openstack/openstack-manuals
Code Issues Proposed changes

Edited Services sections of Admin Guide

Browse Source 
Edit wording; changed term/description lists to variable lists as per writing
conventions

backport: none
Partial-Bug: #1251195

Change-Id: I3b7f3fedafa79ab64f75260fcd3c5daa7cbb5e34
This commit is contained in:
Darren 2014-05-16 17:27:04 +10:00
parent 9b38a72f75
commit 3981735acd
10 changed files with 430 additions and 447 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
doc/common/section_getstart_block-storage.xml
View File

@ -2,39 +2,41 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="block-storage-service"> xml:id="block-storage-service">
<title>Block Storage</title> <title>OpenStack Block Storage</title>
<para>The Block Storage service enables management of volumes, <para>OpenStack Block Storage enables management of volumes,
volume snapshots, and volume types. It includes the following volume snapshots, and volume types. It consists of the following
components:</para> components:</para>
<itemizedlist> <variablelist>
<listitem> <varlistentry>
<para><systemitem class="service">cinder-api</systemitem>: <term><systemitem class="service">cinder-api</systemitem></term>
Accepts API requests and routes them to <systemitem <listitem><para>Accepts API requests and routes them to <systemitem
class="service">cinder-volume</systemitem> for class="service">cinder-volume</systemitem> for
action.</para> action.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para><systemitem class="service" <term><systemitem class="service">cinder-volume</systemitem></term>
>cinder-volume</systemitem>: Responds to requests to read <listitem><para>Responds to requests to read from and write to the
from and write to the Block Storage database to maintain OpenStack Block Storage database to maintain state, interacting with
state, interacting with other processes (like <systemitem other processes (like <systemitem
class="service">cinder-scheduler</systemitem>) through a class="service">cinder-scheduler</systemitem>) through a
message queue and directly upon block storage providing message queue and directly upon block storage providing
hardware or software. It can interact with a variety of hardware or software. It can interact with a variety of
storage providers through a driver architecture.</para> storage providers through a driver architecture.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><systemitem class="service" <varlistentry>
>cinder-scheduler</systemitem> daemon: Like the <term><systemitem class="service">cinder-scheduler</systemitem>
<systemitem class="service">nova-scheduler</systemitem>, daemon</term>
picks the optimal block storage provider node on which to <listitem> <para>Like the <systemitem
create the volume.</para> class="service">nova-scheduler</systemitem>, picks the optimal block
</listitem> storage provider node on which to create the volume.</para></listitem>
<listitem> </varlistentry>
<para>Messaging queue: Routes information between the Block <varlistentry>
Storage service processes.</para> <term>Messaging queue</term>
</listitem> <listitem><para>Routes information between the Block Storage
</itemizedlist> processes.</para></listitem>
<para>The Block Storage service interacts with Compute to </varlistentry>
provide volumes for instances.</para> </variablelist>
<para>OpenStack Block Storage interacts with OpenStack Compute
to provide volumes for instances.</para>
</section> </section>

287
doc/common/section_getstart_compute.xml
View File

@ -2,35 +2,34 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="compute-service"> xml:id="compute-service">
<title>Compute service</title> <title>OpenStack Compute</title>
<para>The Compute service is a cloud computing fabric controller, <para>OpenStack Compute is used to host and manage cloud computing systems and
which is the main part of an IaaS system. Use it to host and is a major part of an infrastructure-as-a-service (IaaS) system. The main
manage cloud computing systems. The main modules are implemented modules are implemented in Python.</para>
in Python.</para> <para>OpenStack Compute interacts with OpenStack Identity for
<para>Compute interacts with the Identity Service for authentication, OpenStack Image Service for images, and OpenStack dashboard
authentication, Image Service for images, and the Dashboard for for the user and administrative interface. Access to images is limited
the user and administrative interface. Access to images is limited by project and by user; quotas are limited per project (for example, the
by project and by user; quotas are limited per project (for number of instances). OpenStack Compute can scale horizontally on standard
example, the number of instances). The Compute service scales hardware, and download images to launch instances.</para>
horizontally on standard hardware, and downloads images to launch <para>OpenStack Compute consists of the following areas and their
instances as required.</para> components:</para>
<para>The Compute service is made up of the following functional <variablelist><title>API</title>
areas and their underlying components:</para> <varlistentry>
<itemizedlist> <term><systemitem class="service">nova-api service</systemitem></term>
<title>API</title> <listitem><para>Accepts and responds to end user compute API calls.
<listitem> Supports the OpenStack Compute API, the Amazon EC2 API, and a special
<para><systemitem class="service">nova-api</systemitem> service. Admin API for privileged users to perform administrative actions. It
Accepts and responds to end user compute API calls. Supports enforces some policies and initiates most orchestration activities,
the OpenStack Compute API, the Amazon EC2 API, and a special such as running an instance.</para>
Admin API for privileged users to perform administrative
actions. Also, initiates most orchestration activities, such
as running an instance, and enforces some policies.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><systemitem class="service">nova-api-metadata</systemitem> <varlistentry>
service. Accepts metadata requests from instances. The <term><systemitem class="service">nova-api-metadata</systemitem>
<systemitem class="service">nova-api-metadata</systemitem> service</term>
service is generally only used when you run in multi-host mode <listitem><para>Accepts metadata requests from instances. The
<systemitem class="service">nova-api-metadata</systemitem>
service is generally used when you run in multi-host mode
with <systemitem class="service">nova-network</systemitem> with <systemitem class="service">nova-network</systemitem>
installations. For details, see <link installations. For details, see <link
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/section_metadata-service.html" xlink:href="http://docs.openstack.org/admin-guide-cloud/content/section_metadata-service.html"
@ -38,33 +37,34 @@
Administrator Guide</citetitle>.</para> Administrator Guide</citetitle>.</para>
<para>On Debian systems, it is included in the <systemitem <para>On Debian systems, it is included in the <systemitem
class="service">nova-api</systemitem> package, and can be class="service">nova-api</systemitem> package, and can be
selected through <package>debconf</package>.</para> selected through <package>debconf</package>.</para></listitem>
</listitem> </varlistentry>
</itemizedlist> </variablelist>
<itemizedlist> <variablelist>
<title>Compute core</title> <title>Compute core</title>
<listitem> <varlistentry>
<para><systemitem class="service">nova-compute</systemitem> <term><systemitem class="service">nova-compute</systemitem>
process. A worker daemon that creates and terminates virtual process</term> <listitem><para>A worker daemon that creates and
machine instances through hypervisor APIs. For example, XenAPI terminates virtual machine instances through hypervisor APIs. For
for XenServer/XCP, libvirt for KVM or QEMU, VMwareAPI for example, XenAPI for XenServer/XCP, libvirt for KVM or QEMU and
VMware, and so on. The process by which it does so is fairly VMwareAPI for VMware. Processing is fairly complex but fundamentally it
complex but the basics are simple: Accept actions from the accepts actions from the queue and performs a series of system
queue and perform a series of system commands, like launching commands, like launching a KVM instance, whilst updating its state in
a KVM instance, to carry them out while updating state in the the database.</para></listitem>
database.</para> </varlistentry>
<varlistentry>
<term><systemitem class="service">nova-scheduler</systemitem>
process</term>
<listitem><para>Conceptually the simplest piece of code in OpenStack
Compute. It takes a virtual machine instance request from the queue and
determines on which compute server host it will run.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><systemitem class="service">nova-scheduler</systemitem> <varlistentry>
process. Conceptually the simplest piece of code in Compute. <term><systemitem class="service">nova-conductor</systemitem>
Takes a virtual machine instance request from the queue and module</term><listitem><para>Mediates interactions between <systemitem
determines on which compute server host it should run.</para>
</listitem>
<listitem>
<para><systemitem class="service">nova-conductor</systemitem>
module. Mediates interactions between <systemitem
class="service">nova-compute</systemitem> and the database. class="service">nova-compute</systemitem> and the database.
Aims to eliminate direct accesses to the cloud database made It eliminates direct accesses to the cloud database made
by <systemitem class="service">nova-compute</systemitem>. The by <systemitem class="service">nova-compute</systemitem>. The
<systemitem class="service">nova-conductor</systemitem> <systemitem class="service">nova-conductor</systemitem>
module scales horizontally. However, do not deploy it on any module scales horizontally. However, do not deploy it on any
@ -74,34 +74,33 @@
xlink:href="http://russellbryantnet.wordpress.com/2012/11/19/a-new-nova-service-nova-conductor/" xlink:href="http://russellbryantnet.wordpress.com/2012/11/19/a-new-nova-service-nova-conductor/"
>A new Nova service: nova-conductor</link>.</para> >A new Nova service: nova-conductor</link>.</para>
</listitem> </listitem>
</itemizedlist> </varlistentry>
<itemizedlist> </variablelist>
<title>Networking for VMs</title> <variablelist><title>Networking for VMs</title>
<listitem> <varlistentry><term><systemitem class="service">nova-network</systemitem>
<para><systemitem class="service">nova-network</systemitem> worker daemon</term>
worker daemon. Similar to <systemitem class="service" <listitem><para>Similar to <systemitem
>nova-compute</systemitem>, it accepts networking tasks from class="service">nova-compute</systemitem>, it accepts networking tasks from
the queue and performs tasks to manipulate the network, such the queue and performs tasks to manipulate the network, such
as setting up bridging interfaces or changing iptables rules. as setting up bridging interfaces or changing iptables rules.
This functionality is being migrated to OpenStack Networking, This functionality is being migrated to OpenStack Networking.</para>
which is a separate OpenStack service.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><systemitem class="service">nova-dhcpbridge</systemitem> <varlistentry>
script. Tracks IP address leases and records them in the <term><systemitem class="service">nova-dhcpbridge</systemitem>
database by using the dnsmasq <literal>dhcp-script</literal> script</term>
<listitem><para>The IP address leases and is recorded in the
database using the dnsmasq <literal>dhcp-script</literal>
facility. This functionality is being migrated to OpenStack facility. This functionality is being migrated to OpenStack
Networking. OpenStack Networking provides a different Networkin which provides a different script.</para></listitem>
script.</para> </varlistentry>
</listitem> </variablelist>
</itemizedlist>
<?hard-pagebreak?> <?hard-pagebreak?>
<itemizedlist> <variablelist><title>Console interface</title>
<title>Console interface</title> <varlistentry>
<listitem> <term><systemitem class="service">nova-consoleauth</systemitem>
<para><systemitem class="service">nova-consoleauth</systemitem> daemon</term><listitem><para>Authorizes tokens for users that console
daemon. Authorizes tokens for users that console proxies proxies provide. See <systemitem class="service"
provide. See <systemitem class="service"
>nova-novncproxy</systemitem> and <systemitem >nova-novncproxy</systemitem> and <systemitem
class="service">nova-xvpnvcproxy</systemitem>. This service class="service">nova-xvpnvcproxy</systemitem>. This service
must be running for console proxies to work. Many proxies of must be running for console proxies to work. Many proxies of
@ -109,25 +108,27 @@
class="service">nova-consoleauth</systemitem> service in a class="service">nova-consoleauth</systemitem> service in a
cluster configuration. For information, see <link cluster configuration. For information, see <link
xlink:href="http://docs.openstack.org/trunk/config-reference/content/about-nova-consoleauth.html" xlink:href="http://docs.openstack.org/trunk/config-reference/content/about-nova-consoleauth.html"
>About nova-consoleauth</link>.</para> >About nova-consoleauth</link>.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para><systemitem class="service">nova-novncproxy</systemitem> <term><systemitem class="service">nova-novncproxy</systemitem>
daemon. Provides a proxy for accessing running instances daemon</term>
through a VNC connection. Supports browser-based novnc <listitem><para>Provides a proxy for accessing running instances through
clients.</para> a VNC connection. Supports browser-based novnc
</listitem> clients.</para></listitem>
<listitem> </varlistentry>
<para><systemitem class="service">nova-xvpnvncproxy</systemitem> <varlistentry>
daemon. A proxy for accessing running instances through a VNC <term><systemitem class="service">nova-xvpnvncproxy</systemitem>
connection. Supports a Java client specifically designed for daemon</term>
OpenStack.</para> <listitem><para>A proxy for accessing running instances
</listitem> through a VNC connection. It supports a Java client specifically
<listitem> designed for OpenStack.</para></listitem>
<para><systemitem class="service">nova-cert</systemitem> daemon. </varlistentry>
Manages x509 certificates.</para> <varlistentry>
</listitem> <term><systemitem class="service">nova-cert</systemitem> daemon</term>
</itemizedlist> <listitem><para>x509 certificates.</para></listitem>
</varlistentry>
</variablelist>
<para os="debian">In Debian, a unique <para os="debian">In Debian, a unique
<package>nova-consoleproxy</package> package provides the <package>nova-consoleproxy</package> package provides the
<package>nova-novncproxy</package>, <package>nova-novncproxy</package>,
@ -136,63 +137,59 @@
packages, edit the packages, edit the
<filename>/etc/default/nova-consoleproxy</filename> file or use <filename>/etc/default/nova-consoleproxy</filename> file or use
the <package>debconf</package> interface. You can also manually the <package>debconf</package> interface. You can also manually
edit the <filename>/etc/default/nova-consoleproxy</filename> file edit the <filename>/etc/default/nova-consoleproxy</filename> file,
and stop and start the console daemons.</para> and stop and start the console daemons.</para>
<itemizedlist> <variablelist> <title>Image management (EC2 scenario)</title>
<title>Image management (EC2 scenario)</title> <varlistentry>
<listitem> <term><systemitem class="service">nova-objectstore</systemitem>
<para><systemitem class="service">nova-objectstore</systemitem> daemon</term> <listitem><para>A S3 interface for registering images
daemon. Provides an S3 interface for registering images with with the OpenStack Image Service. It is mainly used for installations
the Image Service. Mainly used for installations that must that must support euca2ools. The euca2ools tools talk to <systemitem
support euca2ools. The euca2ools tools talk to <systemitem
class="service">nova-objectstore</systemitem> in <emphasis class="service">nova-objectstore</systemitem> in <emphasis
role="italic">S3 language</emphasis>, and <systemitem role="italic">S3 language</emphasis>, and <systemitem
class="service">nova-objectstore</systemitem> translates S3 class="service">nova-objectstore</systemitem> translates S3
requests into Image Service requests.</para> requests into Image service requests.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para>euca2ools client. A set of command-line interpreter <term>euca2ools client</term>
commands for managing cloud resources. Though not an OpenStack <listitem><para>A set of command-line interpreter commands for managing
module, you can configure <systemitem class="service" cloud resources. Although it is not an OpenStack module, you can
>nova-api</systemitem> to support this EC2 interface. For configure <systemitem class="service">nova-api</systemitem> to support
more information, see the <link this EC2 interface. For more information, see the <link
xlink:href="https://www.eucalyptus.com/docs/eucalyptus/3.4/index.html" xlink:href="https://www.eucalyptus.com/docs/eucalyptus/3.4/index.html"
>Eucalyptus 3.4 Documentation</link>.</para> >Eucalyptus 3.4 Documentation</link>.</para></listitem>
</listitem> </varlistentry>
</itemizedlist> </variablelist>
<itemizedlist> <variablelist><title>Command-line clients and other interfaces</title>
<title>Command-line clients and other interfaces</title> <varlistentry><term>nova client</term>
<listitem> <listitem><para>Allows users to submit commands as a tenant administrator
<para>nova client. Enables users to submit commands as a tenant or end user.</para></listitem>
administrator or end user.</para> </varlistentry>
</listitem> <varlistentry>
<listitem> <term>nova-manage client</term>
<para>nova-manage client. Enables cloud administrators to submit <listitem><para>Enables cloud administrators to submit
commands.</para> commands.</para></listitem>
</listitem> </varlistentry>
</itemizedlist> </variablelist>
<itemizedlist> <variablelist><title>Other components</title>
<title>Other components</title> <varlistentry><term>The queue</term><listitem><para>A central hub for
<listitem> passing messages between daemons. It is usually implemented with <link
<para>The queue. A central hub for passing messages between
daemons. Usually implemented with <link
xlink:href="http://www.rabbitmq.com/">RabbitMQ</link>, but xlink:href="http://www.rabbitmq.com/">RabbitMQ</link>, but
could be any AMQP message queue, such as <link could be any AMQP message queue, such as <link
xlink:href="http://qpid.apache.org/">Apache Qpid</link> or xlink:href="http://qpid.apache.org/">Apache Qpid</link> or
<link xlink:href="http://www.zeromq.org/">Zero <link xlink:href="http://www.zeromq.org/">Zero
MQ</link>.</para> MQ</link>.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry><term>SQL database</term>
<para>SQL database. Stores most build-time and runtime states <listitem><para>Stores most build-time and runtime states for a cloud
for a cloud infrastructure. Includes instance types that are infrastructure. It includes instance types that are available for use,
available for use, instances in use, available networks, and instances in use, available networks, and projects. Theoretically,
projects. Theoretically, OpenStack Compute can support any OpenStack Compute can support any database that is supported by SQL-Alchemy.
database that SQL-Alchemy supports, but the only databases Note the databases which are widely used are SQLite3 databases (for test and
widely used are SQLite3 databases (only appropriate for test development work), MySQL, and PostgreSQL.</para></listitem>
and development work), MySQL, and PostgreSQL.</para> </varlistentry>
</listitem> </variablelist>
</itemizedlist> <para>OpenStack Compute interacts with OpenStack Identity for
<para>The Compute service interacts with other OpenStack services: authentication; OpenStack Image Service for images; and the OpenStack
Identity Service for authentication, Image Service for images, and dashboard for a web interface.</para>
the OpenStack dashboard for a web interface.</para>
</section> </section>

4
doc/common/section_getstart_dashboard.xml
View File

@ -2,8 +2,8 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="dashboard-service"> xml:id="dashboard-service">
<title>Dashboard</title> <title>OpenStack dashboard</title>
<para>The dashboard is a modular <link <para>The OpenStack dashboard is a modular <link
xlink:href="https://www.djangoproject.com/">Django web xlink:href="https://www.djangoproject.com/">Django web
application</link> that provides a graphical interface to application</link> that provides a graphical interface to
OpenStack services.</para> OpenStack services.</para>

69
doc/common/section_getstart_image.xml
View File

@ -2,43 +2,46 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="image-service-overview"> xml:id="image-service-overview">
<title>Image Service overview</title> <title>OpenStack Image Service</title>
<para>The Image Service includes the following <para>The OpenStack Image Service includes the following
components:</para> components:</para>
<itemizedlist> <variablelist>
<listitem> <varlistentry>
<para><systemitem class="service">glance-api</systemitem>. <term><systemitem class="service">glance-api</systemitem></term>
Accepts Image API calls for image discovery, retrieval, <listitem><para>Accepts Image API calls for image discovery,
and storage.</para> retrieval, and storage.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para><systemitem class="service" <term><systemitem class="service">glance-registry</systemitem></term>
>glance-registry</systemitem>. Stores, processes, and <listitem><para>Stores, processes, and retrieves metadata about
retrieves metadata about images. Metadata includes items such images. Metadata includes items such as size and type.</para>
as size and type.</para>
<note><title>Security note</title> <note><title>Security note</title>
<para>The registry is a private internal service meant only for use <para>The registry is a private internal service meant for use
by the Image Service itself. Do not expose it to users.</para></note> by OpenStack Image Service. Do not disclose it to
users.</para></note>
</listitem> </listitem>
<listitem> </varlistentry>
<para>Database. Stores image metadata. You can choose your <varlistentry>
database depending on your preference. Most deployments <term>Database</term>
use MySQL or SQlite.</para> <listitem><para>Stores image metadata and you can choose your database
</listitem> depending on your preference. Most deployments use MySQL or
<listitem> SQlite.</para></listitem>
<para>Storage repository for image files. The Image Service </varlistentry>
supports a variety of repositories including normal file systems, <varlistentry>
Object Storage, RADOS block devices, HTTP, and Amazon S3. Some <term>Storage repository for image files</term>
types of repositories support only read-only usage.</para> <listitem><para>Various repository types are supported including
</listitem> normal file systems, Object Storage, RADOS block devices, HTTP, and
</itemizedlist> Amazon S3. Note that some repositories will only support
<para>A number of periodic processes run on the Image Service to read-only usage.</para></listitem>
</varlistentry>
</variablelist>
<para>A number of periodic processes run on the OpenStack Image Service to
support caching. Replication services ensures consistency and support caching. Replication services ensures consistency and
availability through the cluster. Other periodic processes availability through the cluster. Other periodic processes
include auditors, updaters, and reapers.</para> include auditors, updaters, and reapers.</para>
<para>As shown in <xref linkend="conceptual-architecture"/>, the Image <para>The OpenStack Image Service is central to
Service is central to the overall IaaS picture. It accepts API infrastructure-as-a-service (IaaS) as shown in <xref
requests for images or image metadata from end users or linkend="conceptual-architecture"/>. It accepts API requests for images
Compute components and can store its disk files in the Object or image metadata from end users or OpenStack Compute components, and
Storage Service.</para> can store its disk files in OpenStack Object Storage.</para>
</section> </section>

63
doc/common/section_getstart_networking.xml
View File

@ -2,42 +2,39 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="networking-service-overview"> xml:id="networking-service-overview">
<title>Networking service overview</title> <title>OpenStack Networking</title>
<para>Provides network-connectivity-as-a-service between interface <para>OpenStack Networking allows you to create and
devices that are managed by other OpenStack services, usually attach interface devices managed by other OpenStack services to
Compute. Enables users to create and attach interfaces to networks. Plug-ins can be implemented to accomodate different
networks. Like many OpenStack services, OpenStack Networking is networking equipment and software, providing flexibility to OpenStack
highly configurable due to its plug-in architecture. These architecture and deployment.</para>
plug-ins accommodate different networking equipment and software. <para>It includes the following components:</para>
Consequently, the architecture and deployment vary <variablelist>
dramatically.</para> <varlistentry><term><systemitem
<para>Includes the following components:</para> class="service">neutron-server</systemitem></term>
<itemizedlist> <listitem><para>Accepts and routes API requests to the appropriate
<listitem> OpenStack Networking plug-in for action.</para></listitem>
<para><systemitem class="service">neutron-server</systemitem>. </varlistentry>
Accepts and routes API requests to the appropriate OpenStack <varlistentry>
Networking plug-in for action.</para> <term>OpenStack Networking plug-ins and agents</term>
</listitem> <listitem><para>Plugs and unplugs ports, creates networks or subnets,
<listitem> and provides IP addressing. These plug-ins and agents differ
<para>OpenStack Networking plug-ins and agents. Plugs and depending on the vendor and technologies used in the particular cloud.
unplugs ports, creates networks or subnets, and provides IP
addressing. These plug-ins and agents differ depending on the
vendor and technologies used in the particular cloud.
OpenStack Networking ships with plug-ins and agents for Cisco OpenStack Networking ships with plug-ins and agents for Cisco
virtual and physical switches, NEC OpenFlow products, Open virtual and physical switches, NEC OpenFlow products, Open
vSwitch, Linux bridging, Ryu Network Operating System, and vSwitch, Linux bridging, Ryu Network Operating System, and
the VMware NSX product.</para> the VMware NSX product.</para>
<para>The common agents are L3 (layer 3), DHCP (dynamic host IP <para>The common agents are L3 (layer 3), DHCP (dynamic host IP
addressing), and a plug-in agent.</para> addressing), and a plug-in agent.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para>Messaging queue. Most OpenStack Networking installations <term>Messaging queue</term>
make use of a messaging queue to route information between the <listitem><para>Used by most OpenStack Networking installations to route
neutron-server and various agents as well as a database to information between the neutron-server and various agents, as well as a
store networking state for particular plug-ins.</para> database to store networking state for particular
</listitem> plug-ins.</para></listitem>
</itemizedlist> </varlistentry>
<para>OpenStack Networking interacts mainly with OpenStack Compute, </variablelist>
where it provides networks and connectivity for its <para>OpenStack Networking mainly interacts with OpenStack Compute to
instances.</para> provide networks and connectivity for its instances.</para>
</section> </section>

86
doc/common/section_getstart_object-storage.xml
View File

@ -2,47 +2,49 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="object-storage-service"> xml:id="object-storage-service">
<title>Object Storage service</title> <title>OpenStack Object Storage</title>
<para>The Object Storage service is a highly scalable and durable <para>The OpenStack Object Storage is a multi-tenant object storage system.
multi-tenant object storage system for large amounts of It is highly scalable and can manage large amounts of unstructured data
unstructured data at low cost through a RESTful HTTP API.</para> at low cost through a RESTful HTTP API.</para>
<para>It includes the following components:</para> <para>It includes the following components:</para>
<itemizedlist> <variablelist>
<listitem> <varlistentry><term>Proxy servers (<systemitem
<para>Proxy servers (<systemitem class="service" class="service">swift-proxy-server</systemitem>)</term>
>swift-proxy-server</systemitem>). Accepts Object Storage <listitem><para>Accepts OpenStack Object Storage API and raw HTTP
API and raw HTTP requests to upload files, modify metadata, requests to upload files, modify metadata, and create containers. It
and create containers. It also serves file or container also serves file or container listings to web browsers. To improve
listings to web browsers. To improve performance, the proxy performance, the proxy server can use an optional cache usually
server can use an optional cache usually deployed with deployed with memcache.</para></listitem>
memcache.</para> </varlistentry>
</listitem> <varlistentry>
<listitem> <term>Account servers (<systemitem class="service"
<para>Account servers (<systemitem class="service" >swift-account-server</systemitem>)</term>
>swift-account-server</systemitem>). Manage accounts defined <listitem><para>Manages accounts defined with Object
with the Object Storage service.</para> Storage.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para>Container servers (<systemitem class="service" <term>Container servers (<systemitem class="service"
>swift-container-server</systemitem>). Manage a mapping of >swift-container-server</systemitem>)</term>
containers, or folders, within the Object Storage <listitem><para>Manages the mapping of containers or folders, within
service.</para> Object Storage.</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para>Object servers (<systemitem class="service" <term>Object servers (<systemitem class="service"
>swift-object-server</systemitem>). Manage actual objects, >swift-object-server</systemitem>)</term>
such as files, on the storage nodes.</para> <listitem><para>Manages actual objects,such as files, on the
</listitem> storage nodes.</para></listitem>
<listitem> </varlistentry>
<para>A number of periodic processes. Performs housekeeping <varlistentry>
tasks on the large data store. The replication services ensure <term>Various periodic processes</term>
consistency and availability through the cluster. Other <listitem><para>Performs housekeeping tasks on the large data store.
periodic processes include auditors, updaters, and The replication services ensure consistency and availability through
reapers.</para> the cluster. Other periodic processes include auditors, updaters, and
</listitem> reapers.</para></listitem>
<listitem> </varlistentry>
<para>Configurable WSGI middleware that handles authentication. <varlistentry>
Usually the Identity Service.</para> <term>WSGI middleware</term>
</listitem> <listitem><para>Handles authentication and is usually OpenStack
</itemizedlist> Identity.</para></listitem>
</varlistentry>
</variablelist>
</section> </section>

63
doc/common/section_getstart_orchestration.xml
View File

@ -2,42 +2,45 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="orchestration-service"> xml:id="orchestration-service">
<title>Orchestration service overview</title> <title>Orchestration module</title>
<para>The Orchestration service provides a template-based <para>The Orchestration module provides a template-based
orchestration for describing a cloud application by running orchestration for describing a cloud application, by running
OpenStack API calls to generate running cloud applications. The OpenStack API calls to generate running cloud applications. The
software integrates other core components of OpenStack into a software integrates other core components of OpenStack into a
one-file template system. The templates enable you to create most one-file template system. The templates allow you to create most
OpenStack resource types, such as instances, floating IPs, OpenStack resource types, such as instances, floating IPs,
volumes, security groups, users, and so on. Also, provides some volumes, security groups and users. It also provides advanced
more advanced functionality, such as instance high availability, functionality, such as instance high availability, instance auto-scaling,
instance auto-scaling, and nested stacks. By providing very tight and nested stacks. This enables OpenStack core projects to receive a larger
integration with other OpenStack core projects, all OpenStack core user base.</para>
projects could receive a larger user base.</para>
<para>The service enables deployers to integrate with the <para>The service enables deployers to integrate with the
Orchestration service directly or through custom plug-ins.</para> Orchestration module directly or through custom plug-ins.</para>
<para>The Orchestration service consists of the following <para>The Orchestration module consists of the following
components:</para> components:</para>
<itemizedlist> <variablelist>
<listitem> <varlistentry>
<para><code>heat</code> command-line client. A CLI that communicates with the <term><code>heat</code> command-line client</term>
heat-api to run AWS CloudFormation APIs. End developers could <listitem><para>A CLI that communicates with the heat-api to run AWS
also use the Orchestration REST API directly.</para> CloudFormation APIs. End developers can directly use the Orchestration
REST API.</para></listitem>
</varlistentry>
<varlistentry>
<term><code>heat-api</code> component</term><listitem><para>An
OpenStack-native REST API that processes API requests by sending them to
the heat-engine over Remote Procedure Call (RPC).</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><code>heat-api</code> component. Provides an <varlistentry>
OpenStack-native REST API that processes API requests by <term><code>heat-api-cfn</code> component</term> <listitem><para>An AWS
sending them to the heat-engine over RPC.</para> Query API that is compatible with AWS CloudFormation. It processes
</listitem>
<listitem>
<para><code>heat-api-cfn</code> component. Provides an AWS Query
API that is compatible with AWS CloudFormation and processes
API requests by sending them to the heat-engine over API requests by sending them to the heat-engine over
RPC.</para> RPC.</para></listitem>
</varlistentry>
<varlistentry>
<term><code>heat-engine</code></term>
<listitem><para>Orchestrates the launching of templates and provides
events back to the API consumer.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para><code>heat-engine</code>. Orchestrates the launching of </variablelist>
templates and provides events back to the API consumer.</para>
</listitem>
</itemizedlist>
</section> </section>

95
doc/common/section_getstart_telemetry.xml
View File

@ -2,8 +2,8 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="metering-service"> xml:id="metering-service">
<title>Telemetry</title> <title>Telemetry module</title>
<para>The Telemetry module:</para> <para>The Telemetry module performs the following functions:</para>
<para> <para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
@ -16,7 +16,7 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Configures the type of collected data to meet <para>Configures the type of collected data to meet
various operating requirements. Accessing and inserting the various operating requirements. It accesses and inserts the
metering data through the REST API.</para> metering data through the REST API.</para>
</listitem> </listitem>
<listitem> <listitem>
@ -29,55 +29,52 @@
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</para> </para>
<para>The system consists of the following basic <para>The Telemetry module consists of the following
components:</para> components:</para>
<itemizedlist> <variablelist>
<listitem> <varlistentry><term>A compute agent (<systemitem class="service"
<para>A compute agent (<systemitem class="service" >ceilometer-agent-compute</systemitem>)</term>
>ceilometer-agent-compute</systemitem>). Runs on each <listitem><para>Runs on each compute node and polls for resource
compute node and polls utilization statistics. There may be other types of agents in the
for resource utilization statistics. There may be other future, but for now our focus is creating the compute agent.</para>
types of agents in the future, but for now we will focus
on creating the compute agent.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para>A central agent (<systemitem class="service" <varlistentry><term>A central agent (<systemitem class="service"
>ceilometer-agent-central</systemitem>). Runs on a central >ceilometer-agent-central</systemitem>)</term>
management server <listitem><para>Runs on a central management server to poll for
to poll for resource utilization statistics for resources resource utilization statistics for resources not tied to instances
not tied to instances or compute nodes.</para> or compute nodes.</para></listitem>
</varlistentry>
<varlistentry><term>A collector (<systemitem class="service"
>ceilometer-collector</systemitem></term>
<listitem><para>Runs on central management server(s) to monitor the
message queues (for notifications and for metering data coming from
the agent). Notification messages are processed and turned into
metering messages, which are sent to the message bus using the
appropriate topic. Telemetry messages are written to the data store
without modification.</para>
</listitem> </listitem>
<listitem> </varlistentry>
<para>A collector (<systemitem class="service" <varlistentry><term>An alarm notifier (<systemitem class="service"
>ceilometer-collector</systemitem>). Runs on one or more >ceilometer-alarm-notifier</systemitem>)</term>
central management <listitem><para>Runs on one or more central management servers to
servers to monitor the message queues (for notifications allow alarms to be set based on the threshold evaluation for a
and for metering data coming from the agent). Notification collection of samples.</para></listitem>
messages are processed and turned into metering messages </varlistentry>
and sent back out onto the message bus using the <varlistentry>
appropriate topic. Telemetry messages are written to the <term>A data store</term>
data store without modification.</para> <listitem><para>A database capable of handling
</listitem>
<listitem>
<para>An alarm notifier (<systemitem class="service"
>ceilometer-alarm-notifier</systemitem>). Runs on one or more
central management servers to allow setting alarms based on
threshold evaluation for a collection of samples.
</para>
</listitem>
<listitem>
<para>A data store. A database capable of handling
concurrent writes (from one or more collector instances) concurrent writes (from one or more collector instances)
and reads (from the API server).</para> and reads (from the API server).</para></listitem>
</listitem> </varlistentry>
<listitem> <varlistentry>
<para>An API server (<systemitem class="service" <term>An API server (<systemitem
>ceilometer-api</systemitem>). Runs on one or more central class="service">ceilometer-api</systemitem>)</term>
management <listitem><para>Runs on one or more central management servers to
servers to provide access to the data from the data store.</para> provide data access from the data store.</para></listitem>
</listitem> </varlistentry>
</itemizedlist> </variablelist>
<para>These services communicate by using the standard OpenStack <para>These services communicate by using the OpenStack messaging bus.
messaging bus. Only the collector and API server have access Only the collector and API server have access
to the data store.</para> to the data store.</para>
</section> </section>

117
doc/common/section_keystone-concepts.xml
View File

@ -4,30 +4,27 @@
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="keystone-concepts"> xml:id="keystone-concepts">
<?dbhtml stop-chunking?> <?dbhtml stop-chunking?>
<title>Identity Service concepts</title> <title>OpenStack Identity concepts</title>
<para>The <glossterm>Identity Service</glossterm> performs the following <para>The OpenStack<glossterm>Identity Service</glossterm> performs the
functions:</para> following functions:</para>
<itemizedlist spacing="compact"> <itemizedlist spacing="compact">
<listitem> <listitem>
<para>User management. Tracks users and their <para>Tracking users and their permissions.</para>
permissions.</para>
</listitem> </listitem>
<listitem> <listitem>
<para><glossterm baseform="service catalog">Service <para>Providing a catalog of available services with their API
catalog</glossterm>. Provides a catalog of available endpoints.</para>
services with their API endpoints.</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
<para>To understand the Identity Service, you must understand the <para>To understand OpenStack Identity, you must understand the
following concepts:</para> following concepts:</para>
<variablelist wordsize="10"> <variablelist>
<varlistentry> <varlistentry>
<term><glossterm>User</glossterm> <term>User</term>
</term>
<listitem> <listitem>
<para>Digital representation of a person, system, or <para>Digital representation of a person, system, or
service who uses OpenStack cloud services. The service who uses OpenStack cloud services. The
Identity Service validates that incoming requests Identity service validates that incoming requests
are made by the user who claims to be making the are made by the user who claims to be making the
call. Users have a login and may be assigned call. Users have a login and may be assigned
tokens to access resources. Users can be directly tokens to access resources. Users can be directly
@ -36,50 +33,45 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Credentials</glossterm> <term>Credentials</term>
</term>
<listitem> <listitem>
<para>Data that is known only by a user that proves <para>Data that confirms the user's identity. For example, user
who they are. In the Identity Service, examples name and password; user name and API key; or an
are: User name and password, user name and API authentication token provided by the Identity
key, or an authentication token provided by the Service.</para>
Identity Service.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Authentication</glossterm></term> <term>Authentication</term>
<listitem> <listitem>
<para>The act of confirming the identity of a user. <para>The process of confirming the identity of a user.
The Identity Service confirms an incoming request OpenStack Identity confirms an incoming request
by validating a set of credentials supplied by the by validating a set of credentials supplied by the
user.</para> user.</para>
<para>These credentials are initially a user name and <para>These credentials are initially a user name and
password or a user name and API key. In response password; or a user name and API key. When user
to these credentials, the Identity Service issues credentials are validated, OpenStack Identity issues an
an authentication token to the user, which the authentication token which the user provides in subsequent
user provides in subsequent requests.</para> requests.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Token</glossterm></term> <term>Token</term>
<listitem> <listitem>
<para>An arbitrary bit of text that is used to access <para>An arbitrary bit of text that is used to access
resources. Each token has a scope which describes resources. Each token has information which defines
which resources are accessible with it. A token access to resources. A token may be revoked at any time
may be revoked at any time and is valid for a and is valid for a finite duration.</para>
finite duration.</para> <para>While OpenStack Identity supports token-based
<para>While the Identity Service supports token-based
authentication in this release, the intention is authentication in this release, the intention is
for it to support additional protocols in the to support additional protocols in the future. Its main
future. The intent is for it to be an integration purpose is to be an integration service, and not aspire to
service foremost, and not aspire to be a be a full-fledged identity store and management
full-fledged identity store and management
solution.</para> solution.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Tenant</glossterm> <term>Tenant</term>
</term>
<listitem> <listitem>
<para>A container used to group or isolate resources <para>A container used to group or isolate resources
and/or identity objects. Depending on the service and/or identity objects. Depending on the service
@ -88,47 +80,38 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Service</glossterm> <term>Service</term>
</term>
<listitem> <listitem>
<para>An OpenStack service, such as Compute (nova), <para>An OpenStack service, such as Compute (nova),
Object Storage (swift), or Image Service (glance). Object Storage (swift), or Image Service (glance). It
Provides one or more endpoints through which users provides one or more endpoints through which users can
can access resources and perform access resources and perform operations.</para>
operations.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Endpoint</glossterm> <term>Endpoint</term>
</term>
<listitem> <listitem>
<para>A network-accessible address, usually described <para>A network-accessible address where you access a service,
by a URL, from where you access a service. If using usually a URL address. If you are using an extension for
an extension for templates, you can create an templates, an endpoint template can be created, which
endpoint template, which represents the templates represents the templates of all the consumable services
of all the consumable services that are available that are available across the regions.</para>
across the regions.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><glossterm>Role</glossterm> <term>Role</term>
</term>
<listitem> <listitem>
<para>A personality that a user assumes that enables <para>A personality with a defined set of user rights and
them to perform a specific set of operations. A privileges to perform a specific set of operations.</para>
role includes a set of rights and privileges. A <para>In the Identity service, a token that is issued
user assuming that role inherits those rights and to a user includes the list of roles. Services that are
privileges.</para> being called by that user determine how they interpret the
<para>In the Identity Service, a token that is issued set of roles a user has and to which operations or
to a user includes the list of roles that user resources each role grants access.</para>
has. Services that are being called by that user
determine how they interpret the set of roles a
user has and to which operations or resources each
role grants access.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
<para>The following diagram shows the Identity Service process <para>The following diagram shows the OpenStack Identity process
flow:</para> flow:</para>
<mediaobject> <mediaobject>
<imageobject role="fo"> <imageobject role="fo">

29
doc/common/section_storage-concepts.xml
View File

@ -41,7 +41,7 @@
<tr> <tr>
<td>Implemented as a filesystem underlying OpenStack <td>Implemented as a filesystem underlying OpenStack
Compute</td> Compute</td>
<td>Mounted via OpenStack Block-Storage controlled protocol <td>Mounted via OpenStack Block Storage controlled protocol
(for example, iSCSI)</td> (for example, iSCSI)</td>
<td>REST API</td> <td>REST API</td>
</tr> </tr>
@ -58,27 +58,26 @@
</tr> </tr>
</tbody> </tbody>
</table> </table>
<?hard-pagebreak?>
<para>Other points of note include: <itemizedlist> <para>You should note that:<itemizedlist>
<listitem> <listitem>
<para><emphasis>OpenStack Object Storage is not used like a <para><emphasis>You cannot use OpenStack Object Storage like a
traditional hard drive.</emphasis> Object storage is all traditional hard drive.</emphasis> The Object Storage relaxes some
about relaxing some of the constraints of a POSIX-style file of the constraints of a POSIX-style file system to get other gains.
system. The access to it is API-based (and the API uses You can access the objects through an API which uses HTTP.
http). This is a good idea as if you don't have to provide Subsequently you don't have to provide atomic operations (that is,
atomic operations (that is, you can rely on eventual relying on eventual consistency), you can scale a storage system
consistency), you can much more easily scale a storage easily and avoid a central point of failure.</para>
system and avoid a central point of failure.</para>
</listitem> </listitem>
<listitem> <listitem>
<para><emphasis>The OpenStack Image Service is used to manage <para><emphasis>The OpenStack Image Service is used to manage
the virtual machine images in an OpenStack cluster, not the virtual machine images in an OpenStack cluster, not
store them.</emphasis> Instead, it provides an store them.</emphasis> It provides an abstraction to different
abstraction to different methods for storage - a bridge to methods for storage - a bridge to the storage, not the storage
the storage, not the storage itself.</para> itself.</para>
</listitem> </listitem>
<listitem> <listitem>
<para><emphasis>OpenStack Object Storage can function on its <para><emphasis>The OpenStack Object Storage can function on its
own.</emphasis> The Object Storage (swift) product can be own.</emphasis> The Object Storage (swift) product can be
used independently of the Compute (nova) product.</para> used independently of the Compute (nova) product.</para>
</listitem> </listitem>