be0279df94
Change-Id: I112b0754ef3de09420a9e06d01868ac683906b73
9446 lines
574 KiB
Plaintext
9446 lines
574 KiB
Plaintext
msgid ""
|
||
msgstr ""
|
||
"Project-Id-Version: PACKAGE VERSION\n"
|
||
"POT-Creation-Date: 2014-07-17 06:09+0000\n"
|
||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||
"MIME-Version: 1.0\n"
|
||
"Content-Type: text/plain; charset=UTF-8\n"
|
||
"Content-Transfer-Encoding: 8bit\n"
|
||
|
||
#. ... Based on a blog, should be replaced with original material...
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:8(title)
|
||
msgid "Object Storage monitoring"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:10(para)
|
||
msgid "Excerpted from a blog post by <link href=\"http://swiftstack.com/blog/2012/04/11/swift-monitoring-with-statsd\">Darrell Bishop</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:13(para)
|
||
msgid "An OpenStack Object Storage cluster is a collection of many daemons that work together across many nodes. With so many different components, you must be able to tell what is going on inside the cluster. Tracking server-level metrics like CPU utilization, load, memory consumption, disk usage and utilization, and so on is necessary, but not sufficient."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:20(para)
|
||
msgid "What are different daemons are doing on each server? What is the volume of object replication on node8? How long is it taking? Are there errors? If so, when did they happen?"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:23(para)
|
||
msgid "In such a complex ecosystem, you can use multiple approaches to get the answers to these questions. This section describes several approaches."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:27(title)
|
||
msgid "Swift Recon"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:28(para)
|
||
msgid "The Swift Recon middleware (see <link href=\"http://swift.openstack.org/admin_guide.html#cluster-telemetry-and-monitoring\">http://swift.openstack.org/admin_guide.html#cluster-telemetry-and-monitoring</link>) provides general machine statistics, such as load average, socket statistics, <code>/proc/meminfo</code> contents, and so on, as well as Swift-specific metrics:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:36(para)
|
||
msgid "The MD5 sum of each ring file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:39(para)
|
||
msgid "The most recent object replication time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:42(para)
|
||
msgid "Count of each type of quarantined file: Account, container, or object."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:46(para)
|
||
msgid "Count of “async_pendings” (deferred container updates) on disk."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:50(para)
|
||
msgid "Swift Recon is middleware that is installed in the object servers pipeline and takes one required option: A local cache directory. To track <literal>async_pendings</literal>, you must set up an additional cron job for each object server. You access data by either sending HTTP requests directly to the object server or using the <placeholder-1/> command-line client."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:58(para)
|
||
msgid "There are some good Object Storage cluster statistics but the general server metrics overlap with existing server monitoring systems. To get the Swift-specific metrics into a monitoring system, they must be polled. Swift Recon essentially acts as a middleware metrics collector. The process that feeds metrics to your statistics system, such as <literal>collectd</literal> and <literal>gmond</literal>, probably already runs on the storage node. So, you can choose to either talk to Swift Recon or collect the metrics directly."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:70(title)
|
||
msgid "Swift-Informant"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:71(para)
|
||
msgid "Florian Hines developed the Swift-Informant middleware (see <link href=\"http://pandemicsyn.posterous.com/swift-informant-statsd-getting-realtime-telem\">http://pandemicsyn.posterous.com/swift-informant-statsd-getting-realtime-telem</link>) to get real-time visibility into Object Storage client requests. It sits in the pipeline for the proxy server, and after each request to the proxy server, sends three metrics to a StatsD server (see <link href=\"http://codeascraft.etsy.com/2011/02/15/measure-anything-measure-everything/\">http://codeascraft.etsy.com/2011/02/15/measure-anything-measure-everything/</link>):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:83(para)
|
||
msgid "A counter increment for a metric like <code>obj.GET.200</code> or <code>cont.PUT.404</code>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:88(para)
|
||
msgid "Timing data for a metric like <code>acct.GET.200</code> or <code>obj.GET.200</code>. [The README says the metrics look like <code>duration.acct.GET.200</code>, but I do not see the <literal>duration</literal> in the code. I am not sure what the Etsy server does but our StatsD server turns timing metrics into five derivative metrics with new segments appended, so it probably works as coded. The first metric turns into <code>acct.GET.200.lower</code>, <code>acct.GET.200.upper</code>, <code>acct.GET.200.mean</code>, <code>acct.GET.200.upper_90</code>, and <code>acct.GET.200.count</code>]."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:105(para)
|
||
msgid "A counter increase by the bytes transferred for a metric like <code>tfer.obj.PUT.201</code>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:110(para)
|
||
msgid "This is good for getting a feel for the quality of service clients are experiencing with the timing metrics, as well as getting a feel for the volume of the various permutations of request server type, command, and response code. Swift-Informant also requires no change to core Object Storage code because it is implemented as middleware. However, it gives you no insight into the workings of the cluster past the proxy server. If the responsiveness of one storage node degrades, you can only see that some of your requests are bad, either as high latency or error status codes. You do not know exactly why or where that request tried to go. Maybe the container server in question was on a good node but the object server was on a different, poorly-performing node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:126(title)
|
||
msgid "Statsdlog"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:127(para)
|
||
msgid "Florian’s <link href=\"https://github.com/pandemicsyn/statsdlog\">Statsdlog</link> project increments StatsD counters based on logged events. Like Swift-Informant, it is also non-intrusive, but statsdlog can track events from all Object Storage daemons, not just proxy-server. The daemon listens to a UDP stream of syslog messages and StatsD counters are incremented when a log line matches a regular expression. Metric names are mapped to regex match patterns in a JSON file, allowing flexible configuration of what metrics are extracted from the log stream."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:138(para)
|
||
msgid "Currently, only the first matching regex triggers a StatsD counter increment, and the counter is always incremented by one. There is no way to increment a counter by more than one or send timing data to StatsD based on the log line content. The tool could be extended to handle more metrics for each line and data extraction, including timing data. But a coupling would still exist between the log textual format and the log parsing regexes, which would themselves be more complex to support multiple matches for each line and data extraction. Also, log processing introduces a delay between the triggering event and sending the data to StatsD. It would be preferable to increment error counters where they occur and send timing data as soon as it is known to avoid coupling between a log string and a parsing regex and prevent a time delay between events and sending data to StatsD."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:154(para)
|
||
msgid "The next section describes another method for gathering Object Storage operational metrics."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:158(title)
|
||
msgid "Swift StatsD logging"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:159(para)
|
||
msgid "StatsD (see <link href=\"http://codeascraft.etsy.com/2011/02/15/measure-anything-measure-everything/\">http://codeascraft.etsy.com/2011/02/15/measure-anything-measure-everything/</link>) was designed for application code to be deeply instrumented; metrics are sent in real-time by the code that just noticed or did something. The overhead of sending a metric is extremely low: a <code>sendto</code> of one UDP packet. If that overhead is still too high, the StatsD client library can send only a random portion of samples and StatsD approximates the actual number when flushing metrics upstream."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:170(para)
|
||
msgid "To avoid the problems inherent with middleware-based monitoring and after-the-fact log processing, the sending of StatsD metrics is integrated into Object Storage itself. The submitted change set (see <link href=\"https://review.openstack.org/#change,6058\">https://review.openstack.org/#change,6058</link>) currently reports 124 metrics across 15 Object Storage daemons and the tempauth middleware. Details of the metrics tracked are in the <link href=\"http://docs.openstack.org/developer/swift/admin_guide.html\">Administrator's Guide</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:181(para)
|
||
msgid "The sending of metrics is integrated with the logging framework. To enable, configure <code>log_statsd_host</code> in the relevant config file. You can also specify the port and a default sample rate. The specified default sample rate is used unless a specific call to a statsd logging method (see the list below) overrides it. Currently, no logging calls override the sample rate, but it is conceivable that some metrics may require accuracy (sample_rate == 1) while others may not."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:196(para)
|
||
msgid "Then the LogAdapter object returned by <code>get_logger()</code>, usually stored in <code>self.logger</code>, has these new methods:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:202(para)
|
||
msgid "<code>set_statsd_prefix(self, prefix)</code> Sets the client library stat prefix value which gets prefixed to every metric. The default prefix is the “name” of the logger such as “object-server”, “container-auditor”, and so on. This is currently used to turn “proxy-server” into one of “proxy-server.Account”, “proxy-server.Container”, or “proxy-server.Object” as soon as the Controller object is determined and instantiated for the request."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:213(para)
|
||
msgid "<code>update_stats(self, metric, amount, sample_rate=1)</code> Increments the supplied metric by the given amount. This is used when you need to add or subtract more that one from a counter, like incrementing “suffix.hashes” by the number of computed hashes in the object replicator."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:222(para)
|
||
msgid "<code>increment(self, metric, sample_rate=1)</code> Increments the given counter metric by one."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:227(para)
|
||
msgid "<code>decrement(self, metric, sample_rate=1)</code> Lowers the given counter metric by one."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:232(para)
|
||
msgid "<code>timing(self, metric, timing_ms, sample_rate=1)</code> Record that the given metric took the supplied number of milliseconds."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:238(para)
|
||
msgid "<code>timing_since(self, metric, orig_time, sample_rate=1)</code> Convenience method to record a timing metric whose value is “now” minus an existing timestamp."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:244(para)
|
||
msgid "Note that these logging methods may safely be called anywhere you have a logger object. If StatsD logging has not been configured, the methods are no-ops. This avoids messy conditional logic each place a metric is recorded. These example usages show the new logging methods:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-monitoring.xml:287(para)
|
||
msgid "The development team of StatsD wanted to use the <link href=\"https://github.com/sivy/py-statsd\">pystatsd</link> client library (not to be confused with a <link href=\"https://github.com/sivy/py-statsd\">similar-looking project</link> also hosted on GitHub), but the released version on PyPi was missing two desired features the latest version in GitHub had: the ability to configure a metrics prefix in the client object and a convenience method for sending timing data between “now” and a “start” timestamp you already have. So they just implemented a simple StatsD client library from scratch with the same interface. This has the nice fringe benefit of not introducing another external library dependency into Object Storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-admin.xml:7(title)
|
||
msgid "System administration for Object Storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-admin.xml:8(para)
|
||
msgid "By understanding Object Storage concepts, you can better monitor and administer your storage solution. The majority of the administration information is maintained in developer documentation at <link href=\"http://docs.openstack.org/developer/swift/\">docs.openstack.org/developer/swift/</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/section_object-storage-admin.xml:14(para)
|
||
msgid "See the <link href=\"http://docs.openstack.org/icehouse/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link> for a list of configuration options for Object Storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:7(title) ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:109(title)
|
||
msgid "Dashboard"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:8(para)
|
||
msgid "The OpenStack dashboard is a web-based interface that allows you to manage OpenStack resources and services. The dashboard allows you to interact with the OpenStack Compute cloud controller using the OpenStack APIs. For more information about installing and configuring the dashboard, see the <citetitle>OpenStack Installation Guide</citetitle> for your operating system."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:20(para)
|
||
msgid "<xref linkend=\"dashboard-custom-brand\"/>, for customizing the dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:24(para)
|
||
msgid "<xref linkend=\"dashboard-sessions\"/>, for setting up session storage for the dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:28(para)
|
||
msgid "The <link href=\"http://docs.openstack.org/developer/horizon/topics/deployment.html\"> Horizon documentation</link>, for deploying the dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:32(para)
|
||
msgid "The <link href=\"http://docs.openstack.org/user-guide/content/\"><citetitle>OpenStack End User Guide</citetitle></link>, for launching instances with the dashboard.."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_dashboard.xml:16(para)
|
||
msgid "For more information about using the dashboard, see: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_objectstorage.xml:7(title)
|
||
msgid "Object Storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:11(title)
|
||
msgid "Block Storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:12(para)
|
||
msgid "The OpenStack Block Storage service works through the interaction of a series of daemon processes named <systemitem class=\"daemon\">cinder-*</systemitem> that reside persistently on the host machine or machines. The binaries can all be run from a single node, or spread across multiple nodes. They can also be run on the same node as other OpenStack services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:20(title)
|
||
msgid "Introduction to Block Storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:21(para)
|
||
msgid "To administer the OpenStack Block Storage service, it is helpful to understand a number of concepts. You must make certain choices when you configure the Block Storage service in OpenStack. The bulk of the options come down to two choices, single node or multi-node install. You can read a longer discussion about storage decisions in <link href=\"http://docs.openstack.org/openstack-ops/content/storage_decision.html\">Storage Decisions</link> in the <citetitle>OpenStack Operations Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:30(para)
|
||
msgid "OpenStack Block Storage enables you to add extra block-level storage to your OpenStack Compute instances. This service is similar to the Amazon EC2 Elastic Block Storage (EBS) offering."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:39(title)
|
||
msgid "Manage volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:40(para)
|
||
msgid "The default OpenStack Block Storage service implementation is an iSCSI solution that uses Logical Volume Manager (LVM) for Linux."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:44(para)
|
||
msgid "The OpenStack Block Storage service is not a shared storage solution like a Storage Area Network (SAN) of NFS volumes, where you can attach a volume to multiple servers. With the OpenStack Block Storage service, you can attach a volume to only one instance at a time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:50(para)
|
||
msgid "The OpenStack Block Storage service also provides drivers that enable you to use several vendors' back-end storage devices, in addition to or instead of the base LVM implementation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:55(para)
|
||
msgid "This high-level procedure shows you how to create and attach a volume to a server instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:58(title)
|
||
msgid "To create and attach a volume to an instance"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:61(para)
|
||
msgid "Configure the OpenStack Compute and the OpenStack Block Storage services through the <filename>cinder.conf</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:66(para)
|
||
msgid "Use the <placeholder-1/> command to create a volume. This command creates an LV into the volume group (VG) <literal>cinder-volumes</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:72(para)
|
||
msgid "Use the <placeholder-1/> command to attach the volume to an instance. This command creates a unique iSCSI IQN that is exposed to the compute node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:78(para)
|
||
msgid "The compute node, which runs the instance, now has an active ISCSI session and new local storage (usually a <filename>/dev/sdX</filename> disk)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:85(para)
|
||
msgid "libvirt uses that local storage as storage for the instance. The instance gets a new disk (usually a <filename>/dev/vdX</filename> disk)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:94(para)
|
||
msgid "For this particular walk through, one cloud controller runs <systemitem class=\"service\">nova-api</systemitem>, <systemitem class=\"service\">nova-scheduler</systemitem>, <systemitem class=\"service\">nova-objectstore</systemitem>, <literal>nova-network</literal> and <literal>cinder-*</literal> services. Two additional compute nodes run <systemitem class=\"service\">nova-compute</systemitem>. The walk through uses a custom partitioning scheme that carves out 60GB of space and labels it as LVM. The network uses the FlatManager and NetworkManager settings for OpenStack Compute."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:108(para)
|
||
msgid "The network mode does not interfere with OpenStack Block Storage operations, but you must set up networking for Block Storage to work. For details, see <xref linkend=\"ch_networking\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:112(para)
|
||
msgid "To set up Compute to use volumes, ensure that Block Storage is installed along with <package>lvm2</package>. This guide describes how to troubleshoot your installation and back up your Compute volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:117(title)
|
||
msgid "Boot from volume"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:118(para)
|
||
msgid "In some cases, you can store and run instances from inside volumes. For information, see the <link href=\"http://docs.openstack.org/user-guide/content/boot_from_volume.html\">Launch an instance from a volume</link> section in the <link href=\"http://docs.openstack.org/user-guide/content/\"><citetitle>OpenStack End User Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:139(title)
|
||
msgid "Use LIO iSCSI support"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:140(para)
|
||
msgid "The default <option>iscsi_helper</option> tool is <literal>tgtadm</literal>. To use LIO iSCSI, install the <literal>python-rtslib</literal> package, and set <literal>iscsi_helper=lioadm</literal> in the <filename>cinder.conf</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:145(para)
|
||
msgid "Once configured, you can use the <placeholder-1/> command to manage the volumes. This command enables you to create, delete, and verify volumes and determine targets and add iSCSI initiators to the system."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:153(title)
|
||
msgid "Troubleshoot your installation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_blockstorage.xml:154(para)
|
||
msgid "This section provides useful tips to help you troubleshoot your Block Storage installation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_networking.xml:7(title)
|
||
msgid "Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_networking.xml:8(para)
|
||
msgid "Learn OpenStack Networking concepts, architecture, and basic and advanced <placeholder-1/> and <placeholder-2/> command-line interface (CLI) commands."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:7(title)
|
||
msgid "OpenStack Cloud Administrator Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:9(titleabbrev)
|
||
msgid "Cloud Administrator Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:17(orgname) ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:23(holder)
|
||
msgid "OpenStack Foundation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:21(year)
|
||
msgid "2013"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:22(year)
|
||
msgid "2014"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:25(releaseinfo)
|
||
msgid "current"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:26(productname)
|
||
msgid "OpenStack"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:30(remark)
|
||
msgid "Copyright details are filled in by the template."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:36(remark)
|
||
msgid "Remaining licensing details are filled in by the template."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:41(para)
|
||
msgid "OpenStack offers open source software for cloud administrators to manage and troubleshoot an OpenStack cloud."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:48(date)
|
||
msgid "2014-04-17"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:52(para)
|
||
msgid "For the Icehouse release, the guide was organized with system administration and system architecture sections. Also, how-to sections were moved to this guide instead of the <citetitle>OpenStack Configuration Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:65(date)
|
||
msgid "2013-11-12"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:69(para)
|
||
msgid "Adds options for tuning operational status synchronization in the NSX plug-in."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:77(date)
|
||
msgid "2013-10-17"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:81(para)
|
||
msgid "Havana release."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:87(date)
|
||
msgid "2013-09-05"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:91(para)
|
||
msgid "Moves object storage monitoring section to this guide."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:95(para)
|
||
msgid "Removes redundant object storage information."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:102(date)
|
||
msgid "2013-09-03"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:106(para)
|
||
msgid "Moved all but configuration and installation information from these component guides to create the new guide:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:112(para)
|
||
msgid "OpenStack Compute Administration Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:116(para)
|
||
msgid "OpenStack Networking Administration Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:120(para)
|
||
msgid "OpenStack Object Storage Administration Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/bk-admin-guide-cloud.xml:124(para)
|
||
msgid "OpenStack Block Storage Service Administration Guide"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:7(title)
|
||
msgid "Identity management"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:8(para)
|
||
msgid "OpenStack Identity, code-named keystone, is the default identity management system for OpenStack. After you install Identity, you configure it through the <filename>etc/keystone.conf</filename> configuration file and, possibly, a separate logging configuration file. You initialize data into Identity by using the <placeholder-1/> command-line client."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:16(title)
|
||
msgid "Identity concepts"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:32(title)
|
||
msgid "User CRUD"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:33(para)
|
||
msgid "Identity provides a user CRUD filter that can be added to the public_api pipeline. This user CRUD filter enables users to use a HTTP PATCH to change their own password. To enable this extension you should define a <literal>user_crud_extension</literal> filter, insert it after the <literal>*_body</literal> middleware and before the <literal>public_service</literal> application in the public_api WSGI pipeline in <filename>keystone.conf</filename>. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:47(para)
|
||
msgid "Each user can then change their own password with a HTTP PATCH:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:48(replaceable)
|
||
msgid "USERID"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:49(replaceable)
|
||
msgid "AUTHTOKENID"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:50(para)
|
||
msgid "In addition to changing their password, all current tokens for the user are deleted (if the back end is KVS or sql)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:52(para)
|
||
msgid "Only use a KVS back end for tokens when testing."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:55(title)
|
||
msgid "Logging"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:56(para)
|
||
msgid "You configure logging externally to the rest of Identity. The file specifying the logging configuration is in the <literal>[DEFAULT]</literal> section of the <filename>keystone.conf</filename> file under <literal>log_config</literal>. To route logging through syslog, set <literal>use_syslog=true</literal> option in the <literal>[DEFAULT]</literal> section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:62(para)
|
||
msgid "A sample logging file is available with the project in the <filename>etc/logging.conf.sample</filename> directory. Like other OpenStack projects, Identity uses the Python logging module, which includes extensive configuration options that let you define the output levels and formats."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:67(para)
|
||
msgid "Review the <filename>etc/keystone.conf</filename> sample configuration files that are distributed with the Identity Service. For example, each server application has its own configuration file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:71(para)
|
||
msgid "For services that have separate paste-deploy <filename>.ini</filename> files, you can configure <literal>auth_token</literal> middleware in the <literal>[keystone_authtoken]</literal> section in the main configuration file, such as <filename>nova.conf</filename>. For example in Compute, you can remove the middleware parameters from <filename>api-paste.ini</filename>, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:81(para)
|
||
msgid "Set these values in the <filename>nova.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:96(para)
|
||
msgid "Middleware parameters in paste config take priority. You must remove them to use values in the <literal>[keystone_authtoken]</literal> section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:102(title)
|
||
msgid "Monitoring"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:103(para)
|
||
msgid "Identity provides some basic request and response monitoring statistics out of the box."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:105(para)
|
||
msgid "Enable data collection by defining a <literal>stats_monitoring</literal> filter and including it at the beginning of any desired WSGI pipelines:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:113(para)
|
||
msgid "Enable the reporting of collected data by defining a <literal>stats_reporting</literal> filter and including it near the end of your <literal>admin_api</literal> WSGI pipeline (After <literal>*_body</literal> middleware and before <literal>*_extension</literal> filters is recommended):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:123(para)
|
||
msgid "Query the admin API for statistics using:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:125(para)
|
||
msgid "Reset collected data using:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:130(title)
|
||
msgid "Start the Identity services"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:131(para)
|
||
msgid "To start the services for Identity, run the following command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:134(para)
|
||
msgid "This command starts two wsgi.Server instances configured by the <filename>keystone.conf</filename> file as described previously. One of these wsgi servers is <literal>admin</literal> (the administration API) and the other is <literal>main</literal> (the primary/public API interface). Both run in a single process."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:142(title)
|
||
msgid "Example usage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:143(para)
|
||
msgid "The <literal>keystone</literal> client is set up to expect commands in the general form of <literal>keystone</literal><literal>command</literal><literal>argument</literal>, followed by flag-like keyword arguments to provide additional (often optional) information. For example, the command <literal>user-list</literal> and <literal>tenant-create</literal> can be invoked as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:173(title)
|
||
msgid "Authentication middleware with user name and password"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:175(para)
|
||
msgid "You can also configure Identity authentication middleware using the <option>admin_user</option> and <option>admin_password</option> options. When using the <option>admin_user</option> and <option>admin_password</option> options the <option>admin_token</option> parameter is optional. If <option>admin_token</option> is specified, it is used only if the specified token is still valid."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:183(para)
|
||
msgid "For services that have a separate paste-deploy .ini file, you can configure the authentication middleware in the <literal>[keystone_authtoken]</literal> section of the main configuration file, such as <filename>nova.conf</filename>. In Compute, for example, you can remove the middleware parameters from <filename>api-paste.ini</filename>, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:192(para)
|
||
msgid "And set the following values in <filename>nova.conf</filename> as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:207(para)
|
||
msgid "The middleware parameters in the paste config take priority. You must remove them to use the values in the [keystone_authtoken] section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:211(para)
|
||
msgid "This sample paste config filter makes use of the <option>admin_user</option> and <option>admin_password</option> options:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:224(para)
|
||
msgid "Using this option requires an admin tenant/role relationship. The admin user is granted access to the admin role on the admin tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:230(title)
|
||
msgid "Identity API protection with role-based access control (RBAC)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:232(para)
|
||
msgid "Like most OpenStack projects, Identity supports the protection of its APIs by defining policy rules based on an RBAC approach. Identity stores a reference to a policy JSON file in the main Identity configuration file, <filename>keystone.conf</filename>. Typically this file is named <filename>policy.json</filename>, and it contains the rules for which roles have access to certain actions in defined services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:238(para)
|
||
msgid "Each Identity API v3 call has a line in the policy file that dictates which level of governance of access applies."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:240(replaceable)
|
||
msgid "API_NAME"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:240(replaceable)
|
||
msgid "RULE_STATEMENT"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:240(replaceable)
|
||
msgid "MATCH_STATEMENT"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:241(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:69(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:132(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:54(para)
|
||
msgid "Where:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:242(para)
|
||
msgid "<code><replaceable>RULE_STATEMENT</replaceable></code> can contain <code><replaceable>RULE_STATEMENT</replaceable></code> or <code><replaceable>MATCH_STATEMENT</replaceable></code>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:243(para)
|
||
msgid "<code><replaceable>MATCH_STATEMENT</replaceable></code> is a set of identifiers that must match between the token provided by the caller of the API and the parameters or target entities of the API call in question. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:247(para)
|
||
msgid "Indicates that to create a user, you must have the admin role in your token and the <literal>domain_id</literal> in your token (which implies this must be a domain-scoped token) must match the <literal>domain_id</literal> in the user object that you are trying to create. In other words, you must have the admin role on the domain in which you are creating the user, and the token that you use must be scoped to that domain."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:253(para)
|
||
msgid "Each component of a match statement uses this format:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:254(replaceable)
|
||
msgid "ATTRIB_FROM_TOKEN"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:254(replaceable)
|
||
msgid "CONSTANT"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:254(replaceable)
|
||
msgid "ATTRIB_RELATED_TO_API_CALL"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:255(para)
|
||
msgid "The Identity service expects these attributes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:256(para)
|
||
msgid "Attributes from token: <literal>user_id</literal>, the <literal>domain_id</literal> or <literal>project_id</literal> depending on the scope, and the list of roles you have within that scope."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:258(para)
|
||
msgid "Attributes related to API call: Any parameters passed into the API call are available, along with any filters specified in the query string. You reference attributes of objects passed with an object.attribute syntax (such as, <literal>user.domain_id</literal>). The target objects of an API are also available using a target.object.attribute syntax. For instance:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:265(para)
|
||
msgid "would ensure that Identity only deletes the user object in the same domain as the provided token."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:267(para)
|
||
msgid "Every target object has an `id` and a `name` available as `target.<replaceable>OBJECT</replaceable>.id` and `target.<replaceable>OBJECT</replaceable>.name`. Identity retrieves other attributes from the database, and the attributes vary between object types. The Identity service filters out some database fields, such as user passwords."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:272(para)
|
||
msgid "List of object attributes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:302(para)
|
||
msgid "The default <filename>policy.json</filename> file supplied provides a somewhat basic example of API protection, and does not assume any particular use of domains. Refer to <filename>policy.v3cloudsample.json</filename> as an example of multi-domain configuration installations where a cloud provider wants to delegate administration of the contents of a domain to a particular admin domain. This example policy file also shows the use of an admin_domain to allow a cloud provider to enable cloud administrators to have wider access across the APIs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_identity_mgmt.xml:311(para)
|
||
msgid "A clean installation could start with the standard policy file, to allow creation of the admin_domain with the first users within it. You could then obtain the domain_id of the admin domain, paste the ID into a modified version of <filename>policy.v3cloudsample.json</filename>, and then enable it as the main policy file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:11(title) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:103(title)
|
||
msgid "Compute"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:12(para)
|
||
msgid "The OpenStack Compute service allows you to control an Infrastructure-as-a-Service (IaaS) cloud computing platform. It gives you control over instances and networks, and allows you to manage access to the cloud through users and projects."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:17(para)
|
||
msgid "Compute does not include virtualization software. Instead, it defines drivers that interact with underlying virtualization mechanisms that run on your host operating system, and exposes functionality over a web-based API."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:22(title)
|
||
msgid "System architecture"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:23(para)
|
||
msgid "OpenStack Compute contains several main components."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:27(para)
|
||
msgid "The <glossterm>cloud controller</glossterm> represents the global state and interacts with the other components. The <literal>API server</literal> acts as the web services front end for the cloud controller. The <literal>compute controller</literal> provides compute server resources and usually also contains the Compute service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:34(para)
|
||
msgid "The <literal>object store</literal> is an optional component that provides storage services; you can also instead use OpenStack Object Storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:38(para)
|
||
msgid "An <literal>auth manager</literal> provides authentication and authorization services when used with the Compute system; you can also instead use OpenStack Identity as a separate authentication service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:43(para)
|
||
msgid "A <literal>volume controller</literal> provides fast and permanent block-level storage for the compute servers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:48(para)
|
||
msgid "The <literal>network controller</literal> provides virtual networks to enable compute servers to interact with each other and with the public network. You can also instead use OpenStack Networking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:53(para)
|
||
msgid "The <literal>scheduler</literal> is used to select the most suitable compute controller to host an instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:60(para)
|
||
msgid "Compute uses a messaging-based, <literal>shared nothing</literal> architecture. All major components exist on multiple servers, including the compute, volume, and network controllers, and the object store or image service. The state of the entire system is stored in a database. The cloud controller communicates with the internal object store using HTTP, but it communicates with the scheduler, network controller, and volume controller using AMQP (advanced message queueing protocol). To avoid blocking a component while waiting for a response, Compute uses asynchronous calls, with a callback that is triggered when a response is received."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:69(title)
|
||
msgid "Hypervisors"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:70(para)
|
||
msgid "Compute controls hypervisors through an API server. Selecting the best hypervisor to use can be difficult, and you must take budget, resource constraints, supported features, and required technical specifications into account. However, the majority of OpenStack development is done on systems using KVM and Xen-based hypervisors. For a detailed list of features and support across different hypervisors, see <link href=\"http://wiki.openstack.org/HypervisorSupportMatrix\">http://wiki.openstack.org/HypervisorSupportMatrix</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:77(para)
|
||
msgid "You can also orchestrate clouds using multiple hypervisors in different availability zones. Compute supports the following hypervisors:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:82(link)
|
||
msgid "Baremetal"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:86(link)
|
||
msgid "Docker"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:91(link) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:531(th)
|
||
msgid "Hyper-V"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:95(link)
|
||
msgid "Kernel-based Virtual Machine (KVM)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:100(link)
|
||
msgid "Linux Containers (LXC)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:104(link)
|
||
msgid "Quick Emulator (QEMU)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:108(link)
|
||
msgid "User Mode Linux (UML)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:115(link)
|
||
msgid "VMWare vSphere"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:119(link)
|
||
msgid "Xen"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:123(para)
|
||
msgid "For more information about hypervisors, see the <link href=\"http://docs.openstack.org/trunk/config-reference/content/section_compute-hypervisors.html\">Hypervisors</link> section in the <citetitle>OpenStack Configuration Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:130(title)
|
||
msgid "Tenants, users, and roles"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:131(para)
|
||
msgid "The Compute system is designed to be used by different consumers in the form of tenants on a shared system, and role-based access assignments. Roles control the actions that a user is allowed to perform."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:135(para)
|
||
msgid "Tenants are isolated resource containers that form the principal organizational structure within the Compute service. They consist of an individual VLAN, and volumes, instances, images, keys, and users. A user can specify the tenant by appending <literal>:project_id</literal> to their access key. If no tenant is specified in the API request, Compute attempts to use a tenant with the same ID as the user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:143(para)
|
||
msgid "For tenants, you can use quota controls to limit the:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:146(para)
|
||
msgid "Number of volumes that may be launched."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:149(para)
|
||
msgid "Number of processor cores and the amount of RAM that can be allocated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:152(para)
|
||
msgid "Floating IP addresses assigned to any instance when it launches. This allows instances to have the same publicly accessible IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:156(para)
|
||
msgid "Fixed IP addresses assigned to the same instance when it launches. This allows instances to have the same publicly or privately accessible IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:160(para)
|
||
msgid "Roles control the actions a user is allowed to perform. By default, most actions do not require a particular role, but you can configure them by editing the <filename>policy.json</filename> file for user roles. For example, a rule can be defined so that a user must have the <parameter>admin</parameter> role in order to be able to allocate a public IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:167(para)
|
||
msgid "A tenant limits users' access to particular images. Each user is assigned a user name and password. Keypairs granting access to an instance are enabled for each user, but quotas are set, so that each tenant can control resource consumption across available hardware resources."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:174(para)
|
||
msgid "Earlier versions of OpenStack used the term <systemitem class=\"service\">project</systemitem> instead of <systemitem class=\"service\">tenant</systemitem>. Because of this legacy terminology, some command-line tools use <parameter>--project_id</parameter> where you would normally expect to enter a tenant ID."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:184(title)
|
||
msgid "Block storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:185(para)
|
||
msgid "OpenStack provides two classes of block storage: ephemeral storage and persistent volumes. Volumes are persistent virtualized block devices independent of any particular instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:189(para)
|
||
msgid "Ephemeral storage is associated with a single unique instance, and it exists only for the life of that instance. The amount of ephemeral storage is defined by the flavor of the instance. Generally, the root file system for an instance will be stored on ephemeral storage. It persists across reboots of the guest operating system, but when the instance is deleted, the ephemeral storage is also removed."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:197(para)
|
||
msgid "In addition to the ephemeral root volume, all flavors except the smallest, <filename>m1.tiny</filename>, also provide an additional ephemeral block device of between 20 and 160GB. These sizes can be configured to suit your environment. This is presented as a raw block device with no partition table or file system. Cloud-aware operating system images can discover, format, and mount these storage devices. For example, the cloud-init package included in Ubuntu's stock cloud images format this space as an ext3 file system and mount it on /mnt. This is a feature of the guest operating system you are using, and is not an OpenStack mechanism. OpenStack only provisions the raw storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:212(para)
|
||
msgid "Persistent volumes are created by users and their size is limited only by the user's quota and availability limits. Upon initial creation, volumes are raw block devices without a partition table or a file system. To partition or format volumes, you must attach them to an instance. Once they are attached to an instance, you can use persistent volumes in much the same way as you would use external hard disk drive. You can attach volumes to only one instance at a time, although you can detach and reattach volumes to as many different instances as you like."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:223(para)
|
||
msgid "You can configure persistent volumes as bootable and use them to provide a persistent virtual instance similar to traditional non-cloud-based virtualization systems. Typically, the resulting instance can also still have ephemeral storage depending on the flavor selected, but the root file system can be on the persistent volume and its state maintained even if the instance is shut down. For more information about this type of configuration, see the <link href=\"http://docs.openstack.org/trunk/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:233(para)
|
||
msgid "Persistent volumes do not provide concurrent access from multiple instances. That type of configuration requires a traditional network file system like NFS or CIFS, or a cluster file system such as GlusterFS. These systems can be built within an OpenStack cluster or provisioned outside of it, but OpenStack software does not provide these features."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:243(title)
|
||
msgid "EC2 compatibility API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:244(para)
|
||
msgid "In addition to the native compute API, OpenStack provides an EC2-compatible API. This API allows EC2 legacy workflows built for EC2 to work with OpenStack. The <link href=\"http://docs.openstack.org/trunk/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link> lists configuration options for customizing this compatibility API on your OpenStack cloud."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:251(para)
|
||
msgid "Numerous third-party tools and language-specific SDKs can be used to interact with OpenStack clouds, using both native and compatibility APIs. Some of the more popular third-party tools are:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:257(term)
|
||
msgid "Euca2ools"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:259(para)
|
||
msgid "A popular open source command-line tool for interacting with the EC2 API. This is convenient for multi-cloud environments where EC2 is the common API, or for transitioning from EC2-based clouds to OpenStack. For more information, see the <link href=\"http://open.eucalyptus.com/wiki/Euca2oolsGuide\">euca2ools site</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:270(term)
|
||
msgid "Hybridfox"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:272(para)
|
||
msgid "A Firefox browser add-on that provides a graphical interface to many popular public and private cloud technologies, including OpenStack. For more information, see the <link href=\"http://code.google.com/p/hybridfox/\"> hybridfox site</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:281(term)
|
||
msgid "boto"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:283(para)
|
||
msgid "A Python library for interacting with Amazon Web Services. It can be used to access OpenStack through the EC2 compatibility API. For more information, see the <link href=\"https://github.com/boto/boto\"> boto project page on GitHub</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:292(term)
|
||
msgid "fog"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:294(para)
|
||
msgid "A Ruby cloud services library. It provides methods for interacting with a large number of cloud and virtualization platforms, including OpenStack. For more information, see the <link href=\"https://rubygems.org/gems/fog\"> fog site</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:303(term)
|
||
msgid "php-opencloud"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:305(para)
|
||
msgid "A PHP SDK designed to work with most OpenStack- based cloud deployments, as well as Rackspace public cloud. For more information, see the <link href=\"http://www.php-opencloud.com\"> php-opencloud site</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:316(title)
|
||
msgid "Building blocks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:317(para)
|
||
msgid "In OpenStack the base operating system is usually copied from an image stored in the OpenStack Image Service. This is the most common case and results in an ephemeral instance that starts from a known template state and loses all accumulated states on shutdown. It is also possible to put an operating system on a persistent volume in the Nova-Volume or Cinder volume system. This gives a more traditional persistent system that accumulates states, which are preserved across restarts. To get a list of available images on your system run: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:336(para) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:24(para)
|
||
msgid "The displayed image attributes are:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:339(literal) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:27(literal)
|
||
msgid "ID"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:341(para)
|
||
msgid "Automatically generated UUID of the image"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:346(literal) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:33(literal)
|
||
msgid "Name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:348(para)
|
||
msgid "Free form, human-readable name for image"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:353(literal) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:39(literal)
|
||
msgid "Status"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:355(para) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:41(para)
|
||
msgid "The status of the image. Images marked <literal>ACTIVE</literal> are available for use."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:361(literal) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:47(literal)
|
||
msgid "Server"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:363(para) ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:49(para)
|
||
msgid "For images that are created as snapshots of running instances, this is the UUID of the instance the snapshot derives from. For uploaded images, this field is blank."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:370(para)
|
||
msgid "Virtual hardware templates are called <literal>flavors</literal>. The default installation provides five flavors. By default, these are configurable by admin users, however that behavior can be changed by redefining the access controls for <parameter>compute_extension:flavormanage</parameter> in <filename>/etc/nova/policy.json</filename> on the <filename>compute-api</filename> server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:378(para)
|
||
msgid "For a list of flavors that are available on your system:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:393(title)
|
||
msgid "Compute service architecture"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:394(para)
|
||
msgid "The following basic categories describe the service architecture and what's going on within the cloud controller."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:397(title)
|
||
msgid "API server"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:398(para)
|
||
msgid "At the heart of the cloud framework is an API server. This API server makes command and control of the hypervisor, storage, and networking programmatically available to users."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:401(para)
|
||
msgid "The API endpoints are basic HTTP web services which handle authentication, authorization, and basic command and control functions using various API interfaces under the Amazon, Rackspace, and related models. This enables API compatibility with multiple existing tool sets created for interaction with offerings from other vendors. This broad compatibility prevents vendor lock-in."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:412(title)
|
||
msgid "Message queue"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:413(para)
|
||
msgid "A messaging queue brokers the interaction between compute nodes (processing), the networking controllers (software which controls network infrastructure), API endpoints, the scheduler (determines which physical hardware to allocate to a virtual resource), and similar components. Communication to and from the cloud controller is by HTTP requests through multiple API endpoints."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:422(para)
|
||
msgid "A typical message passing event begins with the API server receiving a request from a user. The API server authenticates the user and ensures that the user is permitted to issue the subject command. The availability of objects implicated in the request is evaluated and, if available, the request is routed to the queuing engine for the relevant workers. Workers continually listen to the queue based on their role, and occasionally their type host name. When an applicable work request arrives on the queue, the worker takes assignment of the task and begins its execution. Upon completion, a response is dispatched to the queue which is received by the API server and relayed to the originating user. Database entries are queried, added, or removed as necessary throughout the process."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:434(title)
|
||
msgid "Compute worker"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:435(para)
|
||
msgid "Compute workers manage computing instances on host machines. The API dispatches commands to compute workers to complete these tasks:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:440(para)
|
||
msgid "Run instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:443(para)
|
||
msgid "Terminate instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:446(para)
|
||
msgid "Reboot instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:449(para)
|
||
msgid "Attach volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:452(para)
|
||
msgid "Detach volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:455(para)
|
||
msgid "Get console output"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:460(title)
|
||
msgid "Network Controller"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:461(para)
|
||
msgid "The Network Controller manages the networking resources on host machines. The API server dispatches commands through the message queue, which are subsequently processed by Network Controllers. Specific operations include:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:468(para)
|
||
msgid "Allocate fixed IP addresses"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:471(para)
|
||
msgid "Configuring VLANs for projects"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/ch_compute.xml:474(para)
|
||
msgid "Configuring networks for compute nodes"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:272(None)
|
||
msgid "@@image: '../../common/figures/fwaas.png'; md5=f7d3a184380f6847d15b444ccdbb5a7f"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:7(title)
|
||
msgid "Introduction to Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:8(para)
|
||
msgid "The Networking service, code-named neutron, provides an API that lets you define network connectivity and addressing in the cloud. The Networking service enables operators to leverage different networking technologies to power their cloud networking. The Networking service also provides an API to configure and manage a variety of network services ranging from L3 forwarding and NAT to load balancing, edge firewalls, and IPSEC VPN."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:16(para)
|
||
msgid "For a detailed description of the Networking API abstractions and their attributes, see the <link href=\"http://docs.openstack.org/api/openstack-network/2.0/content/\"><citetitle>OpenStack Networking API v2.0 Reference</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:22(title)
|
||
msgid "Networking API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:23(para)
|
||
msgid "Networking is a virtual network service that provides a powerful API to define the network connectivity and IP addressing that devices from other services, such as Compute, use."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:27(para)
|
||
msgid "The Compute API has a virtual server abstraction to describe computing resources. Similarly, the Networking API has virtual network, subnet, and port abstractions to describe networking resources."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:32(caption)
|
||
msgid "Networking resources"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:37(th)
|
||
msgid "Resource"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:38(th) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:199(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:56(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:116(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:187(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:288(th) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:36(th) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:139(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:42(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:133(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:261(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:319(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:615(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:658(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:870(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:992(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1060(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1181(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1496(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1585(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1626(th)
|
||
msgid "Description"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:43(emphasis) ./doc/admin-guide-cloud/networking/section_networking-use.xml:62(emphasis) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:138(th)
|
||
msgid "Network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:44(td)
|
||
msgid "An isolated L2 segment, analogous to VLAN in the physical networking world."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:48(emphasis) ./doc/admin-guide-cloud/networking/section_networking-use.xml:71(emphasis)
|
||
msgid "Subnet"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:49(td)
|
||
msgid "A block of v4 or v6 IP addresses and associated configuration state."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:53(emphasis) ./doc/admin-guide-cloud/networking/section_networking-use.xml:82(emphasis)
|
||
msgid "Port"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:54(td)
|
||
msgid "A connection point for attaching a single device, such as the NIC of a virtual server, to a virtual network. Also describes the associated network configuration, such as the MAC and IP addresses to be used on that port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:63(para)
|
||
msgid "To configure rich network topologies, you can create and configure networks and subnets and instruct other OpenStack services like Compute to attach virtual devices to ports on these networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:67(para)
|
||
msgid "In particular, Networking supports each tenant having multiple private networks and enables tenants to choose their own IP addressing scheme, even if those IP addresses overlap with those that other tenants use."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:71(para)
|
||
msgid "The Networking service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:74(para)
|
||
msgid "Enables advanced cloud networking use cases, such as building multi-tiered web applications and enabling migration of applications to the cloud without changing IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:80(para)
|
||
msgid "Offers flexibility for the cloud administrator to customize network offerings."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:84(para)
|
||
msgid "Enables developers to extend the Networking API. Over time, the extended functionality becomes part of the core Networking API."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:91(title)
|
||
msgid "Configure SSL support for networking API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:92(para)
|
||
msgid "OpenStack Networking supports SSL for the Networking API server. By default, SSL is disabled but you can enable it in the <filename>neutron.conf</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:95(para)
|
||
msgid "Set these options to configure SSL:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:98(code)
|
||
msgid "use_ssl = True"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:100(para)
|
||
msgid "Enables SSL on the networking API server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:106(replaceable)
|
||
msgid "/path/to/certfile"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:105(code)
|
||
msgid "ssl_cert_file = <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:108(para)
|
||
msgid "Certificate file that is used when you securely start the Networking API server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:115(replaceable)
|
||
msgid "/path/to/keyfile"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:114(code)
|
||
msgid "ssl_key_file = <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:117(para)
|
||
msgid "Private key file that is used when you securely start the Networking API server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:124(replaceable)
|
||
msgid "/path/to/cafile"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:123(code)
|
||
msgid "ssl_ca_file = <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:126(para)
|
||
msgid "Optional. CA certificate file that is used when you securely start the Networking API server. This file verifies connecting clients. Set this option when API clients must authenticate to the API server by using SSL certificates that are signed by a trusted CA."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:136(code)
|
||
msgid "tcp_keepidle = 600"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:138(para)
|
||
msgid "The value of TCP_KEEPIDLE, in seconds, for each server socket when starting the API server. Not supported on OS X."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:144(code)
|
||
msgid "retry_until_window = 30"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:146(para)
|
||
msgid "Number of seconds to keep retrying to listen."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:151(code)
|
||
msgid "backlog = 4096"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:153(para)
|
||
msgid "Number of backlog requests with which to configure the socket."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:160(title)
|
||
msgid "Load-Balancer-as-a-Service (LBaaS) overview"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:161(para)
|
||
msgid "<glossterm>Load-Balancer-as-a-Service (LBaaS)</glossterm> enables Networking to distribute incoming requests evenly among designated instances. This distribution ensures that the workload is shared predictably among instances and enables more effective use of system resources. Use one of these load balancing methods to distribute incoming requests:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:170(term)
|
||
msgid "Round robin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:172(para)
|
||
msgid "Rotates requests evenly between multiple instances."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:177(term)
|
||
msgid "Source IP"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:179(para)
|
||
msgid "Requests from a unique source IP address are consistently directed to the same instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:185(term)
|
||
msgid "Least connections"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:187(para)
|
||
msgid "Allocates requests to the instance with the least number of active connections."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:193(caption)
|
||
msgid "LBaaS features"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:198(th)
|
||
msgid "Feature"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:205(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:211(glossterm)
|
||
msgid "Monitors"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:206(td)
|
||
msgid "LBaaS provides availability monitoring with the <placeholder-1/>, TCP, HTTP and HTTPS GET methods. <placeholder-2/> are implemented to determine whether pool members are available to handle requests."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:217(emphasis)
|
||
msgid "Management"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:219(systemitem)
|
||
msgid "REST API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:218(td)
|
||
msgid "LBaaS is managed using a variety of tool sets. The <placeholder-1/> is available for programmatic administration and scripting. Users perform administrative management of load balancers through either the CLI (<placeholder-2/>) or the OpenStack dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:227(emphasis)
|
||
msgid "Connection limits"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:229(emphasis)
|
||
msgid "connection limits"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:229(td)
|
||
msgid "Ingress traffic can be shaped with <placeholder-1/>. This feature allows workload control, and can also assist with mitigating DoS (Denial of Service) attacks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:236(emphasis)
|
||
msgid "Session persistence"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:239(para)
|
||
msgid "LBaaS supports session persistence by ensuring incoming requests are routed to the same instance within a pool of multiple instances. LBaaS supports routing decisions based on cookies and source IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:250(title)
|
||
msgid "Firewall-as-a-Service (FWaaS) overview"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:251(para)
|
||
msgid "The <glossterm>Firewall-as-a-Service (FWaaS)</glossterm> plug-in adds perimeter firewall management to Networking. FWaaS uses iptables to apply firewall policy to all Networking routers within a project. FWaaS supports one firewall policy and logical firewall instance per project."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:257(para)
|
||
msgid "Whereas security groups operate at the instance-level, FWaaS operates at the perimeter to filter traffic at the neutron router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:261(para)
|
||
msgid "FWaaS is currently in technical preview; untested operation is not recommended."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:264(para)
|
||
msgid "The example diagram illustrates the flow of ingress and egress traffic for the VM2 instance:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:267(title)
|
||
msgid "FWaaS architecture"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:277(title)
|
||
msgid "To enable FWaaS"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:278(para)
|
||
msgid "FWaaS management options are also available in the OpenStack dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:281(para)
|
||
msgid "Enable the FWaaS plug-in in the <filename>neutron.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:291(para)
|
||
msgid "Enable the option in the <filename>/usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py</filename> file, which is typically located on the controller node:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:299(title)
|
||
msgid "To configure Firewall-as-a-Service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:300(para)
|
||
msgid "Create the firewall rules and create a policy that contains them. Then, create a firewall that applies the policy."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:304(para)
|
||
msgid "Create a firewall rule:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:306(para)
|
||
msgid "The Networking client requires a protocol value; if the rule is protocol agnostic, you can use the <literal>any</literal> value."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:311(para)
|
||
msgid "Create a firewall policy:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:313(para)
|
||
msgid "The order in which you specify the rules is important."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:318(para)
|
||
msgid "To add multiple rules, use the update operation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:322(para)
|
||
msgid "To add a single rule, use the insert-rule operation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:315(para)
|
||
msgid "You can create a firewall policy without any rules and add rules later, as follows:<placeholder-1/> For more details, see <link href=\"http://docs.openstack.org/cli-reference/content/neutronclient_commands.html#neutronclient_subcommand_firewall-policy-create\">Networking command-line client</link> in the <citetitle>OpenStack Command-Line Interface Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:331(para)
|
||
msgid "FWaaS always adds a default <option>deny all</option> rule at the lowest precedence of each policy. Consequently, a firewall policy with no rules blocks all traffic by default."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:339(para)
|
||
msgid "Create a firewall:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:342(para)
|
||
msgid "The firewall remains in <guilabel>PENDING_CREATE</guilabel> state until you create a Networking router and attach an interface to it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:350(title)
|
||
msgid "Allowed-address-pairs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:351(para)
|
||
msgid "<option>Allowed-address-pairs</option> enable you to specify mac_address/ip_address(cidr) pairs that pass through a port regardless of subnet. This enables the use of protocols such as VRRP, which floats an IP address between two instances to enable fast data plane failover."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:359(para)
|
||
msgid "Currently, only the ML2, Open vSwitch, and VMware NSX plug-ins support the allowed-address-pairs extension."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:364(title)
|
||
msgid "Basic allowed-address-pairs operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:368(para)
|
||
msgid "Create a port with a specified allowed address pairs:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:373(para)
|
||
msgid "Update a port by adding allowed address pairs:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:380(para)
|
||
msgid "In releases earlier than Juno, OpenStack Networking prevents setting an allowed address pair on a port that matches the MAC address and one of the fixed IP addresses of the port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:387(title)
|
||
msgid "Plug-in architecture"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:388(para)
|
||
msgid "The original Compute network implementation assumed a basic model of isolation through Linux VLANs and IP tables. Networking introduces support for vendor <glossterm>plug-in</glossterm>s, which offer a custom back-end implementation of the Networking API. A plug-in can use a variety of technologies to implement the logical API requests. Some Networking plug-ins might use basic Linux VLANs and IP tables while others might use more advanced technologies, such as L2-in-L3 tunneling or OpenFlow, to provide similar benefits."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:399(caption)
|
||
msgid "Available networking plug-ins"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:404(th) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:527(th) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:13(th)
|
||
msgid "Plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:405(th)
|
||
msgid "Documentation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:410(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:537(td)
|
||
msgid "Big Switch (Floodlight REST Proxy)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:413(link)
|
||
msgid "http://www.openflowhub.org/display/floodlightcontroller/Neutron+REST+Proxy+Plugin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:411(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:417(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:474(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:480(td)
|
||
msgid "This guide and <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:416(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:545(td)
|
||
msgid "Brocade"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:419(link)
|
||
msgid "https://wiki.openstack.org/wiki/Brocade-neutron-plugin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:422(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:553(td)
|
||
msgid "Cisco"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:425(link)
|
||
msgid "http://wiki.openstack.org/cisco-neutron"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:428(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:561(td)
|
||
msgid "Cloudbase Hyper-V"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:431(link)
|
||
msgid "http://www.cloudbase.it/quantum-hyper-v-plugin/"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:434(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:569(td)
|
||
msgid "IBM SDN-VE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:437(link)
|
||
msgid "https://wiki.openstack.org/wiki/IBM-Neutron"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:440(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:577(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:30(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:81(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:131(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:182(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:328(emphasis) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:460(title)
|
||
msgid "Linux Bridge"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:443(link)
|
||
msgid "http://wiki.openstack.org/Neutron-Linux-Bridge-Plugin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:446(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:585(td)
|
||
msgid "Mellanox"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:449(link)
|
||
msgid "https://wiki.openstack.org/wiki/Mellanox-Neutron/"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:452(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:593(td)
|
||
msgid "Midonet"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:454(link)
|
||
msgid "http://www.midokura.com/"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:457(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:601(td)
|
||
msgid "ML2 (Modular Layer 2)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:460(link)
|
||
msgid "https://wiki.openstack.org/wiki/Neutron/ML2"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:463(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:609(td)
|
||
msgid "NEC OpenFlow"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:466(link)
|
||
msgid "https://wiki.openstack.org/wiki/Neutron/NEC_OpenFlow_Plugin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:469(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:617(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:25(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:60(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:123(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:170(emphasis) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:320(emphasis) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:13(title)
|
||
msgid "Open vSwitch"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:470(td)
|
||
msgid "This guide."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:473(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:625(td)
|
||
msgid "PLUMgrid"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:476(link)
|
||
msgid "https://https://wiki.openstack.org/wiki/PLUMgrid-Neutron"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:479(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:633(td)
|
||
msgid "Ryu"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:482(link)
|
||
msgid "https://github.com/osrg/ryu/wiki/OpenStack"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:486(emphasis) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:641(td)
|
||
msgid "VMware NSX"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:488(link)
|
||
msgid "NSX Product Overview"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:491(link)
|
||
msgid "NSX Product Support"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:487(td)
|
||
msgid "This guide and <placeholder-1/>, <placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:495(para)
|
||
msgid "Plug-ins can have different properties for hardware requirements, features, performance, scale, or operator tools. Because Networking supports a large number of plug-ins, the cloud administrator must determine the right networking technology for the deployment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:500(para)
|
||
msgid "In the Havana release, OpenStack Networking introduces the <glossterm baseform=\"Modular Layer 2 (ML2) neutron plug-in\">Modular Layer 2 (ML2) plug-in</glossterm> that enables the use of multiple concurrent mechanism drivers. This capability aligns with the complex requirements typically found in large heterogeneous environments. It currently works with the existing Open vSwitch, Linux Bridge, and Hyper-v L2 agents. The ML2 framework simplifies the addition of support for new L2 technologies and reduces the effort that is required to add and maintain them compared to earlier large plug-ins."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:513(title)
|
||
msgid "Plug-in deprecation notice"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:514(para)
|
||
msgid "The Open vSwitch and Linux Bridge plug-ins are deprecated in the Havana release and will be removed in the Icehouse release. The features in these plug-ins are now part of the ML2 plug-in in the form of mechanism drivers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:520(para)
|
||
msgid "Not all Networking plug-ins are compatible with all possible Compute drivers:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:523(caption)
|
||
msgid "Plug-in compatibility with Compute drivers"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:528(th)
|
||
msgid "Libvirt (KVM/QEMU)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:529(th) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:260(title)
|
||
msgid "XenServer"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:530(th)
|
||
msgid "VMware"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:532(th)
|
||
msgid "Bare-metal"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:538(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:546(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:554(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:565(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:570(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:578(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:586(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:594(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:602(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:605(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:610(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:618(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:626(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:628(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:634(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:642(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:643(td) ./doc/admin-guide-cloud/networking/section_networking_introduction.xml:644(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1502(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1509(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1516(td)
|
||
msgid "Yes"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:32(None)
|
||
msgid "@@image: '../../common/figures/demo_multiple_dhcp_agents.png'; md5=7e9abc4226d6b6cb9a6a3b3ec7435805"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:7(title)
|
||
msgid "Scalable and highly available DHCP agents"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:8(para)
|
||
msgid "This section describes how to use the agent management (alias agent) and scheduler (alias agent_scheduler) extensions for DHCP agents scalability and HA."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:12(para)
|
||
msgid "Use the <placeholder-1/> client command to check if these extensions are enabled: <placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:47(para)
|
||
msgid "Runs the Networking, Identity, and Compute services that are required to deploy VMs. The node must have at least one network interface that is connected to the Management Network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:52(para)
|
||
msgid "Note that <systemitem class=\"service\">nova-network</systemitem> should not be running because it is replaced by Neutron."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:35(para)
|
||
msgid "There will be three hosts in the setup. <table rules=\"all\"><caption>Hosts for demo</caption><thead><tr><th>Host</th><th>Description</th></tr></thead><tbody><tr><td>OpenStack controller host - controlnode</td><placeholder-1/></tr><tr><td>HostA</td><td>Runs <systemitem class=\"service\">nova-compute</systemitem>, the Neutron L2 agent and DHCP agent</td></tr><tr><td>HostB</td><td>Same as HostA</td></tr></tbody></table>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:72(title) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:147(th) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:222(td) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:257(td) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:17(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:466(title)
|
||
msgid "Configuration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:74(title)
|
||
msgid "controlnode: neutron server"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:76(para) ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:101(para)
|
||
msgid "Neutron configuration file <filename>/etc/neutron/neutron.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:86(para) ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:110(para)
|
||
msgid "Update the plug-in configuration file <filename>/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:99(title)
|
||
msgid "HostA and Hostb: L2 agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:122(para)
|
||
msgid "Update the nova configuration file <filename>/etc/nova/nova.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:137(title)
|
||
msgid "HostA and HostB: DHCP agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:139(para)
|
||
msgid "Update the DHCP configuration file <filename>/etc/neutron/dhcp_agent.ini</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:147(title)
|
||
msgid "Commands in agent management and scheduler extensions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:149(para)
|
||
msgid "The following commands require the tenant running the command to have an admin role."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:152(para)
|
||
msgid "Ensure that the following environment variables are set. These are used by the various clients to access the Identity Service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:161(title) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:51(caption) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:114(caption) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:161(caption) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:311(caption)
|
||
msgid "Settings"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:162(para)
|
||
msgid "To experiment, you need VMs and a neutron network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:182(title)
|
||
msgid "Manage agents in neutron deployment"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:183(para)
|
||
msgid "Every agent that supports these extensions will register itself with the neutron server when it starts up."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:187(para)
|
||
msgid "List all agents:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:198(para)
|
||
msgid "The output shows information for four agents. The <literal>alive</literal> field shows <literal>:-)</literal> if the agent reported its state within the period defined by the <option>agent_down_time</option> option in the <filename>neutron.conf</filename> file. Otherwise the <option>alive</option> is <literal>xxx</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:210(para)
|
||
msgid "List the DHCP agents that host a specified network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:212(para)
|
||
msgid "In some deployments, one DHCP agent is not enough to hold all network data. In addition, you must have a backup for it even when the deployment is small. The same network can be assigned to more than one DHCP agent and one DHCP agent can host more than one network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:219(para)
|
||
msgid "List DHCP agents that host a specified network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:229(para)
|
||
msgid "List the networks hosted by a given DHCP agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:231(para)
|
||
msgid "This command is to show which networks a given dhcp agent is managing."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:241(para)
|
||
msgid "Show agent details."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:242(para)
|
||
msgid "The <placeholder-1/> command shows details for a specified agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:269(para)
|
||
msgid "In this output, <literal>heartbeat_timestamp</literal> is the time on the neutron server. You do not need to synchronize all agents to this time for this extension to run correctly. <literal>configurations</literal> describes the static configuration for the agent or run time data. This agent is a DHCP agent and it hosts one network, one subnet, and three ports."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:279(para)
|
||
msgid "Different types of agents show different details. The following output shows information for a Linux bridge agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:304(para)
|
||
msgid "The output shows <literal>bridge-mapping</literal> and the number of virtual network devices on this L2 agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:311(title)
|
||
msgid "Manage assignment of networks to DHCP agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:312(para)
|
||
msgid "Now that you have run the <placeholder-1/> and <placeholder-2/> commands, you can add a network to a DHCP agent and remove one from it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:318(para)
|
||
msgid "Default scheduling."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:319(para)
|
||
msgid "When you create a network with one port, you can schedule it to an active DHCP agent. If many active DHCP agents are running, select one randomly. You can design more sophisticated scheduling algorithms in the same way as <systemitem class=\"service\">nova-schedule</systemitem> later on."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:337(para)
|
||
msgid "It is allocated to DHCP agent on HostA. If you want to validate the behavior through the <placeholder-1/> command, you must create a subnet for the network because the DHCP agent starts the <systemitem class=\"service\">dnsmasq</systemitem> service only if there is a DHCP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:347(para)
|
||
msgid "Assign a network to a given DHCP agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:349(para)
|
||
msgid "To add another DHCP agent to host the network, run this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:360(para)
|
||
msgid "Both DHCP agents host the <literal>net2</literal> network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:365(para)
|
||
msgid "Remove a network from a specified DHCP agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:367(para)
|
||
msgid "This command is the sibling command for the previous one. Remove <literal>net2</literal> from the DHCP agent for HostA:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:379(para)
|
||
msgid "You can see that only the DHCP agent for HostB is hosting the <literal>net2</literal> network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:386(title)
|
||
msgid "HA of DHCP agents"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:387(para)
|
||
msgid "Boot a VM on net2. Let both DHCP agents host <literal>net2</literal>. Fail the agents in turn to see if the VM can still get the desired IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:392(para)
|
||
msgid "Boot a VM on net2."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:413(para)
|
||
msgid "Make sure both DHCP agents hosting 'net2'."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:415(para)
|
||
msgid "Use the previous commands to assign the network to agents."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:427(title)
|
||
msgid "Test the HA"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:429(para)
|
||
msgid "Log in to the <literal>myserver4</literal> VM, and run <literal>udhcpc</literal>, <literal>dhclient</literal> or other DHCP client."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:436(para)
|
||
msgid "Stop the DHCP agent on HostA. Besides stopping the <code>neutron-dhcp-agent</code> binary, you must stop the <placeholder-1/> processes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:444(para)
|
||
msgid "Run a DHCP client in VM to see if it can get the wanted IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:449(para)
|
||
msgid "Stop the DHCP agent on HostB too."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:453(para)
|
||
msgid "Run <placeholder-1/> in the VM; it cannot get the wanted IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:458(para)
|
||
msgid "Start DHCP agent on HostB. The VM gets the wanted IP again."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:463(title)
|
||
msgid "Disable and remove an agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:464(para)
|
||
msgid "An administrator might want to disable an agent if a system hardware or software upgrade is planned. Some agents that support scheduling also support disabling and enabling agents, such as L3 and DHCP agents. After the agent is disabled, the scheduler does not schedule new resources to the agent. After the agent is disabled, you can safely remove the agent. Remove the resources on the agent before you delete the agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:473(para)
|
||
msgid "To run the following commands, you must stop the DHCP agent on HostA."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-multi-dhcp-agents.xml:495(para)
|
||
msgid "After deletion, if you restart the DHCP agent, it appears on the agent list again."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:7(title)
|
||
msgid "Use Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:8(para)
|
||
msgid "You can manage OpenStack Networking services by using the <systemitem>service</systemitem> command. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:15(para)
|
||
msgid "Log files are in the <systemitem>/var/log/neutron</systemitem> directory."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:18(para)
|
||
msgid "Configuration files are in the <systemitem>/etc/neutron</systemitem> directory."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:20(para)
|
||
msgid "Cloud administrators and tenants can use OpenStack Networking to build rich network topologies. Cloud administrators can create network connectivity on behalf of tenants."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:28(title)
|
||
msgid "Core Networking API features"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:29(para)
|
||
msgid "After you install and configure Networking, tenants and administrators can perform create-read-update-delete (CRUD) API networking operations by using the Networking API directly or neutron command-line interface (CLI). The neutron CLI is a wrapper around the Networking API. Every Networking API call has a corresponding neutron command."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:36(para)
|
||
msgid "The CLI includes a number of options. For details, see the <link href=\"http://docs.openstack.org/user-guide/content/\"><citetitle>OpenStack End User Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:42(title) ./doc/admin-guide-cloud/networking/section_networking-use.xml:50(caption)
|
||
msgid "API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:43(para)
|
||
msgid "The Networking v2.0 API provides control over both L2 network topologies and their allocated IP addresses (IP Address Management or IPAM). There is also an extension to cover basic L3 forwarding and NAT, which provides capabilities similar to <placeholder-1/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:55(th)
|
||
msgid "Abstraction"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:63(td)
|
||
msgid "An isolated L2 network segment (similar to a VLAN) that forms the basis for describing the L2 network topology available in an Networking deployment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:72(td)
|
||
msgid "Associates a block of IP addresses and other network configuration, such as default gateways or dns-servers, with an Networking network. Each subnet represents an IPv4 or IPv6 address block, and each Networking network can have multiple subnets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:83(td)
|
||
msgid "Represents an attachment port to a L2 Networking network. When a port is created on the network, by default it is allocated an available fixed IP address out of one of the designated subnets for each IP version (if one exists). When the port is destroyed, its allocated addresses return to the pool of available IPs on the subnet. Users of the Networking API can either choose a specific IP address from the block, or let Networking choose the first available IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:100(para)
|
||
msgid "This table summarizes the attributes available for each networking abstraction. For information about API abstraction and operations, see the <link href=\"http://docs.openstack.org/api/openstack-network/2.0/content/\">Networking API v2.0 Reference</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:106(caption)
|
||
msgid "Network attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:113(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:184(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:285(th)
|
||
msgid "Attribute"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:114(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:185(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:286(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:131(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:259(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:317(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:613(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:656(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:868(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:990(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1058(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1179(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1583(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1624(th)
|
||
msgid "Type"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:115(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:186(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:287(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1394(th)
|
||
msgid "Default value"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:121(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:293(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:278(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1091(td)
|
||
msgid "admin_state_up"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:122(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:143(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:219(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:294(td)
|
||
msgid "bool"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:123(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:220(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:280(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:974(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1093(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:21(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:22(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:26(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:27(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:31(td) ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:32(td)
|
||
msgid "True"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:124(td)
|
||
msgid "Administrative state of the network. If specified as False (down), this network does not forward packets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:129(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:240(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:323(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:403(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:266(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:324(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:620(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:663(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:875(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:997(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1065(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1186(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1590(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1631(td)
|
||
msgid "id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:130(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:167(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:267(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:294(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:325(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:338(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:347(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:354(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:369(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:621(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:640(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:664(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:718(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:876(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:882(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:998(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1004(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1066(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1072(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1187(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1231(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1591(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1609(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1632(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1645(td)
|
||
msgid "uuid-str"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:131(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:242(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:325(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:331(td)
|
||
msgid "Generated"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:132(td)
|
||
msgid "UUID for this network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:135(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:252(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:335(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:272(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:626(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:888(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1010(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1078(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1200(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1596(td)
|
||
msgid "name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:136(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:153(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:205(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:226(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:253(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:302(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:309(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:330(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:336(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:350(td)
|
||
msgid "string"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:137(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:254(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:303(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:310(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:337(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:274(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:628(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:635(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:683(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:689(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:695(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:701(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:707(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:890(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:896(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:921(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:933(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:939(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:946(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:953(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:959(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1012(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1018(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1033(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1080(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1086(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1129(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1202(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1598(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1604(td)
|
||
msgid "None"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:138(td)
|
||
msgid "Human-readable name for this network; is not required to be unique."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:142(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:911(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1023(td)
|
||
msgid "shared"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:144(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:913(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1025(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1040(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1448(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1654(td)
|
||
msgid "False"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:145(td)
|
||
msgid "Specifies whether this network resource can be accessed by any tenant. The default policy setting restricts usage of this attribute to administrative users only."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:152(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:349(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:285(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1098(td)
|
||
msgid "status"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:154(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:168(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:206(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:261(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:268(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:344(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:351(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:358(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:140(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:165(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:287(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:295(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:339(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:348(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:370(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:641(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:677(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:719(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:883(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1005(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1073(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1100(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1214(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1232(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1610(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1646(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1662(td)
|
||
msgid "N/A"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:155(td)
|
||
msgid "Indicates whether this network is currently operational."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:159(option)
|
||
msgid "subnets"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:160(td)
|
||
msgid "list(uuid-str)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:161(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:213(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:234(td)
|
||
msgid "Empty list"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:162(td)
|
||
msgid "List of subnets associated with this network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:166(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:266(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:356(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:293(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:368(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:639(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:717(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:881(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1003(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1071(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1230(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1608(td)
|
||
msgid "tenant_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:169(td)
|
||
msgid "Tenant owner of the network. Only administrative users can set the tenant identifier; this cannot be changed using authorization policies."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:177(caption)
|
||
msgid "Subnet attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:192(option)
|
||
msgid "allocation_pools"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:193(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:233(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:316(td)
|
||
msgid "list(dict)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:194(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:204(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:227(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1725(replaceable)
|
||
msgid "cidr"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:195(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:225(option)
|
||
msgid "gateway_ip"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:194(td)
|
||
msgid "Every address in <placeholder-1/>, excluding <placeholder-2/> (if configured)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:197(para)
|
||
msgid "List of cidr sub-ranges that are available for dynamic allocation to ports. Syntax:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:207(td)
|
||
msgid "IP range for this subnet, based on the IP version."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:211(option)
|
||
msgid "dns_nameservers"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:212(td)
|
||
msgid "list(string)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:214(td)
|
||
msgid "List of DNS name servers used by hosts in this subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:218(option)
|
||
msgid "enable_dhcp"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:221(td)
|
||
msgid "Specifies whether DHCP is enabled for this subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:227(td)
|
||
msgid "First address in <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:228(td)
|
||
msgid "Default gateway used by devices in this subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:232(option)
|
||
msgid "host_routes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:235(td)
|
||
msgid "Routes that should be used by devices with IPs from this subnet (not including local subnet route)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:241(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:260(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:267(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:324(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:343(td) ./doc/admin-guide-cloud/networking/section_networking-use.xml:357(td)
|
||
msgid "uuid-string"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:243(td)
|
||
msgid "UUID representing this subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:246(option) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:925(td)
|
||
msgid "ip_version"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:247(td)
|
||
msgid "int"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:248(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:927(td)
|
||
msgid "4"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:249(td)
|
||
msgid "IP version."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:255(td)
|
||
msgid "Human-readable name for this subnet (might not be unique)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:259(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:342(option)
|
||
msgid "network_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:262(td)
|
||
msgid "Network with which this subnet is associated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:269(td)
|
||
msgid "Owner of network. Only administrative users can set the tenant identifier; this cannot be changed using authorization policies."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:278(caption)
|
||
msgid "Port attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:295(td)
|
||
msgid "true"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:296(td)
|
||
msgid "Administrative state of this port. If specified as False (down), this port does not forward packets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:301(option)
|
||
msgid "device_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:304(td)
|
||
msgid "Identifies the device using this port (for example, a virtual server's ID)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:308(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:405(option)
|
||
msgid "device_owner"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:311(td)
|
||
msgid "Identifies the entity using this port (for example, a dhcp agent)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:315(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:404(option)
|
||
msgid "fixed_ips"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:317(td)
|
||
msgid "Automatically allocated from pool"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:318(td)
|
||
msgid "Specifies IP addresses for this port; associates the port with the subnets containing the listed IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:326(td)
|
||
msgid "UUID for this port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:329(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:545(option)
|
||
msgid "mac_address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:332(td)
|
||
msgid "Mac address to use on this port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:338(td)
|
||
msgid "Human-readable name for this port (might not be unique)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:345(td)
|
||
msgid "Network with which this port is associated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:352(td)
|
||
msgid "Indicates whether the network is currently operational."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:359(td)
|
||
msgid "Owner of the network. Only administrative users can set the tenant identifier; this cannot be changed using authorization policies."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:368(title) ./doc/admin-guide-cloud/networking/section_networking-use.xml:378(caption)
|
||
msgid "Basic Networking operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:369(para)
|
||
msgid "To learn about advanced capabilities available through the neutron command-line interface (CLI), read the networking section in the <link href=\"http://docs.openstack.org/user-guide/content/index.html\"> OpenStack End User Guide</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:374(para)
|
||
msgid "This table shows example neutron commands that enable you to complete basic network operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:383(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:462(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:592(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:391(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:736(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1248(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1681(th)
|
||
msgid "Operation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:384(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:463(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:521(th) ./doc/admin-guide-cloud/networking/section_networking-use.xml:593(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:392(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:737(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1249(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1682(th)
|
||
msgid "Command"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:389(td)
|
||
msgid "Creates a network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:393(td)
|
||
msgid "Creates a subnet that is associated with net1."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:398(td)
|
||
msgid "Lists ports for a specified tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:402(td)
|
||
msgid "Lists ports for a specified tenant and displays the <placeholder-1/>, <placeholder-2/>, and <placeholder-3/> columns."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:410(td)
|
||
msgid "Shows information for a specified port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:412(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:552(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:605(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:609(replaceable)
|
||
msgid "port-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:417(para)
|
||
msgid "The <option>device_owner</option> field describes who owns the port. A port whose <option>device_owner</option> begins with:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:423(para)
|
||
msgid "<literal>network</literal> is created by Networking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:427(para)
|
||
msgid "<literal>compute</literal> is created by Compute."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:434(title)
|
||
msgid "Administrative operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:435(para)
|
||
msgid "The cloud administrator can run any <placeholder-1/> command on behalf of tenants by specifying an Identity <option>tenant_id</option> in the command, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:440(replaceable)
|
||
msgid "tenant-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:440(replaceable)
|
||
msgid "network-name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:441(para) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:201(para) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:48(para) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:62(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:244(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:268(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:278(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:295(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:325(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:331(para) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:518(para)
|
||
msgid "For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:444(para)
|
||
msgid "To view all tenant IDs in Identity, run the following command as an Identity Service admin user:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:452(title) ./doc/admin-guide-cloud/networking/section_networking-use.xml:457(caption)
|
||
msgid "Advanced Networking operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:453(para)
|
||
msgid "This table shows example Networking commands that enable you to complete advanced network operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:468(td)
|
||
msgid "Creates a network that all tenants can use."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:473(td)
|
||
msgid "Creates a subnet with a specified gateway IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:478(td)
|
||
msgid "Creates a subnet that has no gateway IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:483(td)
|
||
msgid "Creates a subnet with DHCP disabled."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:487(td)
|
||
msgid "Creates a subnet with a specified set of host routes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:492(td)
|
||
msgid "Creates a subnet with a specified set of dns name servers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:497(td)
|
||
msgid "Displays all ports and IPs allocated on a network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:499(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:532(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:607(option) ./doc/admin-guide-cloud/networking/section_networking-use.xml:608(replaceable)
|
||
msgid "net-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:507(title)
|
||
msgid "Use Compute with Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:509(title) ./doc/admin-guide-cloud/networking/section_networking-use.xml:514(caption)
|
||
msgid "Basic Compute and Networking operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:510(para)
|
||
msgid "This table shows example neutron and nova commands that enable you to complete basic VM networking operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:520(th)
|
||
msgid "Action"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:526(td)
|
||
msgid "Checks available networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:530(td)
|
||
msgid "Boots a VM with a single NIC on a selected Networking network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:532(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:599(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:609(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:617(replaceable)
|
||
msgid "img"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:532(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:599(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:609(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:617(replaceable)
|
||
msgid "flavor"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:532(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:599(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:609(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:617(replaceable)
|
||
msgid "vm-name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:535(para)
|
||
msgid "Searches for ports with a <option>device_id</option> that matches the Compute instance UUID. See <xref linkend=\"network_compute_note\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:541(replaceable) ./doc/admin-guide-cloud/networking/section_networking-use.xml:547(replaceable)
|
||
msgid "vm-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:544(td)
|
||
msgid "Searches for ports, but shows only the <placeholder-1/> of the port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:550(td)
|
||
msgid "Temporarily disables a port from sending traffic."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:557(para)
|
||
msgid "The <option>device_id</option> can also be a logical router ID."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:561(title)
|
||
msgid "Create and delete VMs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:564(para)
|
||
msgid "When you boot a Compute VM, a port on the network that corresponds to the VM NIC is automatically created and associated with the default security group. You can configure <link linkend=\"enabling_ping_and_ssh\">security group rules</link> to enable users to access the VM."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:574(para)
|
||
msgid "When you delete a Compute VM, the underlying Networking port is automatically deleted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:582(title) ./doc/admin-guide-cloud/networking/section_networking-use.xml:587(caption)
|
||
msgid "Advanced VM creation operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:583(para)
|
||
msgid "This table shows example nova and neutron commands that enable you to complete advanced VM creation operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:598(td)
|
||
msgid "Boots a VM with multiple NICs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:599(replaceable)
|
||
msgid "net1-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:599(replaceable)
|
||
msgid "net2-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:602(td)
|
||
msgid "Boots a VM with a specific IP address. First, create an Networking port with a specific IP address. Then, boot a VM specifying a <placeholder-1/> rather than a <placeholder-2/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:608(replaceable)
|
||
msgid "subnet-id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:608(replaceable)
|
||
msgid "IP"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:615(parameter)
|
||
msgid "--nic"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:612(td)
|
||
msgid "Boots a VM that connects to all networks that are accessible to the tenant who submits the request (without the <placeholder-1/> option)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:622(para)
|
||
msgid "Networking does not currently support the <parameter>v4-fixed-ip</parameter> parameter of the <parameter>--nic</parameter> option for the <placeholder-1/> command."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:628(para)
|
||
msgid "Cloud images that distribution vendors offer usually have only one active NIC configured. When you boot with multiple NICs, you must configure additional interfaces on the image or the NICS are not reachable."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:633(para)
|
||
msgid "The following Debian/Ubuntu-based example shows how to set up the interfaces within the instance in the <filename>/etc/network/interfaces</filename> file. You must apply this configuration to the image."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:651(title)
|
||
msgid "Enable ping and SSH on VMs (security groups)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:653(para)
|
||
msgid "You must configure security group rules depending on the type of plug-in you are using. If you are using a plug-in that:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:658(para)
|
||
msgid "Implements Networking security groups, you can configure security group rules directly by using the <placeholder-1/> command. This example enables <placeholder-2/> and <placeholder-3/> access to your VMs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:672(para)
|
||
msgid "Does not implement Networking security groups, you can configure security group rules by using the <placeholder-1/> or <placeholder-2/> command. These <placeholder-3/> commands enable <placeholder-4/> and <placeholder-5/> access to your VMs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-use.xml:686(para)
|
||
msgid "If your plug-in implements Networking security groups, you can also leverage Compute security groups by setting <code>security_group_api = neutron</code> in the <filename>nova.conf</filename> file. After you set this option, all Compute security group commands are proxied to Networking."
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:124(None)
|
||
msgid "@@image: '../../common/figures/Neutron-PhysNet-Diagram.png'; md5=ea581fd58c57da1a6c9512b82027a195"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:200(None)
|
||
msgid "@@image: '../../common/figures/NetworkTypes.png'; md5=c424894383b701a38a6dc3ccf2e916f3"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:287(None)
|
||
msgid "@@image: '../../common/figures/vmware_nsx.png'; md5=fba7420fae8c2cb386147408e7a06416"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:6(title)
|
||
msgid "Networking architecture"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:7(para)
|
||
msgid "Before you deploy Networking, it's useful to understand the Networking services and how they interact with the OpenStack components."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:11(title)
|
||
msgid "Overview"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:12(para)
|
||
msgid "Networking is a standalone component in the OpenStack modular architecture. It's positioned alongside OpenStack components such as Compute, Image Service, Identity, or the Dashboard. Like those components, a deployment of Networking often involves deploying several services to a variety of hosts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:17(para)
|
||
msgid "The Networking server uses the <systemitem class=\"service\">neutron-server</systemitem> daemon to expose the Networking API and enable administration of the configured Networking plug-in. Typically, the plug-in requires access to a database for persistent storage (also similar to other OpenStack services)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:23(para)
|
||
msgid "If your deployment uses a controller host to run centralized Compute components, you can deploy the Networking server to that same host. However, Networking is entirely standalone and can be deployed to a dedicated host. Depending on your configuration, Networking can also include the following agents:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:30(caption)
|
||
msgid "Networking agents"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:35(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:77(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:98(td)
|
||
msgid "Agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:41(emphasis)
|
||
msgid "plug-in agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:43(literal)
|
||
msgid "neutron-*-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:41(td) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:50(td) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:57(td) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:65(td)
|
||
msgid "<placeholder-1/> (<placeholder-2/>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:44(td)
|
||
msgid "Runs on each hypervisor to perform local vSwitch configuration. The agent that runs, depends on the plug-in that you use. Certain plug-ins do not require an agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:50(emphasis)
|
||
msgid "dhcp agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:52(literal)
|
||
msgid "neutron-dhcp-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:53(td)
|
||
msgid "Provides DHCP services to tenant networks. Required by certain plug-ins."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:57(emphasis)
|
||
msgid "l3 agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:59(literal)
|
||
msgid "neutron-l3-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:60(td)
|
||
msgid "Provides L3/NAT forwarding to provide external network access for VMs on tenant networks. Required by certain plug-ins."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:65(emphasis)
|
||
msgid "metering agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:66(literal)
|
||
msgid "neutron-metering-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:67(td)
|
||
msgid "Provides L3 traffic metering for tenant networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:72(para)
|
||
msgid "These agents interact with the main neutron process through RPC (for example, RabbitMQ or Qpid) or through the standard Networking API. In addition, Networking integrates with OpenStack components in a number of ways:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:78(para)
|
||
msgid "Networking relies on the Identity service (keystone) for the authentication and authorization of all API requests."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:83(para)
|
||
msgid "Compute (nova) interacts with Networking through calls to its standard API. As part of creating a VM, the <systemitem class=\"service\">nova-compute</systemitem> service communicates with the Networking API to plug each virtual NIC on the VM into a particular network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:92(para)
|
||
msgid "The dashboard (horizon) integrates with the Networking API, enabling administrators and tenant users to create and manage network services through a web-based GUI."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:100(title)
|
||
msgid "Place services on physical hosts"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:101(para)
|
||
msgid "Like other OpenStack services, Networking enables you to run services across multiple physical devices. It is also possible to run all service daemons on a single physical host for evaluation purposes. Alternatively, you can run each service on a dedicated physical host and replicate certain services across multiple hosts for redundancy purposes. For more information, see the <citetitle>OpenStack Configuration Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:108(para)
|
||
msgid "A standard architectural design includes a cloud controller host, a network gateway host, and a number of hypervisors for hosting virtual machines. The cloud controller and network gateway can be on the same host. However, if you expect VMs to send significant traffic to or from the Internet, a dedicated network gateway host helps avoid CPU contention between the <systemitem class=\"service\">neutron-l3-agent</systemitem> and other OpenStack services that forward packets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:119(title)
|
||
msgid "Network connectivity for physical hosts"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:127(para)
|
||
msgid "A standard Networking deployment includes one or more of the following physical networks:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:132(caption)
|
||
msgid "General distinct physical data center networks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:144(emphasis)
|
||
msgid "Management network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:146(td)
|
||
msgid "Provides internal communication between OpenStack components. IP addresses on this network should be reachable only within the data center."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:152(emphasis)
|
||
msgid "Data network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:154(td)
|
||
msgid "Provides VM data communication within the cloud deployment. The IP addressing requirements of this network depend on the Networking plug-in that is used."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:161(emphasis)
|
||
msgid "External network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:163(td)
|
||
msgid "Provides VMs with Internet access in some deployment scenarios. Anyone on the Internet can reach IP addresses on this network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:169(emphasis)
|
||
msgid "API network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:171(td)
|
||
msgid "Exposes all OpenStack APIs, including the Networking API, to tenants. IP addresses on this network should be reachable by anyone on the Internet. The API network might be the same as the external network, because it is possible to create an external-network subnet that has allocated IP ranges that use less than the full range of IP addresses in an IP block."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:188(title) ./doc/admin-guide-cloud/networking/section_networking_arch.xml:196(title)
|
||
msgid "Tenant and provider networks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:189(para)
|
||
msgid "The following diagram presents an overview of the tenant and provider network types, and illustrates how they interact within the overall Networking topology:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:206(title)
|
||
msgid "Tenant networks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:207(para)
|
||
msgid "Users create tenant networks for connectivity within projects; they are fully isolated by default and are not shared with other projects. Networking supports a range of tenant network types:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:215(term)
|
||
msgid "Flat"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:217(para)
|
||
msgid "All instances reside on the same network, which can also be shared with the hosts. No VLAN tagging or other network segregation takes place."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:224(term)
|
||
msgid "Local"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:226(para)
|
||
msgid "Instances reside on the local compute host and are effectively isolated from any external networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:232(term)
|
||
msgid "VLAN"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:234(para)
|
||
msgid "Networking allows users to create multiple provider or tenant networks using VLAN IDs (802.1Q tagged) that correspond to VLANs present in the physical network. This allows instances to communicate with each other across the environment. They can also communicate with dedicated servers, firewalls, load balancers and other networking infrastructure on the same layer 2 VLAN."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:244(term)
|
||
msgid "VXLAN and GRE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:246(para)
|
||
msgid "VXLAN and GRE use network overlays to support private communication between instances. A Networking router is required to enable traffic to traverse outside of the GRE or VXLAN tenant network. A router is also required to connect directly-connected tenant networks with external networks, including the Internet; the router provides the ability to connect to instances directly from an external network using floating IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:259(title) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:12(title)
|
||
msgid "Provider networks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:260(para)
|
||
msgid "Provider networks are created by the OpenStack administrator and map directly to an existing physical network in the data center. Useful network types in this category are flat (untagged) and VLAN (802.1Q tagged). It is possible to allow provider networks to be shared among tenants as part of the network creation process."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:268(title)
|
||
msgid "VMware NSX integration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:269(para)
|
||
msgid "OpenStack Networking uses the NSX plugin for Networking to integrate with an existing VMware vCenter deployment. When installed on the network nodes, the NSX plugin enables a NSX controller to centrally manage configuration settings and push them to managed network nodes. Network nodes are considered managed when they're added as hypervisors to the NSX controller."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:275(para)
|
||
msgid "The diagram below depicts an example NSX deployment and illustrates the route inter-VM traffic takes between separate Compute nodes. Note the placement of the VMware NSX plugin and the <systemitem class=\"service\">neutron-server</systemitem> service on the network node. The NSX controller features centrally with a green line to the network node to indicate the management relationship:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_arch.xml:282(title)
|
||
msgid "VMware NSX overview"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:7(title)
|
||
msgid "Advanced features through API extensions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:8(para)
|
||
msgid "Several plug-ins implement API extensions that provide capabilities similar to what was available in nova-network: These plug-ins are likely to be of interest to the OpenStack community."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:13(para)
|
||
msgid "Networks can be categorized as either \"tenant networks\" or \"provider networks\". Tenant networks are created by normal users and details about how they are physically realized are hidden from those users. Provider networks are created with administrative credentials, specifying the details of how the network is physically realized, usually to match some existing network in the data center."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:18(para)
|
||
msgid "Provider networks enable cloud administrators to create Networking networks that map directly to the physical networks in the data center. This is commonly used to give tenants direct access to a public network that can be used to reach the Internet. It might also be used to integrate with VLANs in the network that already have a defined meaning (for example, enable a VM from the \"marketing\" department to be placed on the same VLAN as bare-metal marketing hosts in the same data center)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:24(para)
|
||
msgid "The provider extension allows administrators to explicitly manage the relationship between Networking virtual networks and underlying physical mechanisms such as VLANs and tunnels. When this extension is supported, Networking client users with administrative privileges see additional provider attributes on all virtual networks and are able to specify these attributes in order to create provider networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:29(para)
|
||
msgid "The provider extension is supported by the Open vSwitch and Linux Bridge plug-ins. Configuration of these plug-ins requires familiarity with this extension."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:32(title)
|
||
msgid "Terminology"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:33(para)
|
||
msgid "A number of terms are used in the provider extension and in the configuration of plug-ins supporting the provider extension:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:36(caption)
|
||
msgid "Provider extension terminology"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:41(th)
|
||
msgid "Term"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:47(emphasis)
|
||
msgid "virtual network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:48(td)
|
||
msgid "An Networking L2 network (identified by a UUID and optional name) whose ports can be attached as vNICs to Compute instances and to various Networking agents. The Open vSwitch and Linux Bridge plug-ins each support several different mechanisms to realize virtual networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:54(emphasis)
|
||
msgid "physical network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:55(td)
|
||
msgid "A network connecting virtualization hosts (such as compute nodes) with each other and with other network resources. Each physical network might support multiple virtual networks. The provider extension and the plug-in configurations identify physical networks using simple string names."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:62(emphasis)
|
||
msgid "tenant network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:63(td)
|
||
msgid "A virtual network that a tenant or an administrator creates. The physical details of the network are not exposed to the tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:67(emphasis)
|
||
msgid "provider network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:68(td)
|
||
msgid "A virtual network administratively created to map to a specific network in the data center, typically to enable direct access to non-OpenStack resources on that network. Tenants can be given access to provider networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:74(emphasis)
|
||
msgid "VLAN network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:75(td)
|
||
msgid "A virtual network implemented as packets on a specific physical network containing IEEE 802.1Q headers with a specific VID field value. VLAN networks sharing the same physical network are isolated from each other at L2 and can even have overlapping IP address spaces. Each distinct physical network supporting VLAN networks is treated as a separate VLAN trunk, with a distinct space of VID values. Valid VID values are 1 through 4094."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:84(emphasis)
|
||
msgid "flat network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:85(td)
|
||
msgid "A virtual network implemented as packets on a specific physical network containing no IEEE 802.1Q header. Each physical network can realize at most one flat network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:90(emphasis)
|
||
msgid "local network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:91(td)
|
||
msgid "A virtual network that allows communication within each host, but not across a network. Local networks are intended mainly for single-node test scenarios, but can have other uses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:96(emphasis)
|
||
msgid "GRE network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:99(emphasis)
|
||
msgid "tunnels"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:97(td)
|
||
msgid "A virtual network implemented as network packets encapsulated using GRE. GRE networks are also referred to as <placeholder-1/>. GRE tunnel packets are routed by the IP routing table for the host, so GRE networks are not associated by Networking with specific physical networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:104(emphasis)
|
||
msgid "Virtual Extensible LAN (VXLAN) network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:106(td)
|
||
msgid "VXLAN is a proposed encapsulation protocol for running an overlay network on existing Layer 3 infrastructure. An overlay network is a virtual network that is built on top of existing network Layer 2 and Layer 3 technologies to support elastic compute architectures."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:113(para)
|
||
msgid "The ML2, Open vSwitch, and Linux Bridge plug-ins support VLAN networks, flat networks, and local networks. Only the ML2 and Open vSwitch plug-ins currently support GRE and VXLAN networks, provided that the required features exist in the hosts Linux kernel, Open vSwitch, and iproute2 packages."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:119(title)
|
||
msgid "Provider attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:120(para)
|
||
msgid "The provider extension extends the Networking network resource with these attributes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:123(caption)
|
||
msgid "Provider network attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:130(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:258(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:316(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:612(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:655(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:867(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:989(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1057(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1178(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1493(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1582(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1623(th)
|
||
msgid "Attribute name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:132(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:260(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:318(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:614(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:657(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:869(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:991(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1059(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1180(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1584(th) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1625(th)
|
||
msgid "Default Value"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:138(td)
|
||
msgid "provider:network_type"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:139(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:153(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:273(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:286(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:627(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:634(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:676(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:682(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:700(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:889(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:895(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:920(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:966(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1011(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1017(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1079(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1085(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1099(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1201(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1219(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1597(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1603(td)
|
||
msgid "String"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:142(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:155(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:169(literal)
|
||
msgid "flat"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:142(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:147(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:156(literal)
|
||
msgid "vlan"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:143(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:148(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:159(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:170(literal)
|
||
msgid "local"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:143(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:147(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:159(literal) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:747(replaceable)
|
||
msgid "gre"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:141(td)
|
||
msgid "The physical mechanism by which the virtual network is implemented. Possible values are <placeholder-1/>, <placeholder-2/>, <placeholder-3/>, and <placeholder-4/>, corresponding to flat networks, VLAN networks, local networks, and GRE networks as defined above. All types of provider networks can be created by administrators, while tenant networks can be implemented as <placeholder-5/>, <placeholder-6/>, or <placeholder-7/> network types depending on plug-in configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:152(td)
|
||
msgid "provider:physical_network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:154(td)
|
||
msgid "If a physical network named \"default\" has been configured and if provider:network_type is <placeholder-1/> or <placeholder-2/>, then \"default\" is used."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:157(td)
|
||
msgid "The name of the physical network over which the virtual network is implemented for flat and VLAN networks. Not applicable to the <placeholder-1/> or <placeholder-2/> network types."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:163(td)
|
||
msgid "provider:segmentation_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:164(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:688(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:694(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:958(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1207(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1213(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1225(td)
|
||
msgid "Integer"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:166(td)
|
||
msgid "For VLAN networks, the VLAN VID on the physical network that realizes the virtual network. Valid VLAN VIDs are 1 through 4094. For GRE networks, the tunnel ID. Valid tunnel IDs are any 32 bit unsigned integer. Not applicable to the <placeholder-1/> or <placeholder-2/> network types."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:174(para)
|
||
msgid "To view or set provider extended attributes, a client must be authorized for the <code>extension:provider_network:view</code> and <code>extension:provider_network:set</code> actions in the Networking policy configuration. The default Networking configuration authorizes both actions for users with the admin role. An authorized client or an administrative user can view and set the provider extended attributes through Networking API calls. See <xref linkend=\"section_networking_auth\"/> for details on policy configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:183(title)
|
||
msgid "Provider extension API operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:184(para)
|
||
msgid "To use the provider extension with the default policy settings, you must have the administrative role."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:186(para)
|
||
msgid "This list shows example neutron commands that enable you to complete basic provider extension API operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:190(para)
|
||
msgid "Shows all attributes of a network, including provider attributes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:195(para)
|
||
msgid "Creates a local provider network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:199(para)
|
||
msgid "When you create flat networks, <phys-net-name> must be known to the plug-in. See the <citetitle>OpenStack Configuration Reference</citetitle> for details. Creates a flat provider network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:206(para)
|
||
msgid "When you create VLAN networks, <phys-net-name> must be known to the plug-in. See the <citetitle>OpenStack Configuration Reference</citetitle> for details on configuring network_vlan_ranges to identify all physical networks. When you create VLAN networks, <VID> can fall either within or outside any configured ranges of VLAN IDs from which tenant networks are allocated. Creates a VLAN provider network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:217(para)
|
||
msgid "When you create GRE networks, <tunnel-id> can be either inside or outside any tunnel ID ranges from which tenant networks are allocated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:220(para)
|
||
msgid "After you create provider networks, you can allocate subnets, which you can use in the same way as other virtual networks, subject to authorization policy based on the specified <tenant_id>. Creates a GRE provider network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:230(title)
|
||
msgid "L3 routing and NAT"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:231(para)
|
||
msgid "The Networking API provides abstract L2 network segments that are decoupled from the technology used to implement the L2 network. Networking includes an API extension that provides abstract L3 routers that API users can dynamically provision and configure. These Networking routers can connect multiple L2 Networking networks and can also provide a gateway that connects one or more private L2 networks to a shared external network. For example, a public network for access to the Internet. See the <citetitle>OpenStack Configuration Reference</citetitle> for details on common models of deploying Networking L3 routers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:240(para)
|
||
msgid "The L3 router provides basic NAT capabilities on gateway ports that uplink the router to external networks. This router SNATs all traffic by default and supports floating IPs, which creates a static one-to-one mapping from a public IP on the external network to a private IP on one of the other subnets attached to the router. This allows a tenant to selectively expose VMs on private networks to other hosts on the external network (and often to all hosts on the Internet). You can allocate and map floating IPs from one port to another, as needed."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:249(title)
|
||
msgid "L3 API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:251(caption)
|
||
msgid "Router"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:268(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:326(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:622(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:665(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:877(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:999(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1067(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1188(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1592(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1633(td)
|
||
msgid "generated"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:269(td)
|
||
msgid "UUID for the router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:275(td)
|
||
msgid "Human-readable name for the router. Might not be unique."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:279(td)
|
||
msgid "Bool"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:281(td)
|
||
msgid "The administrative state of router. If false (down), the router does not forward packets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:289(para)
|
||
msgid "Indicates whether router is currently operational."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:296(td)
|
||
msgid "Owner of the router. Only admin users can specify a tenant_id other than its own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:300(td)
|
||
msgid "external_gateway_info"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:301(td)
|
||
msgid "dict contain 'network_id' key-value pair"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:302(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:355(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:362(td)
|
||
msgid "Null"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:303(td)
|
||
msgid "External network that this router connects to for gateway services (for example, NAT)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:309(caption)
|
||
msgid "Floating IP"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:327(td)
|
||
msgid "UUID for the floating IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:330(td)
|
||
msgid "floating_ip_address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:331(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:361(td)
|
||
msgid "string (IP address)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:332(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:671(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:903(td)
|
||
msgid "allocated by Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:333(td)
|
||
msgid "The external network IP address available to be mapped to an internal IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:337(td)
|
||
msgid "floating_network_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:341(para)
|
||
msgid "The network indicating the set of subnets from which the floating IP should be allocated"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:346(td)
|
||
msgid "router_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:349(td)
|
||
msgid "Read-only value indicating the router that connects the external network to the associated internal port, if a port is associated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:353(td)
|
||
msgid "port_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:356(td)
|
||
msgid "Indicates the internal Networking port associated with the external floating IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:360(td)
|
||
msgid "fixed_ip_address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:363(td)
|
||
msgid "Indicates the IP address on the internal port that is mapped to by the floating IP (since an Networking port might have more than one IP address)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:371(td)
|
||
msgid "Owner of the Floating IP. Only admin users can specify a tenant_id other than its own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:379(title) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:386(caption) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1676(caption)
|
||
msgid "Basic L3 operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:380(para)
|
||
msgid "External networks are visible to all users. However, the default policy settings enable only administrative users to create, update, and delete external networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:383(para)
|
||
msgid "This table shows example neutron commands that enable you to complete basic L3 operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:398(para)
|
||
msgid "Creates external networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:407(para)
|
||
msgid "Lists external networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:415(para)
|
||
msgid "Creates an internal-only router that connects to multiple L2 networks privately."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:430(para)
|
||
msgid "Connects a router to an external network, which enables that router to act as a NAT gateway for external connectivity."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:435(para)
|
||
msgid "The router obtains an interface with the gateway_ip address of the subnet and this interface is attached to a port on the L2 Networking network associated with the subnet. The router also gets a gateway interface to the specified external network. This provides SNAT connectivity to the external network as well as support for floating IPs allocated on that external networks. Commonly an external network maps to a network in the provider"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:446(para)
|
||
msgid "Lists routers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:454(para)
|
||
msgid "Shows information for a specified router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:462(para)
|
||
msgid "Shows all internal interfaces for a router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:467(para)
|
||
msgid "Identifies the <literal>port-id</literal> that represents the VM NIC to which the floating IP should map."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:472(para)
|
||
msgid "This port must be on an Networking subnet that is attached to a router uplinked to the external network used to create the floating IP. Conceptually, this is because the router must be able to perform the Destination NAT (DNAT) rewriting of packets from the Floating IP address (chosen from a subnet on the external network) to the internal Fixed IP (chosen from a private subnet that is behind the router)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:483(para)
|
||
msgid "Creates a floating IP address and associates it with a port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:493(para)
|
||
msgid "Creates a floating IP address and associates it with a port, in a single step."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:502(para)
|
||
msgid "Lists floating IPs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:510(para)
|
||
msgid "Finds floating IP for a specified VM port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:518(para)
|
||
msgid "Disassociates a floating IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:526(para)
|
||
msgid "Deletes the floating IP address."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:534(para)
|
||
msgid "Clears the gateway."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:542(para)
|
||
msgid "Removes the interfaces from the router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:550(para)
|
||
msgid "Deletes the router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:562(title)
|
||
msgid "Security groups"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:563(para)
|
||
msgid "Security groups and security group rules allows administrators and tenants the ability to specify the type of traffic and direction (ingress/egress) that is allowed to pass through a port. A security group is a container for security group rules."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:566(para)
|
||
msgid "When a port is created in Networking it is associated with a security group. If a security group is not specified the port is associated with a 'default' security group. By default, this group drops all ingress traffic and allows all egress. Rules can be added to this group in order to change the behaviour."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:570(para)
|
||
msgid "To use the Compute security group APIs or use Compute to orchestrate the creation of ports for instances on specific security groups, you must complete additional configuration. You must configure the <filename>/etc/nova/nova.conf</filename> file and set the <code>security_group_api=neutron</code> option on every node that runs <systemitem class=\"service\">nova-compute</systemitem> and <systemitem class=\"service\">nova-api</systemitem>. After you make this change, restart <systemitem class=\"service\">nova-api</systemitem> and <systemitem class=\"service\">nova-compute</systemitem> to pick up this change. Then, you can use both the Compute and OpenStack Network security group APIs at the same time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:582(para)
|
||
msgid "To use the Compute security group API with Networking, the Networking plug-in must implement the security group API. The following plug-ins currently implement this: ML2, Open vSwitch, Linux Bridge, NEC, Ryu, and VMware NSX."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:588(para)
|
||
msgid "You must configure the correct firewall driver in the <literal>securitygroup</literal> section of the plug-in/agent configuration file. Some plug-ins and agents, such as Linux Bridge Agent and Open vSwitch Agent, use the no-operation driver as the default, which results in non-working security groups."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:595(para)
|
||
msgid "When using the security group API through Compute, security groups are applied to all ports on an instance. The reason for this is that Compute security group APIs are instances based and not port based as Networking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:603(title)
|
||
msgid "Security group API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:605(caption)
|
||
msgid "Security group attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:623(td)
|
||
msgid "UUID for the security group."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:629(td)
|
||
msgid "Human-readable name for the security group. Might not be unique. Cannot be named default as that is automatically created for a tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:633(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:894(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1016(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1084(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1602(td)
|
||
msgid "description"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:636(td)
|
||
msgid "Human-readable description of a security group."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:642(td)
|
||
msgid "Owner of the security group. Only admin users can specify a tenant_id other than their own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:648(caption)
|
||
msgid "Security group rules"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:666(td)
|
||
msgid "UUID for the security group rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:669(td)
|
||
msgid "security_group_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:670(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:712(td)
|
||
msgid "uuid-str or Integer"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:672(td)
|
||
msgid "The security group to associate rule with."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:675(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1637(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1725(replaceable)
|
||
msgid "direction"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:678(td)
|
||
msgid "The direction the traffic is allow (ingress/egress) from a VM."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:681(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:919(td)
|
||
msgid "protocol"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:684(td)
|
||
msgid "IP Protocol (icmp, tcp, udp, and so on)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:687(td)
|
||
msgid "port_range_min"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:690(td)
|
||
msgid "Port at start of range"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:693(td)
|
||
msgid "port_range_max"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:696(td)
|
||
msgid "Port at end of range"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:699(td)
|
||
msgid "ethertype"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:702(td)
|
||
msgid "ethertype in L2 packet (IPv4, IPv6, and so on)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:705(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1660(td)
|
||
msgid "remote_ip_prefix"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:706(td)
|
||
msgid "string (IP cidr)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:708(td)
|
||
msgid "CIDR for address range"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:711(td)
|
||
msgid "remote_group_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:713(td)
|
||
msgid "allocated by Networking or Compute"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:714(td)
|
||
msgid "Source security group to apply to rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:720(td)
|
||
msgid "Owner of the security group rule. Only admin users can specify a tenant_id other than its own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:727(title) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:731(caption)
|
||
msgid "Basic security group operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:728(para)
|
||
msgid "This table shows example neutron commands that enable you to complete basic security group operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:743(para)
|
||
msgid "Creates a security group for our web servers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:751(para)
|
||
msgid "Lists security groups."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:759(para)
|
||
msgid "Creates a security group rule to allow port 80 ingress."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:767(para)
|
||
msgid "Lists security group rules."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:775(para)
|
||
msgid "Deletes a security group rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:783(para)
|
||
msgid "Deletes a security group."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:791(para)
|
||
msgid "Creates a port and associates two security groups."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:799(para)
|
||
msgid "Removes security groups from a port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:811(title)
|
||
msgid "Basic Load-Balancer-as-a-Service operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:813(para)
|
||
msgid "The Load-Balancer-as-a-Service (LBaaS) API provisions and configures load balancers. The Havana release offers a reference implementation that is based on the HAProxy software load balancer."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:817(para)
|
||
msgid "This list shows example neutron commands that enable you to complete basic LBaaS operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:821(para)
|
||
msgid "Creates a load balancer pool by using specific provider."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:822(para)
|
||
msgid "<parameter>--provider</parameter> is an optional argument. If not used, the pool is created with default provider for LBaaS service. You should configure the default provider in the <literal>[service_providers]</literal> section of <filename>neutron.conf</filename> file. If no default provider is specified for LBaaS, the <parameter>--provider</parameter> option is required for pool creation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:829(parameter)
|
||
msgid "--provider <provider_name>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:832(para)
|
||
msgid "Associates two web servers with pool."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:837(para)
|
||
msgid "Creates a health monitor which checks to make sure our instances are still running on the specified protocol-port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:842(para)
|
||
msgid "Associates a health monitor with pool."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:846(para)
|
||
msgid "Creates a virtual IP (VIP) address that, when accessed through the load balancer, directs the requests to one of the pool members."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:854(title)
|
||
msgid "Firewall-as-a-Service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:855(para)
|
||
msgid "The Firewall-as-a-Service (FWaaS) API is an experimental API that enables early adopters and vendors to test their networking implementations."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:858(title)
|
||
msgid "Firewall-as-a-Service API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:860(caption)
|
||
msgid "Firewall rules"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:878(td)
|
||
msgid "UUID for the firewall rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:884(td)
|
||
msgid "Owner of the firewall rule. Only admin users can specify a tenant_id other than its own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:891(td)
|
||
msgid "Human readable name for the firewall rule (255 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:897(td)
|
||
msgid "Human readable description for the firewall rule (1024 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:901(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1127(td)
|
||
msgid "firewall_policy_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:902(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1128(td)
|
||
msgid "uuid-str or None"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:904(td)
|
||
msgid "This is a read-only attribute that gets populated with the uuid of the firewall policy when this firewall rule is associated with a firewall policy. A firewall rule can be associated with only one firewall policy at a time. However, the association can be changed to a different firewall policy."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:912(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:973(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1024(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1039(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1092(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1193(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1653(td)
|
||
msgid "Boolean"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:914(td)
|
||
msgid "When set to True makes this firewall rule visible to tenants other than its owner and it can be used in firewall policies not owned by its tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:922(td)
|
||
msgid "IP Protocol (icmp, tcp, udp, None)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:926(td)
|
||
msgid "Integer or String"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:928(td)
|
||
msgid "IP Version (4, 6)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:931(td)
|
||
msgid "source_ip_address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:932(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:938(td)
|
||
msgid "String (IP address or CIDR)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:934(td)
|
||
msgid "Source IP address or CIDR."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:937(td)
|
||
msgid "destination_ip_address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:940(td)
|
||
msgid "Destination IP address or CIDR."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:943(td)
|
||
msgid "source_port"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:944(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:951(td)
|
||
msgid "Integer or String (either as a single port number or in the format of a ':' separated range)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:947(td)
|
||
msgid "Source port number or a range."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:950(td)
|
||
msgid "destination_port"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:954(td)
|
||
msgid "Destination port number or a range."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:957(td)
|
||
msgid "position"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:960(td)
|
||
msgid "This is a read-only attribute that gets assigned to this rule when the rule is associated with a firewall policy. It indicates the position of this rule in that firewall policy."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:965(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1515(td)
|
||
msgid "action"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:967(td)
|
||
msgid "deny"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:968(td)
|
||
msgid "Action to be performed on the traffic matching the rule (allow, deny)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:972(td)
|
||
msgid "enabled"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:975(td)
|
||
msgid "When set to False, disables this rule in the firewall policy. Facilitates selectively turning off rules without having to disassociate the rule from the firewall policy."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:982(caption)
|
||
msgid "Firewall policies"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1000(td)
|
||
msgid "UUID for the firewall policy."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1006(td)
|
||
msgid "Owner of the firewall policy. Only admin users can specify a tenant_id other their own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1013(td)
|
||
msgid "Human readable name for the firewall policy (255 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1019(td)
|
||
msgid "Human readable description for the firewall policy (1024 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1026(td)
|
||
msgid "When set to True makes this firewall policy visible to tenants other than its owner and can be used to associate with firewalls not owned by its tenant."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1031(td)
|
||
msgid "firewall_rules"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1032(td)
|
||
msgid "List of uuid-str or None"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1034(td)
|
||
msgid "This is an ordered list of firewall rule uuids. The firewall applies the rules in the order in which they appear in this list."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1038(td)
|
||
msgid "audited"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1041(td)
|
||
msgid "When set to True by the policy owner indicates that the firewall policy has been audited. This attribute is meant to aid in the firewall policy audit workflows. Each time the firewall policy or the associated firewall rules are changed, this attribute is set to False and must be explicitly set to True through an update operation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1050(caption)
|
||
msgid "Firewalls"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1068(td)
|
||
msgid "UUID for the firewall."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1074(td)
|
||
msgid "Owner of the firewall. Only admin users can specify a tenant_id other than its own."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1081(td)
|
||
msgid "Human readable name for the firewall (255 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1087(td)
|
||
msgid "Human readable description for the firewall (1024 characters limit)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1094(td)
|
||
msgid "The administrative state of the firewall. If False (down), the firewall does not forward any packets."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1102(para)
|
||
msgid "Indicates whether the firewall is currently operational. Possible values include:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1106(para)
|
||
msgid "ACTIVE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1109(para)
|
||
msgid "DOWN"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1112(para)
|
||
msgid "PENDING_CREATE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1115(para)
|
||
msgid "PENDING_UPDATE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1118(para)
|
||
msgid "PENDING_DELETE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1121(para)
|
||
msgid "ERROR"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1130(td)
|
||
msgid "The firewall policy uuid that this firewall is associated with. This firewall implements the rules contained in the firewall policy represented by this uuid."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1140(title)
|
||
msgid "Plug-in specific extensions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1142(para)
|
||
msgid "Each vendor can choose to implement additional API extensions to the core API. This section describes the extensions for each plug-in."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1145(title)
|
||
msgid "VMware NSX extensions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1146(para)
|
||
msgid "These sections explain NSX plug-in extensions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1148(title)
|
||
msgid "VMware NSX QoS extension"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1149(para)
|
||
msgid "The VMware NSX QoS extension rate-limits network ports to guarantee a specific amount of bandwidth for each port. This extension, by default, is only accessible by a tenant with an admin role but is configurable through the <filename>policy.json</filename> file. To use this extension, create a queue and specify the min/max bandwidth rates (kbps) and optionally set the QoS Marking and DSCP value (if your network fabric uses these values to make forwarding decisions). Once created, you can associate a queue with a network. Then, when ports are created on that network they are automatically created and associated with the specific queue size that was associated with the network. Because one size queue for a every port on a network might not be optimal, a scaling factor from the nova flavor 'rxtx_factor' is passed in from Compute when creating the port to scale the queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1161(para)
|
||
msgid "Lastly, if you want to set a specific baseline QoS policy for the amount of bandwidth a single port can use (unless a network queue is specified with the network a port is created on) a default queue can be created in Networking which then causes ports created to be associated with a queue of that size times the rxtx scaling factor. Note that after a network or default queue is specified, queues are added to ports that are subsequently created but are not added to existing ports."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1169(title)
|
||
msgid "VMware NSX QoS API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1171(caption)
|
||
msgid "VMware NSX QoS attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1189(td)
|
||
msgid "UUID for the QoS queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1192(td) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:361(replaceable)
|
||
msgid "default"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1194(td)
|
||
msgid "False by default"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1195(td)
|
||
msgid "If True, ports are created with this queue size unless the network port is created or associated with a queue at port creation time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1203(td)
|
||
msgid "Name for QoS queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1206(td)
|
||
msgid "min"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1208(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1226(td)
|
||
msgid "0"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1209(td)
|
||
msgid "Minimum Bandwidth Rate (kbps)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1212(td)
|
||
msgid "max"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1215(td)
|
||
msgid "Maximum Bandwidth Rate (kbps)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1218(td)
|
||
msgid "qos_marking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1220(td)
|
||
msgid "untrusted by default"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1221(td)
|
||
msgid "Whether QoS marking should be trusted or untrusted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1224(td)
|
||
msgid "dscp"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1227(td)
|
||
msgid "DSCP Marking value."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1233(td)
|
||
msgid "The owner of the QoS queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1239(title) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1243(caption)
|
||
msgid "Basic VMware NSX QoS operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1240(para)
|
||
msgid "This table shows example neutron commands that enable you to complete basic queue operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1255(para)
|
||
msgid "Creates QoS Queue (admin-only)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1263(para)
|
||
msgid "Associates a queue with a network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1271(para)
|
||
msgid "Creates a default system queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1279(para)
|
||
msgid "Lists QoS queues."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1287(para)
|
||
msgid "Deletes a QoS queue."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1298(title)
|
||
msgid "VMware NSX provider networks extension"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1299(para)
|
||
msgid "Provider networks can be implemented in different ways by the underlying NSX platform."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1301(para)
|
||
msgid "The <emphasis>FLAT</emphasis> and <emphasis>VLAN</emphasis> network types use bridged transport connectors. These network types enable the attachment of large number of ports. To handle the increased scale, the NSX plug-in can back a single OpenStack Network with a chain of NSX logical switches. You can specify the maximum number of ports on each logical switch in this chain on the <literal>max_lp_per_bridged_ls</literal> parameter, which has a default value of 5,000."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1308(para)
|
||
msgid "The recommended value for this parameter varies with the NSX version running in the back-end, as shown in the following table."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1311(caption)
|
||
msgid "Recommended values for max_lp_per_bridged_ls"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1316(td)
|
||
msgid "NSX version"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1317(td)
|
||
msgid "Recommended Value"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1322(td)
|
||
msgid "2.x"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1323(td)
|
||
msgid "64"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1326(td)
|
||
msgid "3.0.x"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1327(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1331(td)
|
||
msgid "5,000"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1330(td)
|
||
msgid "3.1.x"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1334(td)
|
||
msgid "3.2.x"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1335(td)
|
||
msgid "10,000"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1339(para)
|
||
msgid "In addition to these network types, the NSX plug-in also supports a special <emphasis>l3_ext</emphasis> network type, which maps external networks to specific NSX gateway services as discussed in the next section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1344(title)
|
||
msgid "VMware NSX L3 extension"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1345(para)
|
||
msgid "NSX exposes its L3 capabilities through gateway services which are usually configured out of band from OpenStack. To use NSX with L3 capabilities, first create a L3 gateway service in the NSX Manager. Next, in <filename> /etc/neutron/plugins/vmware/nsx.ini</filename> set <literal>default_l3_gw_service_uuid</literal> to this value. By default, routers are mapped to this gateway service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1352(title)
|
||
msgid "VMware NSX L3 extension operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1353(para)
|
||
msgid "Create external network and map it to a specific NSX gateway service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1357(para)
|
||
msgid "Terminate traffic on a specific VLAN from a NSX gateway service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1363(title)
|
||
msgid "Operational status synchronization in the VMware NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1364(para)
|
||
msgid "Starting with the Havana release, the VMware NSX plug-in provides an asynchronous mechanism for retrieving the operational status for neutron resources from the NSX back-end; this applies to <emphasis>network</emphasis>, <emphasis>port</emphasis> and <emphasis>router</emphasis> resources."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1368(para)
|
||
msgid "The back-end is polled periodically and the status for every resource is retrieved; then the status in the Networking database is updated only for the resources for which a status change occurred. As operational status is now retrieved asynchronously, performance for <literal>GET</literal> operations is consistently improved."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1373(para)
|
||
msgid "Data to retrieve from the back-end are divided in chunks in order to avoid expensive API requests; this is achieved leveraging NSX APIs response paging capabilities. The minimum chunk size can be specified using a configuration option; the actual chunk size is then determined dynamically according to: total number of resources to retrieve, interval between two synchronization task runs, minimum delay between two subsequent requests to the NSX back-end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1379(para)
|
||
msgid "The operational status synchronization can be tuned or disabled using the configuration options reported in this table; it is however worth noting that the default values work fine in most cases."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1383(caption)
|
||
msgid "Configuration options for tuning operational status synchronization in the NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1392(th)
|
||
msgid "Option name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1393(th)
|
||
msgid "Group"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1395(th)
|
||
msgid "Type and constraints"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1396(th)
|
||
msgid "Notes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1401(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1407(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1426(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1439(literal)
|
||
msgid "state_sync_interval"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1402(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1414(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1423(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1434(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1447(literal)
|
||
msgid "nsx_sync"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1403(td)
|
||
msgid "120 seconds"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1404(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1436(td)
|
||
msgid "Integer; no constraint."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1405(td)
|
||
msgid "Interval in seconds between two run of the synchronization task. If the synchronization task takes more than <placeholder-1/> seconds to execute, a new instance of the task is started as soon as the other is completed. Setting the value for this option to 0 will disable the synchronization task."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1413(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1418(literal)
|
||
msgid "max_random_sync_delay"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1415(td)
|
||
msgid "0 seconds"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1416(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1422(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1440(literal)
|
||
msgid "min_sync_req_delay"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1416(td)
|
||
msgid "Integer. Must not exceed <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1417(td)
|
||
msgid "When different from zero, a random delay between 0 and <placeholder-1/> will be added before processing the next chunk."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1424(td)
|
||
msgid "10 seconds"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1425(td)
|
||
msgid "Integer. Must not exceed <placeholder-1/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1427(td)
|
||
msgid "The value of this option can be tuned according to the observed load on the NSX controllers. Lower values will result in faster synchronization, but might increase the load on the controller cluster."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1433(literal) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1442(literal)
|
||
msgid "min_chunk_size"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1435(td)
|
||
msgid "500 resources"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1437(td)
|
||
msgid "Minimum number of resources to retrieve from the back-end for each synchronization chunk. The expected number of synchronization chunks is given by the ratio between <placeholder-1/> and <placeholder-2/>. This size of a chunk might increase if the total number of resources is such that more than <placeholder-3/> resources must be fetched in one chunk with the current number of chunks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1446(literal)
|
||
msgid "always_read_status"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1449(td)
|
||
msgid "Boolean; no constraint."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1451(literal)
|
||
msgid "GET"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1450(td)
|
||
msgid "When this option is enabled, the operational status will always be retrieved from the NSX back-end ad every <placeholder-1/> request. In this case it is advisable to disable the synchronization task."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1457(para)
|
||
msgid "When running multiple OpenStack Networking server instances, the status synchronization task should not run on every node; doing so sends unnecessary traffic to the NSX back-end and performs unnecessary DB operations. Set the <option>state_sync_interval</option> configuration option to a non-zero value exclusively on a node designated for back-end status synchronization."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1463(para)
|
||
msgid "The <parameter>fields=status</parameter> parameter in Networking API requests always triggers an explicit query to the NSX back end, even when you enable asynchronous state synchronization. For example, <code>GET /v2.0/networks/<net-id>?fields=status&fields=name</code>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1470(title)
|
||
msgid "Big Switch plug-in extensions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1471(para)
|
||
msgid "This section explains the Big Switch neutron plug-in-specific extension."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1473(title)
|
||
msgid "Big Switch router rules"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1474(para)
|
||
msgid "Big Switch allows router rules to be added to each tenant router. These rules can be used to enforce routing policies such as denying traffic between subnets or traffic to external networks. By enforcing these at the router level, network segmentation policies can be enforced across many VMs that have differing security groups."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1480(title)
|
||
msgid "Router rule attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1481(para)
|
||
msgid "Each tenant router has a set of router rules associated with it. Each router rule has the attributes in this table. Router rules and their attributes can be set using the <placeholder-1/> command, through the horizon interface or the Networking API."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1486(caption)
|
||
msgid "Big Switch Router rule attributes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1494(th)
|
||
msgid "Required"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1495(th)
|
||
msgid "Input Type"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1501(td)
|
||
msgid "source"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1503(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1510(td)
|
||
msgid "A valid CIDR or one of the keywords 'any' or 'external'"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1504(td)
|
||
msgid "The network that a packet's source IP must match for the rule to be applied"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1508(td)
|
||
msgid "destination"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1511(td)
|
||
msgid "The network that a packet's destination IP must match for the rule to be applied"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1517(td)
|
||
msgid "'permit' or 'deny'"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1518(td)
|
||
msgid "Determines whether or not the matched packets will allowed to cross the router"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1522(td)
|
||
msgid "nexthop"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1523(td)
|
||
msgid "No"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1525(literal)
|
||
msgid "1.1.1.1+1.1.1.2"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1524(td)
|
||
msgid "A plus-separated (+) list of next-hop IP addresses. For example, <placeholder-1/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1526(td)
|
||
msgid "Overrides the default virtual router used to handle traffic for packets that match the rule"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1533(title)
|
||
msgid "Order of rule processing"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1534(para)
|
||
msgid "The order of router rules has no effect. Overlapping rules are evaluated using longest prefix matching on the source and destination fields. The source field is matched first so it always takes higher precedence over the destination field. In other words, longest prefix matching is used on the destination field only if there are multiple matching rules with the same source."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1542(title)
|
||
msgid "Big Switch router rules operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1543(para)
|
||
msgid "Router rules are configured with a router update operation in OpenStack Networking. The update overrides any previous rules so all rules must be provided at the same time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1546(para)
|
||
msgid "Update a router with rules to permit traffic by default but block traffic from external networks to the 10.10.10.0/24 subnet:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1548(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1552(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1556(replaceable)
|
||
msgid "Router-UUID"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1551(para)
|
||
msgid "Specify alternate next-hop addresses for a specific subnet:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1555(para)
|
||
msgid "Block traffic between two subnets while allowing everything else:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1564(title)
|
||
msgid "L3 metering"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1565(para)
|
||
msgid "The L3 metering API extension enables administrators to configure IP ranges and assign a specified label to them to be able to measure traffic that goes through a virtual router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1568(para)
|
||
msgid "The L3 metering extension is decoupled from the technology that implements the measurement. Two abstractions have been added: One is the metering label that can contain metering rules. Because a metering label is associated with a tenant, all virtual routers in this tenant are associated with this label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1573(title)
|
||
msgid "L3 metering API abstractions"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1575(caption)
|
||
msgid "Label"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1593(td)
|
||
msgid "UUID for the metering label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1599(td)
|
||
msgid "Human-readable name for the metering label. Might not be unique."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1605(td)
|
||
msgid "The optional description for the metering label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1611(td)
|
||
msgid "Owner of the metering label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1616(caption)
|
||
msgid "Rules"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1634(td)
|
||
msgid "UUID for the metering rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1638(td)
|
||
msgid "String (Either ingress or egress)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1639(td) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1726(replaceable)
|
||
msgid "ingress"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1640(td)
|
||
msgid "The direction in which metering rule is applied, either ingress or egress."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1644(td)
|
||
msgid "metering_label_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1648(para)
|
||
msgid "The metering label ID to associate with this metering rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1652(td)
|
||
msgid "excluded"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1655(td)
|
||
msgid "Specify whether the remote_ip_prefix will be excluded or not from traffic counters of the metering label (for example, to not count the traffic of a specific IP address of a range)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1661(td)
|
||
msgid "String (CIDR)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1663(td)
|
||
msgid "Indicates remote IP prefix to be associated with this metering rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1671(title)
|
||
msgid "Basic L3 metering operations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1672(para)
|
||
msgid "Only administrators can manage the L3 metering labels and rules."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1673(para)
|
||
msgid "This table shows example <placeholder-1/> commands that enable you to complete basic L3 metering operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1688(para)
|
||
msgid "Creates a metering label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1691(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1708(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1717(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1726(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1727(replaceable)
|
||
msgid "label1"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1691(replaceable)
|
||
msgid "\"description of label1\""
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1696(para)
|
||
msgid "Lists metering labels."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1704(para)
|
||
msgid "Shows information for a specified label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1707(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1716(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1725(replaceable)
|
||
msgid "label-uuid"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1713(para)
|
||
msgid "Deletes a metering label."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1722(para)
|
||
msgid "Creates a metering rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1726(replaceable)
|
||
msgid "10.0.0.0/24"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1727(replaceable)
|
||
msgid "20.0.0.0/24"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1732(para)
|
||
msgid "Lists metering all label rules."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1740(para)
|
||
msgid "Shows information for a specified label rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1743(replaceable) ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1749(replaceable)
|
||
msgid "rule-uuid"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_features.xml:1747(td)
|
||
msgid "Deletes a metering label rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:7(title)
|
||
msgid "High availability"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:8(para)
|
||
msgid "The use of high availability in a Networking deployment helps mitigate the impact of individual node failures. In general, you can run <systemitem class=\"service\">neutron-server</systemitem> and <systemitem class=\"service\">neutron-dhcp-agent</systemitem> in an <glossterm baseform=\"active/active configuration\">active/active</glossterm> fashion. You can run the <systemitem class=\"service\">neutron-l3-agent</systemitem> service as <glossterm baseform=\"active/passive configuration\">active/passive</glossterm>, which avoids IP conflicts with respect to gateway IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:22(title)
|
||
msgid "Networking high availability with Pacemaker"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:23(para)
|
||
msgid "You can run some Networking services in a cluster configuration (active/passive or active/active for Networking server only) with Pacemaker."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:26(para)
|
||
msgid "Download the latest resources agents:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:29(para)
|
||
msgid "neutron-server: <link href=\"https://github.com/madkiss/openstack-resource-agents/blob/master/ocf/neutron-server\">https://github.com/madkiss/openstack-resource-agents</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:34(para)
|
||
msgid "neutron-dhcp-agent: <link href=\"https://github.com/madkiss/openstack-resource-agents/blob/master/ocf/neutron-agent-dhcp\">https://github.com/madkiss/openstack-resource-agents</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:39(para)
|
||
msgid "neutron-l3-agent: <link href=\"https://github.com/madkiss/openstack-resource-agents/blob/master/ocf/neutron-agent-l3\">https://github.com/madkiss/openstack-resource-agents</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_high_avail.xml:45(para)
|
||
msgid "For information about how to build a cluster, see <link href=\"http://www.clusterlabs.org/wiki/Documentation\">Pacemaker documentation</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:7(title)
|
||
msgid "Configure neutron agents"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:8(para)
|
||
msgid "Plug-ins typically have requirements for particular software that must be run on each node that handles data packets. This includes any node that runs <systemitem class=\"service\">nova-compute</systemitem> and nodes that run dedicated OpenStack Networking service agents such as <systemitem class=\"service\">neutron-dhcp-agent</systemitem>, <systemitem class=\"service\">neutron-l3-agent</systemitem>, <systemitem class=\"service\">neutron-metering-agent</systemitem> or <systemitem class=\"service\">neutron-lbaas-agent</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:17(para)
|
||
msgid "A data-forwarding node typically has a network interface with an IP address on the management network and another interface on the data network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:20(para)
|
||
msgid "This section shows you how to install and configure a subset of the available plug-ins, which might include the installation of switching software (for example, Open vSwitch) and as agents used to communicate with the <systemitem class=\"service\">neutron-server</systemitem> process running elsewhere in the data center."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:28(title)
|
||
msgid "Configure data-forwarding nodes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:30(title)
|
||
msgid "Node set up: OVS plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:33(para)
|
||
msgid "This section also applies to the ML2 plug-in when you use Open vSwitch as a mechanism driver."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:31(para)
|
||
msgid "<placeholder-1/>If you use the Open vSwitch plug-in, you must install Open vSwitch and the <systemitem class=\"service\">neutron-plugin-openvswitch-agent</systemitem> agent on each data-forwarding node:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:41(para)
|
||
msgid "Do not install the <package>openvswitch-brcompat</package> package because it prevents the security group functionality from operating correctly."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:47(title)
|
||
msgid "To set up each node for the OVS plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:50(para)
|
||
msgid "Install the OVS agent package:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:52(para)
|
||
msgid "This action also installs the Open vSwitch software as a dependency."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:56(para)
|
||
msgid "On each node that runs the <systemitem class=\"service\">neutron-plugin-openvswitch-agent</systemitem>, complete these steps:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:61(para)
|
||
msgid "Replicate the <filename>ovs_neutron_plugin.ini</filename> file that you created on the node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:67(para)
|
||
msgid "If you use tunneling, update the <filename>ovs_neutron_plugin.ini</filename> file for the node with the IP address that is configured on the data network for the node by using the <option>local_ip</option> value."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:79(para) ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:181(para)
|
||
msgid "Restart Open vSwitch to properly load the kernel module:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:84(para) ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:186(para)
|
||
msgid "Restart the agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:88(para)
|
||
msgid "The next step only applies to releases prior to Juno."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:89(para)
|
||
msgid "All nodes that run <systemitem class=\"service\">neutron-plugin-openvswitch-agent</systemitem> must have an OVS <literal>br-int</literal> bridge."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:93(para) ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:195(para)
|
||
msgid "To create the bridge, run this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:100(title)
|
||
msgid "Node set up: NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:101(para)
|
||
msgid "If you use the NSX plug-in, you must also install Open vSwitch on each data-forwarding node. However, you do not need to install an additional agent on each node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:106(para)
|
||
msgid "It is critical that you run an Open vSwitch version that is compatible with the current version of the NSX Controller software. Do not use the Open vSwitch version that is installed by default on Ubuntu. Instead, use the Open vSwitch version that is provided on the VMware support portal for your NSX Controller version."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:116(title)
|
||
msgid "To set up each node for the NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:119(para)
|
||
msgid "Ensure that each data-forwarding node has an IP address on the management network, and an IP address on the \"data network\" that is used for tunneling data traffic. For full details on configuring your forwarding node, see the <citetitle>NSX Administrator Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:129(para)
|
||
msgid "Use the <citetitle>NSX Administrator Guide</citetitle> to add the node as a Hypervisor by using the NSX Manager GUI. Even if your forwarding node has no VMs and is only used for services agents like <systemitem class=\"service\">neutron-dhcp-agent</systemitem> or <systemitem class=\"service\">neutron-lbaas-agent</systemitem>, it should still be added to NSX as a Hypervisor."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:141(para)
|
||
msgid "After following the <citetitle>NSX Administrator Guide</citetitle>, use the page for this Hypervisor in the NSX Manager GUI to confirm that the node is properly connected to the NSX Controller Cluster and that the NSX Controller Cluster can see the <literal>br-int</literal> integration bridge."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:154(title)
|
||
msgid "Node set up: Ryu plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:155(para)
|
||
msgid "If you use the Ryu plug-in, you must install both Open vSwitch and Ryu, in addition to the Ryu agent package."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:159(title)
|
||
msgid "To set up each node for the Ryu plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:162(para)
|
||
msgid "Install Ryu:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:164(para)
|
||
msgid "Currently, no Ryu package exists for Ubuntu."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:168(para)
|
||
msgid "Install the Ryu agent and Open vSwitch packages:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:173(para)
|
||
msgid "Replicate the <filename>ovs_ryu_plugin.ini</filename> and <filename>neutron.conf</filename> files created in the above step on all nodes running <systemitem class=\"service\">neutron-plugin-ryu-agent</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:190(para)
|
||
msgid "All nodes that run <systemitem class=\"service\">neutron-plugin-ryu-agent</systemitem> must also have an OVS bridge named <literal>br-int</literal> on each node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:203(title)
|
||
msgid "Configure DHCP agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:204(para)
|
||
msgid "The DHCP service agent is compatible with all existing plug-ins and is required for all deployments where VMs should automatically receive IP addresses through DHCP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:209(title)
|
||
msgid "To install and configure the DHCP agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:211(para)
|
||
msgid "You must configure the host running the <systemitem class=\"service\">neutron-dhcp-agent</systemitem> as a data forwarding node according to the requirements for your plug-in. See <xref linkend=\"install_neutron_agent\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:218(para)
|
||
msgid "Install the DHCP agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:222(para)
|
||
msgid "Finally, update any options in the <filename>/etc/neutron/dhcp_agent.ini</filename> file that depend on the plug-in in use. See the sub-sections."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:229(para)
|
||
msgid "If you reboot a node that runs the DHCP agent, you must run the <placeholder-1/> command before the <systemitem class=\"service\">neutron-dhcp-agent</systemitem> service starts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:235(para)
|
||
msgid "On Red Hat, SUSE, and Ubuntu based systems, the <systemitem class=\"service\">neutron-ovs-cleanup</systemitem> service runs the <placeholder-1/> command automatically. However, on Debian-based systems (including Ubuntu in releases earlier than Icehouse), you must manually run this command or write your own system script that runs on boot before the <systemitem class=\"service\">neutron-dhcp-agent</systemitem> service starts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:248(title)
|
||
msgid "DHCP agent setup: OVS plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:249(para)
|
||
msgid "These DHCP agent options are required in the <filename>/etc/neutron/dhcp_agent.ini</filename> file for the OVS plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:258(title)
|
||
msgid "DHCP agent setup: NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:259(para)
|
||
msgid "These DHCP agent options are required in the <filename>/etc/neutron/dhcp_agent.ini</filename> file for the NSX plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:269(title)
|
||
msgid "DHCP agent setup: Ryu plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:270(para)
|
||
msgid "These DHCP agent options are required in the <filename>/etc/neutron/dhcp_agent.ini</filename> file for the Ryu plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:279(title)
|
||
msgid "Configure L3 agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:280(para)
|
||
msgid "The OpenStack Networking Service has a widely used API extension to allow administrators and tenants to create routers to interconnect L2 networks, and floating IPs to make ports on private networks publicly accessible."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:285(para)
|
||
msgid "Many plug-ins rely on the L3 service agent to implement the L3 functionality. However, the following plug-ins already have built-in L3 capabilities:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:290(para)
|
||
msgid "Big Switch/Floodlight plug-in, which supports both the open source <link href=\"http://www.projectfloodlight.org/floodlight/\">Floodlight</link> controller and the proprietary Big Switch controller."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:296(para)
|
||
msgid "Only the proprietary BigSwitch controller implements L3 functionality. When using Floodlight as your OpenFlow controller, L3 functionality is not available."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:304(para)
|
||
msgid "IBM SDN-VE plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:307(para)
|
||
msgid "NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:310(para)
|
||
msgid "PLUMgrid plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:314(para)
|
||
msgid "Do not configure or use <systemitem class=\"service\">neutron-l3-agent</systemitem> if you use one of these plug-ins."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:319(title)
|
||
msgid "To install the L3 agent for all other plug-ins"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:322(para)
|
||
msgid "Install the <systemitem class=\"service\">neutron-l3-agent</systemitem> binary on the network node:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:328(para)
|
||
msgid "To uplink the node that runs <systemitem class=\"service\">neutron-l3-agent</systemitem> to the external network, create a bridge named \"br-ex\" and attach the NIC for the external network to this bridge."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:333(para)
|
||
msgid "For example, with Open vSwitch and NIC eth1 connected to the external network, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:337(para)
|
||
msgid "Do not manually configure an IP address on the NIC connected to the external network for the node running <systemitem class=\"service\">neutron-l3-agent</systemitem>. Rather, you must have a range of IP addresses from the external network that can be used by OpenStack Networking for routers that uplink to the external network. This range must be large enough to have an IP address for each router in the deployment, as well as each floating IP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:350(para)
|
||
msgid "The <systemitem class=\"service\">neutron-l3-agent</systemitem> uses the Linux IP stack and iptables to perform L3 forwarding and NAT. In order to support multiple routers with potentially overlapping IP addresses, <systemitem class=\"service\">neutron-l3-agent</systemitem> defaults to using Linux network namespaces to provide isolated forwarding contexts. As a result, the IP addresses of routers are not visible simply by running the <placeholder-1/> or <placeholder-2/> command on the node. Similarly, you cannot directly <placeholder-3/> fixed IPs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:365(para)
|
||
msgid "To do either of these things, you must run the command within a particular network namespace for the router. The namespace has the name \"qrouter-<UUID of the router>. These example commands run in the router namespace with UUID 47af3868-0fa8-4447-85f6-1304de32153b:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:377(para)
|
||
msgid "If you reboot a node that runs the L3 agent, you must run the <placeholder-1/> command before the <systemitem class=\"service\">neutron-l3-agent</systemitem> service starts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:383(para)
|
||
msgid "On Red Hat, SUSE and Ubuntu based systems, the <systemitem class=\"service\">neutron-ovs-cleanup</systemitem> service runs the <placeholder-1/> command automatically. However, on Debian-based systems (including Ubuntu prior to Icehouse), you must manually run this command or write your own system script that runs on boot before the <systemitem class=\"service\">neutron-l3-agent</systemitem> service starts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:396(title)
|
||
msgid "Configure metering agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:397(para)
|
||
msgid "Starting with the Havana release, the Neutron Metering resides beside <systemitem class=\"service\">neutron-l3-agent</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:401(title)
|
||
msgid "To install the metering agent and configure the node"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:404(para)
|
||
msgid "Install the agent by running:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:407(title)
|
||
msgid "Package name prior to Icehouse"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:408(para)
|
||
msgid "In releases of neutron prior to Icehouse, this package was named <package>neutron-plugin-metering-agent</package>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:414(para)
|
||
msgid "If you use one of the following plugins, you need to configure the metering agent with these lines as well:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:419(para)
|
||
msgid "An OVS-based plug-in such as OVS, NSX, Ryu, NEC, BigSwitch/Floodlight:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:425(para)
|
||
msgid "A plug-in that uses LinuxBridge:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:432(para)
|
||
msgid "To use the reference implementation, you must set:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:437(para)
|
||
msgid "Set this parameter in the <filename>neutron.conf</filename> file on the host that runs <systemitem class=\"service\">neutron-server</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:446(title)
|
||
msgid "Configure Load-Balancer-as-a-Service (LBaaS)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:448(para)
|
||
msgid "Configure Load-Balancer-as-a-Service (LBaas) with the Open vSwitch or Linux Bridge plug-in. The Open vSwitch LBaaS driver is required when enabling LBaaS for OVS-based plug-ins, including BigSwitch, Floodlight, NEC, NSX, and Ryu."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:454(title)
|
||
msgid "To configure LBaas with Open vSwitch or Linux Bridge plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:457(para)
|
||
msgid "Install the agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:461(para)
|
||
msgid "Enable the <productname>HAProxy</productname> plug-in by using the <option>service_provider</option> option in the <filename>/etc/neutron/neutron.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:470(para)
|
||
msgid "Enable the load-balancing plug-in by using the <option>service_plugin</option> option in the <filename>/etc/neutron/neutron.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:477(para)
|
||
msgid "Enable the <productname>HAProxy</productname> load balancer in the <filename>/etc/neutron/lbaas_agent.ini</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:485(para)
|
||
msgid "Select the required driver in the <filename>/etc/neutron/lbaas_agent.ini</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:488(para)
|
||
msgid "Enable the Open vSwitch LBaaS driver:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:490(para)
|
||
msgid "Or, enable the Linux Bridge LBaaS driver:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:493(para)
|
||
msgid "Apply the settings by restarting the <systemitem class=\"service\">neutron-server</systemitem> and <systemitem class=\"service\">neutron-lbaas-agent</systemitem> services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:499(title)
|
||
msgid "Upgrade from Havana to Icehouse"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:500(para)
|
||
msgid "In the Icehouse release, LBaaS server-agent communications changed. If you transition from Havana to Icehouse, make sure to upgrade both server and agent sides before you use the load balancing service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:509(para)
|
||
msgid "Enable Load Balancing in the <guimenu>Project</guimenu> section of the dashboard:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:512(para)
|
||
msgid "Change the <option>enable_lb</option> option to <parameter>True</parameter> in the <filename>/etc/openstack-dashboard/local_settings</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-agents.xml:517(para)
|
||
msgid "Apply the settings by restarting the <systemitem>httpd</systemitem> service. You can now view the Load Balancer management options in the <guimenu>Project</guimenu> view in the dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:7(title)
|
||
msgid "Advanced operational features"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:9(title)
|
||
msgid "Logging settings"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:10(para)
|
||
msgid "Networking components use Python logging module to do logging. Logging configuration can be provided in <filename>neutron.conf</filename> or as command-line options. Command options override ones in <filename>neutron.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:15(para)
|
||
msgid "To configure logging for Networking components, use one of these methods:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:19(para)
|
||
msgid "Provide logging settings in a logging configuration file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:21(para)
|
||
msgid "See <link href=\"http://docs.python.org/howto/logging.html\">Python logging how-to</link> to learn more about logging."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:25(para)
|
||
msgid "Provide logging setting in <filename>neutron.conf</filename>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:50(title)
|
||
msgid "Notifications"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:51(para)
|
||
msgid "Notifications can be sent when Networking resources such as network, subnet and port are created, updated or deleted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:55(title)
|
||
msgid "Notification options"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:56(para)
|
||
msgid "To support DHCP agent, rpc_notifier driver must be set. To set up the notification, edit notification options in <filename>neutron.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:86(title)
|
||
msgid "Setting cases"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:88(title)
|
||
msgid "Logging and RPC"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:89(para)
|
||
msgid "These options configure the Networking server to send notifications through logging and RPC. The logging options are described in <citetitle>OpenStack Configuration Reference</citetitle> . RPC notifications go to 'notifications.info' queue bound to a topic exchange defined by 'control_exchange' in <filename>neutron.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:126(title)
|
||
msgid "Multiple RPC topics"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_adv_operational_features.xml:127(para)
|
||
msgid "These options configure the Networking server to send notifications to multiple RPC topics. RPC notifications go to 'notifications_one.info' and 'notifications_two.info' queues bound to a topic exchange defined by 'control_exchange' in <filename>neutron.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:7(title)
|
||
msgid "Authentication and authorization"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:8(para)
|
||
msgid "Networking uses the Identity Service as the default authentication service. When the Identity Service is enabled, users who submit requests to the Networking service must provide an authentication token in <literal>X-Auth-Token</literal> request header. Users obtain this token by authenticating with the Identity Service endpoint. For more information about authentication with the Identity Service, see <link href=\"http://docs.openstack.org/api/openstack-identity-service/2.0/content/\"><citetitle>OpenStack Identity Service API v2.0 Reference</citetitle></link>. When the Identity Service is enabled, it is not mandatory to specify the tenant ID for resources in create requests because the tenant ID is derived from the authentication token."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:23(para)
|
||
msgid "The default authorization settings only allow administrative users to create resources on behalf of a different tenant. Networking uses information received from Identity to authorize user requests. Networking handles two kind of authorization policies:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:31(para)
|
||
msgid "<emphasis role=\"bold\">Operation-based</emphasis> policies specify access criteria for specific operations, possibly with fine-grained control over specific attributes;"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:37(para)
|
||
msgid "<emphasis role=\"bold\">Resource-based</emphasis> policies specify whether access to specific resource is granted or not according to the permissions configured for the resource (currently available only for the network resource). The actual authorization policies enforced in Networking might vary from deployment to deployment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:46(para)
|
||
msgid "The policy engine reads entries from the <filename>policy.json</filename> file. The actual location of this file might vary from distribution to distribution. Entries can be updated while the system is running, and no service restart is required. Every time the policy file is updated, the policies are automatically reloaded. Currently the only way of updating such policies is to edit the policy file. In this section, the terms <emphasis role=\"italic\">policy</emphasis> and <emphasis role=\"italic\">rule</emphasis> refer to objects that are specified in the same way in the policy file. There are no syntax differences between a rule and a policy. A policy is something that is matched directly from the Networking policy engine. A rule is an element in a policy, which is evaluated. For instance in <code>create_subnet: [[\"admin_or_network_owner\"]]</code>, <emphasis role=\"italic\">create_subnet</emphasis> is a policy, and <emphasis role=\"italic\">admin_or_network_owner</emphasis> is a rule."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:65(para)
|
||
msgid "Policies are triggered by the Networking policy engine whenever one of them matches a Networking API operation or a specific attribute being used in a given operation. For instance the <code>create_subnet</code> policy is triggered every time a <code>POST /v2.0/subnets</code> request is sent to the Networking server; on the other hand <code>create_network:shared</code> is triggered every time the <emphasis role=\"italic\">shared</emphasis> attribute is explicitly specified (and set to a value different from its default) in a <code>POST /v2.0/networks</code> request. It is also worth mentioning that policies can also be related to specific API extensions; for instance <code>extension:provider_network:set</code> is triggered if the attributes defined by the Provider Network extensions are specified in an API request."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:80(para)
|
||
msgid "An authorization policy can be composed by one or more rules. If more rules are specified then the evaluation policy succeeds if any of the rules evaluates successfully; if an API operation matches multiple policies, then all the policies must evaluate successfully. Also, authorization rules are recursive. Once a rule is matched, the rule(s) can be resolved to another rule, until a terminal rule is reached."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:87(para)
|
||
msgid "The Networking policy engine currently defines the following kinds of terminal rules:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:91(para)
|
||
msgid "<emphasis role=\"bold\">Role-based rules</emphasis> evaluate successfully if the user who submits the request has the specified role. For instance <code>\"role:admin\"</code> is successful if the user who submits the request is an administrator."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:99(para)
|
||
msgid "<emphasis role=\"bold\">Field-based rules </emphasis>evaluate successfully if a field of the resource specified in the current request matches a specific value. For instance <code>\"field:networks:shared=True\"</code> is successful if the <literal>shared</literal> attribute of the <literal>network</literal> resource is set to true."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:109(para)
|
||
msgid "<emphasis role=\"bold\">Generic rules</emphasis> compare an attribute in the resource with an attribute extracted from the user's security credentials and evaluates successfully if the comparison is successful. For instance <code>\"tenant_id:%(tenant_id)s\"</code> is successful if the tenant identifier in the resource is equal to the tenant identifier of the user submitting the request."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:120(para)
|
||
msgid "This extract is from the default <filename>policy.json</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:140(para)
|
||
msgid "A rule that evaluates successfully if the current user is an administrator or the owner of the resource specified in the request (tenant identifier is equal)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:146(para)
|
||
msgid "The default policy that is always evaluated if an API operation does not match any of the policies in <filename>policy.json</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:151(para)
|
||
msgid "This policy evaluates successfully if either <emphasis role=\"italic\">admin_or_owner</emphasis>, or <emphasis role=\"italic\">shared</emphasis> evaluates successfully."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:157(para)
|
||
msgid "This policy restricts the ability to manipulate the <emphasis role=\"italic\">shared</emphasis> attribute for a network to administrators only."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:162(para)
|
||
msgid "This policy restricts the ability to manipulate the <emphasis role=\"italic\">mac_address</emphasis> attribute for a port only to administrators and the owner of the network where the port is attached."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_auth.xml:169(para)
|
||
msgid "In some cases, some operations are restricted to administrators only. This example shows you how to modify a policy file to permit tenants to define networks, see their resources, and permit administrative users to perform all other operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:7(title)
|
||
msgid "Plug-in configurations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:8(para)
|
||
msgid "For configurations options, see <link href=\"http://docs.openstack.org/icehouse/config-reference/content/section_networking-options-reference.html\">Networking configuration options</link> in <citetitle>Configuration Reference</citetitle>. These sections explain how to configure specific plug-ins."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:15(title)
|
||
msgid "Configure Big Switch (Floodlight REST Proxy) plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:17(title)
|
||
msgid "To use the REST Proxy plug-in with OpenStack Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:20(para)
|
||
msgid "Edit the <filename>/etc/neutron/neutron.conf</filename> file and add this line:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:26(para)
|
||
msgid "Edit the <filename>/etc/neutron/plugins/bigswitch/restproxy.ini</filename> file for the plug-in and specify a comma-separated list of <systemitem>controller_ip:port</systemitem> pairs:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:33(para)
|
||
msgid "For database configuration, see <link href=\"http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-controller-node.html\">Install Networking Services</link> in the <citetitle>Installation Guide</citetitle> in the <link href=\"http://docs.openstack.org\">OpenStack Documentation index</link>. (The link defaults to the Ubuntu version.)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:44(para)
|
||
msgid "Restart <systemitem class=\"service\">neutron-server</systemitem> to apply the settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:52(title)
|
||
msgid "Configure Brocade plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:54(title)
|
||
msgid "To use the Brocade plug-in with OpenStack Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:57(para)
|
||
msgid "Install the Brocade-modified Python netconf client (ncclient) library, which is available at <link href=\"https://github.com/brocade/ncclient\">https://github.com/brocade/ncclient</link>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:63(para)
|
||
msgid "As <systemitem class=\"username\">root</systemitem>, run this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:69(para)
|
||
msgid "Edit the <filename>/etc/neutron/neutron.conf</filename> file and set the following option:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:75(para)
|
||
msgid "Edit the <filename>/etc/neutron/plugins/brocade/brocade.ini</filename> file for the Brocade plug-in and specify the admin user name, password, and IP address of the Brocade switch:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:81(replaceable) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:347(replaceable) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:348(replaceable) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:358(replaceable)
|
||
msgid "admin"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:82(replaceable)
|
||
msgid "password"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:83(replaceable)
|
||
msgid "switch mgmt ip address"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:85(para)
|
||
msgid "For database configuration, see <link href=\"http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-controller-node.html\">Install Networking Services</link> in any of the <citetitle>Installation Guides</citetitle> in the <link href=\"http://docs.openstack.org\">OpenStack Documentation index</link>. (The link defaults to the Ubuntu version.)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:96(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:149(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:373(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:412(para)
|
||
msgid "Restart the <systemitem class=\"service\">neutron-server</systemitem> service to apply the settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:104(title)
|
||
msgid "Configure OVS plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:105(para)
|
||
msgid "If you use the Open vSwitch (OVS) plug-in in a deployment with multiple hosts, you must use either tunneling or vlans to isolate traffic from multiple networks. Tunneling is easier to deploy because it does not require that you configure VLANs on network switches."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:111(para)
|
||
msgid "This procedure uses tunneling:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:113(title)
|
||
msgid "To configure OpenStack Networking to use the OVS plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:116(para)
|
||
msgid "Edit <filename>/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini</filename> file to specify these values:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:124(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:248(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:476(para)
|
||
msgid "For database configuration, see <link href=\"http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-controller-node.html\">Install Networking Services</link> in <citetitle>Installation Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:131(para)
|
||
msgid "If you use the neutron DHCP agent, add these lines to the <filename>/etc/neutron/dhcp_agent.ini</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:136(para)
|
||
msgid "Restart the DHCP service to apply the settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:141(para)
|
||
msgid "To lower the MTU size on instances and prevent packet fragmentation over the GRE tunnel, create the <filename>/etc/neutron/dnsmasq/dnsmasq-neutron.conf</filename> file and add these values:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:157(title)
|
||
msgid "Configure NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:159(title)
|
||
msgid "To configure OpenStack Networking to use the NSX plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:161(para)
|
||
msgid "While the instructions in this section refer to the VMware NSX platform, this is formerly known as Nicira NVP."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:165(para)
|
||
msgid "Install the NSX plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:169(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:387(para) ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:429(para)
|
||
msgid "Edit the <filename>/etc/neutron/neutron.conf</filename> file and set this line:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:173(para)
|
||
msgid "Example <filename>neutron.conf</filename> file for NSX:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:181(para)
|
||
msgid "To configure the NSX controller cluster for OpenStack Networking, locate the <literal>[default]</literal> section in the <filename>/etc/neutron/plugins/vmware/nsx.ini</filename> file and add the following entries:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:189(para)
|
||
msgid "To establish and configure the connection with the controller cluster you must set some parameters, including NSX API endpoints, access credentials, and settings for HTTP redirects and retries in case of connection failures:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:204(para)
|
||
msgid "To ensure correct operations, the <literal>nsx_user</literal> user must have administrator credentials on the NSX platform."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:209(para)
|
||
msgid "A controller API endpoint consists of the IP address and port for the controller; if you omit the port, port 443 is used. If multiple API endpoints are specified, it is up to the user to ensure that all these endpoints belong to the same controller cluster. The OpenStack Networking VMware NSX plug-in does not perform this check, and results might be unpredictable."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:220(para)
|
||
msgid "When you specify multiple API endpoints, the plug-in load-balances requests on the various API endpoints."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:226(para)
|
||
msgid "The UUID of the NSX Transport Zone that should be used by default when a tenant creates a network. You can get this value from the NSX Manager's Transport Zones page:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:237(para)
|
||
msgid "Ubuntu packaging currently does not update the Neutron init script to point to the NSX configuration file. Instead, you must manually update <filename>/etc/default/neutron-server</filename> to add this line:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:255(para)
|
||
msgid "Restart <systemitem class=\"service\">neutron-server</systemitem> to apply settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:261(para)
|
||
msgid "Example <filename>nsx.ini</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:270(para)
|
||
msgid "To debug <filename>nsx.ini</filename> configuration issues, run this command from the host that runs <systemitem class=\"service\">neutron-server</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:275(para)
|
||
msgid "This command tests whether <systemitem class=\"service\">neutron-server</systemitem> can log into all of the NSX Controllers and the SQL server, and whether all UUID values are correct."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:283(title)
|
||
msgid "Load-Balancer-as-a-Service and Firewall-as-a-Service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:285(para)
|
||
msgid "The NSX LBaaS and FWaaS services use the standard OpenStack API with the exception of requiring routed-insertion extension support."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:289(para)
|
||
msgid "The NSX implementation and the community reference implementation of these services differ, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:294(para)
|
||
msgid "The NSX LBaaS and FWaaS plug-ins require the routed-insertion extension, which adds the <code>router_id</code> attribute to the VIP (Virtual IP address) and firewall resources and binds these services to a logical router."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:303(para)
|
||
msgid "The community reference implementation of LBaaS only supports a one-arm model, which restricts the VIP to be on the same subnet as the back-end servers. The NSX LBaaS plug-in only supports a two-arm model between north-south traffic, which means that you can create the VIP on only the external (physical) network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:315(para)
|
||
msgid "The community reference implementation of FWaaS applies firewall rules to all logical routers in a tenant, while the NSX FWaaS plug-in applies firewall rules only to one logical router according to the <code>router_id</code> of the firewall entity."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:326(title)
|
||
msgid "To configure Load-Balancer-as-a-Service and Firewall-as-a-Service with NSX"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:329(para)
|
||
msgid "Edit the <filename>/etc/neutron/neutron.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:337(para)
|
||
msgid "Edit the <filename>/etc/neutron/plugins/vmware/nsx.ini</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:340(para)
|
||
msgid "In addition to the original NSX configuration, the <code>default_l3_gw_service_uuid</code> is required for the NSX Advanced plug-in and you must add a <code>vcns</code> section:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:349(replaceable)
|
||
msgid "10.37.1.137:443"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:350(replaceable)
|
||
msgid "aae63e9b-2e4e-4efe-81a1-92cf32e308bf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:351(replaceable)
|
||
msgid "2702f27a-869a-49d1-8781-09331a0f6b9e"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:355(replaceable)
|
||
msgid "https://10.24.106.219"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:364(replaceable)
|
||
msgid "f2c023cf-76e2-4625-869b-d0dabcfcc638"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:382(title)
|
||
msgid "Configure PLUMgrid plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:384(title)
|
||
msgid "To use the PLUMgrid plug-in with OpenStack Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:393(para)
|
||
msgid "Edit the <systemitem>[PLUMgridDirector]</systemitem> section in the <filename>/etc/neutron/plugins/plumgrid/plumgrid.ini</filename> file and specify the IP address, port, admin user name, and password of the PLUMgrid Director:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:405(para)
|
||
msgid "For database configuration, see <link href=\"http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-controller-node.html\">Install Networking Services</link> in the <citetitle>Installation Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:420(title)
|
||
msgid "Configure Ryu plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:422(title)
|
||
msgid "To use the Ryu plug-in with OpenStack Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:425(para)
|
||
msgid "Install the Ryu plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:435(para)
|
||
msgid "Edit the <filename>/etc/neutron/plugins/ryu/ryu.ini</filename> file and update these options in the <literal>[ovs]</literal> section for the <systemitem class=\"service\">ryu-neutron-agent</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:443(para)
|
||
msgid "<option>openflow_rest_api</option>. Defines where Ryu is listening for REST API. Substitute <option>ip-address</option> and <option>port-no</option> based on your Ryu setup."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:452(para)
|
||
msgid "<option>ovsdb_interface</option>. Enables Ryu to access the <systemitem>ovsdb-server</systemitem>. Substitute <literal>eth0</literal> based on your setup. The IP address is derived from the interface name. If you want to change this value irrespective of the interface name, you can specify <option>ovsdb_ip</option>. If you use a non-default port for <systemitem>ovsdb-server</systemitem>, you can specify <option>ovsdb_port</option>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:468(para)
|
||
msgid "<option>tunnel_interface</option>. Defines which IP address is used for tunneling. If you do not use tunneling, this value is ignored. The IP address is derived from the network interface name."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:481(para)
|
||
msgid "You can use the same configuration file for many compute nodes by using a network interface name with a different IP address:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_config-plugins.xml:488(para)
|
||
msgid "Restart the <systemitem class=\"service\">neutron-server</systemitem> to apply the settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:7(title)
|
||
msgid "Plug-in pagination and sorting support"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:9(caption)
|
||
msgid "Plug-ins that support native pagination and sorting"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:14(th)
|
||
msgid "Support Native Pagination"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:15(th)
|
||
msgid "Support Native Sorting"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking_pagination_and_sorting_support.xml:20(td) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:670(title)
|
||
msgid "ML2"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:5(title)
|
||
msgid "Advanced configuration options"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:6(para)
|
||
msgid "This section describes advanced configuration options for various system components. For example, configuration options where the default works but that the user wants to customize options. After installing from packages, <literal>$NEUTRON_CONF_DIR</literal> is <filename>/etc/neutron</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:11(title)
|
||
msgid "OpenStack Networking server with plug-in"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:12(para)
|
||
msgid "This web server runs the OpenStack Networking API Web Server. It is responsible for loading a plug-in and passing the API calls to the plug-in for processing. The neutron-server receives one or more configuration files as input. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:16(para)
|
||
msgid "The neutron config contains the common neutron configuration parameters. The plug-in configuration file contains the plug-in specific options. The plug-in that is run on the service is loaded through the <parameter>core_plugin</parameter> configuration parameter. In some cases a plug-in might have an agent that performs the actual networking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:21(para)
|
||
msgid "Most plug-ins require a SQL database. After you install and start the database server, set a password for the root account and delete the anonymous accounts:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:26(para)
|
||
msgid "Create a database and user account specifically for plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:31(para)
|
||
msgid "After this step completes, you can update the settings in the relevant plug-in configuration files. Find the plug-in specific configuration files at <filename>$NEUTRON_CONF_DIR/plugins</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:34(para)
|
||
msgid "Some plug-ins have a L2 agent that performs the actual networking. That is, the agent attaches the virtual machine NIC to the OpenStack Networking network. Each node should have an L2 agent running on it. Note that the agent receives the following input parameters:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:39(para)
|
||
msgid "You must complete these tasks before you can work with the plug-in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:42(para)
|
||
msgid "Ensure that the core plug-in is updated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:45(para)
|
||
msgid "Ensure that the database connection is correctly set."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:48(para)
|
||
msgid "The following table contains examples for these settings. Some Linux packages might provide installation utilities that configure these."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:54(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:117(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:164(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:314(th)
|
||
msgid "Parameter"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:55(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:118(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:165(th) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:315(th)
|
||
msgid "Value"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:64(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:85(td)
|
||
msgid "core_plugin ($NEUTRON_CONF_DIR/neutron.conf)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:65(td)
|
||
msgid "openvswitch"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:69(code) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:90(code)
|
||
msgid "[database]"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:68(td)
|
||
msgid "connection (in the plugin configuration file, section <placeholder-1/>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:70(td)
|
||
msgid "mysql://<username>:<password>@localhost/ovs_neutron?charset=utf8"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:73(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:94(td)
|
||
msgid "Plug-in Configuration File"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:74(td)
|
||
msgid "$NEUTRON_CONF_DIR/plugins/openvswitch/ovs_neutron_plugin.ini"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:78(td)
|
||
msgid "neutron-openvswitch-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:86(td)
|
||
msgid "linuxbridge"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:89(td)
|
||
msgid "connection (in the plug-in configuration file, section <placeholder-1/>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:91(td)
|
||
msgid "mysql://<username>:<password>@localhost/neutron_linux_bridge?charset=utf8"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:95(td)
|
||
msgid "$NEUTRON_CONF_DIR/plugins/linuxbridge/linuxbridge_conf.ini"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:99(td)
|
||
msgid "neutron-linuxbridge-agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:105(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:209(title)
|
||
msgid "DHCP agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:106(para)
|
||
msgid "You can run a DHCP server that allocates IP addresses to virtual machines running on the network. When a subnet is created, by default, the subnet has DHCP enabled."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:108(para)
|
||
msgid "The node that runs the DHCP agent should run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:110(para)
|
||
msgid "Currently the DHCP agent uses dnsmasq to perform that static address assignment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:112(para)
|
||
msgid "A driver must be configured that matches the plug-in running on the service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:127(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:135(td)
|
||
msgid "interface_driver ($NEUTRON_CONF_DIR/dhcp_agent.ini)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:128(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:175(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:325(td)
|
||
msgid "neutron.agent.linux.interface.OVSInterfaceDriver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:136(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:187(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:333(td)
|
||
msgid "neutron.agent.linux.interface.BridgeInterfaceDriver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:141(title) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:212(title) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:338(title)
|
||
msgid "Namespace"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:142(para)
|
||
msgid "By default the DHCP agent makes use of Linux network namespaces in order to support overlapping IP addresses. Requirements for network namespaces support are described in the <link linkend=\"section_limitations\">Limitations</link> section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:146(para)
|
||
msgid "If the Linux installation does not support network namespace, you must disable using network namespace in the DHCP agent configuration file. The default value of <option>use_namespaces</option> is <literal>True</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:153(title)
|
||
msgid "L3 agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:154(para)
|
||
msgid "You can run a L3 agent that enables layer 3 forwarding and floating IP support. The node that runs the L3 agent should run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:158(para)
|
||
msgid "A driver must be configured that matches the plug-in running on the service. The driver is used to create the routing interface."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:174(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:186(td)
|
||
msgid "interface_driver ($NEUTRON_CONF_DIR/l3_agent.ini)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:178(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:190(td)
|
||
msgid "external_network_bridge ($NEUTRON_CONF_DIR/l3_agent.ini)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:179(td)
|
||
msgid "br-ex"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:191(td)
|
||
msgid "This field must be empty (or the bridge name for the external network)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:195(para)
|
||
msgid "The L3 agent communicates with the OpenStack Networking server through the OpenStack Networking API, so the following configuration is required:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:199(para)
|
||
msgid "OpenStack Identity authentication:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:205(para)
|
||
msgid "Admin user details:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:213(para)
|
||
msgid "By default the L3 agent makes use of Linux network namespaces in order to support overlapping IP addresses. Requirements for network namespaces support are described in the <link linkend=\"section_limitations\">Limitation</link> section."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:216(para)
|
||
msgid "If the Linux installation does not support network namespace, you must disable using network namespace in the L3 agent config file. The default value of <option>use_namespaces</option> is <literal>True</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:220(para)
|
||
msgid "When <option>use_namespaces</option> is set to <literal>False</literal>, only one router ID can be supported per node. This must be configured via the configuration variable <emphasis>router_id</emphasis>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:226(para)
|
||
msgid "To configure it, you must run the OpenStack Networking service and create a router, and then set an ID of the router created to <emphasis>router_id</emphasis> in the L3 agent configuration file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:243(title)
|
||
msgid "Multiple external networks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:244(para)
|
||
msgid "Use one of these methods to support multiple external networks:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:247(para)
|
||
msgid "Assign multiple subnets to an external network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:250(para)
|
||
msgid "Use multiple floating IP pools."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:253(para)
|
||
msgid "The following sections describe these options."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:255(title)
|
||
msgid "Assign multiple subnets to an external network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:256(para)
|
||
msgid "This approach leverages the addition of on-link routes, which enables a router to host floating IPs from any of the subnets on an external network regardless of which subnet the primary router IP address comes from. This method does not require the creation of multiple external networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:260(para)
|
||
msgid "To add a subnet to the external network, use the following command template:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:262(replaceable)
|
||
msgid "EXT_NETWORK_NAME"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:262(replaceable)
|
||
msgid "CIDR"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:266(title)
|
||
msgid "Multiple floating IP pools"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:267(para)
|
||
msgid "The L3 API in OpenStack Networking supports multiple floating IP pools. In OpenStack Networking, a floating IP pool is represented as an external network and a floating IP is allocated from a subnet associated with the external network. Because you can associate each L3 agent with, at most, one external network, you must invoke multiple L3 agent to define multiple floating IP pools. The <option>gateway_external_network_id</option> option in the L3 agent configuration file defines the external network that the L3 agent handles. You can run multiple L3 agent instances on one host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:275(para)
|
||
msgid "In addition, when you run multiple L3 agents, make sure that <option>handle_internal_only_routers</option> is set to <literal>True</literal> only for one L3 agent in an OpenStack Networking deployment and set to <literal>False</literal> for all other L3 agents. Because the default value of this parameter is <literal>True</literal>, you must configure it carefully."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:281(para)
|
||
msgid "Before starting L3 agents, you must create routers and external networks, then update the configuration files with UUID of external networks and start L3 agents."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:284(para)
|
||
msgid "For the first agent, invoke it with the following <filename>l3_agent.ini</filename>, where handle_internal_only_routers is <literal>True</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:293(para)
|
||
msgid "For the second (or later) agent, invoke it with the following <filename>l3_agent.ini</filename> where handle_internal_only_routers is False."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:303(title)
|
||
msgid "L3 metering agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:304(para)
|
||
msgid "You can run a L3 metering agent that enables layer 3 traffic metering. In general, the metering agent should be launched on all nodes that run the L3 agent:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:308(para)
|
||
msgid "A driver must be configured that matches the plug-in running on the service. The driver is used to add metering to the routing interface."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:324(td) ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:332(td)
|
||
msgid "interface_driver ($NEUTRON_CONF_DIR/metering_agent.ini)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:339(para)
|
||
msgid "The metering agent and the L3 agent have to have the same configuration regarding to the network namespaces setting."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:342(para)
|
||
msgid "If the Linux installation does not support network namespace, you must disable using network namespace in the L3 metering config file (The default value of <option>use_namespaces</option> is <code>True</code>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:349(title)
|
||
msgid "L3 metering driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:350(para)
|
||
msgid "You must configure any driver that implements the metering abstraction. Currently the only available implementation uses iptables for metering."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:355(title)
|
||
msgid "L3 metering service driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:356(para)
|
||
msgid "To enable L3 metering, you must set the following parameter in <filename>neutron.conf</filename> on the host that runs <systemitem class=\"service\">neutron-server</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:363(title)
|
||
msgid "Limitations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:366(para)
|
||
msgid "<emphasis>No equivalent for nova-network <option>--multi_host</option> option</emphasis>. Nova-network has a model where the L3, NAT, and DHCP processing happen on the compute node itself, rather than a dedicated networking node. OpenStack Networking now support running multiple l3-agent and dhcp-agents with load being split across those agents, but the tight coupling of that scheduling with the location of the VM is not supported in Icehouse. The Juno release is expected to include an exact replacement for the <option>--multi_host</option> option in nova-network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:376(para)
|
||
msgid "<emphasis>Linux network namespace required on nodes running <systemitem class=\" service\">neutron-l3-agent</systemitem> or <systemitem class=\" service\">neutron-dhcp-agent</systemitem> if overlapping IPs are in use</emphasis>. To support overlapping IP addresses, the OpenStack Networking DHCP and L3 agents use Linux network namespaces by default. The hosts running these processes must support network namespaces. To support network namespaces, the following are required:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:388(para)
|
||
msgid "Linux kernel 2.6.24 or newer (with CONFIG_NET_NS=y in kernel configuration) and"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:392(para)
|
||
msgid "iproute2 utilities ('ip' command) version 3.1.0 (aka 20111117) or newer"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:396(para)
|
||
msgid "To check whether your host supports namespaces try running the following as root:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:400(para)
|
||
msgid "If the preceding commands do not produce errors, your platform is likely sufficient to use the dhcp-agent or l3-agent with namespace. In our experience, Ubuntu 12.04 or later support namespaces as does Fedora 17 and new, but some older RHEL platforms do not by default. It may be possible to upgrade the iproute2 package on a platform that does not support namespaces by default."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:406(para)
|
||
msgid "If you must disable namespaces, make sure the <filename>neutron.conf</filename> used by neutron-server has the following setting:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:410(para)
|
||
msgid "Also, ensure that the <filename>dhcp_agent.ini</filename> and l<filename>3_agent.ini</filename> have the following setting:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:414(para)
|
||
msgid "If the host does not support namespaces, the <systemitem class=\"service\">neutron-l3-agent</systemitem> and <systemitem class=\"service\">neutron-dhcp-agent</systemitem> should run on different hosts because there is no isolation between the IP addresses created by the L3 agent and by the DHCP agent. By manipulating the routing, the user can ensure that these networks have access to one another."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:421(para)
|
||
msgid "If you run both L3 and DHCP services on the same node, you should enable namespaces to avoid conflicts with routes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:426(para)
|
||
msgid "<emphasis>No IPv6 support for L3 agent</emphasis>. The <systemitem class=\" service\">neutron-l3-agent</systemitem>, used by many plug-ins to implement L3 forwarding, supports only IPv4 forwarding. Currently, there are no errors provided if you configure IPv6 addresses via the API."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:434(para)
|
||
msgid "<emphasis>ZeroMQ support is experimental</emphasis>. Some agents, including <systemitem class=\"service\">neutron-dhcp-agent</systemitem>, <systemitem class=\"service\">neutron-openvswitch-agent</systemitem>, and <systemitem class=\"service\">neutron-linuxbridge-agent</systemitem> use RPC to communicate. ZeroMQ is an available option in the configuration file, but has not been tested and should be considered experimental. In particular, issues might occur with ZeroMQ and the dhcp agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-adv-config.xml:443(para)
|
||
msgid "<emphasis>MetaPlugin is experimental</emphasis>. This release includes a MetaPlugin that is intended to support multiple plug-ins at the same time for different API requests, based on the content of those API requests. The core team has not thoroughly reviewed or tested this functionality. Consider this functionality to be experimental until further validation is performed."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:7(title)
|
||
msgid "Configure Identity Service for Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:9(title)
|
||
msgid "To configure the Identity Service for use with Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:12(title)
|
||
msgid "Create the <function>get_id()</function> function"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:13(para)
|
||
msgid "The <function>get_id()</function> function stores the ID of created objects, and removes the need to copy and paste object IDs in later steps:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:17(para)
|
||
msgid "Add the following function to your <filename>.bashrc</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:24(para)
|
||
msgid "Source the <filename>.bashrc</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:30(title)
|
||
msgid "Create the Networking service entry"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:31(para)
|
||
msgid "Networking must be available in the Compute service catalog. Create the service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:35(title)
|
||
msgid "Create the Networking service endpoint entry"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:37(para)
|
||
msgid "The way that you create a Networking endpoint entry depends on whether you are using the SQL or the template catalog driver:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:41(para)
|
||
msgid "If you use the <emphasis>SQL driver</emphasis>, run the following command with the specified region (<literal>$REGION</literal>), IP address of the Networking server (<literal>$IP</literal>), and service ID (<literal>$NEUTRON_SERVICE_ID</literal>, obtained in the previous step)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:53(para)
|
||
msgid "If you are using the <emphasis>template driver</emphasis>, specify the following parameters in your Compute catalog template file (<filename>default_catalog.templates</filename>), along with the region (<literal>$REGION</literal>) and IP address of the Networking server (<literal>$IP</literal>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:71(title)
|
||
msgid "Create the Networking service user"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:72(para)
|
||
msgid "You must provide admin user credentials that Compute and some internal Networking components can use to access the Networking API. Create a special <literal>service</literal> tenant and a <literal>neutron</literal> user within this tenant, and assign an <literal>admin</literal> role to this role."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:78(para)
|
||
msgid "Create the <literal>admin</literal> role:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:83(para)
|
||
msgid "Create the <literal>neutron</literal> user:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:88(para)
|
||
msgid "Create the <literal>service</literal> tenant:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:92(para)
|
||
msgid "Establish the relationship among the tenant, user, and role:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:99(para)
|
||
msgid "For information about how to create service entries and users, see the <citetitle>OpenStack Installation Guide</citetitle> for your distribution (<link href=\"docs.openstack.org\">docs.openstack.org</link>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:104(para)
|
||
msgid "If you use Networking, do not run the Compute <systemitem class=\"service\">nova-network</systemitem> service (like you do in traditional Compute deployments). Instead, Compute delegates most network-related decisions to Networking. Compute proxies tenant-facing API calls to manage security groups and floating IPs to Networking APIs. However, operator-facing tools such as <systemitem class=\"service\">nova-manage</systemitem>, are not proxied and should not be used."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:111(para)
|
||
msgid "When you configure networking, you must use this guide. Do not rely on Compute networking documentation or past experience with Compute. If a <placeholder-1/> command or configuration option related to networking is not mentioned in this guide, the command is probably not supported for use with Networking. In particular, you cannot use CLI tools like <placeholder-2/> and <placeholder-3/> to manage networks or IP addressing, including both fixed and floating IPs, with Networking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:119(para)
|
||
msgid "Uninstall <systemitem class=\"service\">nova-network</systemitem> and reboot any physical nodes that have been running <systemitem class=\"service\">nova-network</systemitem> before using them to run Networking. Inadvertently running the <systemitem class=\"service\">nova-network</systemitem> process while using Networking can cause problems, as can stale iptables rules pushed down by previously running <systemitem class=\"service\">nova-network</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:127(para)
|
||
msgid "To ensure that Compute works properly with Networking (rather than the legacy <systemitem class=\"service\">nova-network</systemitem> mechanism), you must adjust settings in the <filename>nova.conf</filename> configuration file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:134(title)
|
||
msgid "Networking API and credential configuration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:135(para)
|
||
msgid "Each time you provision or de-provision a VM in Compute, <systemitem class=\"service\">nova-*</systemitem> services communicate with Networking using the standard API. For this to happen, you must configure the following items in the <filename>nova.conf</filename> file (used by each <systemitem class=\"service\">nova-compute</systemitem> and <systemitem class=\"service\">nova-api</systemitem> instance)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:141(caption)
|
||
msgid "nova.conf API and credential settings"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:146(th) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:221(td) ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:256(td)
|
||
msgid "Item"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:152(literal)
|
||
msgid "network_api_class"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:154(para)
|
||
msgid "Modify from the default to <literal>nova.network.neutronv2.api.API</literal>, to indicate that Networking should be used rather than the traditional <systemitem class=\"service\">nova-network </systemitem> networking model."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:162(literal)
|
||
msgid "neutron_url"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:163(para)
|
||
msgid "Update to the hostname/IP and port of the <systemitem class=\"service\">neutron-server</systemitem> instance for this deployment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:169(literal)
|
||
msgid "neutron_auth_strategy"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:170(para)
|
||
msgid "Keep the default <literal>keystone</literal> value for all production deployments."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:174(literal)
|
||
msgid "neutron_admin_tenant_name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:176(para)
|
||
msgid "Update to the name of the service tenant created in the above section on Identity configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:181(literal)
|
||
msgid "neutron_admin_username"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:183(para)
|
||
msgid "Update to the name of the user created in the above section on Identity configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:188(literal)
|
||
msgid "neutron_admin_password"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:190(para)
|
||
msgid "Update to the password of the user created in the above section on Identity configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:195(literal)
|
||
msgid "neutron_admin_auth_url"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:197(para)
|
||
msgid "Update to the Identity server IP and port. This is the Identity (keystone) admin API server IP and port value, and not the Identity service API IP and port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:207(title)
|
||
msgid "Configure security groups"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:208(para)
|
||
msgid "The Networking Service provides security group functionality using a mechanism that is more flexible and powerful than the security group capabilities built into Compute. Therefore, if you use Networking, you should always disable built-in security groups and proxy all security group calls to the Networking API . If you do not, security policies will conflict by being simultaneously applied by both services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:213(para)
|
||
msgid "To proxy security groups to Networking, use the following configuration values in <filename>nova.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:216(caption)
|
||
msgid "nova.conf security group settings"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:227(literal)
|
||
msgid "firewall_driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:228(para)
|
||
msgid "Update to <literal>nova.virt.firewall.NoopFirewallDriver</literal>, so that <systemitem class=\"service\">nova-compute</systemitem> does not perform iptables-based filtering itself."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:235(literal)
|
||
msgid "security_group_api"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:236(para)
|
||
msgid "Update to <literal>neutron</literal>, so that all security group requests are proxied to the Network Service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:243(title)
|
||
msgid "Configure metadata"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:244(para)
|
||
msgid "The Compute service allows VMs to query metadata associated with a VM by making a web request to a special 169.254.169.254 address. Networking supports proxying those requests to <systemitem class=\"service\">nova-api</systemitem>, even when the requests are made from isolated networks, or from multiple networks that use overlapping IP addresses."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:248(para)
|
||
msgid "To enable proxying the requests, you must update the following fields in <filename>nova.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:251(caption)
|
||
msgid "nova.conf metadata settings"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:262(literal)
|
||
msgid "service_neutron_metadata_proxy"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:264(para)
|
||
msgid "Update to <literal>true</literal>, otherwise <systemitem class=\"service\">nova-api</systemitem> will not properly respond to requests from the <systemitem class=\"service\">neutron-metadata-agent</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:271(literal)
|
||
msgid "neutron_metadata_proxy_shared_secret"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:273(para)
|
||
msgid "Update to a string \"password\" value. You must also configure the same value in the <filename>metadata_agent.ini</filename> file, to authenticate requests made for metadata."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:277(para)
|
||
msgid "The default value of an empty string in both files will allow metadata to function, but will not be secure if any non-trusted entities have access to the metadata APIs exposed by <systemitem class=\"service\">nova-api</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:286(para)
|
||
msgid "As a precaution, even when using <literal>neutron_metadata_proxy_shared_secret</literal>, it is recommended that you do not expose metadata using the same <systemitem class=\"service\">nova-api</systemitem> instances that are used for tenants. Instead, you should run a dedicated set of <systemitem class=\"service\">nova-api</systemitem> instances for metadata that are available only on your management network. Whether a given <systemitem class=\"service\">nova-api</systemitem> instance exposes metadata APIs is determined by the value of <literal>enabled_apis</literal> in its <filename>nova.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:301(title)
|
||
msgid "Example nova.conf (for <systemitem class=\"service\">nova-compute</systemitem> and <systemitem class=\"service\">nova-api</systemitem>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-config-identity.xml:304(para)
|
||
msgid "Example values for the above settings, assuming a cloud controller node running Compute and Networking with an IP address of 192.168.1.2:"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:42(None) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:493(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1.png'; md5=6c8c80ff7e23cc2c7c7e1aa66e1fd8c0"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:81(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-compute.png'; md5=46509fcb546df0f43adb5350f2dd9fab"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:181(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-network.png'; md5=8eea1c1dbde433c46666c985751c3276"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:261(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-ovs-netns.png'; md5=de52650e491e4dc2946e827cd93e0a85"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:307(None) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:590(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2.png'; md5=148feb87744e7b04da21ec4f17503c75"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:349(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-compute.png'; md5=94603b4ec7904ac04bc1ed81a2d38f79"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:364(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-network.png'; md5=80aa67268b5ce7deddc41845e6313634"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:373(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-ovs-netns.png'; md5=d8878beff47037240d6f8c48f8d4d4c3"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:396(None)
|
||
msgid "@@image: '../../common/figures/OVStunneling.png'; md5=16566954148d880dacbb570aafd48f14"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:533(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-compute.png'; md5=8270a65d291a628c7091997414046167"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:571(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-network.png'; md5=bd78453eb11ffebddf55484ca2cd125e"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:578(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-1-linuxbridge-netns.png'; md5=915d10e90cbb18e887b4d5eb5ea15e58"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:633(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-compute.png'; md5=f68f0baeba932b219574e55853bd2300"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:648(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-network.png'; md5=25f818f7f9148152e5a8dbf6d530dcf6"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:656(None)
|
||
msgid "@@image: '../../common/figures/under-the-hood-scenario-2-linuxbridge-netns.png'; md5=cdc0bd4b3e7988f7fedffefae4dae9d0"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:706(None)
|
||
msgid "@@image: '../../common/figures/ml2_without_l2pop_full_mesh.png'; md5=881485c0686f20b82967d5b817932952"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:721(None)
|
||
msgid "@@image: '../../common/figures/ml2_without_l2pop_partial_mesh.png'; md5=66fe83560a3e1880ffe3a85d80538f83"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:7(title)
|
||
msgid "Networking scenarios"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:8(para)
|
||
msgid "This chapter describes two networking scenarios and how the Open vSwitch plug-in and the Linux Bridge plug-in implement these scenarios."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:14(para)
|
||
msgid "This section describes how the Open vSwitch plug-in implements the Networking abstractions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:18(para)
|
||
msgid "This example uses VLAN segmentation on the switches to isolate tenant networks. This configuration labels the physical network associated with the public network as <literal>physnet1</literal>, and the physical network associated with the data network as <literal>physnet2</literal>, which leads to the following configuration options in <filename>ovs_neutron_plugin.ini</filename>: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:33(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:483(title)
|
||
msgid "Scenario 1: one tenant, two networks, one router"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:34(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:484(para)
|
||
msgid "The first scenario has two private networks (<literal>net01</literal>, and <literal>net02</literal>), each with one subnet (<literal>net01_subnet01</literal>: 192.168.101.0/24, <literal>net02_subnet01</literal>, 192.168.102.0/24). Both private networks are attached to a router that connects them to the public network (10.64.201.0/24)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:45(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:496(para)
|
||
msgid "Under the <literal>service</literal> tenant, create the shared router, define the public network, and set it as the default gateway of the router<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:56(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:507(para)
|
||
msgid "Under the <literal>demo</literal> user tenant, create the private network <literal>net01</literal> and corresponding subnet, and connect it to the <literal>router01</literal> router. Configure it to use VLAN ID 101 on the physical switch.<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:67(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:518(para)
|
||
msgid "Similarly, for <literal>net02</literal>, using VLAN ID 102 on the physical switch:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:77(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:527(title)
|
||
msgid "Scenario 1: Compute host config"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:78(para)
|
||
msgid "The following figure shows how to configure various Linux networking devices on the compute host:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:86(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:538(title)
|
||
msgid "Types of network devices"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:87(para)
|
||
msgid "There are four distinct type of virtual networking devices: TAP devices, veth pairs, Linux bridges, and Open vSwitch bridges. For an ethernet frame to travel from <literal>eth0</literal> of virtual machine <literal>vm01</literal> to the physical network, it must pass through nine devices inside of the host: TAP <literal>vnet0</literal>, Linux bridge <literal>qbr<replaceable>nnn</replaceable></literal>, veth pair <literal>(qvb<replaceable>nnn</replaceable>, qvo<replaceable>nnn</replaceable>)</literal>, Open vSwitch bridge <literal>br-int</literal>, veth pair <literal>(int-br-eth1, phy-br-eth1)</literal>, and, finally, the physical network interface card <literal>eth1</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:98(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:547(para)
|
||
msgid "A <emphasis role=\"italic\">TAP device</emphasis>, such as <literal>vnet0</literal> is how hypervisors such as KVM and Xen implement a virtual network interface card (typically called a VIF or vNIC). An ethernet frame sent to a TAP device is received by the guest operating system."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:102(para)
|
||
msgid "A <emphasis role=\"italic\">veth pair</emphasis> is a pair of directly connected virtual network interfaces. An ethernet frame sent to one end of a veth pair is received by the other end of a veth pair. Networking uses veth pairs as virtual patch cables to make connections between virtual bridges."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:106(para)
|
||
msgid "A <emphasis role=\"italic\">Linux bridge</emphasis> behaves like a simple MAC learning switch: you can connect multiple (physical or virtual) network interfaces devices to a Linux bridge. The Linux bridge uses a MAC caching table to record which interface on the bridge is used to communicate with a host on the link. For any ethernet frames that come in from one interface attached to the bridge, the host MAC address and port on which the frame was received is recorded in the MAC caching table for a limited time. When the bridge needs to forward a frame, it will check to see if the frame's destination MAC address is recorded in the table. If so, the Linux bridge forwards the frame through only that port. If not, the frame is flooded to all network ports in the bridge, with the exception of the port where the frame was received."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:117(para)
|
||
msgid "An <emphasis role=\"italic\">Open vSwitch bridge</emphasis> behaves like a virtual switch: network interface devices connect to Open vSwitch bridge's ports, and the ports can be configured much like a physical switch's ports, including VLAN configurations."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:123(title)
|
||
msgid "Integration bridge"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:124(para)
|
||
msgid "The <literal>br-int</literal> Open vSwitch bridge is the integration bridge: all guests running on the compute host connect to this bridge. Networking implements isolation across these guests by configuring the <literal>br-int</literal> ports."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:130(title)
|
||
msgid "Physical connectivity bridge"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:131(para)
|
||
msgid "The <literal>br-eth1</literal> bridge provides connectivity to the physical network interface card, <literal>eth1</literal>. It connects to the integration bridge by a veth pair: <literal>(int-br-eth1, phy-br-eth1)</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:136(title)
|
||
msgid "VLAN translation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:137(para)
|
||
msgid "In this example, net01 and net02 have VLAN ids of 1 and 2, respectively. However, the physical network in our example only supports VLAN IDs in the range 101 through 110. The Open vSwitch agent is responsible for configuring flow rules on <literal>br-int</literal> and <literal>br-eth1</literal> to do VLAN translation. When <literal>br-eth1</literal> receives a frame marked with VLAN ID 1 on the port associated with <literal>phy-br-eth1</literal>, it modifies the VLAN ID in the frame to 101. Similarly, when <literal>br-int</literal> receives a frame marked with VLAN ID 101 on the port associated with <literal>int-br-eth1</literal>, it modifies the VLAN ID in the frame to 1."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:148(title)
|
||
msgid "Security groups: iptables and Linux bridges"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:149(para)
|
||
msgid "Ideally, the TAP device <literal>vnet0</literal> would be connected directly to the integration bridge, <literal>br-int</literal>. Unfortunately, this isn't possible because of how OpenStack security groups are currently implemented. OpenStack uses iptables rules on the TAP devices such as <literal>vnet0</literal> to implement security groups, and Open vSwitch is not compatible with iptables rules that are applied directly on TAP devices that are connected to an Open vSwitch port."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:156(para)
|
||
msgid "Networking uses an extra Linux bridge and a veth pair as a workaround for this issue. Instead of connecting <literal>vnet0</literal> to an Open vSwitch bridge, it is connected to a Linux bridge, <literal>qbr<replaceable>XXX</replaceable></literal>. This bridge is connected to the integration bridge, <literal>br-int</literal>, through the <literal>(qvb<replaceable>XXX</replaceable>, qvo<replaceable>XXX</replaceable>)</literal> veth pair."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:166(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:567(title)
|
||
msgid "Scenario 1: Network host config"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:167(para)
|
||
msgid "The network host runs the neutron-openvswitch-plugin-agent, the neutron-dhcp-agent, neutron-l3-agent, and neutron-metadata-agent services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:169(para)
|
||
msgid "On the network host, assume that eth0 is connected to the external network, and eth1 is connected to the data network, which leads to the following configuration in the <filename>ovs_neutron_plugin.ini</filename> file: <placeholder-1/> The following figure shows the network devices on the network host:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:184(para)
|
||
msgid "As on the compute host, there is an Open vSwitch integration bridge (<literal>br-int</literal>) and an Open vSwitch bridge connected to the data network (<literal>br-eth1</literal>), and the two are connected by a veth pair, and the neutron-openvswitch-plugin-agent configures the ports on both switches to do VLAN translation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:189(para)
|
||
msgid "An additional Open vSwitch bridge, <literal>br-ex</literal>, connects to the physical interface that is connected to the external network. In this example, that physical interface is <literal>eth0</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:192(para)
|
||
msgid "While the integration bridge and the external bridge are connected by a veth pair <literal>(int-br-ex, phy-br-ex)</literal>, this example uses layer 3 connectivity to route packets from the internal networks to the public network: no packets traverse that veth pair in this example."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:196(title)
|
||
msgid "Open vSwitch internal ports"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:197(para)
|
||
msgid "The network host uses Open vSwitch <emphasis role=\"italic\">internal ports</emphasis>. Internal ports enable you to assign one or more IP addresses to an Open vSwitch bridge. In previous example, the <literal>br-int</literal> bridge has four internal ports: <literal>tap<replaceable>XXX</replaceable></literal>, <literal>qr-<replaceable>YYY</replaceable></literal>, <literal>qr-<replaceable>ZZZ</replaceable></literal>, and <literal>tap<replaceable>WWW</replaceable></literal>. Each internal port has a separate IP address associated with it. An internal port, <literal>qg-VVV</literal>, is on the <literal>br-ex</literal> bridge."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:210(para)
|
||
msgid "By default, The Networking DHCP agent uses a process called dnsmasq to provide DHCP services to guests. Networking must create an internal port for each network that requires DHCP services and attach a dnsmasq process to that port. In the previous example, the <literal>tap<replaceable>XXX</replaceable></literal> interface is on <literal>net01_subnet01</literal>, and the <literal>tap<replaceable>WWW</replaceable></literal> interface is on <literal>net02_subnet01</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:220(title)
|
||
msgid "L3 agent (routing)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:221(para)
|
||
msgid "The Networking L3 agent uses Open vSwitch internal ports to implement routing and relies on the network host to route the packets across the interfaces. In this example, the <literal>qr-YYY</literal> interface is on <literal>net01_subnet01</literal> and has the IP address 192.168.101.1/24. The <literal>qr-<replaceable>ZZZ</replaceable></literal>, interface is on <literal>net02_subnet01</literal> and has the IP address <literal>192.168.102.1/24</literal>. The <literal>qg-<replaceable>VVV</replaceable></literal> interface has the IP address <literal>10.64.201.254/24</literal>. Because each of these interfaces is visible to the network host operating system, the network host routes the packets across the interfaces, as long as an administrator has enabled IP forwarding."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:233(para)
|
||
msgid "The L3 agent uses iptables to implement floating IPs to do the network address translation (NAT)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:237(title)
|
||
msgid "Overlapping subnets and network namespaces"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:238(para)
|
||
msgid "One problem with using the host to implement routing is that one of the Networking subnets might overlap with one of the physical networks that the host uses. For example, if the management network is implemented on <literal>eth2</literal> and also happens to be on the <literal>192.168.101.0/24</literal> subnet, routing problems will occur because the host can't determine whether to send a packet on this subnet to <literal>qr-YYY</literal> or <literal>eth2</literal>. If end users are permitted to create their own logical networks and subnets, you must design the system so that such collisions do not occur."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:247(para)
|
||
msgid "Networking uses Linux <emphasis role=\"italic\">network namespaces </emphasis>to prevent collisions between the physical networks on the network host, and the logical networks used by the virtual machines. It also prevents collisions across different logical networks that are not routed to each other, as the following scenario shows."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:252(para)
|
||
msgid "A network namespace is an isolated environment with its own networking stack. A network namespace has its own network interfaces, routes, and iptables rules. Consider it a chroot jail, except for networking instead of for a file system. LXC (Linux containers) use network namespaces to implement networking virtualization."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:257(para)
|
||
msgid "Networking creates network namespaces on the network host to avoid subnet collisions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:266(para)
|
||
msgid "<literal>qdhcp-<replaceable>aaa</replaceable></literal>: contains the <literal>tap<replaceable>XXX</replaceable></literal> interface and the dnsmasq process that listens on that interface to provide DHCP services for <literal>net01_subnet01</literal>. This allows overlapping IPs between <literal>net01_subnet01</literal> and any other subnets on the network host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:276(para)
|
||
msgid "<literal>qrouter-<replaceable>bbbb</replaceable></literal>: contains the <literal>qr-<replaceable>YYY</replaceable></literal>, <literal>qr-<replaceable>ZZZ</replaceable></literal>, and <literal>qg-<replaceable>VVV</replaceable></literal> interfaces, and the corresponding routes. This namespace implements <literal>router01</literal> in our example."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:285(para)
|
||
msgid "<literal>qdhcp-<replaceable>ccc</replaceable></literal>: contains the <literal>tap<replaceable>WWW</replaceable></literal> interface and the dnsmasq process that listens on that interface, to provide DHCP services for <literal>net02_subnet01</literal>. This allows overlapping IPs between <literal>net02_subnet01</literal> and any other subnets on the network host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:264(para)
|
||
msgid "In this example, there are three network namespaces, as shown in the figure above:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:299(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:584(title)
|
||
msgid "Scenario 2: two tenants, two networks, two routers"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:301(para)
|
||
msgid "In this scenario, tenant A and tenant B each have a network with one subnet and one router that connects the tenants to the public Internet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:310(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:593(para)
|
||
msgid "Under the <literal>service</literal> tenant, define the public network:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:318(para)
|
||
msgid "Under the <literal>tenantA</literal> user tenant, create the tenant router and set its gateway for the public network.<placeholder-1/> Then, define private network <literal>net01</literal> using VLAN ID 101 on the physical switch, along with its subnet, and connect it to the router. <placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:331(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:614(para)
|
||
msgid "Similarly, for <literal>tenantB</literal>, create a router and another network, using VLAN ID 102 on the physical switch:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:344(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:627(title)
|
||
msgid "Scenario 2: Compute host config"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:345(para)
|
||
msgid "The following figure shows how to configure Linux networking devices on the compute host:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:352(para)
|
||
msgid "The compute host configuration resembles the configuration in scenario 1. However, in scenario 1, a guest connects to two subnets while in this scenario, the subnets belong to different tenants."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:359(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:643(title)
|
||
msgid "Scenario 2: Network host config"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:360(para) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:644(para)
|
||
msgid "The following figure shows the network devices on the network host for the second scenario."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:367(para)
|
||
msgid "In this configuration, the network namespaces are organized to isolate the two subnets from each other as shown in the following figure."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:376(para)
|
||
msgid "In this scenario, there are four network namespaces (<literal>qhdcp-<replaceable>aaa</replaceable></literal>, <literal>qrouter-<replaceable>bbbb</replaceable></literal>, <literal>qrouter-<replaceable>cccc</replaceable></literal>, and <literal>qhdcp-<replaceable>dddd</replaceable></literal>), instead of three. Since there is no connectivity between the two networks, and so each router is implemented by a separate namespace."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:386(title)
|
||
msgid "Configure Open vSwitch tunneling"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:387(para)
|
||
msgid "Tunneling encapsulates network traffic between physical Networking hosts and allows VLANs to span multiple physical hosts. Instances communicate as if they share the same layer 2 network. Open vSwitch supports tunneling with the VXLAN and GRE encapsulation protocols."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:393(title) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:399(phrase)
|
||
msgid "Example VXLAN tunnel"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:403(para)
|
||
msgid "This diagram shows two instances running on separate hosts connected by a VXLAN tunnel. The required physical and virtual components are also illustrated. The following procedure creates a VXLAN or GRE tunnel between two Open vSwitches running on separate Networking hosts:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:409(title)
|
||
msgid "Example tunnel configuration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:411(para)
|
||
msgid "Create a virtual bridge named OVS-BR0 on each participating host:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:420(para)
|
||
msgid "Create a tunnel to link the OVS-BR0 virtual bridges. Run the ovs-vsctl command on HOST1 to create the tunnel and link it to the bridge on HOST2:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:423(emphasis) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:441(emphasis)
|
||
msgid "GRE tunnel command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:429(emphasis) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:447(emphasis)
|
||
msgid "VXLAN tunnel command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:437(para)
|
||
msgid "Run the ovs-vsctl command on HOST1 to create the tunnel and link it to the bridge on HOST2."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:455(para)
|
||
msgid "Successful completion of these steps results in the two instances sharing a layer 2 network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:461(para)
|
||
msgid "This section describes how the Linux Bridge plug-in implements the Networking abstractions. For information about DHCP and L3 agents, see <xref linkend=\"under_the_hood_openvswitch_scenario1\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:467(para)
|
||
msgid "This example uses VLAN isolation on the switches to isolate tenant networks. This configuration labels the physical network associated with the public network as <literal>physnet1</literal>, and the physical network associated with the data network as <literal>physnet2</literal>, which leads to the following configuration options in <filename>linuxbridge_conf.ini</filename>: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:528(para)
|
||
msgid "The following figure shows how to configure the various Linux networking devices on the compute host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:539(para)
|
||
msgid "There are three distinct type of virtual networking devices: TAP devices, VLAN devices, and Linux bridges. For an ethernet frame to travel from <literal>eth0</literal> of virtual machine <literal>vm01</literal>, to the physical network, it must pass through four devices inside of the host: TAP <literal>vnet0</literal>, Linux bridge <literal>brq<replaceable>XXX</replaceable></literal>, VLAN <literal>eth1.101)</literal>, and, finally, the physical network interface card <literal>eth1</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:551(para)
|
||
msgid "A <emphasis role=\"italic\">VLAN device</emphasis> is associated with a VLAN tag attaches to an existing interface device and adds or removes VLAN tags. In the preceding example, VLAN device <literal>eth1.101</literal> is associated with VLAN ID 101 and is attached to interface <literal>eth1</literal>. Packets received from the outside by <literal>eth1</literal> with VLAN tag 101 will be passed to device <literal>eth1.101</literal>, which will then strip the tag. In the other direction, any ethernet frame sent directly to eth1.101 will have VLAN tag 101 added and will be forward to <literal>eth1</literal> for sending out to the network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:560(para)
|
||
msgid "A <emphasis role=\"italic\">Linux bridge</emphasis> behaves like a hub: you can connect multiple (physical or virtual) network interfaces devices to a Linux bridge. Any ethernet frames that come in from one interface attached to the bridge is transmitted to all of the other devices."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:568(para)
|
||
msgid "The following figure shows the network devices on the network host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:574(para)
|
||
msgid "The following figure shows how the Linux Bridge plug-in uses network namespaces to provide isolation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:575(para)
|
||
msgid "veth pairs form connections between the Linux bridges and the network namespaces."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:585(para)
|
||
msgid "The second scenario has two tenants (A, B). Each tenant has a network with one subnet, and each one has a router that connects them to the public Internet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:601(para)
|
||
msgid "Under the <literal>tenantA</literal> user tenant, create the tenant router and set its gateway for the public network.<placeholder-1/> Then, define private network <literal>net01</literal> using VLAN ID 102 on the physical switch, along with its subnet, and connect it to the router. <placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:628(para)
|
||
msgid "The following figure shows how the various Linux networking devices would be configured on the compute host under this scenario."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:636(para)
|
||
msgid "The configuration on the compute host is very similar to the configuration in scenario 1. The only real difference is that scenario 1 had a guest connected to two subnets, and in this scenario the subnets belong to different tenants."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:651(para)
|
||
msgid "The main difference between the configuration in this scenario and the previous one is the organization of the network namespaces, in order to provide isolation across the two subnets, as shown in the following figure."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:659(para)
|
||
msgid "In this scenario, there are four network namespaces (<literal>qhdcp-<replaceable>aaa</replaceable></literal>, <literal>qrouter-<replaceable>bbbb</replaceable></literal>, <literal>qrouter-<replaceable>cccc</replaceable></literal>, and <literal>qhdcp-<replaceable>dddd</replaceable></literal>), instead of three. Each router is implemented by a separate namespace, since there is no connectivity between the two networks."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:671(para)
|
||
msgid "The Modular Layer 2 plug-in allows OpenStack Networking to simultaneously utilize the variety of layer 2 networking technologies found in complex real-world data centers. It currently includes drivers for the local, flat, VLAN, GRE and VXLAN network types and works with the existing <emphasis>Open vSwitch</emphasis>, <emphasis>Linux Bridge </emphasis>, and <emphasis>HyperV</emphasis> L2 agents. The <emphasis>ML2</emphasis> plug-in can be extended through mechanism drivers, allowing multiple mechanisms to be used simultaneously. This section describes different <emphasis>ML2</emphasis> plug-in and agent configurations with different type drivers and mechanism drivers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:683(para)
|
||
msgid "Previously, Networking deployments were only able to use the plug-in that had been selected at implementation time. For example, a deployment running the Open vSwitch plug-in was only able to use Open vSwitch exclusively; it wasn't possible to simultaneously run another plug-in such as Linux Bridge. This was found to be a limitation in environments with heterogeneous requirements."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:689(para)
|
||
msgid "Disabling a ML2 type driver and re-enabling it later may lead to database inconsistencies if ML2 is reconfigured without support for that type."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:694(title)
|
||
msgid "ML2 with L2 population mechanism driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:695(para)
|
||
msgid "The L2 Population driver enables broadcast, multicast, and unicast traffic to scale out on large overlay networks. This traffic is sent to the relevant agent via encapsulation as a targeted unicast."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:699(para)
|
||
msgid "Current <emphasis>Open vSwitch</emphasis> and <emphasis>Linux Bridge</emphasis> tunneling implementations broadcast to every agent, even if they don’t host the corresponding network as illustrated below."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:709(para)
|
||
msgid "As broadcast emulation on overlay is costly, it may be better to avoid its use for MAC learning and ARP resolution. This supposes the use of proxy ARP on the agent to answer VM requests, and to populate forwarding table. Currently only the <emphasis>Linux Bridge</emphasis> Agent implements an ARP proxy. The prepopulation limits L2 broadcasts in overlay, however it may anyway be necessary to provide broadcast emulation. This is achieved by broadcasting packets via unicast only to the relevant agents as illustrated below.<placeholder-1/>The partial-mesh is available with the <emphasis>Open vSwitch</emphasis> and <emphasis>Linux Bridge</emphasis> agents. The following scenarios will use the L2 population mechanism driver with an <emphasis>Open vSwitch</emphasis> agent and a <emphasis>Linux Bridge</emphasis> agent. Enable the l2 population driver by adding it to the list of mechanism drivers. In addition, a tunneling driver must be selected. Supported options are GRE, VXLAN, or a combination of both. Configuration settings are enabled in <filename>ml2_conf.ini</filename>:<placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:738(title)
|
||
msgid "Scenario 1: L2 population with Open vSwitch agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:744(replaceable) ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:758(replaceable)
|
||
msgid "192.168.1.10"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:747(replaceable)
|
||
msgid "vxlan"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:739(para)
|
||
msgid "Enable the l2 population extension in the <emphasis>Open vSwitch</emphasis> agent, and configure the <option>local_ip</option> and <option>tunnel_types</option> parameters in the <filename>ml2_conf.ini</filename> file: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:751(title)
|
||
msgid "Scenario 2: L2 population with <emphasis>Linux Bridge</emphasis> agent"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:752(para)
|
||
msgid "Enable the l2 population extension on the <emphasis>Linux Bridge</emphasis> agent. Enable VXLAN and configure the local_ip parameter in <filename>ml2_conf.ini</filename>. <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:762(title)
|
||
msgid "Enable security group API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/networking/section_networking-scenarios.xml:763(para)
|
||
msgid "Since the ML2 plug-in can concurrently support different L2 agents (or other mechanisms) with different configuration files, the actual <option>firewall_driver </option> value in the <filename>ml2_conf.ini</filename> file does not matter in the server, but <option>firewall_driver</option> must be set to a non-default value in the ml2 configuration to enable the securitygroup extension. To enable securitygroup API, edit the <filename>ml2_conf.ini</filename> file:<placeholder-1/> Each L2 agent configuration file (such as <filename>ovs_neutron_plugin.ini</filename> or <filename>linuxbridge_conf.ini</filename>) should contain the appropriate <option>firewall_driver</option> value for that agent. To disable securitygroup API, edit the <filename>ml2_conf.ini</filename> file:<placeholder-2/> Also, each L2 agent configuration file (such as <filename>ovs_neutron_plugin.ini</filename> or <filename>linuxbridge_conf.ini</filename>) should contain this value in <option>firewall_driver</option> parameter for that agent."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:7(title)
|
||
msgid "Configure Identity service for token binding"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:8(para)
|
||
msgid "Token binding embeds information from an external authentication mechanism, such as a Kerberos server or X.509 certificate, inside a token. By using token binding, a client can enforce the use of a specified external authentication mechanism with the token. This additional security mechanism ensures that if a token is stolen, for example, it is not usable without external authentication."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:15(para)
|
||
msgid "You configure the authentication types for a token binding in the <filename>keystone.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:19(para)
|
||
msgid "or"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:22(para)
|
||
msgid "Currently <literal>kerberos</literal> and <literal>x509</literal> are supported."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:24(para)
|
||
msgid "To enforce checking of token binding, set the <option>enforce_token_bind</option> option to one of these modes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:29(literal)
|
||
msgid "disabled"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:30(para)
|
||
msgid "Disables token bind checking."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:33(literal)
|
||
msgid "permissive"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:34(para)
|
||
msgid "Enables bind checking. If a token is bound to an unknown authentication mechanism, the server ignores it. The default is this mode."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:39(literal)
|
||
msgid "strict"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:40(para)
|
||
msgid "Enables bind checking. If a token is bound to an unknown authentication mechanism, the server rejects it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:44(literal)
|
||
msgid "required"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:45(para)
|
||
msgid "Enables bind checking. Requires use of at least authentication mechanism for tokens."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:49(literal)
|
||
msgid "kerberos"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:50(para)
|
||
msgid "Enables bind checking. Requires use of kerberos as the authentication mechanism for tokens:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:56(literal)
|
||
msgid "x509"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/identity/section_keystone-token-binding.xml:57(para)
|
||
msgid "Enables bind checking. Requires use of X.509 as the authentication mechanism for tokens:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_HTTP_bad_req_in_cinder_vol_log.xml:7(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:7(title)
|
||
msgid "Failed to attach volume after detaching"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_HTTP_bad_req_in_cinder_vol_log.xml:10(title) ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_vlun.xml:9(title) ./doc/admin-guide-cloud/blockstorage/section_ts_vol_attach_miss_sg_scan.xml:11(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_no_sysfsutils.xml:9(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_connect_vol_FC_SAN.xml:9(title) ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_host.xml:9(title) ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:9(title) ./doc/admin-guide-cloud/blockstorage/section_ts_multipath_warn.xml:11(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:10(title) ./doc/admin-guide-cloud/blockstorage/section_ts_duplicate_3par_host.xml:9(title)
|
||
msgid "Problem"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_HTTP_bad_req_in_cinder_vol_log.xml:11(para)
|
||
msgid "These errors appear in the <filename>cinder-volume.log</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_HTTP_bad_req_in_cinder_vol_log.xml:45(title) ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_vlun.xml:15(title) ./doc/admin-guide-cloud/blockstorage/section_ts_vol_attach_miss_sg_scan.xml:25(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_no_sysfsutils.xml:18(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_connect_vol_FC_SAN.xml:18(title) ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_host.xml:17(title) ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:14(title) ./doc/admin-guide-cloud/blockstorage/section_ts_multipath_warn.xml:23(title) ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:16(title) ./doc/admin-guide-cloud/blockstorage/section_ts_duplicate_3par_host.xml:15(title)
|
||
msgid "Solution"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_HTTP_bad_req_in_cinder_vol_log.xml:46(para)
|
||
msgid "You need to update your copy of the <filename>hp_3par_fc.py</filename> driver which contains the synchronization code."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:7(title)
|
||
msgid "Configure multiple-storage back ends"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:8(para)
|
||
msgid "When you configure multiple-storage back ends, you can create several back-end storage solutions that serve the same OpenStack Compute configuration and one <systemitem class=\"service\">cinder-volume</systemitem> is launched for each back end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:12(para)
|
||
msgid "In a multiple-storage back end configuration, each back end has a name (<literal>volume_backend_name</literal>). Several back ends can have the same name. In that case, the scheduler properly decides which back end the volume has to be created in."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:17(para)
|
||
msgid "The name of the back end is declared as an extra-specification of a volume type (such as, <literal>volume_backend_name=LVM_iSCSI</literal>). When a volume is created, the scheduler chooses an appropriate back end to handle the request, according to the volume type specified by the user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:24(title)
|
||
msgid "Enable multiple-storage back ends"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:25(para)
|
||
msgid "To enable a multiple-storage back ends, you must set the <option>enabled_backends</option> flag in the <filename>cinder.conf</filename> file. This flag defines the names (separated by a comma) of the configuration groups for the different back ends: one name is associated to one configuration group for a back end (such as, <literal>[lvmdriver-1]</literal>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:33(para)
|
||
msgid "The configuration group name is not related to the <literal>volume_backend_name</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:36(para)
|
||
msgid "The options for a configuration group must be defined in the group (or default options are used). All the standard Block Storage configuration options (<literal>volume_group</literal>, <literal>volume_driver</literal>, and so on) might be used in a configuration group. Configuration values in the <literal>[DEFAULT]</literal> configuration group are not used."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:44(para)
|
||
msgid "These examples show three back ends:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:58(para)
|
||
msgid "In this configuration, <literal>lvmdriver-1</literal> and <literal>lvmdriver-2</literal> have the same <literal>volume_backend_name</literal>. If a volume creation requests the <literal>LVM_iSCSI</literal> back end name, the scheduler uses the capacity filter scheduler to choose the most suitable driver, which is either <literal>lvmdriver-1</literal> or <literal>lvmdriver-2</literal>. The capacity filter scheduler is enabled by default. The next section provides more information. In addition, this example presents a <literal>lvmdriver-3</literal> back end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:71(title)
|
||
msgid "Configure Block Storage scheduler multi back end"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:73(para)
|
||
msgid "You must enable the <option>filter_scheduler</option> option to use multiple-storage back ends. The filter scheduler:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:77(para)
|
||
msgid "Filters the available back ends. By default, <literal>AvailabilityZoneFilter</literal>, <literal>CapacityFilter</literal> and <literal>CapabilitiesFilter</literal> are enabled."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:85(para)
|
||
msgid "Weights the previously filtered back ends. By default, the <option>CapacityWeigher</option> option is enabled. When this option is enabled, the filter scheduler assigns the highest weight to back ends with the most available capacity."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:93(para)
|
||
msgid "The scheduler uses filters and weights to pick the best back end to handle the request. The scheduler uses volume types to explicitly create volumes on specific back ends."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:100(title)
|
||
msgid "Volume type"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:101(para)
|
||
msgid "Before using it, a volume type has to be declared to Block Storage. This can be done by the following command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:105(para)
|
||
msgid "Then, an extra-specification has to be created to link the volume type to a back end name. Run this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:109(para)
|
||
msgid "This example creates a <literal>lvm</literal> volume type with <literal>volume_backend_name=LVM_iSCSI</literal> as extra-specifications."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:112(para)
|
||
msgid "Create another volume type:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:115(para)
|
||
msgid "This second volume type is named <literal>lvm_gold</literal> and has <literal>LVM_iSCSI_b</literal> as back end name."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:120(para)
|
||
msgid "To list the extra-specifications, use this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:125(para)
|
||
msgid "If a volume type points to a <literal>volume_backend_name</literal> that does not exist in the Block Storage configuration, the <literal>filter_scheduler</literal> returns an error that it cannot find a valid host with the suitable back end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:134(title)
|
||
msgid "Usage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:135(para)
|
||
msgid "When you create a volume, you must specify the volume type. The extra-specifications of the volume type are used to determine which back end has to be used. <placeholder-1/> Considering the <literal>cinder.conf</literal> described previously, the scheduler creates this volume on <literal>lvmdriver-1</literal> or <literal>lvmdriver-2</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_multi_backend.xml:144(para)
|
||
msgid "This second volume is created on <literal>lvmdriver-3</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:7(title)
|
||
msgid "Migrate volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:8(para)
|
||
msgid "OpenStack has the ability to migrate volumes between back-ends. Migrating a volume transparently moves its data from the current back-end for the volume to a new one. This is an administrator function, and can be used for functions including storage evacuation (for maintenance or decommissioning), or manual optimizations (for example, performance, reliability, or cost)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:15(para)
|
||
msgid "These workflows are possible for a migration:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:18(para)
|
||
msgid "If the storage can migrate the volume on its own, it is given the opportunity to do so. This allows the Block Storage driver to enable optimizations that the storage might be able to perform. If the back-end is not able to perform the migration, the Block Storage uses one of two generic flows, as follows."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:26(para)
|
||
msgid "If the volume is not attached, the Block Storage service creates a volume and copies the data from the original to the new volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:30(para)
|
||
msgid "While most back-ends support this function, not all do. See the driver documentation in the <link href=\"http://docs.openstack.org/icehouse/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link> for more details."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:39(para)
|
||
msgid "If the volume is attached to a VM instance, the Block Storage creates a volume, and calls Compute to copy the data from the original to the new volume. Currently this is supported only by the Compute libvirt driver."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:46(para)
|
||
msgid "As an example, this scenario shows two LVM back-ends and migrates an attached volume from one to the other. This scenario uses the third migration flow."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:49(para)
|
||
msgid "First, list the available back-ends:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:53(para)
|
||
msgid "Next, as the admin user, you can see the current status of the volume (replace the example ID with your own):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:77(para)
|
||
msgid "Note these attributes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:80(para)
|
||
msgid "<literal>os-vol-host-attr:host</literal> - the volume's current back-end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:84(para)
|
||
msgid "<literal>os-vol-mig-status-attr:migstat</literal> - the status of this volume's migration (<literal>None</literal> means that a migration is not currently in progress)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:89(para)
|
||
msgid "<literal>os-vol-mig-status-attr:name_id</literal> - the volume ID that this volume's name on the back-end is based on. Before a volume is ever migrated, its name on the back-end storage may be based on the volume's ID (see the <option>volume_name_template</option> configuration parameter). For example, if <option>volume_name_template</option> is kept as the default value (<literal>volume-%s</literal>), your first LVM back-end has a logical volume named <literal>volume-6088f80a-f116-4331-ad48-9afb0dfb196c</literal>. During the course of a migration, if you create a volume and copy over the data, the volume get the new name but keeps its original ID. This is exposed by the <literal>name_id</literal> attribute."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:107(para)
|
||
msgid "If you plan to decommission a block storage node, you must stop the <systemitem class=\"service\">cinder</systemitem> volume service on the node after performing the migration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:110(para)
|
||
msgid "On nodes that run CentOS, Fedora, openSUSE, RedHat Enterprise Linux, or SUSE Linux Enterprise, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:115(para)
|
||
msgid "On nodes that run Ubuntu or Debian, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:119(para)
|
||
msgid "Stopping the <systemitem>cinder</systemitem> volume service will prevent volumes from being allocated to the node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:122(para)
|
||
msgid "Migrate this volume to the second LVM back-end:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:124(para)
|
||
msgid "You can use the <placeholder-1/> command to see the status of the migration. While migrating, the <literal>migstat</literal> attribute shows states such as <literal>migrating</literal> or <literal>completing</literal>. On error, <literal>migstat</literal> is set to <literal>None</literal> and the <literal>host</literal> attribute shows the original host. On success, in this example, the output looks like:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:154(para)
|
||
msgid "Note that <literal>migstat</literal> is None, <literal>host</literal> is the new host, and <literal>name_id</literal> holds the ID of the volume created by the migration. If you look at the second LVM back end, you find the logical volume <literal>volume-133d1f56-9ffc-4f57-8798-d5217d851862</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:161(para)
|
||
msgid "The migration is not visible to non-admin users (for example, through the volume <literal>status</literal>). However, some operations are not allowed while a migration is taking place, such as attaching/detaching a volume and deleting a volume. If a user performs such an action during a migration, an error is returned."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-migration.xml:169(para)
|
||
msgid "Migrating volumes that have snapshots are currently not allowed."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_vlun.xml:7(title)
|
||
msgid "Non-existent VLUN"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_vlun.xml:10(para)
|
||
msgid "This error occurs if the 3PAR host exists with the correct host name that the OpenStack Block Storage drivers expect but the volume was created in a different Domain."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_vlun.xml:16(para)
|
||
msgid "The <code>hp3par_domain</code> configuration items either need to be updated to use the domain the 3PAR host currently resides in, or the 3PAR host needs to be moved to the domain that the volume was created in."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:7(title)
|
||
msgid "Export and import backup metadata"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:8(para)
|
||
msgid "A volume backup can only be restored on the same Block Storage service. This is because restoring a volume from a backup requires metadata available on the database used by the Block Storage service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:12(para)
|
||
msgid "For information on how to back up and restore a volume, see <xref linkend=\"volume-backup-restore\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:14(para)
|
||
msgid "You can, however, export the metadata of a volume backup. To do so, run this command as an OpenStack <literal>admin</literal> user (presumably, after creating a volume backup):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:18(replaceable) ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:20(replaceable)
|
||
msgid "backup_ID"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:19(para)
|
||
msgid "Where <replaceable>backup_ID</replaceable> is the volume backup's ID. This command should return the backup's corresponding database information as encoded string metadata."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:22(para)
|
||
msgid "Exporting and storing this encoded string metadata allows you to completely restore the backup, even in the event of a catastrophic database failure. This will preclude the need to back up the entire Block Storage database, particularly if you only need to keep complete backups of a small subset of volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:28(para)
|
||
msgid "In addition, having a volume backup and its backup metadata also provides volume portability. Specifically, backing up a volume and exporting its metadata will allow you to restore the volume on a completely different Block Storage database, or even on a different cloud service. To do so, first import the backup metadata to the Block Storage database and then restore the backup."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:34(para)
|
||
msgid "To import backup metadata, run the following command as an OpenStack <literal>admin</literal>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:36(replaceable)
|
||
msgid "metadata"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:37(para)
|
||
msgid "Where <replaceable>metadata</replaceable> is the backup metadata exported earlier."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups-export-import.xml:39(para)
|
||
msgid "Once you have imported the backup metadata into a Block Storage database, restore the volume (<xref linkend=\"volume-backup-restore\"/>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:7(title)
|
||
msgid "Back up and restore volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:8(para)
|
||
msgid "The <placeholder-1/> command-line interface provides the tools for creating a volume backup. You can restore a volume from a backup as long as the backup's associated database information (or backup metadata) is intact in the Block Storage database."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:14(para)
|
||
msgid "Run this command to create a backup of a volume:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:15(replaceable)
|
||
msgid "VOLUME"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:16(para)
|
||
msgid "Where <replaceable>VOLUME</replaceable> is the name or ID of the volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:18(para)
|
||
msgid "The previous command will also return a backup ID. Use this backup ID when restoring the volume, as in:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:21(para)
|
||
msgid "As mentioned earlier, volume backups are dependent on the Block Storage database. Because of this, we recommend that you also back up your Block Storage database regularly in order to ensure data recovery."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:25(para)
|
||
msgid "Alternatively, you can export and save the metadata of selected volume backups. Doing so will preclude the need to back up the entire Block Storage database. This is particularly useful if you only need a small subset of volumes to survive a catastrophic database failure."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_volume-backups.xml:30(para)
|
||
msgid "For more information on how to export and import volume backup metadata, see <xref linkend=\"volume-backup-restore-export-import\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:7(title)
|
||
msgid "Configure a GlusterFS back end"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:8(para)
|
||
msgid "This section explains how to configure OpenStack Block Storage to use GlusterFS as a back end. You must be able to access the GlusterFS shares from the server that hosts the <systemitem class=\"service\">cinder</systemitem> volume service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:16(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:14(para)
|
||
msgid "The <systemitem class=\"service\">cinder</systemitem> volume service is named <literal>openstack-cinder-volume</literal> on the following distributions:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:21(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:196(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:19(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:102(para)
|
||
msgid "CentOS"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:22(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:199(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:20(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:105(para)
|
||
msgid "Fedora"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:23(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:202(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:21(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:108(para)
|
||
msgid "openSUSE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:24(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:205(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:22(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:111(para)
|
||
msgid "Red Hat Enterprise Linux"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:26(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:208(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:24(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:114(para)
|
||
msgid "SUSE Linux Enterprise"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:29(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:27(para)
|
||
msgid "In Ubuntu and Debian distributions, the <systemitem class=\"service\">cinder</systemitem> volume service is named <literal>cinder-volume</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:33(para)
|
||
msgid "Mounting GlusterFS volumes requires utilities and libraries from the <package>glusterfs-fuse</package> package. This package must be installed on all systems that will access volumes backed by GlusterFS."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:40(para)
|
||
msgid "The utilities and libraries required for mounting GlusterFS volumes on Ubuntu and Debian distributions are available from the <package>glusterfs-client</package> package instead."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:46(para)
|
||
msgid "For information on how to install and configure GlusterFS, refer to the <link href=\"http://gluster.org/community/documentation/index.php/Main_Page\">GlusterDocumentation</link> page."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:51(title)
|
||
msgid "Configure GlusterFS for OpenStack Block Storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:52(para)
|
||
msgid "The GlusterFS server must also be configured accordingly in order to allow OpenStack Block Storage to use GlusterFS shares:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:57(para)
|
||
msgid "Log in as <systemitem>root</systemitem> to the GlusterFS server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:63(para)
|
||
msgid "Set each Gluster volume to use the same UID and GID as the <systemitem>cinder</systemitem> user:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:67(replaceable) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:68(replaceable) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:90(replaceable) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:131(replaceable) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:155(replaceable)
|
||
msgid "VOL_NAME"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:67(replaceable)
|
||
msgid "cinder-uid"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:68(replaceable)
|
||
msgid "cinder-gid"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:71(para)
|
||
msgid "<replaceable>VOL_NAME</replaceable> is the Gluster volume name."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:73(para)
|
||
msgid "<replaceable>cinder-uid</replaceable> is the UID of the <systemitem>cinder</systemitem> user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:74(para)
|
||
msgid "<replaceable>cinder-gid</replaceable> is the GID of the <systemitem>cinder</systemitem> user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:77(para)
|
||
msgid "The default UID and GID of the <systemitem>cinder</systemitem> user is <literal>165</literal> on most distributions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:85(para)
|
||
msgid "Configure each Gluster volume to accept <systemitem>libgfapi</systemitem> connections. To do this, set each Gluster volume to allow insecure ports:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:93(para)
|
||
msgid "Enable client connections from unprivileged ports. To do this, add the following line to <filename>/etc/glusterfs/glusterd.vol</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:101(para)
|
||
msgid "Restart the <systemitem>glusterd</systemitem> service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:108(title)
|
||
msgid "Configure Block Storage to use a GlusterFS back end"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:109(para)
|
||
msgid "After you configure the GlusterFS service, complete these steps:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:114(para)
|
||
msgid "Log in as <systemitem>root</systemitem> to the system hosting the cinder volume service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:120(para)
|
||
msgid "Create a text file named <filename>glusterfs</filename> in <filename>/etc/cinder/</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:126(para)
|
||
msgid "Add an entry to <filename>/etc/cinder/glusterfs</filename> for each GlusterFS share that OpenStack Block Storage should use for back end storage. Each entry should be a separate line, and should use the following format:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:131(replaceable) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:155(replaceable) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:53(replaceable)
|
||
msgid "HOST"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:137(para)
|
||
msgid "<replaceable>HOST</replaceable> is the IP address or host name of the Red Hat Storage server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:143(para)
|
||
msgid "<replaceable>VOL_NAME</replaceable> is the name an existing and accessible volume on the GlusterFS server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:150(para)
|
||
msgid "Optionally, if your environment requires additional mount options for a share, you can add them to the share's entry:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:155(replaceable) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:133(replaceable)
|
||
msgid "OPTIONS"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:156(para)
|
||
msgid "Replace <replaceable>OPTIONS</replaceable> with a comma-separated list of mount options."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:162(para)
|
||
msgid "Set <filename>/etc/cinder/glusterfs</filename> to be owned by the <systemitem>root</systemitem> user and the <systemitem>cinder</systemitem> group."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:169(para)
|
||
msgid "Set <filename>/etc/cinder/glusterfs</filename> to be readable by members of the <systemitem>cinder</systemitem> group:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:173(replaceable)
|
||
msgid "FILE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:176(para)
|
||
msgid "Configure OpenStack Block Storage to use the <filename>/etc/cinder/glusterfs</filename> file created earlier. To do so, open the <filename>/etc/cinder/cinder.conf</filename> configuration file and set the <literal>glusterfs_shares_config</literal> configuration key to <filename>/etc/cinder/glusterfs</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:184(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:221(para) ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:265(para) ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:30(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:90(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:127(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:152(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:193(para)
|
||
msgid "On distributions that include <application>openstack-config</application>, you can configure this by running the following command instead:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:191(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:97(para)
|
||
msgid "The following distributions include <application>openstack-config</application>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:213(para)
|
||
msgid "Configure OpenStack Block Storage to use the correct volume driver, namely <literal>cinder.volume.drivers.glusterfs</literal>. To do so, open the <filename>/etc/cinder/cinder.conf</filename> configuration file and set the <literal>volume_driver</literal> configuration key to <literal>cinder.volume.drivers.glusterfs</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:229(para) ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:160(para)
|
||
msgid "You can now restart the service to apply the configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:232(para)
|
||
msgid "To restart the <systemitem class=\"service\">cinder</systemitem> volume service on CentOS, Fedora, openSUSE, RedHat Enterprise Linux, or SUSE Linux Enterprise, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:237(para)
|
||
msgid "To restart the <systemitem class=\"service\">cinder</systemitem> volume service on Ubuntu or Debian, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:242(para)
|
||
msgid "OpenStack Block Storage is now configured to use a GlusterFS back end."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:245(para)
|
||
msgid "In <filename>/etc/cinder/cinder.conf</filename>, the <literal>glusterfs_sparsed_volumes</literal> configuration key determines whether volumes are created as sparse files and grown as needed or fully allocated up front. The default and recommended value of this key is <literal>true</literal>, which ensures volumes are initially created as sparse files."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:254(para)
|
||
msgid "Setting <literal>glusterfs_sparsed_volumes</literal> to <literal>false</literal> will result in volumes being fully allocated at the time of creation. This leads to increased delays in volume creation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:260(para)
|
||
msgid "However, should you choose to set <literal>glusterfs_sparsed_volumes</literal> to <literal>false</literal>, you can do so directly in <filename>/etc/cinder/cinder.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:274(para)
|
||
msgid "If a client host has SELinux enabled, the <systemitem>virt_use_fusefs</systemitem> Boolean should also be enabled if the host requires access to GlusterFS volumes on an instance. To enable this Boolean, run the following command as the <systemitem>root</systemitem> user:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_backend.xml:281(para)
|
||
msgid "This command also makes the Boolean persistent across reboots. Run this command on all client hosts that require access to GlusterFS volumes on an instance. This includes all compute nodes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:7(title)
|
||
msgid "Increase Block Storage API service throughput"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:8(para)
|
||
msgid "By default, the Block Storage API service runs in one process. This limits the number of API requests that the Block Storage service can process at any given time. In a production environment, you should increase the Block Storage API throughput by allowing the Block Storage API service to run in as many processes as the machine capacity allows."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:15(para)
|
||
msgid "The Block Storage API service is named <literal>openstack-cinder-api</literal> on the following distributions: CentOS, Fedora, openSUSE, Red Hat Enterprise Linux, and SUSE Linux Enterprise. In Ubuntu and Debian distributions, the Block Storage API service is named <literal>cinder-api</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:22(para)
|
||
msgid "To do so, use the Block Storage API service option <parameter>osapi_volume_workers</parameter>. This option allows you to specify the number of API service workers (or OS processes) to launch for the Block Storage API service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:26(para)
|
||
msgid "To configure this option, open the <filename>/etc/cinder/cinder.conf</filename> configuration file and set the <literal>osapi_volume_workers</literal> configuration key to the number of CPU cores/threads on a machine."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:34(replaceable)
|
||
msgid "CORES"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_increase-api-throughput.xml:35(para)
|
||
msgid "Replace <replaceable>CORES</replaceable> with the number of CPU cores/threads on a machine."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_vol_attach_miss_sg_scan.xml:9(title)
|
||
msgid "Failed to Attach Volume, Missing sg_scan"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_vol_attach_miss_sg_scan.xml:12(para)
|
||
msgid "Failed to attach volume to an instance, <filename>sg_scan</filename> file not found. This warning and error occur when the <package>sg3-utils</package> package is not installed on the compute node. The IDs in your message are unique to your system:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_vol_attach_miss_sg_scan.xml:26(para)
|
||
msgid "Run this command on the compute node to install the <package>sg3-utils</package> package:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_no_sysfsutils.xml:7(title)
|
||
msgid "Failed to attach volume, systool is not installed"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_no_sysfsutils.xml:10(para)
|
||
msgid "This warning and error occurs if you do not have the required <filename>sysfsutils</filename> package installed on the compute node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_no_sysfsutils.xml:19(para)
|
||
msgid "Run the following command on the compute node to install the <filename>sysfsutils</filename> packages."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_connect_vol_FC_SAN.xml:7(title)
|
||
msgid "Failed to connect volume in FC SAN"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_connect_vol_FC_SAN.xml:10(para)
|
||
msgid "Compute node failed to connect to a volume in a Fibre Channel (FC) SAN configuration. The WWN may not be zoned correctly in your FC SAN that links the compute host to the storage array."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_connect_vol_FC_SAN.xml:19(para)
|
||
msgid "The network administrator must configure the FC SAN fabric by correctly zoning the WWN (port names) from your compute node HBAs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:7(title)
|
||
msgid "Gracefully remove a GlusterFS volume from usage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:8(para)
|
||
msgid "Configuring the <systemitem>cinder</systemitem> volume service to use GlusterFS involves creating a shares file (for example, <filename>/etc/cinder/glusterfs</filename>). This shares file lists each GlusterFS volume (with its corresponding storage server) that the <systemitem>cinder</systemitem> volume service can use for back end storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:15(para)
|
||
msgid "To remove a GlusterFS volume from usage as a back end, delete the volume's corresponding entry from the shares file. After doing so, restart the Block Storage services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:18(para)
|
||
msgid "To restart the Block Storage services on CentOS, Fedora, openSUSE, Red Hat Enterprise Linux, or SUSE Linux Enterprise, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:22(para)
|
||
msgid "To restart the Block Storage services on Ubuntu or Debian, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:25(para)
|
||
msgid "Restarting the Block Storage services will prevent the <systemitem>cinder</systemitem> volume service from exporting the deleted GlusterFS volume. This will prevent any instances from mounting the volume from that point onwards."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_glusterfs_removal.xml:30(para)
|
||
msgid "However, the removed GlusterFS volume might still be mounted on an instance at this point. Typically, this is the case when the volume was already mounted while its entry was deleted from the shares file. Whenever this occurs, you will have to unmount the volume as normal after the Block Storage services are restarted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:11(title)
|
||
msgid "Back up Block Storage service disks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:12(para)
|
||
msgid "While you can use the LVM snapshot to create snapshots, you can also use it to back up your volumes. By using LVM snapshot, you reduce the size of the backup; only existing data is backed up instead of the entire volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:16(para)
|
||
msgid "To back up a volume, you must create a snapshot of it. An LVM snapshot is the exact copy of a logical volume, which contains data in a frozen state. This prevents data corruption, because data cannot be manipulated during the volume creation process. Remember that the volumes created through a <placeholder-1/> command exist in an LVM logical volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:23(para)
|
||
msgid "You must also make sure that the operating system is not using the volume, and that all data has been flushed on the guest file systems. This usually means that those file systems have to be unmounted during the snapshot creation. They can be mounted again as soon as the logical volume snapshot has been created."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:29(para)
|
||
msgid "Before you create the snapshot, you must have enough space to save it. As a precaution, you should have at least twice as much space as the potential snapshot size. If insufficient space is available, the snapshot might become corrupted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:34(para)
|
||
msgid "For this example, assume that a 100GB volume named volume-00000001 was created for an instance while only 4GB are used. This example uses these commands to back up only those 4GB:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:40(para)
|
||
msgid "<placeholder-1/> command. Directly manipulates the volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:44(para)
|
||
msgid "<placeholder-1/> command. Discovers the partition table created inside the instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:48(para)
|
||
msgid "<placeholder-1/> command. Creates a minimum-sized backup."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:52(para)
|
||
msgid "<placeholder-1/> command. Calculates the backup checksum to check its consistency."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:56(para)
|
||
msgid "You can apply this process to volumes of any size."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:58(title)
|
||
msgid "To back up Block Storage service disks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:60(title)
|
||
msgid "Create a snapshot of a used volume"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:63(para)
|
||
msgid "Use this command to list all volumes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:67(para)
|
||
msgid "Create the snapshot; you can do this while the volume is attached to an instance:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:70(para)
|
||
msgid "Use the <option>--snapshot</option> configuration option to tell LVM that you want a snapshot of an already existing volume. The command includes the size of the space reserved for the snapshot volume, the name of the snapshot, and the path of an already existing volume. Generally, this path is <filename>/dev/cinder-volumes/<replaceable>$volume_name</replaceable></filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:78(para)
|
||
msgid "The size does not have to be the same as the volume of the snapshot. The <parameter>size</parameter> parameter defines the space that LVM reserves for the snapshot volume. As a precaution, the size should be the same as that of the original volume, even if the whole space is not currently used by the snapshot."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:89(para)
|
||
msgid "Run the <placeholder-1/> command again to verify the snapshot:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:131(title)
|
||
msgid "Partition table discovery"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:134(para)
|
||
msgid "To exploit the snapshot with the <placeholder-1/> command, mount your partition on the Block Storage service server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:138(para)
|
||
msgid "The <placeholder-1/> utility discovers and maps table partitions. You can use it to view partitions that are created inside the instance. Without using the partitions created inside instances, you cannot see its content and create efficient backups."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:147(para)
|
||
msgid "On a Debian-based distribution, you can use the <placeholder-1/> command to install <placeholder-2/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:152(para)
|
||
msgid "If the tools successfully find and map the partition table, no errors are returned."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:157(para)
|
||
msgid "To check the partition table map, run this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:160(para)
|
||
msgid "You can see the <literal>cinder--volumes-volume--00000001--snapshot1</literal> partition."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:163(para)
|
||
msgid "If you created more than one partition on that volume, you see several partitions; for example: <literal>cinder--volumes-volume--00000001--snapshot2</literal>, <literal>cinder--volumes-volume--00000001--snapshot3</literal>, and so on."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:171(para)
|
||
msgid "Mount your partition:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:173(para)
|
||
msgid "If the partition mounts successfully, no errors are returned."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:175(para)
|
||
msgid "You can directly access the data inside the instance. If a message prompts you for a partition or you cannot mount it, determine whether enough space was allocated for the snapshot or the <placeholder-1/> command failed to discover the partition table."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:182(para)
|
||
msgid "Allocate more space to the snapshot and try the process again."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:188(title)
|
||
msgid "Use the <placeholder-1/> command to create archives"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:190(para)
|
||
msgid "Create a backup of the volume:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:192(para)
|
||
msgid "This command creates a <filename>tar.gz</filename> file that contains the data, <emphasis role=\"italic\">and data only</emphasis>. This ensures that you do not waste space by backing up empty sectors."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:198(title)
|
||
msgid "Checksum calculation I"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:199(para)
|
||
msgid "You should always have the checksum for your backup files. When you transfer the same file over the network, you can run a checksum calculation to ensure that your file was not corrupted during its transfer. The checksum is a unique ID for a file. If the checksums are different, the file is corrupted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:205(para)
|
||
msgid "Run this command to run a checksum for your file and save the result to a file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:209(para)
|
||
msgid "Use the <placeholder-1/> command carefully because the time it takes to complete the calculation is directly proportional to the size of the file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:213(para)
|
||
msgid "For files larger than around 4 to 6GB, and depending on your CPU, the process might take a long time."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:219(title)
|
||
msgid "After work cleaning"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:220(para)
|
||
msgid "Now that you have an efficient and consistent backup, use this command to clean up the file system:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:225(para)
|
||
msgid "Unmount the volume:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:229(para)
|
||
msgid "Delete the partition table:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:233(para)
|
||
msgid "Remove the snapshot:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:237(para)
|
||
msgid "Repeat these steps for all your volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:240(title)
|
||
msgid "Automate your backups"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:241(para)
|
||
msgid "Because more and more volumes might be allocated to your Block Storage service, you might want to automate your backups. The <link href=\"https://github.com/Razique/BashStuff/blob/master/SYSTEMS/OpenStack/SCR_5005_V01_NUAC-OPENSTACK-EBS-volumes-backup.sh\">SCR_5005_V01_NUAC-OPENSTACK-EBS-volumes-backup.sh</link> script assists you with this task. The script performs the operations from the previous example, but also provides a mail report and runs the backup based on the <option>backups_retention_days</option> setting."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:251(para)
|
||
msgid "Launch this script from the server that runs the Block Storage service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:253(para)
|
||
msgid "This example shows a mail report:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_backup-block-storage-disks.xml:267(para)
|
||
msgid "The script also enables you to SSH to your instances and run a <placeholder-1/> command into them. To make this work, enable the connection to the Compute project keys. If you do not want to run the <placeholder-2/> command, you can add <literal>enable_mysql_dump=0</literal> to the script to turn off this functionality."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_host.xml:7(title)
|
||
msgid "Non-existent host"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_host.xml:10(para)
|
||
msgid "This error could be caused by a volume being exported outside of OpenStack using a host name different from the system name that OpenStack expects. This error could be displayed with the IQN if the host was exported using iSCSI."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_non_existent_host.xml:18(para)
|
||
msgid "Host names constructed by the driver use just the local hostname, not the fully qualified domain name (FQDN) of the Compute host. For example, if the FQDN was <emphasis>myhost.example.com</emphasis>, just <emphasis>myhost</emphasis> would be used as the 3PAR hostname. IP addresses are not allowed as host names on the 3PAR storage server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:7(title)
|
||
msgid "Configure an NFS storage back end"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:8(para)
|
||
msgid "This section explains how to configure OpenStack Block Storage to use NFS storage. You must be able to access the NFS shares from the server that hosts the <systemitem class=\"service\">cinder</systemitem> volume service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:32(title)
|
||
msgid "Configure Block Storage to use an NFS storage back end"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:34(para)
|
||
msgid "Log in as <systemitem>root</systemitem> to the system hosting the <systemitem>cinder</systemitem> volume service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:39(para)
|
||
msgid "Create a text file named <filename>nfsshares</filename> in <filename>/etc/cinder/</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:45(para)
|
||
msgid "Add an entry to <filename>/etc/cinder/nfsshares</filename> for each NFS share that the <systemitem class=\"service\">cinder</systemitem> volume service should use for back end storage. Each entry should be a separate line, and should use the following format:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:53(replaceable)
|
||
msgid "SHARE"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:56(para)
|
||
msgid "<replaceable>HOST</replaceable> is the IP address or host name of the NFS server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:58(para)
|
||
msgid "<replaceable>SHARE</replaceable> is the absolute path to an existing and accessible NFS share."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:64(para)
|
||
msgid "Set <filename>/etc/cinder/nfsshares</filename> to be owned by the <systemitem>root</systemitem> user and the <systemitem>cinder</systemitem> group:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:72(para)
|
||
msgid "Set <filename>/etc/cinder/nfsshares</filename> to be readable by members of the <systemitem>cinder</systemitem> group:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:80(para)
|
||
msgid "Configure the <systemitem class=\"service\">cinder</systemitem> volume service to use the <filename>/etc/cinder/nfsshares</filename> file created earlier. To do so, open the <filename>/etc/cinder/cinder.conf</filename> configuration file and set the <literal>nfs_shares_config</literal> configuration key to <filename>/etc/cinder/nfsshares</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:119(para)
|
||
msgid "Optionally, provide any additional NFS mount options required in your environment in the <literal>nfs_mount_options</literal> configuration key of <filename>/etc/cinder/cinder.conf</filename>. If your NFS shares do not require any additional mount options (or if you are unsure), skip this step."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:134(para)
|
||
msgid "Replace <replaceable>OPTIONS</replaceable> with the mount options to be used when accessing NFS shares. See the manual page for NFS for more information on available mount options (<placeholder-1/>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:142(para)
|
||
msgid "Configure the <systemitem class=\"service\">cinder</systemitem> volume service to use the correct volume driver, namely <literal>cinder.volume.drivers.nfs.NfsDriver</literal>. To do so, open the <filename>/etc/cinder/cinder.conf</filename> configuration file and set the <literal>volume_driver</literal> configuration key to <literal>cinder.volume.drivers.nfs.NfsDriver</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:163(para)
|
||
msgid "To restart the <systemitem class=\"service\">cinder</systemitem> volume service on CentOS, Fedora, openSUSE, Red Hat Enterprise Linux, or SUSE Linux Enterprise, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:168(para)
|
||
msgid "To restart the <systemitem>cinder</systemitem> volume service on Ubuntu or Debian, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:174(para)
|
||
msgid "The <literal>nfs_sparsed_volumes</literal> configuration key determines whether volumes are created as sparse files and grown as needed or fully allocated up front. The default and recommended value is <literal>true</literal>, which ensures volumes are initially created as sparse files."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:182(para)
|
||
msgid "Setting <literal>nfs_sparsed_volumes</literal> to <literal>false</literal> will result in volumes being fully allocated at the time of creation. This leads to increased delays in volume creation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:188(para)
|
||
msgid "However, should you choose to set <literal>nfs_sparsed_volumes</literal> to <literal>false</literal>, you can do so directly in <filename>/etc/cinder/cinder.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:202(para)
|
||
msgid "If a client host has SELinux enabled, the <systemitem>virt_use_nfs</systemitem> Boolean should also be enabled if the host requires access to NFS volumes on an instance. To enable this Boolean, run the following command as the <systemitem>root</systemitem> user:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_nfs_backend.xml:209(para)
|
||
msgid "This command also makes the Boolean persistent across reboots. Run this command on all client hosts that require access to NFS volumes on an instance. This includes all Compute nodes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:7(title)
|
||
msgid "Cannot find suitable emulator for x86_64"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:10(para)
|
||
msgid "When you attempt to create a VM, the error shows the VM is in the <code>BUILD</code> then <code>ERROR</code> state."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:15(para)
|
||
msgid "On the KVM host run, <code>cat /proc/cpuinfo</code>. Make sure the <code>vme</code> and <code>svm</code> flags are set."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_no_emulator_x86_64.xml:17(para)
|
||
msgid "Follow the instructions in the <link href=\"http://docs.openstack.org/icehouse/config-reference/content/kvm.html#section_kvm_enable\"> enabling KVM section</link> of the <citetitle>Configuration Reference</citetitle> to enable hardware virtualization support in your BIOS."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:11(title)
|
||
msgid "Troubleshoot the Block Storage configuration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:13(para)
|
||
msgid "Most Block Storage errors are caused by incorrect volume configurations that result in volume creation failures. To resolve these failures, review these logs:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:17(para)
|
||
msgid "<systemitem class=\"service\">cinder-api</systemitem> log (<filename>/var/log/cinder/api.log</filename>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:19(para)
|
||
msgid "<systemitem class=\"service\">cinder-volume</systemitem> log (<filename>/var/log/cinder/volume.log</filename>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:22(para)
|
||
msgid "The <systemitem class=\"service\">cinder-api</systemitem> log is useful for determining if you have endpoint or connectivity issues. If you send a request to create a volume and it fails, review the <systemitem class=\"service\">cinder-api</systemitem> log to determine whether the request made it to the Block Storage service. If the request is logged and you see no errors or trace-backs, check the <systemitem class=\"service\">cinder-volume</systemitem> log for errors or trace-backs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:32(para)
|
||
msgid "Create commands are listed in the <systemitem class=\"service\">cinder-api</systemitem> log."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:35(para)
|
||
msgid "These entries in the <filename>cinder.openstack.common.log</filename> file can be used to assist in troubleshooting your block storage configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:107(para)
|
||
msgid "These common issues might occur during configuration. To correct, use these suggested solutions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:111(para)
|
||
msgid "Issues with <literal>state_path</literal> and <literal>volumes_dir</literal> settings."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:113(para)
|
||
msgid "The OpenStack Block Storage uses <placeholder-1/> as the default iscsi helper and implements persistent targets. This means that in the case of a tgt restart or even a node reboot your existing volumes on that node will be restored automatically with their original IQN."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:118(para)
|
||
msgid "In order to make this possible the iSCSI target information needs to be stored in a file on creation that can be queried in case of restart of the tgt daemon. By default, Block Storage uses a <literal>state_path</literal> variable, which if installing with Yum or APT should be set to <filename>/var/lib/cinder/</filename>. The next part is the <literal>volumes_dir</literal> variable, by default this just simply appends a \"<literal>volumes</literal>\" directory to the <literal>state_path</literal>. The result is a file-tree <filename>/var/lib/cinder/volumes/</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:131(para)
|
||
msgid "While the installer should handle all this, it can go wrong. If you have trouble creating volumes and this directory does not exist you should see an error message in the <systemitem class=\"service\">cinder-volume</systemitem> log indicating that the <literal>volumes_dir</literal> does not exist, and it should provide information about which path it was looking for."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:141(para)
|
||
msgid "The persistent tgt include file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:142(para)
|
||
msgid "Along with the <option>volumes_dir</option> option, the iSCSI target driver also needs to be configured to look in the correct place for the persist files. This is a simple entry in the <filename>/etc/tgt/conf.d</filename> file that you should have set when you installed OpenStack. If issues occur, verify that you have a <filename>/etc/tgt/conf.d/cinder.conf</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:151(para)
|
||
msgid "If the file is not present, create it with this command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:156(para)
|
||
msgid "No sign of attach call in the <systemitem class=\"service\">cinder-api</systemitem> log."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:159(para)
|
||
msgid "This is most likely going to be a minor adjustment to your <filename>nova.conf</filename> file. Make sure that your <filename>nova.conf</filename> has this entry:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:166(para)
|
||
msgid "Failed to create iscsi target error in the <filename>cinder-volume.log</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:170(para)
|
||
msgid "You might see this error in <filename>cinder-volume.log</filename> after trying to create a volume that is 1GB. To fix this issue:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:174(para)
|
||
msgid "Change content of the <filename>/etc/tgt/targets.conf</filename> from <literal>include /etc/tgt/conf.d/*.conf</literal> to <literal>include /etc/tgt/conf.d/cinder_tgt.conf</literal>, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_cinder_config.xml:183(para)
|
||
msgid "Restart <systemitem class=\"service\">tgt</systemitem> and <systemitem class=\"service\">cinder-*</systemitem> services so they pick up the new configuration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_multipath_warn.xml:9(title)
|
||
msgid "Multipath Call Failed Exit"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_multipath_warn.xml:12(para)
|
||
msgid "Multipath call failed exit. This warning occurs in the Compute log if you do not have the optional <filename>multipath-tools</filename> package installed on the compute node. This is an optional package and the volume attachment does work without the multipath tools installed. If the <filename>multipath-tools</filename> package is installed on the compute node, it is used to perform the volume attachment. The IDs in your message are unique to your system."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_multipath_warn.xml:24(para)
|
||
msgid "Run the following command on the compute node to install the <filename>multipath-tools</filename> packages."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:11(para)
|
||
msgid "Failed to attach a volume after detaching the same volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:17(para)
|
||
msgid "You must change the device name on the <placeholder-1/> command. The VM might not clean up after a <placeholder-2/> command runs. This example shows how the <placeholder-3/> command fails when you use the <code>vdb</code>, <code>vdc</code>, or <code>vdd</code> device names:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_failed_attach_vol_after_detach.xml:36(para)
|
||
msgid "You might also have this problem after attaching and detaching the same volume from the same VM with the same mount point multiple times. In this case, restart the KVM host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_duplicate_3par_host.xml:7(title)
|
||
msgid "Duplicate 3PAR host"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_duplicate_3par_host.xml:10(para)
|
||
msgid "This error may be caused by a volume being exported outside of OpenStack using a host name different from the system name that OpenStack expects. This error could be displayed with the IQN if the host was exported using iSCSI."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/blockstorage/section_ts_duplicate_3par_host.xml:16(para)
|
||
msgid "Change the 3PAR host name to match the one that OpenStack expects. The 3PAR host constructed by the driver uses just the local hostname, not the fully qualified domain name (FQDN) of the compute host. For example, if the FQDN was <emphasis>myhost.example.com</emphasis>, just <emphasis>myhost</emphasis> would be used as the 3PAR hostname. IP addresses are not allowed as host names on the 3PAR storage server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:9(title)
|
||
msgid "Configure Compute service groups"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:10(para)
|
||
msgid "To effectively manage and utilize compute nodes, the Compute service must know their statuses. For example, when a user launches a new VM, the Compute scheduler sends the request to a live node; the Compute service queries the ServiceGroup API to get information about whether a node is alive."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:14(para)
|
||
msgid "When a compute worker (running the <systemitem class=\"service\">nova-compute</systemitem> daemon) starts, it calls the <systemitem>join</systemitem> API to join the compute group. Any interested service (for example, the scheduler) can query the group's membership and the status of its nodes. Internally, the <systemitem>ServiceGroup</systemitem> client driver automatically updates the compute worker status."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:19(para)
|
||
msgid "The database, ZooKeeper, and Memcache drivers are available."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:21(title)
|
||
msgid "Database ServiceGroup driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:22(para)
|
||
msgid "By default, Compute uses the database driver to track node liveness. In a compute worker, this driver periodically sends a <placeholder-1/> command to the database, saying <quote>I'm OK</quote> with a timestamp. Compute uses a pre-defined timeout (<literal>service_down_time</literal>) to determine whether a node is dead."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:26(para)
|
||
msgid "The driver has limitations, which can be an issue depending on your setup. The more compute worker nodes that you have, the more pressure you put on the database. By default, the timeout is 60 seconds so it might take some time to detect node failures. You could reduce the timeout value, but you must also make the database update more frequently, which again increases the database workload."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:31(para)
|
||
msgid "The database contains data that is both transient (whether the node is alive) and persistent (for example, entries for VM owners). With the ServiceGroup abstraction, Compute can treat each type separately."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:36(title)
|
||
msgid "ZooKeeper ServiceGroup driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:37(para)
|
||
msgid "The ZooKeeper ServiceGroup driver works by using ZooKeeper ephemeral nodes. ZooKeeper, in contrast to databases, is a distributed system. Its load is divided among several servers. At a compute worker node, after establishing a ZooKeeper session, the driver creates an ephemeral znode in the group directory. Ephemeral znodes have the same lifespan as the session. If the worker node or the <systemitem class=\"service\">nova-compute</systemitem> daemon crashes, or a network partition is in place between the worker and the ZooKeeper server quorums, the ephemeral znodes are removed automatically. The driver gets the group membership by running the <placeholder-1/> command in the group directory."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:47(para)
|
||
msgid "To use the ZooKeeper driver, you must install ZooKeeper servers and client libraries. Setting up ZooKeeper servers is outside the scope of this guide (for more information, see <link href=\"http://zookeeper.apache.org/\">Apache Zookeeper</link>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:51(para)
|
||
msgid "To use ZooKeeper, you must install client-side Python libraries on every nova node: <literal>python-zookeeper</literal> the official Zookeeper Python binding and evzookeeper the library to make the binding work with the eventlet threading model."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:55(para)
|
||
msgid "The following example assumes the ZooKeeper server addresses and ports are <literal>192.168.2.1:2181</literal>, <literal>192.168.2.2:2181</literal>, and <literal>192.168.2.3:2181</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:58(para)
|
||
msgid "The following values in the <filename>/etc/nova/nova.conf</filename> file (on every node) are required for the <systemitem>ZooKeeper</systemitem> driver:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:65(para)
|
||
msgid "To customize the Compute Service groups, use the following configuration option settings:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:70(title)
|
||
msgid "Memcache ServiceGroup driver"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:71(para)
|
||
msgid "The <systemitem>memcache</systemitem> ServiceGroup driver uses memcached, which is a distributed memory object caching system that is often used to increase site performance. For more details, see <link href=\"http://memcached.org/\">memcached.org</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:75(para)
|
||
msgid "To use the <systemitem>memcache</systemitem> driver, you must install <systemitem>memcached</systemitem>. However, because <systemitem>memcached</systemitem> is often used for both OpenStack Object Storage and OpenStack dashboard, it might already be installed. If <systemitem>memcached</systemitem> is not installed, refer to the <link href=\"http://docs.openstack.org/icehouse\"><citetitle>OpenStack Installation Guide</citetitle></link> for more information."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-service-groups.xml:83(para)
|
||
msgid "The following values in the <filename>/etc/nova/nova.conf</filename> file (on every node) are required for the <systemitem>memcache</systemitem> driver:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:7(title)
|
||
msgid "Instance building blocks"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:8(para)
|
||
msgid "In OpenStack, the base operating system is usually copied from an image stored in the OpenStack Image Service. This is the most common case and results in an ephemeral instance that starts from a known template state and loses all accumulated states on shutdown."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:11(para)
|
||
msgid "You can also put an operating system on a persistent volume in Compute or the Block Storage volume system. This gives a more traditional, persistent system that accumulates states, which are preserved across restarts. To get a list of available images on your system, run: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:29(para)
|
||
msgid "Automatically generated UUID of the image."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:35(para)
|
||
msgid "Free form, human-readable name for image."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:56(para)
|
||
msgid "Virtual hardware templates are called <literal>flavors</literal>. The default installation provides five flavors. By default, these are configurable by administrative users. However, you can change this behavior by redefining the access controls for <parameter>compute_extension:flavormanage</parameter> in <filename>/etc/nova/policy.json</filename> on the <filename>compute-api</filename> server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-building-blocks.xml:62(para)
|
||
msgid "For a list of flavors that are available on your system, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:7(title)
|
||
msgid "Security hardening"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:8(para)
|
||
msgid "OpenStack Compute can be integrated with various third-party technologies to increase security. For more information, see the <link href=\"http://docs.openstack.org/sec/\"><citetitle>OpenStack Security Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:14(title)
|
||
msgid "Encrypt Compute metadata traffic"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:19(para)
|
||
msgid "Enable the HTTPS protocol: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:24(para)
|
||
msgid "Determine whether insecure SSL connections are accepted for Compute metadata server requests. The default value is <option>False</option>: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:32(replaceable)
|
||
msgid "PATH_TO_CERT"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:30(para)
|
||
msgid "Specify the path to the client certificate: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:37(replaceable)
|
||
msgid "PATH_TO_KEY"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:35(para)
|
||
msgid "Specify the path to the private key: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-security.xml:15(para)
|
||
msgid "OpenStack Juno supports encrypting Compute metadata traffic with HTTPS. Enable SSL encryption in the <filename>metadata_agent.ini</filename> file:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:6(title)
|
||
msgid "Configure Compute to use IPv6 addresses"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:7(para)
|
||
msgid "If you are using OpenStack Compute with <systemitem>nova-network</systemitem>, you can put Compute into IPv4/IPv6 dual-stack mode, so that it uses both IPv4 and IPv6 addresses for communication. In IPv4/IPv6 dual-stack mode, instances can acquire their IPv6 global unicast address by using a stateless address auto configuration mechanism [RFC 4862/2462]. IPv4/IPv6 dual-stack mode works with both <literal>VlanManager</literal> and <literal>FlatDHCPManager</literal> networking modes. In <literal>VlanManager</literal>, each project uses a different 64-bit global routing prefix. In <literal>FlatDHCPManager</literal>, all instances use one 64-bit global routing prefix."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:15(para)
|
||
msgid "This configuration was tested with VM images that have an IPv6 stateless address auto configuration capability. This capability is required for any VM you want to run with an IPv6 address. You must use EUI-64 address for stateless address auto configuration. Each node that executes a <literal>nova-*</literal> service must have <literal>python-netaddr</literal> and <literal>radvd</literal> installed."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:22(title)
|
||
msgid "Switch into IPv4/IPv6 dual-stack mode"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:23(para)
|
||
msgid "On all nodes running a <literal>nova-*</literal> service, install <systemitem>python-netaddr</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:26(para)
|
||
msgid "On all <literal>nova-network</literal> nodes, install <literal>radvd</literal> and configure IPv6 networking:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:31(para)
|
||
msgid "Edit the <filename>nova.conf</filename> file on all nodes to specify <literal>use_ipv6 = True</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:33(para)
|
||
msgid "Restart all <literal>nova-*</literal> services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:35(para)
|
||
msgid "You can add a fixed range for IPv6 addresses to the <placeholder-1/> command. Specify <option>public</option> or <option>private</option> after the <option>network-create</option> parameter."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:38(replaceable)
|
||
msgid "fixed_range_v4"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:38(replaceable)
|
||
msgid "vlan_id"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:38(replaceable)
|
||
msgid "vpn_start"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:38(replaceable)
|
||
msgid "fixed_range_v6"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:39(para)
|
||
msgid "You can set IPv6 global routing prefix by using the <option>--fixed_range_v6</option> parameter. The default value for the parameter is: <literal>fd00::/48</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:44(para)
|
||
msgid "When you use <literal>FlatDHCPManager</literal>, the command uses the original <option>--fixed_range_v6</option> value. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-ipv6.xml:49(para)
|
||
msgid "When you use <literal>VlanManager</literal>, the command increments the subnet ID to create subnet prefixes. Guest VMs use this prefix to generate their IPv6 global unicast address. For example:"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:604(None)
|
||
msgid "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-manager.jpg'; md5=31f7e15a45d042bd9d6499631e2f3ccc"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:614(None)
|
||
msgid "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-Flat-DHCP-manager.jpg'; md5=0f33a228f1dec4a4e4424dd5ee81bde8"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:624(None)
|
||
msgid "@@image: '../../common/figures/SCH_5007_V00_NUAC-multi_nic_OpenStack-VLAN-manager.jpg'; md5=0acaf3e2041f941d8fee2d111f37e7ac"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:7(title)
|
||
msgid "Networking with nova-network"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:8(para)
|
||
msgid "Understanding the networking configuration options helps you design the best configuration for your Compute instances."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:11(para)
|
||
msgid "You can choose to either install and configure <systemitem class=\"service\">nova-network</systemitem> for networking between VMs or use the OpenStack Networking service (neutron) for networking. To configure Compute networking options with OpenStack Networking, see the <xref linkend=\"ch_networking\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:16(title)
|
||
msgid "Networking concepts"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:17(para)
|
||
msgid "This section offers a brief overview of networking concepts for Compute."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:18(para)
|
||
msgid "Compute assigns a private IP address to each VM instance. (Currently, Compute with <systemitem class=\"service\">nova-network</systemitem> only supports Linux bridge networking that enables the virtual interfaces to connect to the outside network through the physical interface.) Compute makes a distinction between <emphasis role=\"italic\">fixed IPs</emphasis> and <emphasis role=\"italic\">floating IPs</emphasis>. Fixed IPs are IP addresses that are assigned to an instance on creation and stay the same until the instance is explicitly terminated. By contrast, floating IPs are addresses that can be dynamically associated with an instance. A floating IP address can be disassociated and associated with another instance at any time. A user can reserve a floating IP for their project."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:28(para)
|
||
msgid "The network controller with <systemitem class=\"service\">nova-network</systemitem> provides virtual networks to enable compute servers to interact with each other and with the public network. Compute with <systemitem class=\"service\">nova-network</systemitem> supports the following network modes, which are implemented as “Network Manager” types."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:34(term)
|
||
msgid "Flat Network Manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:35(para)
|
||
msgid "In <emphasis role=\"bold\">Flat</emphasis> mode, a network administrator specifies a subnet. IP addresses for VM instances are assigned from the subnet, and then injected into the image on launch. Each instance receives a fixed IP address from the pool of available addresses. A system administrator must create the Linux networking bridge (typically named <literal>br100</literal>, although this is configurable) on the systems running the <systemitem class=\"service\">nova-network</systemitem> service. All instances of the system are attached to the same bridge, and this is configured manually by the network administrator."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:45(para)
|
||
msgid "Configuration injection currently only works on Linux-style systems that keep networking configuration in <filename>/etc/network/interfaces</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:50(term)
|
||
msgid "Flat DHCP Network Manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:51(para)
|
||
msgid "In <emphasis role=\"bold\">FlatDHCP</emphasis> mode, OpenStack starts a DHCP server (<systemitem>dnsmasq</systemitem>) to allocate IP addresses to VM instances from the specified subnet, in addition to manually configuring the networking bridge. IP addresses for VM instances are assigned from a subnet specified by the network administrator."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:56(para)
|
||
msgid "Like Flat Mode, all instances are attached to a single bridge on the compute node. Additionally, a DHCP server is running to configure instances (depending on single-/multi-host mode, alongside each <systemitem class=\"service\">nova-network</systemitem>). In this mode, Compute does a bit more configuration in that it attempts to bridge into an ethernet device (<literal>flat_interface</literal>, eth0 by default). For every instance, Compute allocates a fixed IP address and configures dnsmasq with the MAC/IP pair for the VM. Dnsmasq does not take part in the IP address allocation process, it only hands out IPs according to the mapping done by Compute. Instances receive their fixed IPs by doing a <placeholder-1/>. These IPs are <emphasis role=\"italic\">not</emphasis> assigned to any of the host's network interfaces, only to the VM's guest-side interface."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:69(para)
|
||
msgid "In any setup with flat networking, the hosts providing the <systemitem class=\"service\">nova-network</systemitem> service are responsible for forwarding traffic from the private network. They also run and configure <systemitem>dnsmasq</systemitem> as a DHCP server listening on this bridge, usually on IP address 10.0.0.1 (see <link linkend=\"section_dnsmasq\">DHCP server: dnsmasq </link>). Compute can determine the NAT entries for each network, although sometimes NAT is not used, such as when configured with all public IPs or a hardware router is used (one of the HA options). Such hosts need to have <literal>br100</literal> configured and physically connected to any other nodes that are hosting VMs. You must set the <literal>flat_network_bridge</literal> option or create networks with the bridge parameter in order to avoid raising an error. Compute nodes have iptables/ebtables entries created for each project and instance to protect against IP/MAC address spoofing and ARP poisoning."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:84(para)
|
||
msgid "In single-host Flat DHCP mode you <emphasis role=\"italic\">will</emphasis> be able to ping VMs through their fixed IP from the <systemitem>nova-network</systemitem> node, but you <emphasis role=\"italic\">cannot</emphasis> ping them from the compute nodes. This is expected behavior."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:91(term)
|
||
msgid "VLAN Network Manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:92(para)
|
||
msgid "<emphasis role=\"bold\">VLANManager</emphasis> mode is the default mode for OpenStack Compute. In this mode, Compute creates a VLAN and bridge for each tenant. For multiple-machine installation, the VLAN Network Mode requires a switch that supports VLAN tagging (IEEE 802.1Q). The tenant gets a range of private IPs that are only accessible from inside the VLAN. In order for a user to access the instances in their tenant, a special VPN instance (code named cloudpipe) needs to be created. Compute generates a certificate and key for the user to access the VPN and starts the VPN automatically. It provides a private network segment for each tenant's instances that can be accessed through a dedicated VPN connection from the Internet. In this mode, each tenant gets its own VLAN, Linux networking bridge, and subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:103(para)
|
||
msgid "The subnets are specified by the network administrator, and are assigned dynamically to a tenant when required. A DHCP Server is started for each VLAN to pass out IP addresses to VM instances from the subnet assigned to the tenant. All instances belonging to one tenant are bridged into the same VLAN for that tenant. OpenStack Compute creates the Linux networking bridges and VLANs when required."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:111(para)
|
||
msgid "These network managers can co-exist in a cloud system. However, because you cannot select the type of network for a given tenant, you cannot configure multiple network types in a single Compute installation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:114(para)
|
||
msgid "All network managers configure the network using <emphasis role=\"italic\">network drivers</emphasis>. For example, the Linux L3 driver (<literal>l3.py</literal> and <literal>linux_net.py</literal>), which makes use of <literal>iptables</literal>, <literal>route</literal> and other network management facilities, and libvirt's <link href=\"http://libvirt.org/formatnwfilter.html\">network filtering facilities</link>. The driver is not tied to any particular network manager; all network managers use the same driver. The driver usually initializes (creates bridges and so on) only when the first VM lands on this host node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:122(para)
|
||
msgid "All network managers operate in either <emphasis role=\"italic\">single-host</emphasis> or <emphasis role=\"italic\">multi-host</emphasis> mode. This choice greatly influences the network configuration. In single-host mode, a single <systemitem class=\"service\">nova-network</systemitem> service provides a default gateway for VMs and hosts a single DHCP server (<systemitem>dnsmasq</systemitem>). In multi-host mode, each compute node runs its own <systemitem class=\"service\">nova-network</systemitem> service. In both cases, all traffic between VMs and the outer world flows through <systemitem class=\"service\">nova-network</systemitem>. Each mode has its pros and cons (see the <citetitle>Network Topology</citetitle> section in the <link href=\"http://docs.openstack.org/openstack-ops/content/\"><citetitle>OpenStack Operations Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:134(para)
|
||
msgid "All networking options require network connectivity to be already set up between OpenStack physical nodes. OpenStack does not configure any physical network interfaces. All network managers automatically create VM virtual interfaces. Some, but not all, managers create network bridges such as <literal>br100</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:139(para)
|
||
msgid "All machines must have a <emphasis role=\"italic\">public</emphasis> and <emphasis role=\"italic\">internal</emphasis> network interface (controlled by the options: <literal>public_interface</literal> for the public interface, and <literal>flat_interface</literal> and <literal>vlan_interface</literal> for the internal interface with flat / VLAN managers). This guide refers to the public network as the external network and the private network as the internal or tenant network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:151(para)
|
||
msgid "The internal network interface is used for communication with VMs; the interface should not have an IP address attached to it before OpenStack installation (it serves merely as a fabric where the actual endpoints are VMs and dnsmasq). Also, you must put the internal network interface in <emphasis role=\"italic\">promiscuous mode</emphasis>, because it must receive packets whose target MAC address is of the guest VM, not of the host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:157(para)
|
||
msgid "Throughout this documentation, the public network is sometimes referred to as the external network, while the internal network is also sometimes referred to as the private network or tenant network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:163(para)
|
||
msgid "For flat and flat DHCP modes, use the following command to create a network:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:168(para)
|
||
msgid "<option>--fixed-range-v4-</option> specifies the network subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:171(para)
|
||
msgid "<option>--fixed-cidr</option> specifies a range of fixed IP addresses to allocate, and can be a subset of the <option>--fixed-range-v4</option> argument."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:176(para)
|
||
msgid "<option>--bridge</option> specifies the bridge device to which this network is connected on every compute node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:166(para)
|
||
msgid "Where:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:182(title)
|
||
msgid "DHCP server: dnsmasq"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:183(para)
|
||
msgid "The Compute service uses <link href=\"http://www.thekelleys.org.uk/dnsmasq/doc.html\">dnsmasq</link> as the DHCP server when running with either that Flat DHCP Network Manager or the VLAN Network Manager. The <systemitem class=\"service\">nova-network</systemitem> service is responsible for starting up <systemitem>dnsmasq</systemitem> processes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:188(para)
|
||
msgid "The behavior of <systemitem>dnsmasq</systemitem> can be customized by creating a <systemitem>dnsmasq</systemitem> configuration file. Specify the configuration file using the <literal>dnsmasq_config_file</literal> configuration option. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:193(para)
|
||
msgid "For an example of how to change the behavior of <systemitem>dnsmasq</systemitem> using a <systemitem>dnsmasq</systemitem> configuration file, see the <link href=\"http://docs.openstack.org/trunk/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link>. The <systemitem>dnsmasq</systemitem> documentation also has a more comprehensive <link href=\"http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq.conf.example\">dnsmasq configuration file example</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:200(para)
|
||
msgid "<systemitem>dnsmasq</systemitem> also acts as a caching DNS server for instances. You can explicitly specify the DNS server that <systemitem>dnsmasq</systemitem> should use by setting the <literal>dns_server</literal> configuration option in <filename>/etc/nova/nova.conf</filename>. The following example would configure <systemitem>dnsmasq</systemitem> to use Google's public DNS server:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:206(para)
|
||
msgid "Logging output for <systemitem>dnsmasq</systemitem> goes to the <systemitem>syslog</systemitem> (typically <filename>/var/log/syslog</filename> or <filename>/var/log/messages</filename>, depending on Linux distribution). <systemitem>dnsmasq</systemitem> logging output can be useful for troubleshooting if VM instances boot successfully but are not reachable over the network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:211(para)
|
||
msgid "A network administrator can run <code>nova-manage fixed reserve --address=<replaceable>x.x.x.x</replaceable></code> to specify the starting point IP address (x.x.x.x) to reserve with the DHCP server. This reservation only affects which IP address the VMs start at, not the fixed IP addresses that the <systemitem class=\"service\">nova-network</systemitem> service places on the bridges."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:223(title)
|
||
msgid "Metadata service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:225(title)
|
||
msgid "Introduction"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:226(para)
|
||
msgid "The Compute service uses a special metadata service to enable virtual machine instances to retrieve instance-specific data. Instances access the metadata service at <literal>http://169.254.169.254</literal>. The metadata service supports two sets of APIs: an OpenStack metadata API and an EC2-compatible API. Each of the APIs is versioned by date."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:234(para)
|
||
msgid "To retrieve a list of supported versions for the OpenStack metadata API, make a GET request to <literal>http://169.254.169.254/openstack</literal> For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:241(para)
|
||
msgid "To list supported versions for the EC2-compatible metadata API, make a GET request to <literal>http://169.254.169.254</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:256(para)
|
||
msgid "If you write a consumer for one of these APIs, always attempt to access the most recent API version supported by your consumer first, then fall back to an earlier version if the most recent one is not available."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:263(title)
|
||
msgid "OpenStack metadata API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:264(para)
|
||
msgid "Metadata from the OpenStack API is distributed in JSON format. To retrieve the metadata, make a GET request to <literal>http://169.254.169.254/openstack/2012-08-10/meta_data.json</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:271(para)
|
||
msgid "Instances also retrieve user data (passed as the <literal>user_data</literal> parameter in the API call or by the <literal>--user_data</literal> flag in the <placeholder-1/> command) through the metadata service, by making a GET request to <literal>http://169.254.169.254/openstack/2012-08-10/user_data</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:284(title)
|
||
msgid "EC2 metadata API"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:285(para)
|
||
msgid "The metadata service has an API that is compatible with version 2009-04-04 of the <link href=\"http://docs.amazonwebservices.com/AWSEC2/2009-04-04/UserGuide/AESDG-chapter-instancedata.html\">Amazon EC2 metadata service</link>; virtual machine images that are designed for EC2 work properly with OpenStack."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:291(para)
|
||
msgid "The EC2 API exposes a separate URL for each metadata. You can retrieve a listing of these elements by making a GET query to <literal>http://169.254.169.254/2009-04-04/meta-data/</literal>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:321(para)
|
||
msgid "Instances can retrieve the public SSH key (identified by keypair name when a user requests a new instance) by making a GET request to <literal>http://169.254.169.254/2009-04-04/meta-data/public-keys/0/openssh-key</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:328(para)
|
||
msgid "Instances can retrieve user data by making a GET request to <literal>http://169.254.169.254/2009-04-04/user-data</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:337(title)
|
||
msgid "Run the metadata service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:338(para)
|
||
msgid "The metadata service is implemented by either the <systemitem class=\"service\">nova-api</systemitem> service or the <systemitem class=\"service\">nova-api-metadata</systemitem> service. (The <systemitem class=\"service\">nova-api-metadata</systemitem> service is generally only used when running in multi-host mode, it retrieves instance-specific metadata). If you are running the <systemitem class=\"service\">nova-api</systemitem> service, you must have <literal>metadata</literal> as one of the elements of the list of the <literal>enabled_apis</literal> configuration option in <filename>/etc/nova/nova.conf</filename>. The default <literal>enabled_apis</literal> configuration setting includes the metadata service, so you should not need to modify it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:349(para)
|
||
msgid "Hosts access the service at <literal>169.254.169.254:80</literal>, and this is translated to <literal>metadata_host:metadata_port</literal> by an iptables rule established by the <systemitem class=\"service\">nova-network</systemitem> service. In multi-host mode, you can set <option>metadata_host</option> to <literal>127.0.0.1</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:354(para)
|
||
msgid "To enable instances to reach the metadata service, the <systemitem class=\"service\">nova-network</systemitem> service configures iptables to NAT port <literal>80</literal> of the <literal>169.254.169.254</literal> address to the IP address specified in <option>metadata_host</option> (default <literal>$my_ip</literal>, which is the IP address of the <systemitem class=\"service\">nova-network</systemitem> service) and port specified in <option>metadata_port</option> (default <literal>8775</literal>) in <filename>/etc/nova/nova.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:368(para)
|
||
msgid "The <literal>metadata_host</literal> configuration option must be an IP address, not a host name."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:373(para)
|
||
msgid "The default Compute service settings assume that the <systemitem class=\"service\">nova-network</systemitem> service and the <systemitem class=\"service\">nova-api</systemitem> service are running on the same host. If this is not the case, you must make this change in the <filename>/etc/nova/nova.conf</filename> file on the host running the <systemitem class=\"service\">nova-network</systemitem> service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:384(para)
|
||
msgid "Set the <literal>metadata_host</literal> configuration option to the IP address of the host where the <systemitem class=\"service\">nova-api</systemitem> service runs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:395(title)
|
||
msgid "Enable ping and SSH on VMs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:396(para)
|
||
msgid "Be sure you enable access to your VMs by using the <placeholder-1/> or <placeholder-2/> command. These commands enable you to <placeholder-3/> and <placeholder-4/> to your VMs:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:402(para)
|
||
msgid "You must run these commands as root only if the credentials used to interact with <systemitem class=\"service\">nova-api</systemitem> are in <filename>/root/.bashrc</filename>. If the EC2 credentials are the <filename>.bashrc</filename> file for another user, you must run these commands as the user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:410(para)
|
||
msgid "Run <placeholder-1/> commands:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:413(para)
|
||
msgid "Using euca2ools:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:416(para)
|
||
msgid "If you still cannot ping or SSH your instances after issuing the <placeholder-1/> commands, look at the number of <literal>dnsmasq</literal> processes that are running. If you have a running instance, check to see that TWO <literal>dnsmasq</literal> processes are running. If not, perform the following commands as root:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:425(title)
|
||
msgid "Configure public (floating) IP addresses"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:427(para)
|
||
msgid "If you are using Compute's <systemitem class=\"service\">nova-network</systemitem> instead of OpenStack Networking (neutron) for networking in OpenStack, use procedures in this section to configure floating IP addresses. For instructions on how to configure OpenStack Networking (neutron) to provide access to instances through floating IP addresses, see <xref linkend=\"section_l3_router_and_nat\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:433(title)
|
||
msgid "Private and public IP addresses"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:434(para)
|
||
msgid "Every virtual instance is automatically assigned a private IP address. You can optionally assign public IP addresses to instances. The term <glossterm baseform=\"floating IP address\">floating IP</glossterm> refers to an IP address, typically public, that you can dynamically add to a running virtual instance. OpenStack Compute uses Network Address Translation (NAT) to assign floating IPs to virtual instances."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:444(para)
|
||
msgid "If you plan to use this feature, you must add edit the <filename>/etc/nova/nova.conf</filename> file to specify to which interface the <systemitem class=\"service\">nova-network</systemitem> service binds public IP addresses, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:450(replaceable)
|
||
msgid "vlan100"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:451(para)
|
||
msgid "If you make changes to the <filename>/etc/nova/nova.conf</filename> file while the <systemitem class=\"service\">nova-network</systemitem> service is running, you must restart the service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:457(title)
|
||
msgid "Traffic between VMs using floating IPs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:459(para)
|
||
msgid "Because floating IPs are implemented by using a source NAT (SNAT rule in iptables), security groups can display inconsistent behavior if VMs use their floating IP to communicate with other VMs, particularly on the same physical host. Traffic from VM to VM across the fixed network does not have this issue, and so this is the recommended path. To ensure that traffic does not get SNATed to the floating range, explicitly set: <placeholder-1/>The <literal>x.x.x.x/y</literal> value specifies the range of floating IPs for each pool of floating IPs that you define. If the VMs in the source group have floating IPs, this configuration is also required."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:472(title)
|
||
msgid "Enable IP forwarding"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:473(para)
|
||
msgid "By default, IP forwarding is disabled on most Linux distributions. To use the floating IP feature, you must enable IP forwarding."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:477(para)
|
||
msgid "You must enable IP forwarding only on the nodes that run the <systemitem class=\"service\">nova-network</systemitem> service. If you use <literal>multi_host</literal> mode, ensure that you enable it on all compute nodes. Otherwise, enable it on only the node that runs the <systemitem class=\"service\">nova-network</systemitem> service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:483(para)
|
||
msgid "To check whether forwarding is enabled, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:486(para)
|
||
msgid "Alternatively, you can run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:489(para)
|
||
msgid "In the previous example, IP forwarding is <emphasis role=\"bold\">disabled</emphasis>. To enable it dynamically, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:492(para)
|
||
msgid "Or:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:494(para)
|
||
msgid "To make the changes permanent, edit the <filename>/etc/sysctl.conf</filename> file and update the IP forwarding setting:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:498(para)
|
||
msgid "Save the file and run the following command to apply the changes:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:500(para)
|
||
msgid "You can also update the setting by restarting the network service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:503(para)
|
||
msgid "On Ubuntu, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:507(para)
|
||
msgid "On RHEL/Fedora/CentOS, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:513(title)
|
||
msgid "Create a list of available floating IP addresses"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:515(para)
|
||
msgid "Compute maintains a list of floating IP addresses that you can assign to instances. Use the <placeholder-1/> command to add entries to this list."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:520(para)
|
||
msgid "You can use the following <placeholder-1/> commands to perform floating IP operations:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:526(para)
|
||
msgid "Lists the floating IP addresses in the pool."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:530(replaceable)
|
||
msgid "[pool name]"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:530(replaceable) ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:535(replaceable)
|
||
msgid "[CIDR]"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:531(para)
|
||
msgid "Creates specific floating IPs for either a single address or a subnet."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:536(para)
|
||
msgid "Removes floating IP addresses using the same parameters as the create command."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:541(para)
|
||
msgid "For information about how administrators can associate floating IPs with instances, see <link href=\"http://docs.openstack.org/user-guide-admin/content/manage_ip_addresses.html\">Manage IP addresses</link> in the <citetitle>OpenStack Admin User Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:549(title)
|
||
msgid "Automatically add floating IPs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:550(para)
|
||
msgid "You can configure the <systemitem class=\"service\">nova-network</systemitem> service to automatically allocate and assign a floating IP address to virtual instances when they are launched. Add the following line to the <filename>/etc/nova/nova.conf</filename> file and restart the <systemitem class=\"service\">nova-network</systemitem> service:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:560(para)
|
||
msgid "If you enable this option and all floating IP addresses have already been allocated, the <placeholder-1/> command fails."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:568(title)
|
||
msgid "Remove a network from a project"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:569(para)
|
||
msgid "You cannot remove a network that has already been associated to a project by simply deleting it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:571(para)
|
||
msgid "To determine the project ID, you must have administrative rights. You can disassociate the project from the network with a scrub command and the project ID as the final parameter:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:574(replaceable)
|
||
msgid "<id>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:577(title)
|
||
msgid "Multiple interfaces for your instances (multinic)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:580(para)
|
||
msgid "The multinic feature allows you to plug more than one interface to your instances, making it possible to make several use cases available:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:584(para)
|
||
msgid "SSL Configurations (VIPs)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:587(para)
|
||
msgid "Services failover/ HA"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:590(para)
|
||
msgid "Bandwidth Allocation"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:593(para)
|
||
msgid "Administrative/ Public access to your instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:599(title)
|
||
msgid "multinic flat manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:609(title)
|
||
msgid "multinic flatdhcp manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:619(title)
|
||
msgid "multinic VLAN manager"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:597(para)
|
||
msgid "Each VIF is representative of a separate network with its own IP block. Every network mode introduces its own set of changes regarding the multinic usage: <placeholder-1/><placeholder-2/><placeholder-3/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:630(title)
|
||
msgid "Use the multinic feature"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:631(para)
|
||
msgid "In order to use the multinic feature, first create two networks, and attach them to your tenant (still named 'project' on the command line): <placeholder-1/> Now every time you spawn a new instance, it gets two IP addresses from the respective DHCP servers:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:644(para)
|
||
msgid "Make sure to power up the second interface on the instance, otherwise that last won't be reachable through its second IP. Here is an example of how to setup the interfaces within the instance (this is the configuration that needs to be applied inside the image):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:650(filename)
|
||
msgid "/etc/network/interfaces"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:662(para)
|
||
msgid "If the Virtual Network Service Neutron is installed, it is possible to specify the networks to attach to the respective interfaces by using the <literal>--nic</literal> flag when invoking the <literal>nova</literal> command: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:674(title)
|
||
msgid "Troubleshoot Networking"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:676(title)
|
||
msgid "Cannot reach floating IPs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:677(para)
|
||
msgid "If you cannot reach your instances through the floating IP address, check the following:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:679(para)
|
||
msgid "Ensure the default security group allows ICMP (ping) and SSH (port 22), so that you can reach the instances:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:689(para)
|
||
msgid "Ensure the NAT rules have been added to <systemitem>iptables</systemitem> on the node that <systemitem>nova-network</systemitem> is running on, as root:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:694(para)
|
||
msgid "Check that the public address, in this example \"68.99.26.170\", has been added to your public interface. You should see the address in the listing when you enter \"ip addr\" at the command prompt."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:704(para)
|
||
msgid "Note that you cannot SSH to an instance with a public IP from within the same server as the routing configuration won't allow it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:707(para)
|
||
msgid "You can use <placeholder-1/> to identify if packets are being routed to the inbound interface on the compute host. If the packets are reaching the compute hosts but the connection is failing, the issue may be that the packet is being dropped by reverse path filtering. Try disabling reverse-path filtering on the inbound interface. For example, if the inbound interface is <literal>eth2</literal>, as root, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:713(replaceable)
|
||
msgid "eth2"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:714(para)
|
||
msgid "If this solves your issue, add the following line to <filename>/etc/sysctl.conf</filename> so that the reverse-path filter is disabled the next time the compute host reboots: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:721(title)
|
||
msgid "Disable firewall"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:722(para)
|
||
msgid "To help debug networking issues with reaching VMs, you can disable the firewall by setting the following option in <filename>/etc/nova/nova.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:727(para)
|
||
msgid "We strongly recommend you remove this line to re-enable the firewall once your networking issues have been resolved."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:732(title)
|
||
msgid "Packet loss from instances to nova-network server (VLANManager mode)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:734(para)
|
||
msgid "If you can SSH to your instances but you find that the network interactions to your instance is slow, or if you find that running certain operations are slower than they should be (for example, <placeholder-1/>), then there may be packet loss occurring on the connection to the instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:741(para)
|
||
msgid "Packet loss can be caused by Linux networking configuration settings related to bridges. Certain settings can cause packets to be dropped between the VLAN interface (for example, <literal>vlan100</literal>) and the associated bridge interface (for example, <literal>br100</literal>) on the host running the <systemitem class=\"service\">nova-network</systemitem> service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:750(para)
|
||
msgid "One way to check whether this is the issue in your setup, is to open up three terminals and run the following commands:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:755(para)
|
||
msgid "In the first terminal, on the host running nova-network, use <placeholder-1/> on the VLAN interface to monitor DNS-related traffic (UDP, port 53). As root, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:760(para)
|
||
msgid "In the second terminal, also on the host running nova-network, use <placeholder-1/> to monitor DNS-related traffic on the bridge interface. As root, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:764(para)
|
||
msgid "In the third terminal, SSH inside of the instance and generate DNS requests by using the <placeholder-1/> command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:768(para)
|
||
msgid "The symptoms may be intermittent, so try running <placeholder-1/> multiple times. If the network configuration is correct, the command should return immediately each time. If it is not functioning properly, the command hangs for several seconds."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:774(para)
|
||
msgid "If the <placeholder-1/> command sometimes hangs, and there are packets that appear in the first terminal but not the second, then the problem may be due to filtering done on the bridges. Try to disable filtering, run the following commands as root:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:781(para)
|
||
msgid "If this solves your issue, add the following line to <filename>/etc/sysctl.conf</filename> so that these changes take effect the next time the host reboots:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:791(title)
|
||
msgid "KVM: Network connectivity works initially, then fails"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:793(para)
|
||
msgid "Some administrators have observed an issue with the KVM hypervisor where instances running Ubuntu 12.04 sometimes loses network connectivity after functioning properly for a period of time. Some users have reported success with loading the vhost_net kernel module as a workaround for this issue (see <link href=\"https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/997978/\">bug #997978</link>) . This kernel module may also <link href=\"http://www.linux-kvm.org/page/VhostNet\">improve network performance on KVM</link>. To load the kernel module, as root:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-networking-nova.xml:808(para)
|
||
msgid "Loading the module has no effect on running instances."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml:7(title)
|
||
msgid "Instance management tools"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml:8(para)
|
||
msgid "OpenStack provides command-line, web-based, and API-based instance management tools. Additionally, a number of third-party management tools are available, using either the native API or the provided EC2-compatible API."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml:13(para)
|
||
msgid "The OpenStack <application>python-novaclient</application> package provides a basic command-line utility, which uses the <placeholder-1/> command. This is available as a native package for most Linux distributions, or you can install the latest version using the <application>pip</application> python package installer:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-instance-mgt-tools.xml:22(para)
|
||
msgid "For more information about <application>python-novaclient</application> and other available command-line tools, see the <link href=\"http://docs.openstack.org/user-guide/content/index.html\"><citetitle>OpenStack End User Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:7(title)
|
||
msgid "System administration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:8(para)
|
||
msgid "By understanding how the different installed nodes interact with each other, you can administer the Compute installation. Compute offers many ways to install using multiple servers but the general idea is that you can have multiple compute nodes that control the virtual servers and a cloud controller node that contains the remaining Compute services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:15(para)
|
||
msgid "The Compute cloud works through the interaction of a series of daemon processes named <systemitem>nova-*</systemitem> that reside persistently on the host machine or machines. These binaries can all run on the same machine or be spread out on multiple boxes in a large deployment. The responsibilities of services and drivers are:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:22(para)
|
||
msgid "Services:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:25(para)
|
||
msgid "<systemitem class=\"service\">nova-api</systemitem>. Receives xml requests and sends them to the rest of the system. It is a wsgi app that routes and authenticate requests. It supports the EC2 and OpenStack APIs. There is a <filename>nova-api.conf</filename> file created when you install Compute."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:32(para)
|
||
msgid "<systemitem>nova-cert</systemitem>. Provides the certificate manager."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:36(para)
|
||
msgid "<systemitem class=\"service\">nova-compute</systemitem>. Responsible for managing virtual machines. It loads a Service object, which exposes the public methods on ComputeManager through Remote Procedure Call (RPC)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:42(para)
|
||
msgid "<systemitem>nova-conductor</systemitem>. Provides database-access support for Compute nodes (thereby reducing security risks)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:46(para)
|
||
msgid "<systemitem>nova-consoleauth</systemitem>. Handles console authentication."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:50(para)
|
||
msgid "<systemitem class=\"service\">nova-objectstore</systemitem>: The <systemitem class=\"service\">nova-objectstore</systemitem> service is an ultra simple file-based storage system for images that replicates most of the S3 API. It can be replaced with OpenStack Image Service and a simple image manager or use OpenStack Object Storage as the virtual machine image storage facility. It must reside on the same node as <systemitem class=\"service\">nova-compute</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:59(para)
|
||
msgid "<systemitem class=\"service\">nova-network</systemitem>. Responsible for managing floating and fixed IPs, DHCP, bridging and VLANs. It loads a Service object which exposes the public methods on one of the subclasses of NetworkManager. Different networking strategies are available to the service by changing the network_manager configuration option to FlatManager, FlatDHCPManager, or VlanManager (default is VLAN if no other is specified)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:68(para)
|
||
msgid "<systemitem>nova-scheduler</systemitem>. Dispatches requests for new virtual machines to the correct node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:72(para)
|
||
msgid "<systemitem>nova-novncproxy</systemitem>. Provides a VNC proxy for browsers (enabling VNC consoles to access virtual machines)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:78(para)
|
||
msgid "Some services have drivers that change how the service implements the core of its functionality. For example, the <systemitem>nova-compute</systemitem> service supports drivers that let you choose with which hypervisor type it will talk. <systemitem>nova-network</systemitem> and <systemitem>nova-scheduler</systemitem> also have drivers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:87(title)
|
||
msgid "Manage Compute users"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:88(para)
|
||
msgid "Access to the Euca2ools (ec2) API is controlled by an access and secret key. The user’s access key needs to be included in the request, and the request must be signed with the secret key. Upon receipt of API requests, Compute verifies the signature and runs commands on behalf of the user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:94(para)
|
||
msgid "To begin using Compute, you must create a user with the Identity Service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:102(title)
|
||
msgid "Inject administrator password"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:103(para)
|
||
msgid "You can configure Compute to generate a random administrator (root) password and inject that password into the instance. If this feature is enabled, a user can <placeholder-1/> to an instance without an <placeholder-2/> keypair. The random password appears in the output of the <placeholder-3/> command. You can also view and set the <literal>admin</literal> password from the dashboard."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:110(para)
|
||
msgid "The dashboard is configured by default to display the <literal>admin</literal> password and allow the user to modify it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:112(para)
|
||
msgid "If you do not want to support password injection, we recommend disabling the password fields by editing your Dashboard <filename>local_settings</filename> file (file location will vary by Linux distribution, on Fedora/RHEL/CentOS: <filename> /etc/openstack-dashboard/local_settings</filename>, on Ubuntu and Debian: <filename>/etc/openstack-dashboard/local_settings.py</filename> and on openSUSE and SUSE Linux Enterprise Server: <filename>/srv/www/openstack-dashboard/openstack_dashboard/local/local_settings.py</filename>) <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:128(title)
|
||
msgid "Libvirt-based hypervisors (KVM, QEMU, LXC)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:129(para)
|
||
msgid "For hypervisors such as KVM that use the libvirt backend, <literal>admin</literal> password injection is disabled by default. To enable it, set the following option in <filename>/etc/nova/nova.conf</filename>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:136(para)
|
||
msgid "When enabled, Compute will modify the password of the root account by editing the <filename>/etc/shadow</filename> file inside of the virtual machine instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:141(para)
|
||
msgid "Users can only ssh to the instance by using the admin password if:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:145(para)
|
||
msgid "The virtual machine image is a Linux distribution"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:149(para)
|
||
msgid "The virtual machine has been configured to allow users to <placeholder-1/> as the root user. This is not the case for <link href=\"http://cloud-images.ubuntu.com/\">Ubuntu cloud images</link>, which disallow <placeholder-2/> to the root account by default."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:159(title)
|
||
msgid "XenAPI (XenServer/XCP)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:160(para)
|
||
msgid "Compute uses the XenAPI agent to inject passwords into guests when using the XenAPI hypervisor backend. The virtual-machine image must be configured with the agent for password injection to work."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:165(title)
|
||
msgid "Windows images (all hypervisors)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:166(para)
|
||
msgid "To support the <literal>admin</literal> password for Windows virtual machines, you must configure the Windows image to retrieve the <literal>admin</literal> password on boot by installing an agent such as <link href=\"https://github.com/cloudbase/cloudbase-init\">cloudbase-init</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:174(title)
|
||
msgid "Manage the cloud"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:175(para)
|
||
msgid "A system administrator can use the <placeholder-1/> client and the <placeholder-2/> commands to manage the cloud."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:177(para)
|
||
msgid "Both nova client and euca2ools can be used by all users, though specific commands might be restricted by Role Based Access Control in the Identity Service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:180(title)
|
||
msgid "To use the nova client"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:182(para)
|
||
msgid "Installing the <package>python-novaclient</package> package gives you a <code>nova</code> shell command that enables Compute API interactions from the command line. Install the client, and then provide your user name and password (typically set as environment variables for convenience), and then you have the ability to send commands to your cloud on the command line."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:187(para)
|
||
msgid "To install <package>python-novaclient</package>, download the tarball from <link href=\"http://pypi.python.org/pypi/python-novaclient/2.6.3#downloads\">http://pypi.python.org/pypi/python-novaclient/2.6.3#downloads</link> and then install it in your favorite python environment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:195(para)
|
||
msgid "As <systemitem class=\"username\">root</systemitem> execute:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:199(para)
|
||
msgid "Confirm the installation by running:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:214(para)
|
||
msgid "This command returns a list of <placeholder-1/> commands and parameters. To obtain help for a subcommand, run:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:216(replaceable)
|
||
msgid "subcommand"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:217(para)
|
||
msgid "You can also refer to the <link href=\"http://docs.openstack.org/cli-reference/content/\"><citetitle>OpenStack Command-Line Reference</citetitle></link> for a complete listing of <placeholder-1/> commands and parameters."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:224(para)
|
||
msgid "Set the required parameters as environment variables to make running commands easier. For example, you can add <parameter>--os-username</parameter> as a <placeholder-1/> option, or set it as an environment variable. To set the user name, password, and tenant as environment variables, use:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:233(para)
|
||
msgid "Using the Identity Service, you are supplied with an authentication endpoint, which Compute recognizes as the <literal>OS_AUTH_URL</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:242(title)
|
||
msgid "Use the euca2ools commands"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:243(para)
|
||
msgid "For a command-line interface to EC2 API calls, use the <placeholder-1/> command-line tool. See <link href=\"http://open.eucalyptus.com/wiki/Euca2oolsGuide_v1.3\">http://open.eucalyptus.com/wiki/Euca2oolsGuide_v1.3</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:251(title)
|
||
msgid "Manage logs"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:253(title)
|
||
msgid "Logging module"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:254(para)
|
||
msgid "To specify a configuration file to change the logging behavior, add this line to the <filename>/etc/nova/nova.conf</filename> file . To change the logging level, such as <literal>DEBUG</literal>, <literal>INFO</literal>, <literal>WARNING</literal>, <literal>ERROR</literal>), use: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:259(para)
|
||
msgid "The logging configuration file is an ini-style configuration file, which must contain a section called <literal>logger_nova</literal>, which controls the behavior of the logging facility in the <literal>nova-*</literal> services. For example:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:269(para)
|
||
msgid "For more details on the logging configuration syntax, including the meaning of the <literal>handlers</literal> and <literal>quaname</literal> variables, see the <link href=\"http://docs.python.org/release/2.7/library/logging.html#configuration-file-format\">Python documentation on logging configuration file format </link>f."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:277(para)
|
||
msgid "For an example <filename>logging.conf</filename> file with various defined handlers, see the <link href=\"http://docs.openstack.org/trunk/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:266(para)
|
||
msgid "This example sets the debugging level to <literal>INFO</literal> (which less verbose than the default <literal>DEBUG</literal> setting). <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:286(title)
|
||
msgid "Syslog"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:287(para)
|
||
msgid "You can configure OpenStack Compute services to send logging information to <systemitem>syslog</systemitem>. This is useful if you want to use <systemitem>rsyslog</systemitem>, which forwards the logs to a remote machine. You need to separately configure the Compute service (nova), the Identity service (keystone), the Image Service (glance), and, if you are using it, the Block Storage service (cinder) to send log messages to <systemitem>syslog</systemitem>. To do so, add the following lines to:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:296(filename)
|
||
msgid "/etc/nova/nova.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:299(filename)
|
||
msgid "/etc/keystone/keystone.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:302(filename)
|
||
msgid "/etc/glance/glance-api.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:305(filename)
|
||
msgid "/etc/glance/glance-registry.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:308(filename)
|
||
msgid "/etc/cinder/cinder.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:317(para)
|
||
msgid "Although the example above uses the same local facility for each service (<literal>LOG_LOCAL0</literal>, which corresponds to <systemitem>syslog</systemitem> facility <literal>LOCAL0</literal>), we recommend that you configure a separate local facility for each service, as this provides better isolation and more flexibility. For example, you may want to capture logging information at different severity levels for different services. <systemitem>syslog</systemitem> allows you to define up to eight local facilities, <literal>LOCAL0, LOCAL1, ..., LOCAL7</literal>. For more details, see the <systemitem>syslog</systemitem> documentation."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:315(para)
|
||
msgid "In addition to enabling <systemitem>syslog</systemitem>, these settings also turn off more verbose output and debugging output from the log.<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:330(title)
|
||
msgid "Rsyslog"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:331(para)
|
||
msgid "<systemitem>rsyslog</systemitem> is a useful tool for setting up a centralized log server across multiple machines. We briefly describe the configuration to set up an <systemitem>rsyslog</systemitem> server; a full treatment of <systemitem>rsyslog</systemitem> is beyond the scope of this document. We assume <systemitem>rsyslog</systemitem> has already been installed on your hosts (default for most Linux distributions)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:337(para)
|
||
msgid "This example provides a minimal configuration for <filename>/etc/rsyslog.conf</filename> on the log server host, which receives the log files:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:343(para)
|
||
msgid "Add a filter rule to <filename>/etc/rsyslog.conf</filename> which looks for a host name. The example below uses <replaceable>compute-01</replaceable> as an example of a compute host name:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:346(replaceable)
|
||
msgid "compute-01"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:347(para)
|
||
msgid "On each compute host, create a file named <filename>/etc/rsyslog.d/60-nova.conf</filename>, with the following content:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:354(para)
|
||
msgid "Once you have created this file, restart your <systemitem>rsyslog</systemitem> daemon. Error-level log messages on the compute hosts should now be sent to your log server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:362(title)
|
||
msgid "Migrate instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:363(para)
|
||
msgid "Before starting migrations, review the <link linkend=\"section_configuring-compute-migrations\">Configure migrations section</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:364(para)
|
||
msgid "Migration provides a scheme to migrate running instances from one OpenStack Compute server to another OpenStack Compute server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:368(title)
|
||
msgid "To migrate instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:370(para)
|
||
msgid "Look at the running instances, to get the ID of the instance you wish to migrate."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:381(para)
|
||
msgid "Look at information associated with that instance. This example uses 'vm1' from above."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:397(para)
|
||
msgid "In this example, vm1 is running on HostB."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:400(para)
|
||
msgid "Select the server to which instances will be migrated:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:412(para)
|
||
msgid "In this example, HostC can be picked up because <systemitem class=\"service\">nova-compute</systemitem> is running on it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:417(para)
|
||
msgid "Ensure that HostC has enough resources for migration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:431(para)
|
||
msgid "<emphasis role=\"bold\">cpu:</emphasis>the number of cpu"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:436(para)
|
||
msgid "<emphasis role=\"bold\">memory_mb:</emphasis>total amount of memory (in MB)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:440(para)
|
||
msgid "<emphasis role=\"bold\">disk_gb:</emphasis>total amount of space for NOVA-INST-DIR/instances (in GB)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:444(para)
|
||
msgid "<emphasis role=\"bold\">1st line shows </emphasis>total amount of resources for the physical server."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:448(para)
|
||
msgid "<emphasis role=\"bold\">2nd line shows </emphasis>currently used resources."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:452(para)
|
||
msgid "<emphasis role=\"bold\">3rd line shows </emphasis>maximum used resources."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:456(para)
|
||
msgid "<emphasis role=\"bold\">4th line and under</emphasis> shows the resource for each project."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:464(replaceable)
|
||
msgid "server"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:464(replaceable)
|
||
msgid "host_name"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:463(para)
|
||
msgid "Use the <placeholder-1/> command to migrate the instances:<placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:465(para)
|
||
msgid "Where <replaceable>server</replaceable> can be either the server's ID or name. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:473(para)
|
||
msgid "Although the <placeholder-1/> command is called <placeholder-2/>, under the default Compute configuration options the instances are suspended before migration."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:477(para)
|
||
msgid "For more details, see <link href=\"http://docs.openstack.org/trunk/config-reference/content/configuring-openstack-compute-basics.html\">Configure migrations</link> in <citetitle>OpenStack Configuration Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-system-admin.xml:469(para)
|
||
msgid "Ensure instances are migrated successfully with <placeholder-1/>. If instances are still running on HostB, check log files (src/dest <systemitem class=\"service\">nova-compute</systemitem> and <systemitem class=\"service\">nova-scheduler</systemitem>) to determine why. <placeholder-2/>"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:64(None)
|
||
msgid "@@image: '../../common/figures/instance-life-1.png'; md5=c7e56263f9ffb5a5cffb59fbc5ffba35"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:83(None)
|
||
msgid "@@image: '../../common/figures/instance-life-2.png'; md5=84aed8a4c2575548c2f8bacf496465ac"
|
||
msgstr ""
|
||
|
||
#. When image changes, this message will be marked fuzzy or untranslated for you.
|
||
#. It doesn't matter what you translate it to: it's not used at all.
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:121(None)
|
||
msgid "@@image: '../../common/figures/instance-life-3.png'; md5=e25d1bd617373f95e1b8a12605a65ac6"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:7(title)
|
||
msgid "Images and instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:8(para)
|
||
msgid "Disk images provide templates for virtual machine file systems. The Image Service manages storage and management of images."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:11(para)
|
||
msgid "Instances are the individual virtual machines that run on physical compute nodes. Users can launch any number of instances from the same image. Each launched instance runs from a copy of the base image so that any changes made to the instance do not affect the base image. You can take snapshots of running instances to create an image based on the current disk state of a particular instance. The Compute services manages instances."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:19(para)
|
||
msgid "When you launch an instance, you must choose a <literal>flavor</literal>, which represents a set of virtual resources. Flavors define how many virtual CPUs an instance has and the amount of RAM and size of its ephemeral disks. OpenStack provides a number of predefined flavors that you can edit or add to. Users must select from the set of available flavors defined on their cloud."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:26(para)
|
||
msgid "For more information about creating and troubleshooting images, see the <link href=\"http://docs.openstack.org/image-guide/content/\"><citetitle>OpenStack Virtual Machine Image Guide</citetitle></link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:33(para)
|
||
msgid "For more information about image configuration options, see the <link href=\"http://docs.openstack.org/trunk/config-reference/content/ch_configuring-openstack-image-service.html\">Image Services</link> section of the <citetitle>OpenStack Configuration Reference</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:39(para)
|
||
msgid "For more information about flavors, see <xref linkend=\"customize-flavors\"/> or the <link href=\"http://docs.openstack.org/openstack-ops/content/flavors.html\">Flavors</link> section in the <citetitle>OpenStack Operations Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:45(para)
|
||
msgid "You can add and remove additional resources from running instances, such as persistent volume storage, or public IP addresses. The example used in this chapter is of a typical virtual system within an OpenStack cloud. It uses the <systemitem class=\"service\">cinder-volume</systemitem> service, which provides persistent block storage, instead of the ephemeral storage provided by the selected instance flavor."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:53(para)
|
||
msgid "This diagram shows the system state prior to launching an instance. The image store, fronted by the Image service (glance) has a number of predefined images. Inside the cloud, a compute node contains the available vCPU, memory, and local disk resources. Additionally, the <systemitem class=\"service\">cinder-volume</systemitem> service provides a number of predefined volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:59(title)
|
||
msgid "Base image state with no running instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:68(para)
|
||
msgid "To launch an instance, select an image, a flavor, and other optional attributes. The selected flavor provides a root volume, labeled <literal>vda</literal> in this diagram, and additional ephemeral storage, labeled <literal>vdb</literal>. In this example, the <systemitem class=\"service\">cinder-volume</systemitem> store is mapped to the third virtual disk on this instance, <literal>vdc</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:77(title)
|
||
msgid "Instance creation from image and runtime state"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:87(para)
|
||
msgid "The base image is copied from the image store to the local disk. The local disk is the first disk that the instance accesses, and is labeled <literal>vda</literal>. By using smaller images, your instances start up faster as less data needs to be copied across the network."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:92(para)
|
||
msgid "A new empty disk, labeled <literal>vdb</literal> is also created. This is an empty ephemeral disk, which is destroyed when you delete the instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:95(para)
|
||
msgid "The compute node is attached to the <systemitem class=\"service\">cinder-volume</systemitem> using iSCSI, and maps to the third disk, <literal>vdc</literal>. The vCPU and memory resources are provisioned and the instance is booted from <literal>vda</literal>. The instance runs and changes data on the disks as indicated in red in the diagram."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:105(para)
|
||
msgid "Some of the details in this example scenario might be different in your environment. For example, you might use a different type of back-end storage or different network protocols. One common variant is that the ephemeral storage used for volumes <literal>vda</literal> and <literal>vdb</literal> could be backed by network storage rather than a local disk."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:111(para)
|
||
msgid "When the instance is deleted, the state is reclaimed with the exception of the persistent volume. The ephemeral storage is purged; memory and vCPU resources are released. The image remains unchanged throughout."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:115(title)
|
||
msgid "End state of image and volume after instance exits"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:130(title)
|
||
msgid "Control where instances run"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:131(para)
|
||
msgid "The <link href=\"http://docs.openstack.org/trunk/config-reference/content/\"><citetitle>OpenStack Configuration Reference</citetitle></link> provides detailed information on controlling where your instances run, including ensuring a set of instances run on different compute nodes for service resiliency or on the same node for high performance inter-instance communications."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:141(replaceable)
|
||
msgid "availability-zone"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:141(replaceable)
|
||
msgid "compute-host"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-images-instances.xml:139(para)
|
||
msgid "Admin users can specify an exact compute node to run on using the command <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:7(title)
|
||
msgid "Image management"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:8(para)
|
||
msgid "The OpenStack Image Service discovers, registers, and retrieves virtual machine images. The service also includes a RESTful API that allows you to query VM image metadata and retrieve the actual image with HTTP requests. For more information about the API, see the <link href=\"http://developer.openstack.org/api-ref.html\">OpenStack API Complete Reference</link> and the <link href=\"http://docs.openstack.org/developer/python-glanceclient/\">Python API</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:17(para)
|
||
msgid "The OpenStack Image Service can be controlled using a command-line tool. For more information about the using OpenStack Image command-line tool, see the <link href=\"http://docs.openstack.org/user-guide/content/cli_manage_images.html\">Manage Images</link> section in the <citetitle>OpenStack End User Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:23(para)
|
||
msgid "Virtual images that have been made available through the Image Service can be stored in a variety of ways. In order to use these services, you must have a working installation of the Image Service, with a working endpoint, and users that have been created in OpenStack Identity. Additionally, you must meet the environment variables required by the Compute and Image Service clients."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:30(para)
|
||
msgid "The Image Service supports these back-end stores:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:33(term)
|
||
msgid "File system"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:35(para)
|
||
msgid "The OpenStack Image Service stores virtual machine images in the file system back end by default. This simple back end writes image files to the local file system."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:42(term)
|
||
msgid "Object Storage service"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:44(para)
|
||
msgid "The OpenStack highly available service for storing objects."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:49(term)
|
||
msgid "S3"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:51(para)
|
||
msgid "The Amazon S3 service."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:55(term)
|
||
msgid "HTTP"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:57(para)
|
||
msgid "OpenStack Image Service can read virtual machine images that are available on the internet using HTTP. This store is read only."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:63(term)
|
||
msgid "Rados block device (RBD)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:65(para)
|
||
msgid "Stores images inside of a Ceph storage cluster using Ceph's RBD interface."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:70(term)
|
||
msgid "GridFS"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-image-mgt.xml:72(para)
|
||
msgid "Stores images using MongoDB."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:7(title)
|
||
msgid "Secure with root wrappers"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:8(para)
|
||
msgid "The root wrapper enables an unprivileged user to run a number of Compute actions as the root user in the safest manner possible. Historically, Compute used a specific <filename>sudoers</filename> file that listed every command that the Compute user was allowed to run, and used <placeholder-1/> to run that command as <literal>root</literal>. However this was difficult to maintain (the <filename>sudoers</filename> file was in packaging), and did not enable complex filtering of parameters (advanced filters). The rootwrap was designed to solve those issues."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:17(title)
|
||
msgid "How rootwrap works"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:18(para)
|
||
msgid "Instead of calling <placeholder-1/>, Compute services start with a <placeholder-2/> call; for example, <placeholder-3/>. A generic sudoers entry lets the Compute user run <placeholder-4/> as root. The <placeholder-5/> code looks for filter definition directories in its configuration file, and loads command filters from them. Then it checks if the command requested by Compute matches one of those filters, in which case it executes the command (as root). If no filter matches, it denies the request."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:26(para)
|
||
msgid "To use <placeholder-1/>, you must be aware of the issues with using NFS and root-owned files. The NFS share must be configured with the <option>no_root_squash</option> option enabled."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:32(title)
|
||
msgid "Security model"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:33(para)
|
||
msgid "The escalation path is fully controlled by the root user. A sudoers entry (owned by root) allows Compute to run (as root) a specific rootwrap executable, and only with a specific configuration file (which should be owned by root). <placeholder-1/> imports the Python modules it needs from a cleaned (and system-default) <replaceable>PYTHONPATH</replaceable>. The configuration file (also root-owned) points to root-owned filter definition directories, which contain root-owned filters definition files. This chain ensures that the Compute user itself is not in control of the configuration or modules used by the <placeholder-2/> executable."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:44(title)
|
||
msgid "Details of rootwrap.conf"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:45(para)
|
||
msgid "You configure <placeholder-1/> in the <filename>rootwrap.conf</filename> file. Because it's in the trusted security path, it must be owned and writable by only the root user. The file's location is specified both in the sudoers entry and in the <filename>nova.conf</filename> configuration file with the <code>rootwrap_config=entry</code>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:50(para)
|
||
msgid "The <filename>rootwrap.conf</filename> file uses an INI file format with these sections and parameters:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:54(caption)
|
||
msgid "rootwrap.conf configuration options"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:59(para) ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:97(para)
|
||
msgid "Configuration option=Default value"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:61(para) ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:99(para)
|
||
msgid "(Type) Description"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:66(para)
|
||
msgid "[DEFAULT]"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:67(para)
|
||
msgid "filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:69(para)
|
||
msgid "(ListOpt) Comma-separated list of directories containing filter definition files. Defines where filters for root wrap are stored. Directories defined on this line should all exist, be owned and writable only by the root user."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:81(title)
|
||
msgid "Details of .filters files"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:82(para)
|
||
msgid "Filters definition files contain lists of filters that <placeholder-1/> will use to allow or deny a specific command. They are generally suffixed by .filters. Since they are in the trusted security path, they need to be owned and writable only by the root user. Their location is specified in the <filename>rootwrap.conf</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:87(para)
|
||
msgid "Filter definition files use an INI file format with a [Filters] section and several lines, each with a unique parameter name (different for each filter that you define):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:92(caption)
|
||
msgid ".filters configuration options"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:104(para)
|
||
msgid "[Filters]"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:105(para)
|
||
msgid "filter_name=kpartx: CommandFilter, /sbin/kpartx, root"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-rootwrap.xml:107(para)
|
||
msgid "(ListOpt) Comma-separated list containing first the Filter class to use, followed by that Filter arguments (which vary depending on the Filter class selected)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:7(title)
|
||
msgid "Configure migrations"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:9(para)
|
||
msgid "Only cloud administrators can perform live migrations. If your cloud is configured to use cells, you can perform live migration within but not between cells."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:13(para)
|
||
msgid "Migration enables an administrator to move a virtual-machine instance from one compute host to another. This feature is useful when a compute host requires maintenance. Migration can also be useful to redistribute the load when many VM instances are running on a specific physical machine."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:17(para)
|
||
msgid "The migration types are:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:20(para)
|
||
msgid "<emphasis role=\"bold\">Migration</emphasis> (or non-live migration). The instance is shut down (and the instance knows that it was rebooted) for a period of time to be moved to another hypervisor."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:31(para)
|
||
msgid "<emphasis role=\"bold\">Shared storage-based live migration</emphasis>. Both hypervisors have access to shared storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:36(para)
|
||
msgid "<emphasis role=\"bold\">Block live migration</emphasis>. No shared storage is required. Incompatible with read-only devices such as CD-ROMs and <link href=\"http://docs.openstack.org/user-guide/content/config-drive.html\">Configuration Drive (config_drive)</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:43(para)
|
||
msgid "<emphasis role=\"bold\">Volume-backed live migration</emphasis>. When instances are backed by volumes rather than ephemeral disk, no shared storage is required, and migration is supported (currently only in libvirt-based hypervisors)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:26(para)
|
||
msgid "<emphasis role=\"bold\">Live migration</emphasis> (or true live migration). Almost no instance downtime. Useful when the instances must be kept running during the migration. The types of <firstterm>live migration</firstterm> are: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:53(para)
|
||
msgid "The following sections describe how to configure your hosts and compute nodes for migrations by using the KVM and XenServer hypervisors."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:57(title)
|
||
msgid "KVM-Libvirt"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:59(title) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:264(title) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:339(title)
|
||
msgid "Prerequisites"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:61(para)
|
||
msgid "<emphasis role=\"bold\">Hypervisor:</emphasis> KVM with libvirt"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:65(para)
|
||
msgid "<emphasis role=\"bold\">Shared storage:</emphasis><filename><replaceable>NOVA-INST-DIR</replaceable>/instances/</filename> (for example, <filename>/var/lib/nova/instances</filename>) has to be mounted by shared storage. This guide uses NFS but other options, including the <link href=\"http://gluster.org/community/documentation//index.php/OSConnect\">OpenStack Gluster Connector</link> are available."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:74(para)
|
||
msgid "<emphasis role=\"bold\">Instances:</emphasis> Instance can be migrated with iSCSI based volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:81(para)
|
||
msgid "Because the Compute service does not use the libvirt live migration functionality by default, guests are suspended before migration and might experience several minutes of downtime. For details, see <xref linkend=\"true-live-migration-kvm-libvirt\"/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:88(para)
|
||
msgid "This guide assumes the default value for <option>instances_path</option> in your <filename>nova.conf</filename> file (<filename><replaceable>NOVA-INST-DIR</replaceable>/instances</filename>). If you have changed the <literal>state_path</literal> or <literal>instances_path</literal> variables, modify accordingly."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:97(para)
|
||
msgid "You must specify <literal>vncserver_listen=0.0.0.0</literal> or live migration does not work correctly."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:104(title)
|
||
msgid "Example Compute installation environment"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:110(para)
|
||
msgid "<literal>HostA</literal> is the <firstterm baseform=\"cloud controller\">Cloud Controller</firstterm>, and should run these services: <systemitem class=\"service\">nova-api</systemitem>, <systemitem class=\"service\">nova-scheduler</systemitem>, <literal>nova-network</literal>, <systemitem class=\"service\">cinder-volume</systemitem>, and <literal>nova-objectstore</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:118(para)
|
||
msgid "<literal>HostB</literal> and <literal>HostC</literal> are the <firstterm baseform=\"compute node\">compute nodes</firstterm> that run <systemitem class=\"service\">nova-compute</systemitem>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:107(para)
|
||
msgid "Prepare at least three servers; for example, <literal>HostA</literal>, <literal>HostB</literal>, and <literal>HostC</literal>: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:123(para)
|
||
msgid "Ensure that <literal><replaceable>NOVA-INST-DIR</replaceable></literal> (set with <literal>state_path</literal> in the <filename>nova.conf</filename> file) is the same on all hosts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:128(para)
|
||
msgid "In this example, <literal>HostA</literal> is the NFSv4 server that exports <filename><replaceable>NOVA-INST-DIR</replaceable>/instances</filename> directory. <literal>HostB</literal> and <literal>HostC</literal> are NFSv4 clients that mount it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:136(title)
|
||
msgid "To configure your system"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:138(para)
|
||
msgid "Configure your DNS or <filename>/etc/hosts</filename> and ensure it is consistent across all hosts. Make sure that the three hosts can perform name resolution with each other. As a test, use the <placeholder-1/> command to ping each host from one another."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:148(para)
|
||
msgid "Ensure that the UID and GID of your Compute and libvirt users are identical between each of your servers. This ensures that the permissions on the NFS mount works correctly."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:153(para)
|
||
msgid "Export <filename><replaceable>NOVA-INST-DIR</replaceable>/instances</filename> from <literal>HostA</literal>, and have it readable and writable by the Compute user on <literal>HostB</literal> and <literal>HostC</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:156(para)
|
||
msgid "For more information, see: <link href=\"https://help.ubuntu.com/community/SettingUpNFSHowTo\">SettingUpNFSHowTo</link> or <link href=\"http://www.cyberciti.biz/faq/centos-fedora-rhel-nfs-v4-configuration/\">CentOS / Redhat: Setup NFS v4.0 File Server</link>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:163(para)
|
||
msgid "Configure the NFS server at <literal>HostA</literal> by adding the following line to the <filename>/etc/exports</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:165(replaceable) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:180(replaceable) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:185(replaceable) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:191(replaceable) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:195(replaceable)
|
||
msgid "NOVA-INST-DIR"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:166(para)
|
||
msgid "Change the subnet mask (<literal>255.255.0.0</literal>) to the appropriate value to include the IP addresses of <literal>HostB</literal> and <literal>HostC</literal>. Then restart the NFS server:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:174(para)
|
||
msgid "Set the 'execute/search' bit on your shared directory."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:176(para)
|
||
msgid "On both compute nodes, make sure to enable the 'execute/search' bit to allow qemu to be able to use the images within the directories. On all hosts, run the following command:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:183(para)
|
||
msgid "Configure NFS at HostB and HostC by adding the following line to the <filename>/etc/fstab</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:186(para)
|
||
msgid "Ensure that you can mount the exported directory can be mounted:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:188(para)
|
||
msgid "Check that HostA can see the \"<filename><replaceable>NOVA-INST-DIR</replaceable>/instances/</filename>\" directory:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:191(filename) ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:195(filename)
|
||
msgid "<placeholder-1/>/instances/"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:193(para)
|
||
msgid "Perform the same check at HostB and HostC, paying special attention to the permissions (Compute should be able to write):"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:208(para)
|
||
msgid "Update the libvirt configurations so that the calls can be made securely. These methods enable remote access over TCP and are not documented here. Please consult your network administrator for assistance in deciding how to configure access."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:212(para)
|
||
msgid "SSH tunnel to libvirtd's UNIX socket"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:213(para)
|
||
msgid "libvirtd TCP socket, with GSSAPI/Kerberos for auth+data encryption"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:215(para)
|
||
msgid "libvirtd TCP socket, with TLS for encryption and x509 client certs for authentication"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:216(para)
|
||
msgid "libvirtd TCP socket, with TLS for encryption and Kerberos for authentication"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:220(para)
|
||
msgid "Restart libvirt. After you run the command, ensure that libvirt is successfully restarted:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:227(para)
|
||
msgid "Configure your firewall to allow libvirt to communicate between nodes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:229(para)
|
||
msgid "By default, libvirt listens on TCP port 16509, and an ephemeral TCP range from 49152 to 49261 is used for the KVM communications. Based on the secure remote access TCP configuration you chose, be careful choosing what ports you open and understand who has access. For information about ports that are used with libvirt, see <link href=\"http://libvirt.org/remote.html#Remote_libvirtd_configuration\">the libvirt documentation</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:237(para)
|
||
msgid "You can now configure options for live migration. In most cases, you do not need to configure any options. The following chart is for advanced usage only."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:245(title)
|
||
msgid "Enable true live migration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:246(para)
|
||
msgid "By default, the Compute service does not use the libvirt live migration functionality. To enable this functionality, add the following line to the <filename>nova.conf</filename> file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:251(para)
|
||
msgid "The Compute service does not use libvirt's live migration by default because there is a risk that the migration process never ends. This can happen if the guest operating system dirties blocks on the disk faster than they can be migrated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:262(title)
|
||
msgid "Shared storage"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:266(para)
|
||
msgid "<emphasis role=\"bold\">Compatible XenServer hypervisors</emphasis>. For more information, see the <link href=\"http://docs.vmd.citrix.com/XenServer/6.0.0/1.0/en_gb/reference.html#pooling_homogeneity_requirements\">Requirements for Creating Resource Pools</link> section of the <citetitle>XenServer Administrator's Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:275(para)
|
||
msgid "<emphasis role=\"bold\">Shared storage</emphasis>. An NFS export, visible to all XenServer hosts."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:278(para)
|
||
msgid "For the supported NFS versions, see the <link href=\"http://docs.vmd.citrix.com/XenServer/6.0.0/1.0/en_gb/reference.html#id1002701\">NFS VHD</link> section of the <citetitle>XenServer Administrator's Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:285(para)
|
||
msgid "To use shared storage live migration with XenServer hypervisors, the hosts must be joined to a XenServer pool. To create that pool, a host aggregate must be created with special metadata. This metadata is used by the XAPI plug-ins to establish the pool."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:291(title)
|
||
msgid "To use shared storage live migration with XenServer hypervisors"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:294(para)
|
||
msgid "Add an NFS VHD storage to your master XenServer, and set it as default SR. For more information, please refer to the <link href=\"http://docs.vmd.citrix.com/XenServer/6.0.0/1.0/en_gb/reference.html#id1002701\">NFS VHD</link> section in the <citetitle>XenServer Administrator's Guide</citetitle>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:302(para)
|
||
msgid "Configure all the compute nodes to use the default sr for pool operations. Add this line to your <filename>nova.conf</filename> configuration files across your compute nodes:<placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:309(para)
|
||
msgid "Create a host aggregate:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:311(para)
|
||
msgid "The command displays a table that contains the ID of the newly created aggregate."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:313(para)
|
||
msgid "Now add special metadata to the aggregate, to mark it as a hypervisor pool:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:317(para)
|
||
msgid "Make the first compute node part of that aggregate:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:320(para)
|
||
msgid "At this point, the host is part of a XenServer pool."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:324(para)
|
||
msgid "Add additional hosts to the pool:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:327(para)
|
||
msgid "At this point, the added compute node and the host are shut down, to join the host to the XenServer pool. The operation fails, if any server other than the compute node is running/suspended on your host."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:337(title)
|
||
msgid "Block migration"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:341(para)
|
||
msgid "<emphasis role=\"bold\">Compatible XenServer hypervisors</emphasis>. The hypervisors must support the Storage XenMotion feature. See your XenServer manual to make sure your edition has this feature."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:350(para)
|
||
msgid "To use block migration, you must use the CHANGE THIS == <parameter>==block-migrate</parameter> parameter with the live migration command."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-configure-migrations.xml:355(para)
|
||
msgid "Block migration works only with EXT local storage SRs, and the server must not have any volumes attached."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:7(title)
|
||
msgid "Recover from a failed compute node"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:8(para)
|
||
msgid "If you deployed Compute with a shared file system, you can quickly recover from a failed compute node. Of the two methods covered in these sections, evacuating is the preferred method even in the absence of shared storage. Evacuating provides many benefits over manual recovery, such as re-attachment of volumes and floating IPs."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:14(title)
|
||
msgid "Manual recovery"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:15(para)
|
||
msgid "To recover a KVM/libvirt compute node, see the previous section. Use the following procedure for all other hypervisors."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:18(title)
|
||
msgid "Review host information"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:20(para)
|
||
msgid "Identify the VMs on the affected hosts, using tools such as a combination of <literal>nova list</literal> and <literal>nova show</literal> or <literal>euca-describe-instances</literal>. For example, the following output displays information about instance <systemitem>i-000015b9</systemitem> that is running on node <systemitem>np-rcc54</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:29(para)
|
||
msgid "Review the status of the host by querying the Compute database. Some of the important information is highlighted below. The following example converts an EC2 API instance ID into an OpenStack ID; if you used the <literal>nova</literal> commands, you can substitute the ID directly. You can find the credentials for your database in <filename>/etc/nova.conf</filename>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:55(title)
|
||
msgid "Recover the VM"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:57(para)
|
||
msgid "After you have determined the status of the VM on the failed host, decide to which compute host the affected VM should be moved. For example, run the following database command to move the VM to <systemitem>np-rcc46</systemitem>:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:64(para)
|
||
msgid "If using a hypervisor that relies on libvirt (such as KVM), it is a good idea to update the <literal>libvirt.xml</literal> file (found in <literal>/var/lib/nova/instances/[instance ID]</literal>). The important changes to make are:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:71(para)
|
||
msgid "Change the <literal>DHCPSERVER</literal> value to the host IP address of the compute host that is now the VM's new home."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:76(para)
|
||
msgid "Update the VNC IP, if it isn't already updated, to: <literal>0.0.0.0</literal>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:83(para)
|
||
msgid "Reboot the VM:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:87(para)
|
||
msgid "In theory, the above database update and <literal>nova reboot</literal> command are all that is required to recover a VM from a failed host. However, if further problems occur, consider looking at recreating the network filter configuration using <literal>virsh</literal>, restarting the Compute services or updating the <literal>vm_state</literal> and <literal>power_state</literal> in the Compute database."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:95(title)
|
||
msgid "Recover from a UID/GID mismatch"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:96(para)
|
||
msgid "When running OpenStack Compute, using a shared file system or an automated configuration tool, you could encounter a situation where some files on your compute node are using the wrong UID or GID. This causes a number of errors, such as being unable to do live migration or start virtual machines."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:100(para)
|
||
msgid "The following procedure runs on <systemitem class=\"service\">nova-compute</systemitem> hosts, based on the KVM hypervisor, and could help to restore the situation:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:104(title)
|
||
msgid "To recover from a UID/GID mismatch"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:106(para)
|
||
msgid "Ensure you do not use numbers that are already used for some other user/group."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:110(para)
|
||
msgid "Set the nova uid in <filename>/etc/passwd</filename> to the same number in all hosts (for example, 112)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:114(para)
|
||
msgid "Set the libvirt-qemu uid in <filename>/etc/passwd</filename> to the same number in all hosts (for example, 119)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:120(para)
|
||
msgid "Set the nova group in <filename>/etc/group</filename> file to the same number in all hosts (for example, 120)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:126(para)
|
||
msgid "Set the libvirtd group in <filename>/etc/group</filename> file to the same number in all hosts (for example, 119)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:132(para)
|
||
msgid "Stop the services on the compute node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:136(para)
|
||
msgid "Change all the files owned by user <systemitem>nova</systemitem> or by group <systemitem>nova</systemitem>. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:142(para)
|
||
msgid "Repeat the steps for the libvirt-qemu owned files if those needed to change."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:146(para)
|
||
msgid "Restart the services."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:149(para)
|
||
msgid "Now you can run the <placeholder-1/> command to verify that all files using the correct identifiers."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:156(title)
|
||
msgid "Recover cloud after disaster"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:157(para)
|
||
msgid "Use the following procedures to manage your cloud after a disaster, and to easily back up its persistent storage volumes. Backups <emphasis role=\"bold\">are</emphasis> mandatory, even outside of disaster scenarios."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:160(para)
|
||
msgid "For a DRP definition, see <link href=\"http://en.wikipedia.org/wiki/Disaster_Recovery_Plan\">http://en.wikipedia.org/wiki/Disaster_Recovery_Plan</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:164(title)
|
||
msgid "Disaster recovery example"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:165(para)
|
||
msgid "A disaster could happen to several components of your architecture (for example, a disk crash, a network loss, or a power cut). In this example, the following components are configured:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:170(para)
|
||
msgid "A cloud controller (<systemitem>nova-api</systemitem>, <systemitem>nova-objectstore</systemitem>, <systemitem>nova-network</systemitem>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:175(para)
|
||
msgid "A compute node (<systemitem class=\"service\">nova-compute</systemitem>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:180(para)
|
||
msgid "A Storage Area Network (SAN) used by OpenStack Block Storage (<systemitem class=\"service\">cinder-volumes</systemitem>)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:184(para)
|
||
msgid "The worst disaster for a cloud is a power loss, which applies to all three components. Before a power loss:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:188(para)
|
||
msgid "From the SAN to the cloud controller, we have an active iSCSI session (used for the \"cinder-volumes\" LVM's VG)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:192(para)
|
||
msgid "From the cloud controller to the compute node, we also have active iSCSI sessions (managed by <systemitem class=\"service\">cinder-volume</systemitem>)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:197(para)
|
||
msgid "For every volume, an iSCSI session is made (so 14 ebs volumes equals 14 sessions)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:201(para)
|
||
msgid "From the cloud controller to the compute node, we also have iptables/ ebtables rules, which allow access from the cloud controller to the running instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:206(para)
|
||
msgid "And at least, from the cloud controller to the compute node; saved into database, the current state of the instances (in that case \"running\" ), and their volumes attachment (mount point, volume ID, volume status, and so on.)"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:212(para)
|
||
msgid "After the power loss occurs and all hardware components restart:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:215(para)
|
||
msgid "From the SAN to the cloud, the iSCSI session no longer exists."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:218(para)
|
||
msgid "From the cloud controller to the compute node, the iSCSI sessions no longer exist."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:222(para)
|
||
msgid "From the cloud controller to the compute node, the iptables and ebtables are recreated, since at boot, <systemitem>nova-network</systemitem> reapplies configurations."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:227(para)
|
||
msgid "From the cloud controller, instances are in a shutdown state (because they are no longer running)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:231(para)
|
||
msgid "In the database, data was not updated at all, since Compute could not have anticipated the crash."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:235(para)
|
||
msgid "Before going further, and to prevent the administrator from making fatal mistakes,<emphasis role=\"bold\"> instances won't be lost</emphasis>, because no \"<placeholder-1/>\" or \"<placeholder-2/>\" command was invoked, so the files for the instances remain on the compute node."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:240(para)
|
||
msgid "Do not add any extra steps at this stage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:239(para)
|
||
msgid "Perform these tasks in the following order. <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:244(para)
|
||
msgid "Get the current relation from a volume to its instance, so that you can recreate the attachment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:249(para)
|
||
msgid "Update the database to clean the stalled state. (After that, you cannot perform the first step)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:254(para)
|
||
msgid "Restart the instances. In other words, go from a shutdown to running state."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:259(para)
|
||
msgid "After the restart, reattach the volumes to their respective instances (optional)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:263(para)
|
||
msgid "SSH into the instances to reboot them."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:269(title)
|
||
msgid "Recover after a disaster"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:271(title)
|
||
msgid "To perform disaster recovery"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:273(title)
|
||
msgid "Get the instance-to-volume relationship"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:275(para)
|
||
msgid "You must determine the current relationship from a volume to its instance, because you will re-create the attachment."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:277(para)
|
||
msgid "You can find this relationship by running <placeholder-1/>. Note that the <placeholder-2/> client includes the ability to get volume information from OpenStack Block Storage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:283(title)
|
||
msgid "Update the database"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:284(para)
|
||
msgid "Update the database to clean the stalled state. You must restore for every volume, using these queries to clean up the database:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:291(para)
|
||
msgid "You can then run <placeholder-1/> commands to list all volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:295(title)
|
||
msgid "Restart instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:297(replaceable)
|
||
msgid "$instance"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:296(para)
|
||
msgid "Restart the instances using the <placeholder-1/> command."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:298(para)
|
||
msgid "At this stage, depending on your image, some instances completely reboot and become reachable, while others stop on the \"plymouth\" stage."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:303(title)
|
||
msgid "DO NOT reboot a second time"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:304(para)
|
||
msgid "Do not reboot instances that are stopped at this point. Instance state depends on whether you added an <filename>/etc/fstab</filename> entry for that volume. Images built with the <package>cloud-init</package> package remain in a pending state, while others skip the missing volume and start. The idea of that stage is only to ask Compute to reboot every instance, so the stored state is preserved. For more information about <package>cloud-init</package>, see <link href=\"https://help.ubuntu.com/community/CloudInit\">help.ubuntu.com/community/CloudInit</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:315(title)
|
||
msgid "Reattach volumes"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:316(para)
|
||
msgid "After the restart, and Compute has restored the right status, you can reattach the volumes to their respective instances using the <placeholder-1/> command. The following snippet uses a file of listed volumes to reattach them:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:330(para)
|
||
msgid "At this stage, instances that were pending on the boot sequence (<application>plymouth</application>) automatically continue their boot, and restart normally, while the ones that booted see the volume."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:335(title)
|
||
msgid "SSH into instances"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:336(para)
|
||
msgid "If some services depend on the volume, or if a volume has an entry into <systemitem>fstab</systemitem>, you should now simply restart the instance. This restart needs to be made from the instance itself, not through <placeholder-1/>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:340(para)
|
||
msgid "SSH into the instance and perform a reboot:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:344(para)
|
||
msgid "By completing this procedure, you can successfully recover your cloud."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:347(para)
|
||
msgid "Follow these guidelines:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:350(para)
|
||
msgid "Use the <parameter> errors=remount</parameter> parameter in the <filename>fstab</filename> file, which prevents data corruption."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:353(para)
|
||
msgid "The system locks any write to the disk if it detects an I/O error. This configuration option should be added into the <systemitem class=\"service\">cinder-volume</systemitem> server (the one which performs the iSCSI connection to the SAN), but also into the instances' <filename>fstab</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:360(para)
|
||
msgid "Do not add the entry for the SAN's disks to the <systemitem class=\"service\">cinder-volume</systemitem>'s <filename>fstab</filename> file."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:363(para)
|
||
msgid "Some systems hang on that step, which means you could lose access to your cloud-controller. To re-run the session manually, run the following command before performing the mount: <placeholder-1/>"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:369(para)
|
||
msgid "For your instances, if you have the whole <filename>/home/</filename> directory on the disk, leave a user's directory with the user's bash files and the <filename>authorized_keys</filename> file (instead of emptying the <filename>/home</filename> directory and mapping the disk on it)."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:374(para)
|
||
msgid "This enables you to connect to the instance, even without the volume attached, if you allow only connections through public keys."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:381(title)
|
||
msgid "Script the DRP"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:382(para)
|
||
msgid "You can download from <link href=\"https://github.com/Razique/BashStuff/blob/master/SYSTEMS/OpenStack/SCR_5006_V00_NUAC-OPENSTACK-DRP-OpenStack.sh\">here</link> a bash script which performs the following steps:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:386(para)
|
||
msgid "An array is created for instances and their attached volumes."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:387(para)
|
||
msgid "The MySQL database is updated."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:388(para)
|
||
msgid "Using <systemitem>euca2ools</systemitem>, all instances are restarted."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:389(para)
|
||
msgid "The volume attachment is made."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:390(para)
|
||
msgid "An SSH connection is performed into every instance using Compute credentials."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:392(para)
|
||
msgid "The \"test mode\" allows you to perform that whole sequence for only one instance."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:395(para)
|
||
msgid "To reproduce the power loss, connect to the compute node which runs that same instance and close the iSCSI session. Do not detach the volume using the <placeholder-1/> command; instead, manually close the iSCSI session. For the following example command uses an iSCSI session with the number 15:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/compute/section_compute-recover-nodes.xml:400(para)
|
||
msgid "Do not forget the <literal>-r</literal> flag. Otherwise, you close ALL sessions."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:7(title)
|
||
msgid "Image properties and property protection"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:8(para)
|
||
msgid "An image property is a key and value pair that the cloud administrator or the image owner attaches to an OpenStack Image Service image, as follows:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:14(para)
|
||
msgid "The cloud administrator defines <emphasis role=\"italic\">core</emphasis> properties, such as the image name."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:19(para)
|
||
msgid "The cloud administrator and the image owner can define <emphasis role=\"italic\">additional</emphasis> properties, such as licensing and billing information."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:25(para)
|
||
msgid "The cloud administrator can configure any property as <firstterm>protected</firstterm>, which limits which policies or user roles can perform CRUD operations on that property. Protected properties are generally additional properties to which only cloud administrators have access."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:30(para)
|
||
msgid "For unprotected image properties, the cloud administrator can manage core properties and the image owner can manage additional properties."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:34(title)
|
||
msgid "To configure property protection"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:35(para)
|
||
msgid "To configure property protection, the cloud administrator completes these steps:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:38(para)
|
||
msgid "Define roles or policies in the <filename>policy.json</filename> file. To view a sample configuration file, see <link href=\"http://docs.openstack.org/trunk/config-reference/content/section_glance-policy.json.html\">policy.json</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:45(para)
|
||
msgid "Define which roles or policies can manage which properties in a property protections configuration file. For example:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:67(para)
|
||
msgid "A value of <literal>@</literal> allows the corresponding operation for a property."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:71(para)
|
||
msgid "A value of <literal>!</literal> disallows the corresponding operation for a property."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:77(para)
|
||
msgid "In the <filename>glance-api.conf</filename> file, define the location of a property protections configuration file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:81(para)
|
||
msgid "This file contains the rules for property protections and the roles and policies associated with it."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:83(para)
|
||
msgid "By default, property protections are not enforced."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:84(para)
|
||
msgid "If you specify a file name value and the file is not found, the <systemitem role=\"service\">glance-api</systemitem> service does not start."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:87(para) ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:97(para)
|
||
msgid "To view a sample configuration file, see <link href=\"http://docs.openstack.org/trunk/config-reference/content/section_glance-api.conf.html\">glance-api.conf</link>."
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:92(para)
|
||
msgid "Optionally, in the <filename>glance-api.conf</filename> file, specify whether roles or policies are used in the property protections configuration file:"
|
||
msgstr ""
|
||
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:96(para)
|
||
msgid "The default is <literal>roles</literal>."
|
||
msgstr ""
|
||
|
||
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
|
||
#: ./doc/admin-guide-cloud/image/section_glance-property-protection.xml:0(None)
|
||
msgid "translator-credits"
|
||
msgstr ""
|
||
|