openstack-manuals/doc/install-guide/basic-install_controller-neutron.xml

<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook"
    xmlns:xi="http://www.w3.org/2001/XInclude"
    xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
    xml:id="basic-install_controller-neutron">
    <title>OpenStack Networking Service (Cloud Controller)</title>
    <para>The OpenStack Networking service provides a comprehensive
        and extensible networking service to the cloud. Some features
        include, but are not limited to, the ability for instances to
        reach an external network outside of the cloud as well as the
        ability for each user of the cloud to create multiple internal
        subnets of their own. <orderedlist>
            <listitem>
                <para>Install the OpenStack Networking server: <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install neutron-server</userinput></screen>
                    <screen os="centos;rhel;fedora"><prompt>#</prompt> <userinput>yum install openstack-neutron openstack-neutron-openvswitch</userinput></screen>
                    <screen os="opensuse"><prompt>#</prompt> <userinput>zypper install openstack-neutron</userinput></screen>
                </para>
            </listitem>
            <listitem>
                <para>Configure the OpenStack Networking
                    service:</para>
                <itemizedlist>
                    <listitem>
                        <para>Edit
                                <filename>/etc/neutron/neutron.conf</filename>: <programlisting os="ubuntu;debian" language="ini">[DEFAULT]
verbose = True
rabbit_password = password
[keystone_authtoken]
admin_tenant_name = service
admin_user = neutron
admin_password = password</programlisting>
                            <programlisting os="centos;rhel;fedora" language="ini">[DEFAULT]
core_plugin = \
    neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
auth_strategy = keystone
fake_rabbit = False
rpc_backend=neutron.openstack.common.rpc.impl_qpid
qpid_username = guest
qpid_password = guest</programlisting>
                            <programlisting os="opensuse" language="ini">[DEFAULT]
verbose = True
rabbit_password = password
core_plugin = \
    neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
[keystone_authtoken]
admin_tenant_name = service
admin_user = neuron
admin_password = password</programlisting>
                        </para>
                    </listitem>
                    <listitem>
                        <para>Edit
                                <filename>/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini</filename>: <programlisting language="ini">[database]
connection = mysql://neutron:password@localhost/neutron
[ovs]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
local_ip = 10.10.10.10
[securitygroup]
firewall_driver = \
  neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting>
                            <programlisting os="centos;rhel;fedora" language="ini">[database]
connection = mysql://neutron:password@localhost/neutron
[ovs]
enable_tunneling = False
[securitygroup]
firewall_driver = \
   neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</programlisting></para>
                        <note>
                            <para os="ubuntu;debian;opensuse">It's
                                more handy to choose <emphasis
                                   role="bold">tunnel mode</emphasis>
                                since you don't have to configure your
                                physical switches for VLANs.</para>
                            <para os="centos;rhel;fedora">The Fedora
                                kernel module for OpenVSwitch has been
                                compiled without support for tunnels.
                                To use gre tunnels, the module must be
                                recompiled.</para>
                        </note>
                    </listitem>
                    <listitem os="centos;rhel;fedora">
                        <para>Edit
                                <filename>/etc/neutron/api-paste.ini</filename>:
                            <programlisting language="ini">[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = password</programlisting></para>
                    </listitem>
                </itemizedlist>
            </listitem>
            <listitem>
                <para>Enable the OVS plugin:
                    <screen><prompt>#</prompt> <userinput>ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini \
   /etc/neutron/plugin.ini</userinput></screen>
                </para>
            </listitem>
            <listitem os="centos;rhel;fedora">
                <para>Set SELinux to permissive mode:
                    <screen os="ubuntu"><prompt>#</prompt> <userinput>setenforce 0</userinput>
<prompt>#</prompt> <userinput>sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux</userinput></screen>
                </para>
            </listitem>
            <listitem>
                <para>Start the services: <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>service neutron-server restart</userinput></screen>
                    <screen os="centos;rhel;fedora"><prompt>#</prompt> <userinput>service neutron-server restart</userinput>
<prompt>#</prompt> <userinput>chkconfig neutron-server on</userinput></screen>
                    <screen os="opensuse"><prompt>#</prompt> <userinput>systemctl restart openstack-neutron.service</userinput>
<prompt>#</prompt> <userinput>systemctl enable openstack-neutron.service</userinput></screen>
                </para>
            </listitem>
        </orderedlist>
    </para>
</section>