From e9fd4001938b6484c84ff4a53d8c8e5e5ca396ca Mon Sep 17 00:00:00 2001 From: Joseph Robinson Date: Wed, 12 Nov 2014 12:13:31 +1000 Subject: [PATCH] Reducing install guide build warnings Limiting the number of words per line in the install guide and common content to reduce install guide build warnings concerning overflow from about 22 to 16 Change-Id: Iac4c5d429e2e35148e98885c180990f90cf9ca15 backport: juno Closes-bug: #1273143 --- doc/common/ch_getstart.xml | 8 +- doc/common/section_conventions.xml | 16 +- doc/common/section_dochistory.xml | 6 +- doc/install-guide/section_basics-security.xml | 229 +++++++++--------- .../section_neutron-network-node.xml | 36 +-- .../section_nova-controller-install.xml | 35 +-- 6 files changed, 173 insertions(+), 157 deletions(-) diff --git a/doc/common/ch_getstart.xml b/doc/common/ch_getstart.xml index 62a206e845..fe03fc297a 100644 --- a/doc/common/ch_getstart.xml +++ b/doc/common/ch_getstart.xml @@ -42,10 +42,10 @@ xlink:href="http://docs.openstack.org/developer/horizon/" >Horizon - Provides a web-based self-service portal to interact - with underlying OpenStack services, such as launching - an instance, assigning IP addresses and configuring - access controls. + Provides a web-based self-service portal + to interact with underlying OpenStack services, + such as launching an instance, assigning IP + addresses and configuring access controls. Something you must be aware of before proceeding. - Critical information about the risk of data loss or security issues. + Critical information about the risk of data loss or security + issues. @@ -23,16 +24,19 @@ $ prompt - Any user, including the root user, can run commands that are - prefixed with the $ prompt. + Any user, including the root user, + can run commands that are + prefixed with the $ prompt. # prompt - The root user must run commands that are prefixed with the - # prompt. You can also prefix these commands with the - sudo command, if available, to run them. + The root user must run commands + that are prefixed with the # prompt. + You can also prefix these commands with the + sudo command, if available, + to run them. diff --git a/doc/common/section_dochistory.xml b/doc/common/section_dochistory.xml index 8ece01738e..23939c5ba2 100644 --- a/doc/common/section_dochistory.xml +++ b/doc/common/section_dochistory.xml @@ -6,8 +6,10 @@ xml:id="doc_change_history"> Document change history - This version of the guide replaces and obsoletes all earlier versions. - The following table describes the most recent changes: + This version of the guide replaces and obsoletes all + earlier versions. + The following table describes the most recent + changes: diff --git a/doc/install-guide/section_basics-security.xml b/doc/install-guide/section_basics-security.xml index 766e7fed09..ae70b37dcf 100644 --- a/doc/install-guide/section_basics-security.xml +++ b/doc/install-guide/section_basics-security.xml @@ -6,125 +6,128 @@ xml:id="basics-security"> Security - OpenStack services support various security methods including - password, policy, and encryption. Additionally, supporting services - including the database server and message broker support at least - password security. - To ease the installation process, this guide only covers password - security where applicable. You can create secure passwords manually, - generate them using a tool such as - pwgen, or - by running the following command: + OpenStack services support various security methods + including password, policy, and encryption. Additionally, + supporting services including the database server and + message broker support at least password security. + To ease the installation process, this guide only + covers password security where applicable. You can create + secure passwords manually, generate them using a tool such as + pwgen, + or by running the following command: $ openssl rand -hex 10 For OpenStack services, this guide uses - SERVICE_PASS to reference service account - passwords and SERVICE_DBPASS to reference + SERVICE_PASS to reference + service account passwords and + SERVICE_DBPASS to reference database passwords. The following table provides a list of services that require passwords and their associated references in the guide: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Passwords
Password nameDescription
Database password (no variable used)Root password for the database
RABBIT_PASSPassword of user guest of RabbitMQ
KEYSTONE_DBPASSDatabase password of Identity service
DEMO_PASSPassword of user demo
ADMIN_PASSPassword of user admin
GLANCE_DBPASSDatabase password for Image Service
GLANCE_PASSPassword of Image Service user glance
NOVA_DBPASSDatabase password for Compute service
NOVA_PASSPassword of Compute service user nova
DASH_DBPASSDatabase password for the dashboard
CINDER_DBPASSDatabase password for the Block Storage service
CINDER_PASSPassword of Block Storage service user cinder
NEUTRON_DBPASSDatabase password for the Networking service
NEUTRON_PASSPassword of Networking service user neutron
HEAT_DBPASSDatabase password for the Orchestration service
HEAT_PASSPassword of Orchestration service user heat
CEILOMETER_DBPASSDatabase password for the Telemetry service
CEILOMETER_PASSPassword of Telemetry service user ceilometer
TROVE_DBPASSDatabase password of Database service
TROVE_PASSPassword of Database Service user trove
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Passwords
Password nameDescription
Database password (no variable used)Root password for the database
RABBIT_PASSPassword of user guest of RabbitMQ
KEYSTONE_DBPASSDatabase password of Identity service
DEMO_PASSPassword of user demo
ADMIN_PASSPassword of user admin
GLANCE_DBPASSDatabase password for Image Service
GLANCE_PASSPassword of Image Service user glance
NOVA_DBPASSDatabase password for Compute service
NOVA_PASSPassword of Compute service user nova
DASH_DBPASSDatabase password for the dashboard
CINDER_DBPASSDatabase password for the Block Storage service
CINDER_PASSPassword of Block Storage service user cinder
NEUTRON_DBPASSDatabase password for the Networking service
NEUTRON_PASSPassword of Networking service user neutron
HEAT_DBPASSDatabase password for the Orchestration service
HEAT_PASSPassword of Orchestration service user heat
CEILOMETER_DBPASSDatabase password for the Telemetry service
CEILOMETER_PASSPassword of Telemetry service user ceilometer
TROVE_DBPASSDatabase password of Database service
TROVE_PASSPassword of Database Service user trove
 - OpenStack and supporting services require administrative privileges - during installation and operation. In some cases, services perform - modifications to the host that can interfere with deployment automation - tools such as Ansible, Chef, and Puppet. For example, some OpenStack - services add a root wrapper to sudo that can interfere - with security policies. See the + OpenStack and supporting services require administrative + privileges during installation and operation. In some cases, + services perform modifications to the host that can interfere + with deployment automation tools such as Ansible, Chef, and + Puppet. For example, some OpenStack services add a root + wrapper to sudo that can interfere with + security policies. See the Cloud Administrator Guide - for more information. Also, the Networking service assumes default values - for kernel network parameters and modifies firewall rules. To avoid most - issues during your initial installation, we recommend using a stock - deployment of a supported distribution on your hosts. However, if you - choose to automate deployment of your hosts, review the configuration + for more information. Also, the Networking service assumes + default values for kernel network parameters and modifies + firewall rules. To avoid most issues during your initial + installation, we recommend using a stock deployment of a + supported distribution on your hosts. However, if you choose + to automate deployment of your hosts, review the configuration and policies applied to them before proceeding further. diff --git a/doc/install-guide/section_neutron-network-node.xml b/doc/install-guide/section_neutron-network-node.xml index 8594a391d2..e2be80e1d7 100644 --- a/doc/install-guide/section_neutron-network-node.xml +++ b/doc/install-guide/section_neutron-network-node.xml @@ -126,9 +126,9 @@ admin_password = NEUTRON_PASS - In the [DEFAULT] section, enable the - Modular Layer 2 (ML2) plug-in, router service, and overlapping - IP addresses: + In the [DEFAULT] section, + enable the Modular Layer 2 (ML2) plug-in, + router service, and overlapping IP addresses: [DEFAULT] ... core_plugin = ml2 @@ -170,24 +170,25 @@ tenant_network_types = gre mechanism_drivers = openvswitch - In the [ml2_type_flat] section, configure - the external network: + In the [ml2_type_flat] section, + configure the external network: [ml2_type_flat] ... flat_networks = external - In the [ml2_type_gre] section, configure - the tunnel identifier (id) range: + In the [ml2_type_gre] section, + configure the tunnel identifier (id) range: [ml2_type_gre] ... tunnel_id_ranges = 1:1000 - In the [securitygroup] section, enable - security groups, enable ipset, and - configure the OVS iptables firewall - driver: + In the [securitygroup] + section, enable security groups, enable + ipset, and configure + the OVS iptables firewall + driver: [securitygroup] ... enable_security_group = True @@ -205,8 +206,8 @@ enable_tunneling = True bridge_mappings = external:br-ex Replace INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS - with the IP address of the instance tunnels network interface - on your network node. + with the IP address of the instance + tunnels network interface on your network node. @@ -216,8 +217,8 @@ bridge_mappings = external:br-ex The Layer-3 (L3) agent provides routing services for virtual networks. - Edit the /etc/neutron/l3_agent.ini file - and complete the following actions: + Edit the /etc/neutron/l3_agent.ini + file and complete the following actions: In the [DEFAULT] section, configure @@ -247,8 +248,9 @@ verbose = True The DHCP agent provides DHCP services for virtual networks. - Edit the /etc/neutron/dhcp_agent.ini file - and complete the following actions: + Edit the + /etc/neutron/dhcp_agent.ini file + and complete the following actions: In the [DEFAULT] section, configure diff --git a/doc/install-guide/section_nova-controller-install.xml b/doc/install-guide/section_nova-controller-install.xml index 8162906ad8..11bfd471fd 100644 --- a/doc/install-guide/section_nova-controller-install.xml +++ b/doc/install-guide/section_nova-controller-install.xml @@ -5,18 +5,20 @@ version="5.0" xml:id="nova-controller-install"> Install and configure controller node - This section describes how to install and configure the Compute - service, code-named nova, on the controller node. + This section describes how to install and configure the + Compute service, code-named nova, on the controller node. To configure prerequisites - Before you install and configure Compute, you must create a database - and Identity service credentials including endpoints. + Before you install and configure Compute, you must + create a database and Identity service credentials + including endpoints. To create the database, complete these steps: - Use the database access client to connect to the database - server as the root user: + Use the database access client to connect to + the database server as the + root user: $ mysql -u root -p @@ -30,8 +32,9 @@ IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \ IDENTIFIED BY 'NOVA_DBPASS'; - Replace NOVA_DBPASS with a suitable - password. + Replace + NOVA_DBPASS with a suitable + password. Exit the database access client. @@ -49,7 +52,7 @@ Create the nova user: - $ keystone user-create --name nova --pass NOVA_PASS +$ keystone user-create --name nova --pass NOVA_PASS +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ @@ -58,22 +61,23 @@ | id | 387dd4f7e46d4f72965ee99c76ae748c | | name | nova | | username | nova | -+----------+----------------------------------+ - Replace NOVA_PASS with a suitable - password. ++----------+----------------------------------+ + + Replace NOVA_PASS with + a suitable password. Link the nova user to the service tenant and admin role: - $ keystone user-role-add --user nova --tenant service --role admin +$ keystone user-role-add --user nova --tenant service --role admin This command provides no output. Create the nova service: - $ keystone service-create --name nova --type compute \ +$ keystone service-create --name nova --type compute \ --description "OpenStack Compute" +-------------+----------------------------------+ | Property | Value | @@ -83,7 +87,8 @@ | id | 6c7854f52ce84db795557ebc0373f6b9 | | name | nova | | type | compute | -+-------------+----------------------------------+ ++-------------+----------------------------------+ +