::ml2_openvswitch
|
||||
- Configure the ml2 openvswitch plugin
|
||||
|
||||
## openstack-network::openvswitch
|
||||
- Installs openvswitch
|
||||
|
||||
## openstack-network::openvswitch_agent
|
||||
- Installs the openvswitch agent
|
||||
|
||||
## openstack-network::plugin_config
|
||||
- Generates all the needed plugin configurations directly from the attributes
|
||||
in:
|
||||
|
||||
```
|
||||
node['openstack']['network']['plugins'][myplugin]
|
||||
```
|
||||
|
||||
The final configuration file is generated exactly like all OpenStack service
|
||||
configuration files (e.g. neutron.conf), but the attribute mentioned above
|
||||
allows you additionally to define the file name and patch with:
|
||||
|
||||
```
|
||||
# this will also generate the path recursively if not already existent
|
||||
node['openstack']['network']['plugins'][myplugin]['path']
|
||||
# this defines the filename for the plugin config (e.g. ml2_conf.ini)
|
||||
node['openstack']['network']['plugins'][myplugin]['filename']
|
||||
```
|
||||
In the examples above, the variable 'myplugin' can be used to generate multiple
|
||||
plugin configurations with different configs and filenames. Please refer to the
|
||||
recipe openstack-network::ml2_openvswitch for an full example on the usage of
|
||||
this attributes.
|
||||
|
||||
## openstack-network::server
|
||||
- Installs the openstack-network API server (currently aka neutron-server)
|
||||
|
||||
## openstack-network::vpnaas
|
||||
- Installs the VPN as a Service
|
||||
|
||||
The configuration for neutron-vpn-agent is generated from the attributes in
|
||||
using the same template as for the neutron.conf
|
||||
|
||||
```
|
||||
node['openstack']['network_vpnaas']['conf']
|
||||
```
|
||||
|
||||
License and Author
|
||||
==================
|
||||
|
@ -209,6 +182,7 @@ License and Author
|
|||
| | Mark Vanderwiel(<vanderwl@us.ibm.com>) |
|
||||
| | Eric Zhou(<zyouzhou@cn.ibm.com>) |
|
||||
| | Jan Klare (<j.klare@x-ion.de>) |
|
||||
| | Christoph Albers (<c.albers@x-ion.de>) |
|
||||
| | |
|
||||
| **Copyright** | Copyright (c) 2013, AT&T Services, Inc. |
|
||||
| | Copyright (c) 2013-2014, SUSE Linux GmbH |
|
||||
|
|
|
@ -6,13 +6,6 @@ license 'Apache 2.0'
|
|||
description 'Installs and configures the OpenStack Network API Service and various agents and plugins'
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version '13.0.0'
|
||||
recipe 'openstack-network::client', 'Install packages required for network client'
|
||||
recipe 'openstack-network::server', 'Installs packages required for a OpenStack Network server'
|
||||
recipe 'openstack-network::openvswitch', 'Installs packages required for OVS'
|
||||
recipe 'openstack-network::metadata_agent', 'Installs packages required for a OpenStack Network Metadata Agent'
|
||||
recipe 'openstack-network::identity_registration', 'Registers OpenStack Network endpoints and service user with Keystone'
|
||||
recipe 'openstack-network::vpn_agent', 'Installs packages required for Network VPN Agent'
|
||||
recipe 'openstack-network::hyperv', 'Installs packages required for OpenStack Network Hyperv drivers'
|
||||
|
||||
%w(ubuntu redhat centos).each do |os|
|
||||
supports os
|
||||
|
|
Loading…
Reference in New Issue