# SOME DESCRIPTIVE TITLE. # Copyright (C) 2015-2017, OpenStack contributors # This file is distributed under the same license as the Installation Guide package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: Installation Guide 15.0\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-02-08 07:40+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #: ../additional-services.rst:5 msgid "Additional services" msgstr "" #: ../additional-services.rst:7 msgid "" "Installation and configuration of additional OpenStack services is " "documented in separate, project-specific installation guides." msgstr "" #: ../additional-services.rst:11 msgid "Bare Metal service (ironic)" msgstr "" #: ../additional-services.rst:13 msgid "" "The Bare Metal service is a collection of components that provides support " "to manage and provision physical machines." msgstr "" #: ../additional-services.rst:16 msgid "" "Installation and configuration is documented in the `Bare Metal installation " "guide `_." msgstr "" #: ../additional-services.rst:21 msgid "Container Infrastructure Management service (magnum)" msgstr "" #: ../additional-services.rst:23 msgid "" "The Container Infrastructure Management service (magnum) is an OpenStack API " "service making container orchestration engines (COE) such as Docker Swarm, " "Kubernetes and Mesos available as first class resources in OpenStack." msgstr "" #: ../additional-services.rst:27 msgid "" "Installation and configuration is documented in the `Container " "Infrastructure Management installation guide `_." msgstr "" #: ../additional-services.rst:32 msgid "Database service (trove)" msgstr "" #: ../additional-services.rst:34 msgid "" "The Database service (trove) provides cloud provisioning functionality for " "database engines." msgstr "" #: ../additional-services.rst:37 msgid "" "Installation and configuration is documented in the `Database installation " "guide `_." msgstr "" #: ../additional-services.rst:42 msgid "DNS service (designate)" msgstr "" #: ../additional-services.rst:44 msgid "" "The DNS service (designate) provides cloud provisioning functionality for " "DNS Zones and Recordsets." msgstr "" #: ../additional-services.rst:47 msgid "" "Installation and configuration is documented in the `DNS installation guide " "`_." msgstr "" #: ../additional-services.rst:52 msgid "Key Manager service (barbican)" msgstr "" #: ../additional-services.rst:54 msgid "" "The Key Manager service provides a RESTful API for the storage and " "provisioning of secret data such as passphrases, encryption keys, and X.509 " "certificates." msgstr "" #: ../additional-services.rst:57 msgid "" "Installation and configuration is documented in the `Key Manager " "installation guide `_." msgstr "" #: ../additional-services.rst:62 msgid "Messaging service (zaqar)" msgstr "" #: ../additional-services.rst:64 msgid "" "The Messaging service allows developers to share data between distributed " "application components performing different tasks, without losing messages " "or requiring each component to be always available." msgstr "" #: ../additional-services.rst:68 msgid "" "Installation and configuration is documented in the `Messaging installation " "guide `_." msgstr "" #: ../additional-services.rst:73 msgid "Object Storage services (swift)" msgstr "" #: ../additional-services.rst:75 msgid "" "The Object Storage services (swift) work together to provide object storage " "and retrieval through a REST API." msgstr "" #: ../additional-services.rst:78 msgid "" "Installation and configuration is documented in the `Object Storage " "installation guide `_." msgstr "" #: ../additional-services.rst:83 msgid "Orchestration service (heat)" msgstr "" #: ../additional-services.rst:85 msgid "" "The Orchestration service (heat) uses a `Heat Orchestration Template (HOT) " "`_ " "to create and manage cloud resources." msgstr "" #: ../additional-services.rst:90 msgid "" "Installation and configuration is documented in the `Orchestration " "installation guide `_." msgstr "" #: ../additional-services.rst:95 msgid "Shared File Systems service (manila)" msgstr "" #: ../additional-services.rst:97 msgid "" "The Shared File Systems service (manila) provides coordinated access to " "shared or distributed file systems." msgstr "" #: ../additional-services.rst:100 msgid "" "Installation and configuration is documented in the `Shared File Systems " "installation guide `_." msgstr "" #: ../additional-services.rst:105 msgid "Telemetry Alarming services (aodh)" msgstr "" #: ../additional-services.rst:107 msgid "" "The Telemetry Alarming services trigger alarms when the collected metering " "or event data break the defined rules." msgstr "" #: ../additional-services.rst:110 msgid "" "Installation and configuration is documented in the `Telemetry Alarming " "installation guide `_." msgstr "" #: ../additional-services.rst:115 msgid "Telemetry Data Collection service (ceilometer)" msgstr "" #: ../additional-services.rst:117 msgid "The Telemetry Data Collection services provide the following functions:" msgstr "" #: ../additional-services.rst:119 msgid "Efficiently polls metering data related to OpenStack services." msgstr "" #: ../additional-services.rst:120 msgid "" "Collects event and metering data by monitoring notifications sent from " "services." msgstr "" #: ../additional-services.rst:122 msgid "" "Publishes collected data to various targets including data stores and " "message queues." msgstr "" #: ../additional-services.rst:125 msgid "" "Installation and configuration is documented in the `Telemetry Data " "Collection installation guide `_." msgstr "" #: ../cinder-backup-install.rst:6 msgid "Install and configure the backup service" msgstr "" #: ../cinder-backup-install.rst:8 msgid "" "Optionally, install and configure the backup service. For simplicity, this " "configuration uses the Block Storage node and the Object Storage (swift) " "driver, thus depending on the `Object Storage service `_." msgstr "" #: ../cinder-backup-install.rst:15 msgid "" "You must :ref:`install and configure a storage node ` prior " "to installing and configuring the backup service." msgstr "" #: ../cinder-backup-install.rst:19 ../cinder-controller-install.rst:270 #: ../cinder-storage-install.rst:165 ../environment-memcached.rst:10 #: ../environment-messaging.rst:18 ../environment-ntp-controller.rst:9 #: ../environment-ntp-other.rst:10 ../environment-sql-database.rst:24 #: ../glance-install.rst:187 ../horizon-install.rst:20 #: ../keystone-install.rst:78 ../nova-compute-install.rst:25 #: ../nova-controller-install.rst:290 msgid "Install and configure components" msgstr "" #: ../cinder-backup-install.rst:23 msgid "Perform these steps on the Block Storage node." msgstr "" #: ../cinder-backup-install.rst:27 ../cinder-backup-install.rst:39 #: ../cinder-backup-install.rst:51 ../cinder-controller-install.rst:274 #: ../cinder-controller-install.rst:286 ../cinder-controller-install.rst:298 #: ../cinder-storage-install.rst:169 ../cinder-storage-install.rst:181 #: ../cinder-storage-install.rst:193 ../environment-memcached.rst:12 #: ../environment-ntp-controller.rst:11 ../environment-ntp-other.rst:12 #: ../environment-sql-database.rst:26 ../glance-install.rst:209 #: ../glance-install.rst:222 ../glance-install.rst:234 #: ../horizon-install.rst:26 ../horizon-install.rst:38 #: ../horizon-install.rst:50 ../horizon-install.rst:62 #: ../nova-compute-install.rst:31 ../nova-compute-install.rst:43 #: ../nova-compute-install.rst:55 ../nova-controller-install.rst:296 #: ../nova-controller-install.rst:311 ../nova-controller-install.rst:325 #: ../nova-controller-install.rst:338 msgid "Install the packages:" msgstr "" #: ../cinder-backup-install.rst:61 ../cinder-controller-install.rst:308 #: ../cinder-storage-install.rst:203 msgid "" "Edit the ``/etc/cinder/cinder.conf`` file and complete the following actions:" msgstr "" #: ../cinder-backup-install.rst:64 msgid "In the ``[DEFAULT]`` section, configure backup options:" msgstr "" #: ../cinder-backup-install.rst:76 msgid "" "Replace ``SWIFT_URL`` with the URL of the Object Storage service. The URL " "can be found by showing the object-store API endpoints:" msgstr "" #: ../cinder-backup-install.rst:86 ../cinder-controller-install.rst:430 #: ../cinder-storage-install.rst:376 ../environment-memcached.rst:105 #: ../environment-sql-database.rst:148 ../glance-install.rst:373 #: ../horizon-install.rst:523 ../neutron-compute-install.rst:171 #: ../neutron-controller-install.rst:281 ../nova-compute-install.rst:336 #: ../nova-controller-install.rst:681 msgid "Finalize installation" msgstr "" #: ../cinder-backup-install.rst:90 msgid "" "Start the Block Storage backup service and configure it to start when the " "system boots:" msgstr "" #: ../cinder-backup-install.rst:104 msgid "Restart the Block Storage backup service:" msgstr "" #: ../cinder-controller-install.rst:4 ../neutron-controller-install.rst:2 #: ../nova-controller-install.rst:2 msgid "Install and configure controller node" msgstr "" #: ../cinder-controller-install.rst:6 msgid "" "This section describes how to install and configure the Block Storage " "service, code-named cinder, on the controller node. This service requires at " "least one additional storage node that provides volumes to instances." msgstr "" #: ../cinder-controller-install.rst:12 ../cinder-storage-install.rst:19 #: ../environment-packages.rst:40 ../glance-install.rst:9 #: ../keystone-install.rst:12 ../neutron-controller-install.rst:5 #: ../nova-controller-install.rst:8 msgid "Prerequisites" msgstr "" #: ../cinder-controller-install.rst:14 msgid "" "Before you install and configure the Block Storage service, you must create " "a database, service credentials, and API endpoints." msgstr "" #: ../cinder-controller-install.rst:17 ../glance-install.rst:14 #: ../neutron-controller-install.rst:10 msgid "To create the database, complete these steps:" msgstr "" #: ../cinder-controller-install.rst:21 ../cinder-controller-install.rst:34 #: ../glance-install.rst:18 ../glance-install.rst:31 ../keystone-install.rst:28 #: ../keystone-install.rst:41 ../neutron-controller-install.rst:14 #: ../neutron-controller-install.rst:27 ../nova-controller-install.rst:17 #: ../nova-controller-install.rst:30 msgid "" "Use the database access client to connect to the database server as the " "``root`` user:" msgstr "" #: ../cinder-controller-install.rst:45 msgid "Create the ``cinder`` database:" msgstr "" #: ../cinder-controller-install.rst:53 msgid "Grant proper access to the ``cinder`` database:" msgstr "" #: ../cinder-controller-install.rst:64 msgid "Replace ``CINDER_DBPASS`` with a suitable password." msgstr "" #: ../cinder-controller-install.rst:66 ../glance-install.rst:63 #: ../keystone-install.rst:73 ../neutron-controller-install.rst:58 #: ../nova-controller-install.rst:74 msgid "Exit the database access client." msgstr "" #: ../cinder-controller-install.rst:68 ../cinder-verify.rst:12 #: ../glance-install.rst:65 ../glance-verify.rst:19 #: ../neutron-controller-install.rst:60 ../neutron-verify.rst:8 #: ../nova-controller-install.rst:76 ../nova-verify.rst:10 msgid "" "Source the ``admin`` credentials to gain access to admin-only CLI commands:" msgstr "" #: ../cinder-controller-install.rst:77 ../glance-install.rst:74 #: ../neutron-controller-install.rst:69 msgid "To create the service credentials, complete these steps:" msgstr "" #: ../cinder-controller-install.rst:79 msgid "Create a ``cinder`` user:" msgstr "" #: ../cinder-controller-install.rst:100 msgid "Add the ``admin`` role to the ``cinder`` user:" msgstr "" #: ../cinder-controller-install.rst:110 ../glance-install.rst:108 #: ../keystone-users.rst:109 ../launch-instance-cinder.rst:91 #: ../launch-instance-selfservice.rst:260 ../neutron-controller-install.rst:102 #: ../nova-controller-install.rst:118 ../nova-controller-install.rst:223 msgid "This command provides no output." msgstr "" #: ../cinder-controller-install.rst:112 msgid "Create the ``cinderv2`` and ``cinderv3`` service entities:" msgstr "" #: ../cinder-controller-install.rst:150 msgid "The Block Storage services require two service entities." msgstr "" #: ../cinder-controller-install.rst:152 msgid "Create the Block Storage service API endpoints:" msgstr "" #: ../cinder-controller-install.rst:266 msgid "The Block Storage services require endpoints for each service entity." msgstr "" #: ../cinder-controller-install.rst:311 ../cinder-storage-install.rst:206 #: ../glance-install.rst:247 ../glance-install.rst:310 #: ../keystone-install.rst:155 ../neutron-controller-install-option1.rst:60 #: ../neutron-controller-install-option2.rst:62 msgid "In the ``[database]`` section, configure database access:" msgstr "" #: ../cinder-controller-install.rst:322 ../cinder-storage-install.rst:217 msgid "" "Replace ``CINDER_DBPASS`` with the password you chose for the Block Storage " "database." msgstr "" #: ../cinder-controller-install.rst:325 ../cinder-storage-install.rst:220 #: ../neutron-compute-install.rst:65 #: ../neutron-controller-install-option1.rst:92 #: ../neutron-controller-install-option2.rst:95 ../nova-compute-install.rst:111 #: ../nova-controller-install.rst:401 msgid "" "In the ``[DEFAULT]`` section, configure ``RabbitMQ`` message queue access:" msgstr "" #: ../cinder-controller-install.rst:337 ../cinder-storage-install.rst:232 #: ../nova-compute-install.rst:123 ../nova-controller-install.rst:413 msgid "" "Replace ``RABBIT_PASS`` with the password you chose for the ``openstack`` " "account in ``RabbitMQ``." msgstr "" #: ../cinder-controller-install.rst:340 ../cinder-storage-install.rst:235 #: ../neutron-compute-install.rst:80 #: ../neutron-controller-install-option1.rst:107 #: ../neutron-controller-install-option2.rst:110 msgid "" "In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections, configure " "Identity service access:" msgstr "" #: ../cinder-controller-install.rst:364 ../cinder-storage-install.rst:259 msgid "" "Replace ``CINDER_PASS`` with the password you chose for the ``cinder`` user " "in the Identity service." msgstr "" #: ../cinder-controller-install.rst:369 ../cinder-storage-install.rst:264 #: ../glance-install.rst:290 ../glance-install.rst:353 #: ../neutron-compute-install.rst:109 #: ../neutron-controller-install-option1.rst:136 #: ../neutron-controller-install-option2.rst:139 #: ../nova-compute-install.rst:155 ../nova-controller-install.rst:445 msgid "" "Comment out or remove any other options in the ``[keystone_authtoken]`` " "section." msgstr "" #: ../cinder-controller-install.rst:372 ../nova-controller-install.rst:448 msgid "" "In the ``[DEFAULT]`` section, configure the ``my_ip`` option to use the " "management interface IP address of the controller node:" msgstr "" #: ../cinder-controller-install.rst:386 ../cinder-storage-install.rst:351 #: ../neutron-compute-install.rst:114 #: ../neutron-controller-install-option1.rst:168 #: ../neutron-controller-install-option2.rst:171 #: ../nova-compute-install.rst:260 ../nova-compute-install.rst:275 #: ../nova-controller-install.rst:525 ../nova-controller-install.rst:540 #: ../nova-controller-install.rst:555 msgid "In the ``[oslo_concurrency]`` section, configure the lock path:" msgstr "" #: ../cinder-controller-install.rst:401 msgid "Populate the Block Storage database:" msgstr "" #: ../cinder-controller-install.rst:411 ../glance-install.rst:368 #: ../nova-controller-install.rst:639 msgid "Ignore any deprecation messages in this output." msgstr "" #: ../cinder-controller-install.rst:416 msgid "Configure Compute to use Block Storage" msgstr "" #: ../cinder-controller-install.rst:418 msgid "Edit the ``/etc/nova/nova.conf`` file and add the following to it:" msgstr "" #: ../cinder-controller-install.rst:434 ../cinder-controller-install.rst:456 #: ../neutron-controller-install.rst:316 ../neutron-controller-install.rst:366 #: ../neutron-controller-install.rst:419 msgid "Restart the Compute API service:" msgstr "" #: ../cinder-controller-install.rst:442 msgid "" "Start the Block Storage services and configure them to start when the system " "boots:" msgstr "" #: ../cinder-controller-install.rst:464 msgid "Restart the Block Storage services:" msgstr "" #: ../cinder-next-steps.rst:5 ../horizon-next-steps.rst:3 #: ../neutron-next-steps.rst:3 msgid "Next steps" msgstr "" #: ../cinder-next-steps.rst:7 msgid "" "Your OpenStack environment now includes Block Storage. You can :doc:`launch " "an instance ` or add more services to your environment in " "the following chapters." msgstr "" #: ../cinder-storage-install.rst:4 msgid "Install and configure a storage node" msgstr "" #: ../cinder-storage-install.rst:6 msgid "" "This section describes how to install and configure storage nodes for the " "Block Storage service. For simplicity, this configuration references one " "storage node with an empty local block storage device. The instructions use " "``/dev/sdb``, but you can substitute a different value for your particular " "node." msgstr "" #: ../cinder-storage-install.rst:12 msgid "" "The service provisions logical volumes on this device using the :term:`LVM " "` driver and provides them to instances via :" "term:`iSCSI ` transport. You can follow these " "instructions with minor modifications to horizontally scale your environment " "with additional storage nodes." msgstr "" #: ../cinder-storage-install.rst:21 msgid "" "Before you install and configure the Block Storage service on the storage " "node, you must prepare the storage device." msgstr "" #: ../cinder-storage-install.rst:26 msgid "Perform these steps on the storage node." msgstr "" #: ../cinder-storage-install.rst:28 msgid "Install the supporting utility packages:" msgstr "" #: ../cinder-storage-install.rst:32 ../cinder-storage-install.rst:53 msgid "Install the LVM packages:" msgstr "" #: ../cinder-storage-install.rst:40 msgid "" "(Optional) If you intend to use non-raw image types such as QCOW2 and VMDK, " "install the QEMU package:" msgstr "" #: ../cinder-storage-install.rst:61 msgid "" "Start the LVM metadata service and configure it to start when the system " "boots:" msgstr "" #: ../cinder-storage-install.rst:85 msgid "Some distributions include LVM by default." msgstr "" #: ../cinder-storage-install.rst:87 msgid "Create the LVM physical volume ``/dev/sdb``:" msgstr "" #: ../cinder-storage-install.rst:97 msgid "Create the LVM volume group ``cinder-volumes``:" msgstr "" #: ../cinder-storage-install.rst:107 msgid "The Block Storage service creates logical volumes in this volume group." msgstr "" #: ../cinder-storage-install.rst:109 msgid "" "Only instances can access Block Storage volumes. However, the underlying " "operating system manages the devices associated with the volumes. By " "default, the LVM volume scanning tool scans the ``/dev`` directory for block " "storage devices that contain volumes. If projects use LVM on their volumes, " "the scanning tool detects these volumes and attempts to cache them which can " "cause a variety of problems with both the underlying operating system and " "project volumes. You must reconfigure LVM to scan only the devices that " "contain the ``cinder-volumes`` volume group. Edit the ``/etc/lvm/lvm.conf`` " "file and complete the following actions:" msgstr "" #: ../cinder-storage-install.rst:120 msgid "" "In the ``devices`` section, add a filter that accepts the ``/dev/sdb`` " "device and rejects all other devices:" msgstr "" #: ../cinder-storage-install.rst:132 msgid "" "Each item in the filter array begins with ``a`` for **accept** or ``r`` for " "**reject** and includes a regular expression for the device name. The array " "must end with ``r/.*/`` to reject any remaining devices. You can use the :" "command:`vgs -vvvv` command to test filters." msgstr "" #: ../cinder-storage-install.rst:140 msgid "" "If your storage nodes use LVM on the operating system disk, you must also " "add the associated device to the filter. For example, if the ``/dev/sda`` " "device contains the operating system:" msgstr "" #: ../cinder-storage-install.rst:151 msgid "" "Similarly, if your compute nodes use LVM on the operating system disk, you " "must also modify the filter in the ``/etc/lvm/lvm.conf`` file on those nodes " "to include only the operating system disk. For example, if the ``/dev/sda`` " "device contains the operating system:" msgstr "" #: ../cinder-storage-install.rst:267 ../nova-compute-install.rst:182 msgid "In the ``[DEFAULT]`` section, configure the ``my_ip`` option:" msgstr "" #: ../cinder-storage-install.rst:278 msgid "" "Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the " "management network interface on your storage node, typically 10.0.0.41 for " "the first node in the :ref:`example architecture `." msgstr "" #: ../cinder-storage-install.rst:285 msgid "" "In the ``[lvm]`` section, configure the LVM back end with the LVM driver, " "``cinder-volumes`` volume group, iSCSI protocol, and appropriate iSCSI " "service:" msgstr "" #: ../cinder-storage-install.rst:305 msgid "" "In the ``[lvm]`` section, configure the LVM back end with the LVM driver, " "``cinder-volumes`` volume group, iSCSI protocol, and appropriate iSCSI " "service. If the ``[lvm]`` section does not exist, create it:" msgstr "" #: ../cinder-storage-install.rst:323 msgid "In the ``[DEFAULT]`` section, enable the LVM back end:" msgstr "" #: ../cinder-storage-install.rst:336 msgid "" "Back-end names are arbitrary. As an example, this guide uses the name of the " "driver as the name of the back end." msgstr "" #: ../cinder-storage-install.rst:339 msgid "" "In the ``[DEFAULT]`` section, configure the location of the Image service " "API:" msgstr "" #: ../cinder-storage-install.rst:364 msgid "" "Create the ``/etc/tgt/conf.d/cinder.conf`` file with the following data:" msgstr "" #: ../cinder-storage-install.rst:380 ../cinder-storage-install.rst:394 msgid "" "Start the Block Storage volume service including its dependencies and " "configure them to start when the system boots:" msgstr "" #: ../cinder-storage-install.rst:408 msgid "Restart the Block Storage volume service including its dependencies:" msgstr "" #: ../cinder-verify.rst:4 ../environment-ntp-verify.rst:4 #: ../glance-verify.rst:2 ../horizon-verify.rst:2 ../keystone-verify.rst:2 #: ../launch-instance-networks-selfservice.rst:243 ../neutron-verify.rst:2 #: ../nova-verify.rst:2 msgid "Verify operation" msgstr "" #: ../cinder-verify.rst:6 msgid "Verify operation of the Block Storage service." msgstr "" #: ../cinder-verify.rst:10 ../glance-verify.rst:17 ../keystone-verify.rst:9 #: ../neutron-verify.rst:6 ../nova-verify.rst:8 msgid "Perform these commands on the controller node." msgstr "" #: ../cinder-verify.rst:21 msgid "List service components to verify successful launch of each process:" msgstr "" #: ../cinder.rst:5 msgid "Block Storage service" msgstr "" #: ../cinder.rst:15 msgid "" "The Block Storage service (cinder) provides block storage devices to guest " "instances. The method in which the storage is provisioned and consumed is " "determined by the Block Storage driver, or drivers in the case of a multi-" "backend configuration. There are a variety of drivers that are available: " "NAS/SAN, NFS, iSCSI, Ceph, and more." msgstr "" #: ../cinder.rst:21 msgid "" "The Block Storage API and scheduler services typically run on the controller " "nodes. Depending upon the drivers used, the volume service can run on " "controller nodes, compute nodes, or standalone storage nodes." msgstr "" #: ../cinder.rst:25 msgid "" "For more information, see the `Configuration Reference `_." msgstr "" #: ../environment-memcached.rst:2 msgid "Memcached" msgstr "" #: ../environment-memcached.rst:4 msgid "" "The Identity service authentication mechanism for services uses Memcached to " "cache tokens. The memcached service typically runs on the controller node. " "For production deployments, we recommend enabling a combination of " "firewalling, authentication, and encryption to secure it." msgstr "" #: ../environment-memcached.rst:46 msgid "" "Edit the ``/etc/memcached.conf`` file and configure the service to use the " "management IP address of the controller node. This is to enable access by " "other nodes via the management network:" msgstr "" #: ../environment-memcached.rst:58 msgid "Change the existing line that had ``-l 127.0.0.1``." msgstr "" #: ../environment-memcached.rst:64 ../environment-memcached.rst:85 msgid "" "Edit the ``/etc/sysconfig/memcached`` file and complete the following " "actions:" msgstr "" #: ../environment-memcached.rst:67 ../environment-memcached.rst:88 msgid "" "Configure the service to use the management IP address of the controller " "node. This is to enable access by other nodes via the management network:" msgstr "" #: ../environment-memcached.rst:79 msgid "Change the existing line ``OPTIONS=\"-l 127.0.0.1,::1\"``." msgstr "" #: ../environment-memcached.rst:100 msgid "Change the existing line ``MEMCACHED_PARAMS=\"-l 127.0.0.1,::1\"``." msgstr "" #: ../environment-memcached.rst:109 msgid "Restart the Memcached service:" msgstr "" #: ../environment-memcached.rst:121 msgid "" "Start the Memcached service and configure it to start when the system boots:" msgstr "" #: ../environment-messaging.rst:2 msgid "Message queue" msgstr "" #: ../environment-messaging.rst:4 msgid "" "OpenStack uses a :term:`message queue` to coordinate operations and status " "information among services. The message queue service typically runs on the " "controller node. OpenStack supports several message queue services including " "`RabbitMQ `__, `Qpid `__, " "and `ZeroMQ `__. However, most distributions that package " "OpenStack support a particular message queue service. This guide implements " "the RabbitMQ message queue service because most distributions support it. If " "you prefer to implement a different message queue service, consult the " "documentation associated with it." msgstr "" #: ../environment-messaging.rst:15 msgid "The message queue runs on the controller node." msgstr "" #: ../environment-messaging.rst:20 msgid "Install the package:" msgstr "" #: ../environment-messaging.rst:54 msgid "" "Start the message queue service and configure it to start when the system " "boots:" msgstr "" #: ../environment-messaging.rst:64 ../environment-messaging.rst:91 msgid "Add the ``openstack`` user:" msgstr "" #: ../environment-messaging.rst:74 ../environment-messaging.rst:101 msgid "Replace ``RABBIT_PASS`` with a suitable password." msgstr "" #: ../environment-messaging.rst:76 ../environment-messaging.rst:103 msgid "" "Permit configuration, write, and read access for the ``openstack`` user:" msgstr "" #: ../environment-networking-compute.rst:2 msgid "Compute node" msgstr "" #: ../environment-networking-compute.rst:5 #: ../environment-networking-controller.rst:5 #: ../environment-networking-storage-cinder.rst:8 msgid "Configure network interfaces" msgstr "" #: ../environment-networking-compute.rst:7 #: ../environment-networking-controller.rst:7 msgid "Configure the first interface as the management interface:" msgstr "" #: ../environment-networking-compute.rst:9 msgid "IP address: 10.0.0.31" msgstr "" #: ../environment-networking-compute.rst:11 #: ../environment-networking-controller.rst:11 msgid "Network mask: 255.255.255.0 (or /24)" msgstr "" #: ../environment-networking-compute.rst:13 #: ../environment-networking-controller.rst:13 msgid "Default gateway: 10.0.0.1" msgstr "" #: ../environment-networking-compute.rst:17 msgid "Additional compute nodes should use 10.0.0.32, 10.0.0.33, and so on." msgstr "" #: ../environment-networking-compute.rst:19 #: ../environment-networking-controller.rst:15 msgid "" "The provider interface uses a special configuration without an IP address " "assigned to it. Configure the second interface as the provider interface:" msgstr "" #: ../environment-networking-compute.rst:23 #: ../environment-networking-controller.rst:19 msgid "" "Replace ``INTERFACE_NAME`` with the actual interface name. For example, " "*eth1* or *ens224*." msgstr "" #: ../environment-networking-compute.rst:28 #: ../environment-networking-controller.rst:24 msgid "Edit the ``/etc/network/interfaces`` file to contain the following:" msgstr "" #: ../environment-networking-compute.rst:45 #: ../environment-networking-controller.rst:41 msgid "" "Edit the ``/etc/sysconfig/network-scripts/ifcfg-INTERFACE_NAME`` file to " "contain the following:" msgstr "" #: ../environment-networking-compute.rst:48 #: ../environment-networking-controller.rst:44 msgid "Do not change the ``HWADDR`` and ``UUID`` keys." msgstr "" #: ../environment-networking-compute.rst:64 #: ../environment-networking-controller.rst:60 msgid "" "Edit the ``/etc/sysconfig/network/ifcfg-INTERFACE_NAME`` file to contain the " "following:" msgstr "" #: ../environment-networking-compute.rst:77 #: ../environment-networking-controller.rst:73 #: ../environment-networking-storage-cinder.rst:25 msgid "Reboot the system to activate the changes." msgstr "" #: ../environment-networking-compute.rst:80 #: ../environment-networking-controller.rst:76 #: ../environment-networking-storage-cinder.rst:19 msgid "Configure name resolution" msgstr "" #: ../environment-networking-compute.rst:82 msgid "Set the hostname of the node to ``compute1``." msgstr "" #: ../environment-networking-controller.rst:2 #: ../environment-ntp-controller.rst:4 msgid "Controller node" msgstr "" #: ../environment-networking-controller.rst:9 msgid "IP address: 10.0.0.11" msgstr "" #: ../environment-networking-controller.rst:78 msgid "Set the hostname of the node to ``controller``." msgstr "" #: ../environment-networking-storage-cinder.rst:2 msgid "Block storage node (Optional)" msgstr "" #: ../environment-networking-storage-cinder.rst:4 msgid "" "If you want to deploy the Block Storage service, configure one additional " "storage node." msgstr "" #: ../environment-networking-storage-cinder.rst:10 msgid "Configure the management interface:" msgstr "" #: ../environment-networking-storage-cinder.rst:12 msgid "IP address: ``10.0.0.41``" msgstr "" #: ../environment-networking-storage-cinder.rst:14 msgid "Network mask: ``255.255.255.0`` (or ``/24``)" msgstr "" #: ../environment-networking-storage-cinder.rst:16 msgid "Default gateway: ``10.0.0.1``" msgstr "" #: ../environment-networking-storage-cinder.rst:21 msgid "Set the hostname of the node to ``block1``." msgstr "" #: ../environment-networking-verify.rst:2 msgid "Verify connectivity" msgstr "" #: ../environment-networking-verify.rst:4 msgid "" "We recommend that you verify network connectivity to the Internet and among " "the nodes before proceeding further." msgstr "" #: ../environment-networking-verify.rst:7 msgid "From the *controller* node, test access to the Internet:" msgstr "" #: ../environment-networking-verify.rst:25 msgid "" "From the *controller* node, test access to the management interface on the " "*compute* node:" msgstr "" #: ../environment-networking-verify.rst:44 msgid "From the *compute* node, test access to the Internet:" msgstr "" #: ../environment-networking-verify.rst:62 msgid "" "From the *compute* node, test access to the management interface on the " "*controller* node:" msgstr "" #: ../environment-networking-verify.rst:85 ../environment-networking.rst:120 msgid "" "Your distribution enables a restrictive :term:`firewall` by default. During " "the installation process, certain steps will fail unless you alter or " "disable the firewall. For more information about securing your environment, " "refer to the `OpenStack Security Guide `_." msgstr "" #: ../environment-networking-verify.rst:95 ../environment-networking.rst:130 msgid "" "Your distribution does not enable a restrictive :term:`firewall` by default. " "For more information about securing your environment, refer to the " "`OpenStack Security Guide `_." msgstr "" #: ../environment-networking.rst:4 msgid "Host networking" msgstr "" #: ../environment-networking.rst:8 msgid "" "After installing the operating system on each node for the architecture that " "you choose to deploy, you must configure the network interfaces. We " "recommend that you disable any automated network management tools and " "manually edit the appropriate configuration files for your distribution. For " "more information on how to configure networking on your distribution, see " "the `documentation `_." msgstr "" #: ../environment-networking.rst:19 msgid "" "After installing the operating system on each node for the architecture that " "you choose to deploy, you must configure the network interfaces. We " "recommend that you disable any automated network management tools and " "manually edit the appropriate configuration files for your distribution. For " "more information on how to configure networking on your distribution, see " "the `documentation `__ ." msgstr "" #: ../environment-networking.rst:31 msgid "" "After installing the operating system on each node for the architecture that " "you choose to deploy, you must configure the network interfaces. We " "recommend that you disable any automated network management tools and " "manually edit the appropriate configuration files for your distribution. For " "more information on how to configure networking on your distribution, see " "the `documentation `__ ." msgstr "" #: ../environment-networking.rst:43 msgid "" "After installing the operating system on each node for the architecture that " "you choose to deploy, you must configure the network interfaces. We " "recommend that you disable any automated network management tools and " "manually edit the appropriate configuration files for your distribution. For " "more information on how to configure networking on your distribution, see " "the `SLES 12 `__ or `openSUSE `__ documentation." msgstr "" #: ../environment-networking.rst:56 msgid "" "All nodes require Internet access for administrative purposes such as " "package installation, security updates, :term:`DNS `, and :term:`NTP `. In most cases, nodes " "should obtain Internet access through the management network interface. To " "highlight the importance of network separation, the example architectures " "use `private address space `__ for the " "management network and assume that the physical network infrastructure " "provides Internet access via :term:`NAT ` " "or other methods. The example architectures use routable IP address space " "for the provider (external) network and assume that the physical network " "infrastructure provides direct Internet access." msgstr "" #: ../environment-networking.rst:68 msgid "" "In the provider networks architecture, all instances attach directly to the " "provider network. In the self-service (private) networks architecture, " "instances can attach to a self-service or provider network. Self-service " "networks can reside entirely within OpenStack or provide some level of " "external network access using :term:`NAT ` through the provider network." msgstr "" #: ../environment-networking.rst:80 msgid "The example architectures assume use of the following networks:" msgstr "" #: ../environment-networking.rst:82 msgid "Management on 10.0.0.0/24 with gateway 10.0.0.1" msgstr "" #: ../environment-networking.rst:84 msgid "" "This network requires a gateway to provide Internet access to all nodes for " "administrative purposes such as package installation, security updates, :" "term:`DNS `, and :term:`NTP `." msgstr "" #: ../environment-networking.rst:89 msgid "Provider on 203.0.113.0/24 with gateway 203.0.113.1" msgstr "" #: ../environment-networking.rst:91 msgid "" "This network requires a gateway to provide Internet access to instances in " "your OpenStack environment." msgstr "" #: ../environment-networking.rst:94 msgid "" "You can modify these ranges and gateways to work with your particular " "network infrastructure." msgstr "" #: ../environment-networking.rst:97 msgid "" "Network interface names vary by distribution. Traditionally, interfaces use " "``eth`` followed by a sequential number. To cover all variations, this guide " "refers to the first interface as the interface with the lowest number and " "the second interface as the interface with the highest number." msgstr "" #: ../environment-networking.rst:103 msgid "" "Unless you intend to use the exact configuration provided in this example " "architecture, you must modify the networks in this procedure to match your " "environment. Each node must resolve the other nodes by name in addition to " "IP address. For example, the ``controller`` name must resolve to " "``10.0.0.11``, the IP address of the management interface on the controller " "node." msgstr "" #: ../environment-networking.rst:112 msgid "" "Reconfiguring network interfaces will interrupt network connectivity. We " "recommend using a local terminal session for these procedures." msgstr "" #: ../environment-ntp-controller.rst:6 msgid "Perform these steps on the controller node." msgstr "" #: ../environment-ntp-controller.rst:45 msgid "" "Edit the ``/etc/chrony/chrony.conf`` file and add, change, or remove these " "keys as necessary for your environment:" msgstr "" #: ../environment-ntp-controller.rst:54 ../environment-ntp-controller.rst:94 msgid "" "Replace ``NTP_SERVER`` with the hostname or IP address of a suitable more " "accurate (lower stratum) NTP server. The configuration supports multiple " "``server`` keys." msgstr "" #: ../environment-ntp-controller.rst:60 ../environment-ntp-controller.rst:100 msgid "" "By default, the controller node synchronizes the time via a pool of public " "servers. However, you can optionally configure alternative servers such as " "those provided by your organization." msgstr "" #: ../environment-ntp-controller.rst:64 msgid "" "To enable other nodes to connect to the chrony daemon on the controller " "node, add this key to the ``/etc/chrony/chrony.conf`` file:" msgstr "" #: ../environment-ntp-controller.rst:73 ../environment-ntp-other.rst:58 msgid "Restart the NTP service:" msgstr "" #: ../environment-ntp-controller.rst:85 msgid "" "Edit the ``/etc/chrony.conf`` file and add, change, or remove these keys as " "necessary for your environment:" msgstr "" #: ../environment-ntp-controller.rst:104 msgid "" "To enable other nodes to connect to the chrony daemon on the controller " "node, add this key to the ``/etc/chrony.conf`` file:" msgstr "" #: ../environment-ntp-controller.rst:113 msgid "" "If necessary, replace ``10.0.0.0/24`` with a description of your subnet." msgstr "" #: ../environment-ntp-controller.rst:115 ../environment-ntp-other.rst:80 msgid "Start the NTP service and configure it to start when the system boots:" msgstr "" #: ../environment-ntp-other.rst:4 msgid "Other nodes" msgstr "" #: ../environment-ntp-other.rst:6 msgid "" "Other nodes reference the controller node for clock synchronization. Perform " "these steps on all other nodes." msgstr "" #: ../environment-ntp-other.rst:46 msgid "" "Edit the ``/etc/chrony/chrony.conf`` file and comment out or remove all but " "one ``server`` key. Change it to reference the controller node:" msgstr "" #: ../environment-ntp-other.rst:56 msgid "Comment out the ``pool 2.debian.pool.ntp.org offline iburst`` line." msgstr "" #: ../environment-ntp-other.rst:70 msgid "" "Edit the ``/etc/chrony.conf`` file and comment out or remove all but one " "``server`` key. Change it to reference the controller node:" msgstr "" #: ../environment-ntp-verify.rst:6 msgid "" "We recommend that you verify NTP synchronization before proceeding further. " "Some nodes, particularly those that reference the controller node, can take " "several minutes to synchronize." msgstr "" #: ../environment-ntp-verify.rst:10 msgid "Run this command on the *controller* node:" msgstr "" #: ../environment-ntp-verify.rst:24 msgid "" "Contents in the *Name/IP address* column should indicate the hostname or IP " "address of one or more NTP servers. Contents in the *MS* column should " "indicate *\\** for the server to which the NTP service is currently " "synchronized." msgstr "" #: ../environment-ntp-verify.rst:28 msgid "Run the same command on *all other* nodes:" msgstr "" #: ../environment-ntp-verify.rst:41 msgid "" "Contents in the *Name/IP address* column should indicate the hostname of the " "controller node." msgstr "" #: ../environment-ntp.rst:4 msgid "Network Time Protocol (NTP)" msgstr "" #: ../environment-ntp.rst:6 msgid "" "You should install Chrony, an implementation of :term:`NTP `, to properly synchronize services among nodes. We recommend " "that you configure the controller node to reference more accurate (lower " "stratum) servers and other nodes to reference the controller node." msgstr "" #: ../environment-packages.rst:2 msgid "OpenStack packages" msgstr "" #: ../environment-packages.rst:4 msgid "" "Distributions release OpenStack packages as part of the distribution or " "using other methods because of differing release schedules. Perform these " "procedures on all nodes." msgstr "" #: ../environment-packages.rst:10 msgid "" "The set up of OpenStack packages described here needs to be done on all " "nodes: controller, compute, and Block Storage nodes." msgstr "" #: ../environment-packages.rst:15 msgid "" "Your hosts must contain the latest versions of base installation packages " "available for your distribution before proceeding further." msgstr "" #: ../environment-packages.rst:20 msgid "" "Disable or remove any automatic update services because they can impact your " "OpenStack environment." msgstr "" #: ../environment-packages.rst:26 ../environment-packages.rst:77 #: ../environment-packages.rst:102 msgid "Enable the OpenStack repository" msgstr "" #: ../environment-packages.rst:44 msgid "" "We recommend disabling EPEL when using RDO packages due to updates in EPEL " "breaking backwards compatibility. Or, preferably pin package versions using " "the ``yum-versionlock`` plugin." msgstr "" #: ../environment-packages.rst:50 msgid "" "The following steps apply to RHEL only. CentOS does not require these steps." msgstr "" #: ../environment-packages.rst:53 msgid "" "When using RHEL, it is assumed that you have registered your system using " "Red Hat Subscription Management and that you have the ``rhel-7-server-rpms`` " "repository enabled by default." msgstr "" #: ../environment-packages.rst:57 msgid "" "For more information on registering the system, see the `Red Hat Enterprise " "Linux 7 System Administrator's Guide `_." msgstr "" #: ../environment-packages.rst:61 msgid "" "In addition to ``rhel-7-server-rpms``, you also need to have the ``rhel-7-" "server-optional-rpms``, ``rhel-7-server-extras-rpms``, and ``rhel-7-server-" "rh-common-rpms`` repositories enabled:" msgstr "" #: ../environment-packages.rst:79 msgid "" "On CentOS, the ``extras`` repository provides the RPM that enables the " "OpenStack repository. CentOS includes the ``extras`` repository by default, " "so you can simply install the package to enable the OpenStack repository." msgstr "" #: ../environment-packages.rst:90 msgid "" "On RHEL, download and install the RDO repository RPM to enable the OpenStack " "repository." msgstr "" #: ../environment-packages.rst:104 msgid "" "Enable the Open Build Service repositories based on your openSUSE or SLES " "version:" msgstr "" #: ../environment-packages.rst:107 msgid "**On openSUSE:**" msgstr "" #: ../environment-packages.rst:117 msgid "" "The openSUSE distribution uses the concept of patterns to represent " "collections of packages. If you selected 'Minimal Server Selection (Text " "Mode)' during the initial installation, you may be presented with a " "dependency conflict when you attempt to install the OpenStack packages. To " "avoid this, remove the minimal\\_base-conflicts package:" msgstr "" #: ../environment-packages.rst:130 msgid "**On SLES:**" msgstr "" #: ../environment-packages.rst:140 msgid "" "The packages are signed by GPG key ``D85F9316``. You should verify the " "fingerprint of the imported GPG key before using it." msgstr "" #: ../environment-packages.rst:157 msgid "Enable the backports repository" msgstr "" #: ../environment-packages.rst:159 msgid "" "The Newton release is available directly through the official Debian " "backports repository. To use this repository, follow the instruction from " "the official `Debian website `_, " "which basically suggest doing the following steps:" msgstr "" #: ../environment-packages.rst:165 msgid "" "On all nodes, adding the Debian 8 (Jessie) backport repository to the source " "list:" msgstr "" #: ../environment-packages.rst:177 msgid "Later you can use the following command to install a package:" msgstr "" #: ../environment-packages.rst:188 ../keystone-install.rst:335 msgid "Finalize the installation" msgstr "" #: ../environment-packages.rst:190 msgid "Upgrade the packages on all nodes:" msgstr "" #: ../environment-packages.rst:224 msgid "" "If the upgrade process includes a new kernel, reboot your host to activate " "it." msgstr "" #: ../environment-packages.rst:227 msgid "Install the OpenStack client:" msgstr "" #: ../environment-packages.rst:261 msgid "" "RHEL and CentOS enable :term:`SELinux` by default. Install the ``openstack-" "selinux`` package to automatically manage security policies for OpenStack " "services:" msgstr "" #: ../environment-security.rst:2 msgid "Security" msgstr "" #: ../environment-security.rst:4 msgid "" "OpenStack services support various security methods including password, " "policy, and encryption. Additionally, supporting services including the " "database server and message broker support password security." msgstr "" #: ../environment-security.rst:8 msgid "" "To ease the installation process, this guide only covers password security " "where applicable. You can create secure passwords manually, but the database " "connection string in services configuration file cannot accept special " "characters like \"@\". We recommend you generate them using a tool such as " "`pwgen `_, or by running the " "following command:" msgstr "" #: ../environment-security.rst:22 msgid "" "For OpenStack services, this guide uses ``SERVICE_PASS`` to reference " "service account passwords and ``SERVICE_DBPASS`` to reference database " "passwords." msgstr "" #: ../environment-security.rst:26 msgid "" "The following table provides a list of services that require passwords and " "their associated references in the guide." msgstr "" #: ../environment-security.rst:29 msgid "**Passwords**" msgstr "" #: ../environment-security.rst:33 msgid "Password name" msgstr "" #: ../environment-security.rst:34 msgid "Description" msgstr "" #: ../environment-security.rst:35 msgid "Database password (no variable used)" msgstr "" #: ../environment-security.rst:36 msgid "Root password for the database" msgstr "" #: ../environment-security.rst:37 msgid "``ADMIN_PASS``" msgstr "" #: ../environment-security.rst:38 msgid "Password of user ``admin``" msgstr "" #: ../environment-security.rst:39 msgid "``CINDER_DBPASS``" msgstr "" #: ../environment-security.rst:40 msgid "Database password for the Block Storage service" msgstr "" #: ../environment-security.rst:41 msgid "``CINDER_PASS``" msgstr "" #: ../environment-security.rst:42 msgid "Password of Block Storage service user ``cinder``" msgstr "" #: ../environment-security.rst:43 msgid "``DASH_DBPASS``" msgstr "" #: ../environment-security.rst:44 msgid "Database password for the Dashboard" msgstr "" #: ../environment-security.rst:45 msgid "``DEMO_PASS``" msgstr "" #: ../environment-security.rst:46 msgid "Password of user ``demo``" msgstr "" #: ../environment-security.rst:47 msgid "``GLANCE_DBPASS``" msgstr "" #: ../environment-security.rst:48 msgid "Database password for Image service" msgstr "" #: ../environment-security.rst:49 msgid "``GLANCE_PASS``" msgstr "" #: ../environment-security.rst:50 msgid "Password of Image service user ``glance``" msgstr "" #: ../environment-security.rst:51 msgid "``KEYSTONE_DBPASS``" msgstr "" #: ../environment-security.rst:52 msgid "Database password of Identity service" msgstr "" #: ../environment-security.rst:53 msgid "``METADATA_SECRET``" msgstr "" #: ../environment-security.rst:54 msgid "Secret for the metadata proxy" msgstr "" #: ../environment-security.rst:55 msgid "``NEUTRON_DBPASS``" msgstr "" #: ../environment-security.rst:56 msgid "Database password for the Networking service" msgstr "" #: ../environment-security.rst:57 msgid "``NEUTRON_PASS``" msgstr "" #: ../environment-security.rst:58 msgid "Password of Networking service user ``neutron``" msgstr "" #: ../environment-security.rst:59 msgid "``NOVA_DBPASS``" msgstr "" #: ../environment-security.rst:60 msgid "Database password for Compute service" msgstr "" #: ../environment-security.rst:61 msgid "``NOVA_PASS``" msgstr "" #: ../environment-security.rst:62 msgid "Password of Compute service user ``nova``" msgstr "" #: ../environment-security.rst:63 msgid "``PLACEMENT_PASS``" msgstr "" #: ../environment-security.rst:64 msgid "Password of the Placement service user ``placement``" msgstr "" #: ../environment-security.rst:65 msgid "``RABBIT_PASS``" msgstr "" #: ../environment-security.rst:66 msgid "Password of user guest of RabbitMQ" msgstr "" #: ../environment-security.rst:68 msgid "" "OpenStack and supporting services require administrative privileges during " "installation and operation. In some cases, services perform modifications to " "the host that can interfere with deployment automation tools such as " "Ansible, Chef, and Puppet. For example, some OpenStack services add a root " "wrapper to ``sudo`` that can interfere with security policies. See the " "`OpenStack Administrator Guide `__ for more information." msgstr "" #: ../environment-security.rst:77 msgid "" "The Networking service assumes default values for kernel network parameters " "and modifies firewall rules. To avoid most issues during your initial " "installation, we recommend using a stock deployment of a supported " "distribution on your hosts. However, if you choose to automate deployment of " "your hosts, review the configuration and policies applied to them before " "proceeding further." msgstr "" #: ../environment-sql-database.rst:2 msgid "SQL database" msgstr "" #: ../environment-sql-database.rst:4 msgid "" "Most OpenStack services use an SQL database to store information. The " "database typically runs on the controller node. The procedures in this guide " "use MariaDB or MySQL depending on the distribution. OpenStack services also " "support other SQL databases including `PostgreSQL `__." msgstr "" #: ../environment-sql-database.rst:14 msgid "" "As of Ubuntu 16.04, MariaDB was changed to use the \"unix_socket " "Authentication Plugin\". Local authentication is now performed using the " "user credentials (UID), and password authentication is no longer used by " "default. This means that the root user no longer uses a password for local " "access to the server." msgstr "" #: ../environment-sql-database.rst:70 msgid "" "Create and edit the ``/etc/mysql/conf.d/openstack.cnf`` file and complete " "the following actions:" msgstr "" #: ../environment-sql-database.rst:73 ../environment-sql-database.rst:100 #: ../environment-sql-database.rst:125 msgid "" "Create a ``[mysqld]`` section, and set the ``bind-address`` key to the " "management IP address of the controller node to enable access by other nodes " "via the management network. Set additional keys to enable useful options and " "the UTF-8 character set:" msgstr "" #: ../environment-sql-database.rst:97 msgid "" "Create and edit the ``/etc/mysql/mariadb.conf.d/99-openstack.cnf`` file and " "complete the following actions:" msgstr "" #: ../environment-sql-database.rst:122 msgid "" "Create and edit the ``/etc/my.cnf.d/openstack.cnf`` file and complete the " "following actions:" msgstr "" #: ../environment-sql-database.rst:152 msgid "Restart the database service:" msgstr "" #: ../environment-sql-database.rst:164 msgid "" "Start the database service and configure it to start when the system boots:" msgstr "" #: ../environment-sql-database.rst:191 msgid "" "Secure the database service by running the ``mysql_secure_installation`` " "script. In particular, choose a suitable password for the database ``root`` " "account:" msgstr "" #: ../environment.rst:5 msgid "Environment" msgstr "" #: ../environment.rst:7 msgid "" "This section explains how to configure the controller node and one compute " "node using the example architecture." msgstr "" #: ../environment.rst:10 msgid "" "Although most environments include Identity, Image service, Compute, at " "least one networking service, and the Dashboard, the Object Storage service " "can operate independently. If your use case only involves Object Storage, " "you can skip to `Object Storage Installation Guide `_ after configuring the " "appropriate nodes for it." msgstr "" #: ../environment.rst:17 msgid "" "You must use an account with administrative privileges to configure each " "node. Either run the commands as the ``root`` user or configure the ``sudo`` " "utility." msgstr "" #: ../environment.rst:23 msgid "" "The :command:`systemctl enable` call on openSUSE outputs a warning message " "when the service uses SysV Init scripts instead of native systemd files. " "This warning can be ignored." msgstr "" #: ../environment.rst:29 msgid "" "For best performance, we recommend that your environment meets or exceeds " "the hardware requirements in :ref:`figure-hwreqs`." msgstr "" #: ../environment.rst:32 msgid "" "The following minimum requirements should support a proof-of-concept " "environment with core services and several :term:`CirrOS` instances:" msgstr "" #: ../environment.rst:35 msgid "Controller Node: 1 processor, 4 GB memory, and 5 GB storage" msgstr "" #: ../environment.rst:37 msgid "Compute Node: 1 processor, 2 GB memory, and 10 GB storage" msgstr "" #: ../environment.rst:39 msgid "" "As the number of OpenStack services and virtual machines increase, so do the " "hardware requirements for the best performance. If performance degrades " "after enabling additional services or virtual machines, consider adding " "hardware resources to your environment." msgstr "" #: ../environment.rst:44 msgid "" "To minimize clutter and provide more resources for OpenStack, we recommend a " "minimal installation of your Linux distribution. Also, you must install a 64-" "bit version of your distribution on each node." msgstr "" #: ../environment.rst:48 msgid "" "A single disk partition on each node works for most basic installations. " "However, you should consider :term:`Logical Volume Manager (LVM)` for " "installations with optional services such as Block Storage." msgstr "" #: ../environment.rst:52 msgid "" "For first-time installation and testing purposes, many users select to build " "each host as a :term:`virtual machine (VM)`. The primary benefits of VMs " "include the following:" msgstr "" #: ../environment.rst:56 msgid "" "One physical server can support multiple nodes, each with almost any number " "of network interfaces." msgstr "" #: ../environment.rst:59 msgid "" "Ability to take periodic \"snap shots\" throughout the installation process " "and \"roll back\" to a working configuration in the event of a problem." msgstr "" #: ../environment.rst:63 msgid "" "However, VMs will reduce performance of your instances, particularly if your " "hypervisor and/or processor lacks support for hardware acceleration of " "nested VMs." msgstr "" #: ../environment.rst:69 msgid "" "If you choose to install on VMs, make sure your hypervisor provides a way to " "disable MAC address filtering on the provider network interface." msgstr "" #: ../environment.rst:73 msgid "" "For more information about system requirements, see the `OpenStack " "Operations Guide `_." msgstr "" #: ../glance-install.rst:2 ../horizon-install.rst:2 ../keystone-install.rst:4 msgid "Install and configure" msgstr "" #: ../glance-install.rst:4 msgid "" "This section describes how to install and configure the Image service, code-" "named glance, on the controller node. For simplicity, this configuration " "stores images on the local file system." msgstr "" #: ../glance-install.rst:11 msgid "" "Before you install and configure the Image service, you must create a " "database, service credentials, and API endpoints." msgstr "" #: ../glance-install.rst:42 msgid "Create the ``glance`` database:" msgstr "" #: ../glance-install.rst:50 msgid "Grant proper access to the ``glance`` database:" msgstr "" #: ../glance-install.rst:61 msgid "Replace ``GLANCE_DBPASS`` with a suitable password." msgstr "" #: ../glance-install.rst:76 msgid "Create the ``glance`` user:" msgstr "" #: ../glance-install.rst:97 msgid "Add the ``admin`` role to the ``glance`` user and ``service`` project:" msgstr "" #: ../glance-install.rst:110 msgid "Create the ``glance`` service entity:" msgstr "" #: ../glance-install.rst:129 msgid "Create the Image service API endpoints:" msgstr "" #: ../glance-install.rst:195 msgid "" "Starting with the Newton release, SUSE OpenStack packages are shipping with " "the upstream default configuration files. For example ``/etc/glance/glance-" "api.conf`` or ``/etc/glance/glance-registry.conf``, with customizations in " "``/etc/glance/glance-api.conf.d/`` or ``/etc/glance/glance-registry.conf.d/" "``. While the following instructions modify the default configuration files, " "adding new files in ``/etc/glance/glance-api.conf.d`` or ``/etc/glance/" "glance-registry.conf.d`` achieves the same result." msgstr "" #: ../glance-install.rst:244 msgid "" "Edit the ``/etc/glance/glance-api.conf`` file and complete the following " "actions:" msgstr "" #: ../glance-install.rst:258 ../glance-install.rst:321 msgid "" "Replace ``GLANCE_DBPASS`` with the password you chose for the Image service " "database." msgstr "" #: ../glance-install.rst:261 ../glance-install.rst:324 msgid "" "In the ``[keystone_authtoken]`` and ``[paste_deploy]`` sections, configure " "Identity service access:" msgstr "" #: ../glance-install.rst:285 ../glance-install.rst:348 msgid "" "Replace ``GLANCE_PASS`` with the password you chose for the ``glance`` user " "in the Identity service." msgstr "" #: ../glance-install.rst:293 msgid "" "In the ``[glance_store]`` section, configure the local file system store and " "location of image files:" msgstr "" #: ../glance-install.rst:307 msgid "" "Edit the ``/etc/glance/glance-registry.conf`` file and complete the " "following actions:" msgstr "" #: ../glance-install.rst:358 msgid "Populate the Image service database:" msgstr "" #: ../glance-install.rst:377 msgid "" "Start the Image services and configure them to start when the system boots:" msgstr "" #: ../glance-install.rst:393 msgid "Restart the Image services:" msgstr "" #: ../glance-verify.rst:4 msgid "" "Verify operation of the Image service using `CirrOS `__, a small Linux image that helps you test your OpenStack " "deployment." msgstr "" #: ../glance-verify.rst:8 msgid "" "For more information about how to download and build images, see `OpenStack " "Virtual Machine Image Guide `__. " "For information about how to manage images, see the `OpenStack End User " "Guide `__." msgstr "" #: ../glance-verify.rst:28 msgid "Download the source image:" msgstr "" #: ../glance-verify.rst:38 msgid "Install ``wget`` if your distribution does not include it." msgstr "" #: ../glance-verify.rst:40 msgid "" "Upload the image to the Image service using the :term:`QCOW2 ` disk format, :term:`bare` container format, and public " "visibility so all projects can access it:" msgstr "" #: ../glance-verify.rst:76 msgid "" "For information about the :command:`openstack image create` parameters, see " "`Create or update an image (glance) `__ in the " "``OpenStack User Guide``." msgstr "" #: ../glance-verify.rst:81 msgid "" "For information about disk and container formats for images, see `Disk and " "container formats for images `__ in the ``OpenStack Virtual Machine Image Guide``." msgstr "" #: ../glance-verify.rst:88 msgid "" "OpenStack generates IDs dynamically, so you will see different values in the " "example command output." msgstr "" #: ../glance-verify.rst:91 msgid "Confirm upload of the image and validate attributes:" msgstr "" #: ../glance.rst:3 msgid "Image service" msgstr "" #: ../horizon-install.rst:4 msgid "" "This section describes how to install and configure the dashboard on the " "controller node." msgstr "" #: ../horizon-install.rst:7 msgid "" "The only core service required by the dashboard is the Identity service. You " "can use the dashboard in combination with other services, such as Image " "service, Compute, and Networking. You can also use the dashboard in " "environments with stand-alone services such as Object Storage." msgstr "" #: ../horizon-install.rst:14 msgid "" "This section assumes proper installation, configuration, and operation of " "the Identity service using the Apache HTTP server and Memcached service as " "described in the :ref:`Install and configure the Identity service ` section." msgstr "" #: ../horizon-install.rst:70 msgid "Respond to prompts for web server configuration." msgstr "" #: ../horizon-install.rst:74 msgid "" "The automatic configuration process generates a self-signed SSL certificate. " "Consider obtaining an official certificate for production environments." msgstr "" #: ../horizon-install.rst:80 msgid "" "There are two modes of installation. One using ``/horizon`` as the URL, " "keeping your default vhost and only adding an Alias directive: this is the " "default. The other mode will remove the default Apache vhost and install the " "dashboard on the webroot. It was the only available option before the " "Liberty release. If you prefer to set the Apache configuration manually, " "install the ``openstack-dashboard`` package instead of ``openstack-dashboard-" "apache``." msgstr "" #: ../horizon-install.rst:92 msgid "Configure the web server:" msgstr "" #: ../horizon-install.rst:102 msgid "" "Edit the ``/srv/www/openstack-dashboard/openstack_dashboard/local/" "local_settings.py`` file and complete the following actions:" msgstr "" #: ../horizon-install.rst:106 ../horizon-install.rst:245 #: ../horizon-install.rst:384 msgid "" "Configure the dashboard to use OpenStack services on the ``controller`` node:" msgstr "" #: ../horizon-install.rst:116 ../horizon-install.rst:255 msgid "Allow your hosts to access the dashboard:" msgstr "" #: ../horizon-install.rst:127 msgid "" "``ALLOWED_HOSTS`` can also be ``['*']`` to accept all hosts. This may be " "useful for development work, but is potentially insecure and should not be " "used in production. See `Django documentation `_ for further information." msgstr "" #: ../horizon-install.rst:133 ../horizon-install.rst:272 #: ../horizon-install.rst:415 msgid "Configure the ``memcached`` session storage service:" msgstr "" #: ../horizon-install.rst:151 ../horizon-install.rst:290 #: ../horizon-install.rst:433 msgid "Comment out any other session storage configuration." msgstr "" #: ../horizon-install.rst:153 ../horizon-install.rst:292 #: ../horizon-install.rst:435 msgid "Enable the Identity API version 3:" msgstr "" #: ../horizon-install.rst:162 ../horizon-install.rst:301 #: ../horizon-install.rst:444 msgid "Enable support for domains:" msgstr "" #: ../horizon-install.rst:171 ../horizon-install.rst:310 #: ../horizon-install.rst:453 msgid "Configure API versions:" msgstr "" #: ../horizon-install.rst:184 ../horizon-install.rst:323 #: ../horizon-install.rst:466 msgid "" "Configure ``Default`` as the default domain for users that you create via " "the dashboard:" msgstr "" #: ../horizon-install.rst:194 ../horizon-install.rst:333 #: ../horizon-install.rst:476 msgid "" "Configure ``user`` as the default role for users that you create via the " "dashboard:" msgstr "" #: ../horizon-install.rst:204 ../horizon-install.rst:343 #: ../horizon-install.rst:486 msgid "" "If you chose networking option 1, disable support for layer-3 networking " "services:" msgstr "" #: ../horizon-install.rst:224 ../horizon-install.rst:363 #: ../horizon-install.rst:507 msgid "Optionally, configure the time zone:" msgstr "" #: ../horizon-install.rst:233 ../horizon-install.rst:372 #: ../horizon-install.rst:516 msgid "" "Replace ``TIME_ZONE`` with an appropriate time zone identifier. For more " "information, see the `list of time zones `__." msgstr "" #: ../horizon-install.rst:241 msgid "" "Edit the ``/etc/openstack-dashboard/local_settings`` file and complete the " "following actions:" msgstr "" #: ../horizon-install.rst:266 msgid "" "ALLOWED_HOSTS can also be ['*'] to accept all hosts. This may be useful for " "development work, but is potentially insecure and should not be used in " "production. See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-" "hosts for further information." msgstr "" #: ../horizon-install.rst:380 msgid "" "Edit the ``/etc/openstack-dashboard/local_settings.py`` file and complete " "the following actions:" msgstr "" #: ../horizon-install.rst:394 msgid "" "In the Dashboard configuration section, allow your hosts to access Dashboard:" msgstr "" #: ../horizon-install.rst:406 msgid "" "Do not edit the ``ALLOWED_HOSTS`` parameter under the Ubuntu configuration " "section." msgstr "" #: ../horizon-install.rst:408 msgid "" "``ALLOWED_HOSTS`` can also be ``['*']`` to accept all hosts. This may be " "useful for development work, but is potentially insecure and should not be " "used in production. See the `Django documentation `_ for further " "information." msgstr "" #: ../horizon-install.rst:527 msgid "Reload the web server configuration:" msgstr "" #: ../horizon-install.rst:539 ../horizon-install.rst:556 msgid "Restart the web server and session storage service:" msgstr "" #: ../horizon-install.rst:549 ../horizon-install.rst:566 msgid "" "The ``systemctl restart`` command starts each service if not currently " "running." msgstr "" #: ../horizon-next-steps.rst:5 msgid "" "Your OpenStack environment now includes the dashboard. You can :ref:`launch-" "instance` or add more services to your environment." msgstr "" #: ../horizon-next-steps.rst:8 msgid "" "After you install and configure the dashboard, you can complete the " "following tasks:" msgstr "" #: ../horizon-next-steps.rst:11 msgid "" "Provide users with a public IP address, a username, and a password so they " "can access the dashboard through a web browser. In case of any SSL " "certificate connection problems, point the server IP address to a domain " "name, and give users access." msgstr "" #: ../horizon-next-steps.rst:16 msgid "" "Customize your dashboard. See section `Customize and configure the Dashboard " "`__." msgstr "" #: ../horizon-next-steps.rst:20 msgid "" "Set up session storage. See `Set up session storage for the dashboard " "`__." msgstr "" #: ../horizon-next-steps.rst:24 msgid "" "To use the VNC client with the dashboard, the browser must support HTML5 " "Canvas and HTML5 WebSockets." msgstr "" #: ../horizon-next-steps.rst:27 msgid "" "For details about browsers that support noVNC, see `README `__ and `browser support `__." msgstr "" #: ../horizon-verify.rst:4 msgid "Verify operation of the dashboard." msgstr "" #: ../horizon-verify.rst:8 msgid "Access the dashboard using a web browser at ``http://controller/``." msgstr "" #: ../horizon-verify.rst:15 msgid "" "Access the dashboard using a web browser at ``http://controller/dashboard``." msgstr "" #: ../horizon-verify.rst:22 msgid "" "Access the dashboard using a web browser at ``http://controller/horizon``." msgstr "" #: ../horizon-verify.rst:27 msgid "" "Authenticate using ``admin`` or ``demo`` user and ``default`` domain " "credentials." msgstr "" #: ../horizon.rst:3 msgid "Dashboard" msgstr "" #: ../horizon.rst:11 msgid "" "The Dashboard (horizon) is a web interface that enables cloud administrators " "and users to manage various OpenStack resources and services." msgstr "" #: ../horizon.rst:15 msgid "This example deployment uses an Apache web server." msgstr "" #: ../index.rst:9 msgid "OpenStack Installation Tutorial for Red Hat Enterprise Linux and CentOS" msgstr "" #: ../index.rst:17 msgid "OpenStack Installation Tutorial for openSUSE and SUSE Linux Enterprise" msgstr "" #: ../index.rst:25 msgid "OpenStack Installation Tutorial for Ubuntu" msgstr "" #: ../index.rst:33 msgid "OpenStack Installation Tutorial for Debian" msgstr "" #: ../index.rst:38 msgid "Abstract" msgstr "" #: ../index.rst:40 msgid "" "The OpenStack system consists of several key services that are separately " "installed. These services work together depending on your cloud needs and " "include the Compute, Identity, Networking, Image, Block Storage, Object " "Storage, Telemetry, Orchestration, and Database services. You can install " "any of these projects separately and configure them stand-alone or as " "connected entities." msgstr "" #: ../index.rst:49 msgid "" "This guide will show you how to install OpenStack by using packages " "available on Red Hat Enterprise Linux 7 and its derivatives through the RDO " "repository." msgstr "" #: ../index.rst:57 msgid "" "This guide will walk through an installation by using packages available " "through Canonical's Ubuntu Cloud archive repository for Ubuntu 16.04 (LTS)." msgstr "" #: ../index.rst:65 msgid "" "This guide will show you how to install OpenStack by using packages on " "openSUSE Leap 42.2 and SUSE Linux Enterprise Server 12 - for both SP1 and " "SP2 - through the Open Build Service Cloud repository." msgstr "" #: ../index.rst:73 msgid "" "This guide walks through an installation by using packages available through " "Debian 8 (code name: Jessie)." msgstr "" #: ../index.rst:78 msgid "" "This guide uses installation with debconf set to non-interactive mode. That " "is, there will be no debconf prompt. To configure a computer to use this " "mode, run the following command:" msgstr "" #: ../index.rst:88 msgid "" "If you prefer to use debconf, refer to the debconf install-guide for Debian." msgstr "" #: ../index.rst:93 msgid "" "Explanations of configuration options and sample configuration files are " "included." msgstr "" #: ../index.rst:96 msgid "This guide documents the OpenStack Ocata release." msgstr "" #: ../index.rst:99 msgid "Contents" msgstr "" #: ../index.rst:127 msgid "Appendix" msgstr "" #: ../index.rst:135 msgid "Glossary" msgstr "" #: ../index.rst:145 msgid "Search" msgstr "" #: ../index.rst:147 msgid ":ref:`search`" msgstr "" #: ../keystone-install.rst:6 msgid "" "This section describes how to install and configure the OpenStack Identity " "service, code-named keystone, on the controller node. For scalability " "purposes, this configuration deploys Fernet tokens and the Apache HTTP " "server to handle requests." msgstr "" #: ../keystone-install.rst:14 msgid "" "Before you install and configure the Identity service, you must create a " "database." msgstr "" #: ../keystone-install.rst:21 msgid "" "Before you begin, ensure you have the most recent version of ``python-" "pyasn1`` `installed `_." msgstr "" #: ../keystone-install.rst:52 msgid "Create the ``keystone`` database:" msgstr "" #: ../keystone-install.rst:60 msgid "Grant proper access to the ``keystone`` database:" msgstr "" #: ../keystone-install.rst:71 msgid "Replace ``KEYSTONE_DBPASS`` with a suitable password." msgstr "" #: ../keystone-install.rst:86 msgid "" "This guide uses the Apache HTTP server with ``mod_wsgi`` to serve Identity " "service requests on ports 5000 and 35357. By default, the keystone service " "still listens on these ports. Therefore, this guide manually disables the " "keystone service." msgstr "" #: ../keystone-install.rst:97 msgid "" "Starting with the Newton release, SUSE OpenStack packages are shipping with " "the upstream default configuration files. For example ``/etc/keystone/" "keystone.conf``, with customizations in ``/etc/keystone/keystone.conf.d/010-" "keystone.conf``. While the following instructions modify the default " "configuration file, adding a new file in ``/etc/keystone/keystone.conf.d`` " "achieves the same result." msgstr "" #: ../keystone-install.rst:111 msgid "" "This guide uses the Apache HTTP server with ``mod_wsgi`` to serve Identity " "service requests on ports 5000 and 35357. By default, the keystone service " "still listens on these ports. The package handles all of the Apache " "configuration for you (including the activation of the ``mod_wsgi`` apache2 " "module and keystone configuration in Apache)." msgstr "" #: ../keystone-install.rst:117 ../keystone-install.rst:130 #: ../keystone-install.rst:142 msgid "Run the following command to install the packages:" msgstr "" #: ../keystone-install.rst:152 msgid "" "Edit the ``/etc/keystone/keystone.conf`` file and complete the following " "actions:" msgstr "" #: ../keystone-install.rst:166 msgid "" "Replace ``KEYSTONE_DBPASS`` with the password you chose for the database." msgstr "" #: ../keystone-install.rst:170 ../neutron-controller-install-option1.rst:76 #: ../neutron-controller-install-option2.rst:78 msgid "" "Comment out or remove any other ``connection`` options in the ``[database]`` " "section." msgstr "" #: ../keystone-install.rst:173 msgid "In the ``[token]`` section, configure the Fernet token provider:" msgstr "" #: ../keystone-install.rst:184 msgid "Populate the Identity service database:" msgstr "" #: ../keystone-install.rst:192 msgid "Initialize Fernet key repositories:" msgstr "" #: ../keystone-install.rst:201 msgid "Bootstrap the Identity service:" msgstr "" #: ../keystone-install.rst:213 msgid "" "Replace ``ADMIN_PASS`` with a suitable password for an administrative user." msgstr "" #: ../keystone-install.rst:216 msgid "Configure the Apache HTTP server" msgstr "" #: ../keystone-install.rst:220 msgid "" "Edit the ``/etc/httpd/conf/httpd.conf`` file and configure the " "``ServerName`` option to reference the controller node:" msgstr "" #: ../keystone-install.rst:230 msgid "Create a link to the ``/usr/share/keystone/wsgi-keystone.conf`` file:" msgstr "" #: ../keystone-install.rst:242 msgid "" "Edit the ``/etc/apache2/apache2.conf`` file and configure the ``ServerName`` " "option to reference the controller node:" msgstr "" #: ../keystone-install.rst:258 msgid "The Debian package will perform the below operations for you:" msgstr "" #: ../keystone-install.rst:272 msgid "" "Edit the ``/etc/sysconfig/apache2`` file and configure the " "``APACHE_SERVERNAME`` option to reference the controller node:" msgstr "" #: ../keystone-install.rst:282 msgid "" "Create the ``/etc/apache2/conf.d/wsgi-keystone.conf`` file with the " "following content:" msgstr "" #: ../keystone-install.rst:323 msgid "Recursively change the ownership of the ``/etc/keystone`` directory:" msgstr "" #: ../keystone-install.rst:339 msgid "Restart the Apache service and remove the default SQLite database:" msgstr "" #: ../keystone-install.rst:352 ../keystone-install.rst:366 msgid "" "Start the Apache HTTP service and configure it to start when the system " "boots:" msgstr "" #: ../keystone-install.rst:378 msgid "Configure the administrative account" msgstr "" #: ../keystone-install.rst:392 msgid "" "Replace ``ADMIN_PASS`` with the password used in the ``keystone-manage " "bootstrap`` command in `keystone-install-configure`_." msgstr "" #: ../keystone-openrc.rst:2 msgid "Create OpenStack client environment scripts" msgstr "" #: ../keystone-openrc.rst:4 msgid "" "The previous section used a combination of environment variables and command " "options to interact with the Identity service via the ``openstack`` client. " "To increase efficiency of client operations, OpenStack supports simple " "client environment scripts also known as OpenRC files. These scripts " "typically contain common options for all clients, but also support unique " "options. For more information, see the `OpenStack End User Guide `_." msgstr "" #: ../keystone-openrc.rst:14 msgid "Creating the scripts" msgstr "" #: ../keystone-openrc.rst:16 msgid "" "Create client environment scripts for the ``admin`` and ``demo`` projects " "and users. Future portions of this guide reference these scripts to load " "appropriate credentials for client operations." msgstr "" #: ../keystone-openrc.rst:22 msgid "" "The paths of the client environment scripts are unrestricted. For " "convenience, you can place the scripts in any location, however ensure that " "they are accessible." msgstr "" #: ../keystone-openrc.rst:26 msgid "" "Create and edit the ``admin-openrc`` file and add the following content:" msgstr "" #: ../keystone-openrc.rst:30 msgid "" "The OpenStack client also supports using a ``clouds.yaml`` file. For more " "information, see the `os-client-config `_." msgstr "" #: ../keystone-openrc.rst:47 msgid "" "Replace ``ADMIN_PASS`` with the password you chose for the ``admin`` user in " "the Identity service." msgstr "" #: ../keystone-openrc.rst:50 msgid "Create and edit the ``demo-openrc`` file and add the following content:" msgstr "" #: ../keystone-openrc.rst:65 msgid "" "Replace ``DEMO_PASS`` with the password you chose for the ``demo`` user in " "the Identity service." msgstr "" #: ../keystone-openrc.rst:69 msgid "Using the scripts" msgstr "" #: ../keystone-openrc.rst:71 msgid "" "To run clients as a specific project and user, you can simply load the " "associated client environment script prior to running them. For example:" msgstr "" #: ../keystone-openrc.rst:75 msgid "" "Load the ``admin-openrc`` file to populate environment variables with the " "location of the Identity service and the ``admin`` project and user " "credentials:" msgstr "" #: ../keystone-openrc.rst:85 msgid "Request an authentication token:" msgstr "" #: ../keystone-users.rst:2 msgid "Create a domain, projects, users, and roles" msgstr "" #: ../keystone-users.rst:4 msgid "" "The Identity service provides authentication services for each OpenStack " "service. The authentication service uses a combination of :term:`domains " "`, :term:`projects`, :term:`users`, and :term:" "`roles`." msgstr "" #: ../keystone-users.rst:9 msgid "" "This guide uses a service project that contains a unique user for each " "service that you add to your environment. Create the ``service`` project:" msgstr "" #: ../keystone-users.rst:32 msgid "" "Regular (non-admin) tasks should use an unprivileged project and user. As an " "example, this guide creates the ``demo`` project and user." msgstr "" #: ../keystone-users.rst:35 msgid "Create the ``demo`` project:" msgstr "" #: ../keystone-users.rst:58 msgid "" "Do not repeat this step when creating additional users for this project." msgstr "" #: ../keystone-users.rst:61 msgid "Create the ``demo`` user:" msgstr "" #: ../keystone-users.rst:83 msgid "Create the ``user`` role:" msgstr "" #: ../keystone-users.rst:99 msgid "Add the ``user`` role to the ``demo`` user of the ``demo`` project:" msgstr "" #: ../keystone-users.rst:113 msgid "You can repeat this procedure to create additional projects and users." msgstr "" #: ../keystone-verify.rst:4 msgid "" "Verify operation of the Identity service before installing other services." msgstr "" #: ../keystone-verify.rst:13 ../keystone-verify.rst:25 msgid "" "For security reasons, disable the temporary authentication token mechanism:" msgstr "" #: ../keystone-verify.rst:16 ../keystone-verify.rst:28 msgid "" "Edit the ``/etc/keystone/keystone-paste.ini`` file and remove " "``admin_token_auth`` from the ``[pipeline:public_api]``, ``[pipeline:" "admin_api]``, and ``[pipeline:api_v3]`` sections." msgstr "" #: ../keystone-verify.rst:35 msgid "" "Unset the temporary ``OS_AUTH_URL`` and ``OS_PASSWORD`` environment variable:" msgstr "" #: ../keystone-verify.rst:44 msgid "As the ``admin`` user, request an authentication token:" msgstr "" #: ../keystone-verify.rst:68 msgid "This command uses the password for the ``admin`` user." msgstr "" #: ../keystone-verify.rst:70 msgid "As the ``demo`` user, request an authentication token:" msgstr "" #: ../keystone-verify.rst:94 msgid "" "This command uses the password for the ``demo`` user and API port 5000 which " "only allows regular (non-admin) access to the Identity service API." msgstr "" #: ../keystone.rst:3 msgid "Identity service" msgstr "" #: ../launch-instance-cinder.rst:4 ../launch-instance.rst:206 #: ../overview.rst:101 msgid "Block Storage" msgstr "" #: ../launch-instance-cinder.rst:7 msgid "Create a volume" msgstr "" #: ../launch-instance-cinder.rst:9 msgid "" "Source the ``demo`` credentials to perform the following steps as a non-" "administrative project:" msgstr "" #: ../launch-instance-cinder.rst:18 msgid "Create a 1 GB volume:" msgstr "" #: ../launch-instance-cinder.rst:50 msgid "" "After a short time, the volume status should change from ``creating`` to " "``available``:" msgstr "" #: ../launch-instance-cinder.rst:66 msgid "Attach the volume to an instance" msgstr "" #: ../launch-instance-cinder.rst:68 msgid "Attach a volume to an instance:" msgstr "" #: ../launch-instance-cinder.rst:76 msgid "" "Replace ``INSTANCE_NAME`` with the name of the instance and ``VOLUME_NAME`` " "with the name of the volume you want to attach to it." msgstr "" #: ../launch-instance-cinder.rst:79 #: ../launch-instance-networks-provider.rst:139 #: ../launch-instance-networks-selfservice.rst:120 msgid "**Example**" msgstr "" #: ../launch-instance-cinder.rst:81 msgid "Attach the ``volume1`` volume to the ``provider-instance`` instance:" msgstr "" #: ../launch-instance-cinder.rst:93 msgid "List volumes:" msgstr "" #: ../launch-instance-cinder.rst:107 msgid "" "Access your instance using SSH and use the ``fdisk`` command to verify " "presence of the volume as the ``/dev/vdb`` block storage device:" msgstr "" #: ../launch-instance-cinder.rst:137 msgid "" "You must create a file system on the device and mount it to use the volume." msgstr "" #: ../launch-instance-cinder.rst:140 msgid "" "For more information about how to manage volumes, see the `Manage volumes " "`__ in " "OpenStack End User Guide." msgstr "" #: ../launch-instance-cinder.rst:145 msgid "Return to :ref:`launch-instance`." msgstr "" #: ../launch-instance-networks-provider.rst:4 msgid "Provider network" msgstr "" #: ../launch-instance-networks-provider.rst:6 msgid "" "Before launching an instance, you must create the necessary virtual network " "infrastructure. For networking option 1, an instance uses a provider " "(external) network that connects to the physical network infrastructure via " "layer-2 (bridging/switching). This network includes a DHCP server that " "provides IP addresses to instances." msgstr "" #: ../launch-instance-networks-provider.rst:12 msgid "" "The ``admin`` or other privileged user must create this network because it " "connects directly to the physical network infrastructure." msgstr "" #: ../launch-instance-networks-provider.rst:17 #: ../launch-instance-networks-selfservice.rst:23 msgid "" "The following instructions and diagrams use example IP address ranges. You " "must adjust them for your particular environment." msgstr "" #: ../launch-instance-networks-provider.rst:23 msgid "**Networking Option 1: Provider networks - Overview**" msgstr "" #: ../launch-instance-networks-provider.rst:28 msgid "**Networking Option 1: Provider networks - Connectivity**" msgstr "" #: ../launch-instance-networks-provider.rst:31 msgid "Create the provider network" msgstr "" #: ../launch-instance-networks-provider.rst:33 #: ../launch-instance-networks-selfservice.rst:175 #: ../launch-instance-networks-selfservice.rst:249 msgid "" "On the controller node, source the ``admin`` credentials to gain access to " "admin-only CLI commands:" msgstr "" #: ../launch-instance-networks-provider.rst:42 #: ../launch-instance-networks-selfservice.rst:48 msgid "Create the network:" msgstr "" #: ../launch-instance-networks-provider.rst:84 msgid "The ``--share`` option allows all projects to use the virtual network." msgstr "" #: ../launch-instance-networks-provider.rst:86 msgid "" "The ``--external`` option defines the virtual network to be external. If you " "wish to create an internal network, you can use ``--internal`` instead. " "Default value is ``internal``." msgstr "" #: ../launch-instance-networks-provider.rst:90 msgid "" "The ``--provider-physical-network provider`` and ``--provider-network-type " "flat`` options connect the flat virtual network to the flat (native/" "untagged) physical network on the ``eth1`` interface on the host using " "information from the following files:" msgstr "" #: ../launch-instance-networks-provider.rst:95 #: ../launch-instance-networks-selfservice.rst:87 msgid "``ml2_conf.ini``:" msgstr "" #: ../launch-instance-networks-provider.rst:104 msgid "``linuxbridge_agent.ini``:" msgstr "" #: ../launch-instance-networks-provider.rst:113 #: ../launch-instance-networks-selfservice.rst:99 msgid "Create a subnet on the network:" msgstr "" #: ../launch-instance-networks-provider.rst:124 msgid "" "Replace ``PROVIDER_NETWORK_CIDR`` with the subnet on the provider physical " "network in CIDR notation." msgstr "" #: ../launch-instance-networks-provider.rst:127 msgid "" "Replace ``START_IP_ADDRESS`` and ``END_IP_ADDRESS`` with the first and last " "IP address of the range within the subnet that you want to allocate for " "instances. This range must not include any existing active IP addresses." msgstr "" #: ../launch-instance-networks-provider.rst:132 #: ../launch-instance-networks-selfservice.rst:109 msgid "" "Replace ``DNS_RESOLVER`` with the IP address of a DNS resolver. In most " "cases, you can use one from the ``/etc/resolv.conf`` file on the host." msgstr "" #: ../launch-instance-networks-provider.rst:136 msgid "" "Replace ``PROVIDER_NETWORK_GATEWAY`` with the gateway IP address on the " "provider network, typically the \".1\" IP address." msgstr "" #: ../launch-instance-networks-provider.rst:141 msgid "" "The provider network uses 203.0.113.0/24 with a gateway on 203.0.113.1. A " "DHCP server assigns each instance an IP address from 203.0.113.101 to " "203.0.113.250. All instances use 8.8.4.4 as a DNS resolver." msgstr "" #: ../launch-instance-networks-provider.rst:180 #: ../launch-instance-networks-selfservice.rst:309 msgid "" "Return to :ref:`Launch an instance - Create virtual networks `." msgstr "" #: ../launch-instance-networks-selfservice.rst:4 msgid "Self-service network" msgstr "" #: ../launch-instance-networks-selfservice.rst:6 msgid "" "If you chose networking option 2, you can also create a self-service " "(private) network that connects to the physical network infrastructure via " "NAT. This network includes a DHCP server that provides IP addresses to " "instances. An instance on this network can automatically access external " "networks such as the Internet. However, access to an instance on this " "network from external networks such as the Internet requires a :term:" "`floating IP address`." msgstr "" #: ../launch-instance-networks-selfservice.rst:13 msgid "" "The ``demo`` or other unprivileged user can create this network because it " "provides connectivity to instances within the ``demo`` project only." msgstr "" #: ../launch-instance-networks-selfservice.rst:18 msgid "" "You must :ref:`create the provider network ` before the self-service network." msgstr "" #: ../launch-instance-networks-selfservice.rst:29 msgid "**Networking Option 2: Self-service networks - Overview**" msgstr "" #: ../launch-instance-networks-selfservice.rst:34 msgid "**Networking Option 2: Self-service networks - Connectivity**" msgstr "" #: ../launch-instance-networks-selfservice.rst:37 msgid "Create the self-service network" msgstr "" #: ../launch-instance-networks-selfservice.rst:39 #: ../launch-instance-provider.rst:12 ../launch-instance-selfservice.rst:12 msgid "" "On the controller node, source the ``demo`` credentials to gain access to " "user-only CLI commands:" msgstr "" #: ../launch-instance-networks-selfservice.rst:83 msgid "" "Non-privileged users typically cannot supply additional parameters to this " "command. The service automatically chooses parameters using information from " "the following files:" msgstr "" #: ../launch-instance-networks-selfservice.rst:113 msgid "" "Replace ``SELFSERVICE_NETWORK_GATEWAY`` with the gateway you want to use on " "the self-service network, typically the \".1\" IP address." msgstr "" #: ../launch-instance-networks-selfservice.rst:116 msgid "" "Replace ``SELFSERVICE_NETWORK_CIDR`` with the subnet you want to use on the " "self-service network. You can use any arbitrary value, although we recommend " "a network from `RFC 1918 `_." msgstr "" #: ../launch-instance-networks-selfservice.rst:122 msgid "" "The self-service network uses 172.16.1.0/24 with a gateway on 172.16.1.1. A " "DHCP server assigns each instance an IP address from 172.16.1.2 to " "172.16.1.254. All instances use 8.8.4.4 as a DNS resolver." msgstr "" #: ../launch-instance-networks-selfservice.rst:162 msgid "Create a router" msgstr "" #: ../launch-instance-networks-selfservice.rst:164 msgid "" "Self-service networks connect to provider networks using a virtual router " "that typically performs bidirectional NAT. Each router contains an interface " "on at least one self-service network and a gateway on a provider network." msgstr "" #: ../launch-instance-networks-selfservice.rst:168 msgid "" "The provider network must include the ``router:external`` option to enable " "self-service routers to use it for connectivity to external networks such as " "the Internet. The ``admin`` or other privileged user must include this " "option during network creation or add it later. In this case, the ``router:" "external`` option was set by using the ``--external`` parameter when " "creating the ``provider`` network." msgstr "" #: ../launch-instance-networks-selfservice.rst:184 msgid "" "Source the ``demo`` credentials to gain access to user-only CLI commands:" msgstr "" #: ../launch-instance-networks-selfservice.rst:192 msgid "Create the router:" msgstr "" #: ../launch-instance-networks-selfservice.rst:222 msgid "Add the self-service network subnet as an interface on the router:" msgstr "" #: ../launch-instance-networks-selfservice.rst:232 msgid "Set a gateway on the provider network on the router:" msgstr "" #: ../launch-instance-networks-selfservice.rst:245 msgid "" "We recommend that you verify operation and fix any issues before proceeding. " "The following steps use the IP address ranges from the network and subnet " "creation examples." msgstr "" #: ../launch-instance-networks-selfservice.rst:258 msgid "" "List network namespaces. You should see one ``qrouter`` namespace and two " "``qdhcp`` namespaces." msgstr "" #: ../launch-instance-networks-selfservice.rst:271 msgid "" "List ports on the router to determine the gateway IP address on the provider " "network:" msgstr "" #: ../launch-instance-networks-selfservice.rst:291 msgid "" "Ping this IP address from the controller node or any host on the physical " "provider network:" msgstr "" #: ../launch-instance-provider.rst:4 msgid "Launch an instance on the provider network" msgstr "" #: ../launch-instance-provider.rst:7 ../launch-instance-selfservice.rst:7 msgid "Determine instance options" msgstr "" #: ../launch-instance-provider.rst:9 ../launch-instance-selfservice.rst:9 msgid "" "To launch an instance, you must at least specify the flavor, image name, " "network, security group, key, and instance name." msgstr "" #: ../launch-instance-provider.rst:21 ../launch-instance-selfservice.rst:21 msgid "" "A flavor specifies a virtual resource allocation profile which includes " "processor, memory, and storage." msgstr "" #: ../launch-instance-provider.rst:24 ../launch-instance-selfservice.rst:24 msgid "List available flavors:" msgstr "" #: ../launch-instance-provider.rst:40 ../launch-instance-selfservice.rst:40 msgid "You can also reference a flavor by ID." msgstr "" #: ../launch-instance-provider.rst:42 ../launch-instance-selfservice.rst:42 msgid "List available images:" msgstr "" #: ../launch-instance-provider.rst:56 ../launch-instance-selfservice.rst:56 msgid "This instance uses the ``cirros`` image." msgstr "" #: ../launch-instance-provider.rst:58 ../launch-instance-selfservice.rst:58 msgid "List available networks:" msgstr "" #: ../launch-instance-provider.rst:73 msgid "" "This instance uses the ``provider`` provider network. However, you must " "reference this network using the ID instead of the name." msgstr "" #: ../launch-instance-provider.rst:78 msgid "" "If you chose option 2, the output should also contain the ``selfservice`` " "self-service network." msgstr "" #: ../launch-instance-provider.rst:81 ../launch-instance-selfservice.rst:76 msgid "List available security groups:" msgstr "" #: ../launch-instance-provider.rst:95 ../launch-instance-selfservice.rst:90 msgid "This instance uses the ``default`` security group." msgstr "" #: ../launch-instance-provider.rst:98 msgid "Launch the instance" msgstr "" #: ../launch-instance-provider.rst:100 ../launch-instance-selfservice.rst:92 msgid "Launch the instance:" msgstr "" #: ../launch-instance-provider.rst:102 msgid "" "Replace ``PROVIDER_NET_ID`` with the ID of the ``provider`` provider network." msgstr "" #: ../launch-instance-provider.rst:107 msgid "" "If you chose option 1 and your environment contains only one network, you " "can omit the ``--nic`` option because OpenStack automatically chooses the " "only network available." msgstr "" #: ../launch-instance-provider.rst:150 ../launch-instance-selfservice.rst:137 msgid "Check the status of your instance:" msgstr "" #: ../launch-instance-provider.rst:164 ../launch-instance-selfservice.rst:152 msgid "" "The status changes from ``BUILD`` to ``ACTIVE`` when the build process " "successfully completes." msgstr "" #: ../launch-instance-provider.rst:168 msgid "Access the instance using the virtual console" msgstr "" #: ../launch-instance-provider.rst:170 ../launch-instance-selfservice.rst:158 msgid "" "Obtain a :term:`Virtual Network Computing (VNC)` session URL for your " "instance and access it from a web browser:" msgstr "" #: ../launch-instance-provider.rst:188 ../launch-instance-selfservice.rst:176 msgid "" "If your web browser runs on a host that cannot resolve the ``controller`` " "host name, you can replace ``controller`` with the IP address of the " "management interface on your controller node." msgstr "" #: ../launch-instance-provider.rst:192 ../launch-instance-selfservice.rst:180 msgid "" "The CirrOS image includes conventional user name/password authentication and " "provides these credentials at the login prompt. After logging into CirrOS, " "we recommend that you verify network connectivity using ``ping``." msgstr "" #: ../launch-instance-provider.rst:197 msgid "Verify access to the provider physical network gateway:" msgstr "" #: ../launch-instance-provider.rst:215 ../launch-instance-selfservice.rst:203 msgid "Verify access to the internet:" msgstr "" #: ../launch-instance-provider.rst:234 ../launch-instance-selfservice.rst:222 msgid "Access the instance remotely" msgstr "" #: ../launch-instance-provider.rst:236 msgid "" "Verify connectivity to the instance from the controller node or any host on " "the provider physical network:" msgstr "" #: ../launch-instance-provider.rst:255 ../launch-instance-selfservice.rst:296 msgid "" "Access your instance using SSH from the controller node or any host on the " "provider physical network:" msgstr "" #: ../launch-instance-provider.rst:269 ../launch-instance-selfservice.rst:310 msgid "" "If your instance does not launch or seem to work as you expect, see the " "`Instance Boot Failures `__ section in OpenStack Operations Guide " "for more information or use one of the :doc:`many other options ` to seek assistance. We want your first installation to work!" msgstr "" #: ../launch-instance-provider.rst:276 ../launch-instance-selfservice.rst:317 msgid "Return to :ref:`Launch an instance `." msgstr "" #: ../launch-instance-selfservice.rst:4 msgid "Launch an instance on the self-service network" msgstr "" #: ../launch-instance-selfservice.rst:73 msgid "" "This instance uses the ``selfservice`` self-service network. However, you " "must reference this network using the ID instead of the name." msgstr "" #: ../launch-instance-selfservice.rst:94 msgid "" "Replace ``SELFSERVICE_NET_ID`` with the ID of the ``selfservice`` network." msgstr "" #: ../launch-instance-selfservice.rst:156 msgid "Access the instance using a virtual console" msgstr "" #: ../launch-instance-selfservice.rst:185 msgid "Verify access to the self-service network gateway:" msgstr "" #: ../launch-instance-selfservice.rst:224 msgid "Create a :term:`floating IP address` on the provider virtual network:" msgstr "" #: ../launch-instance-selfservice.rst:250 msgid "Associate the floating IP address with the instance:" msgstr "" #: ../launch-instance-selfservice.rst:262 msgid "Check the status of your floating IP address:" msgstr "" #: ../launch-instance-selfservice.rst:277 msgid "" "Verify connectivity to the instance via floating IP address from the " "controller node or any host on the provider physical network:" msgstr "" #: ../launch-instance.rst:5 ../launch-instance.rst:191 msgid "Launch an instance" msgstr "" #: ../launch-instance.rst:7 msgid "" "This section creates the necessary virtual networks to support launching " "instances. Networking option 1 includes one provider (external) network with " "one instance that uses it. Networking option 2 includes one provider network " "with one instance that uses it and one self-service (private) network with " "one instance that uses it. The instructions in this section use command-line " "interface (CLI) tools on the controller node. However, you can follow the " "instructions on any host that the tools are installed. For more information " "on the CLI tools, see the `OpenStack End User Guide `__. To use the dashboard, see the " "`OpenStack End User Guide `__." msgstr "" #: ../launch-instance.rst:25 msgid "Create virtual networks" msgstr "" #: ../launch-instance.rst:27 msgid "" "Create virtual networks for the networking option that you chose in :ref:" "`networking`. If you chose option 1, create only the provider network. If " "you chose option 2, create the provider and self-service networks." msgstr "" #: ../launch-instance.rst:38 msgid "" "After creating the appropriate networks for your environment, you can " "continue preparing the environment to launch an instance." msgstr "" #: ../launch-instance.rst:42 msgid "Create m1.nano flavor" msgstr "" #: ../launch-instance.rst:44 msgid "" "The smallest default flavor consumes 512 MB memory per instance. For " "environments with compute nodes containing less than 4 GB memory, we " "recommend creating the ``m1.nano`` flavor that only requires 64 MB per " "instance. Only use this flavor with the CirrOS image for testing purposes." msgstr "" #: ../launch-instance.rst:72 msgid "Generate a key pair" msgstr "" #: ../launch-instance.rst:74 msgid "" "Most cloud images support :term:`public key authentication` rather than " "conventional password authentication. Before launching an instance, you must " "add a public key to the Compute service." msgstr "" #: ../launch-instance.rst:78 msgid "Source the ``demo`` project credentials:" msgstr "" #: ../launch-instance.rst:86 msgid "Generate a key pair and add a public key:" msgstr "" #: ../launch-instance.rst:105 msgid "" "Alternatively, you can skip the ``ssh-keygen`` command and use an existing " "public key." msgstr "" #: ../launch-instance.rst:108 msgid "Verify addition of the key pair:" msgstr "" #: ../launch-instance.rst:123 msgid "Add security group rules" msgstr "" #: ../launch-instance.rst:125 msgid "" "By default, the ``default`` security group applies to all instances and " "includes firewall rules that deny remote access to instances. For Linux " "images such as CirrOS, we recommend allowing at least ICMP (ping) and secure " "shell (SSH)." msgstr "" #: ../launch-instance.rst:130 msgid "Add rules to the ``default`` security group:" msgstr "" #: ../launch-instance.rst:132 msgid "Permit :term:`ICMP ` (ping):" msgstr "" #: ../launch-instance.rst:161 msgid "Permit secure shell (SSH) access:" msgstr "" #: ../launch-instance.rst:193 msgid "" "If you chose networking option 1, you can only launch an instance on the " "provider network. If you chose networking option 2, you can launch an " "instance on the provider network and the self-service network." msgstr "" #: ../launch-instance.rst:208 msgid "" "If your environment includes the Block Storage service, you can create a " "volume and attach it to an instance." msgstr "" #: ../launch-instance.rst:217 msgid "Orchestration" msgstr "" #: ../launch-instance.rst:219 msgid "" "If your environment includes the Orchestration service, you can create a " "stack that launches an instance." msgstr "" #: ../launch-instance.rst:222 msgid "" "For more information, see the `Orchestration installation guide `_." msgstr "" #: ../launch-instance.rst:226 msgid "Shared File Systems" msgstr "" #: ../launch-instance.rst:228 msgid "" "If your environment includes the Shared File Systems service, you can create " "a share and mount it in an instance." msgstr "" #: ../launch-instance.rst:231 msgid "" "For more information, see the `Shared File Systems installation guide " "`_." msgstr "" #: ../neutron-compute-install-option1.rst:2 #: ../neutron-controller-install-option1.rst:2 ../neutron-verify-option1.rst:2 #: ../overview.rst:135 msgid "Networking Option 1: Provider networks" msgstr "" #: ../neutron-compute-install-option1.rst:4 #: ../neutron-compute-install-option2.rst:4 msgid "Configure the Networking components on a *compute* node." msgstr "" #: ../neutron-compute-install-option1.rst:7 #: ../neutron-compute-install-option2.rst:7 #: ../neutron-controller-install-option1.rst:262 #: ../neutron-controller-install-option2.rst:282 msgid "Configure the Linux bridge agent" msgstr "" #: ../neutron-compute-install-option1.rst:9 #: ../neutron-compute-install-option2.rst:9 #: ../neutron-controller-install-option1.rst:264 #: ../neutron-controller-install-option2.rst:284 msgid "" "The Linux bridge agent builds layer-2 (bridging and switching) virtual " "networking infrastructure for instances and handles security groups." msgstr "" #: ../neutron-compute-install-option1.rst:12 #: ../neutron-compute-install-option2.rst:12 #: ../neutron-controller-install-option1.rst:267 #: ../neutron-controller-install-option2.rst:287 msgid "" "Edit the ``/etc/neutron/plugins/ml2/linuxbridge_agent.ini`` file and " "complete the following actions:" msgstr "" #: ../neutron-compute-install-option1.rst:15 #: ../neutron-compute-install-option2.rst:15 #: ../neutron-controller-install-option1.rst:270 #: ../neutron-controller-install-option2.rst:290 msgid "" "In the ``[linux_bridge]`` section, map the provider virtual network to the " "provider physical network interface:" msgstr "" #: ../neutron-compute-install-option1.rst:26 #: ../neutron-compute-install-option2.rst:26 #: ../neutron-controller-install-option1.rst:281 #: ../neutron-controller-install-option2.rst:301 msgid "" "Replace ``PROVIDER_INTERFACE_NAME`` with the name of the underlying provider " "physical network interface. See :ref:`environment-networking` for more " "information." msgstr "" #: ../neutron-compute-install-option1.rst:30 #: ../neutron-controller-install-option1.rst:285 msgid "In the ``[vxlan]`` section, disable VXLAN overlay networks:" msgstr "" #: ../neutron-compute-install-option1.rst:40 #: ../neutron-compute-install-option2.rst:51 #: ../neutron-controller-install-option1.rst:295 #: ../neutron-controller-install-option2.rst:326 msgid "" "In the ``[securitygroup]`` section, enable security groups and configure the " "Linux bridge :term:`iptables` firewall driver:" msgstr "" #: ../neutron-compute-install-option1.rst:53 #: ../neutron-compute-install-option2.rst:64 msgid "" "Return to :ref:`Networking compute node configuration `." msgstr "" #: ../neutron-compute-install-option2.rst:2 #: ../neutron-controller-install-option2.rst:2 ../neutron-verify-option2.rst:2 #: ../overview.rst:161 msgid "Networking Option 2: Self-service networks" msgstr "" #: ../neutron-compute-install-option2.rst:30 #: ../neutron-controller-install-option2.rst:305 msgid "" "In the ``[vxlan]`` section, enable VXLAN overlay networks, configure the IP " "address of the physical network interface that handles overlay networks, and " "enable layer-2 population:" msgstr "" #: ../neutron-compute-install-option2.rst:44 msgid "" "Replace ``OVERLAY_INTERFACE_IP_ADDRESS`` with the IP address of the " "underlying physical network interface that handles overlay networks. The " "example architecture uses the management interface to tunnel traffic to the " "other nodes. Therefore, replace ``OVERLAY_INTERFACE_IP_ADDRESS`` with the " "management IP address of the compute node. See :ref:`environment-networking` " "for more information." msgstr "" #: ../neutron-compute-install.rst:2 msgid "Install and configure compute node" msgstr "" #: ../neutron-compute-install.rst:4 msgid "" "The compute node handles connectivity and :term:`security groups ` for instances." msgstr "" #: ../neutron-compute-install.rst:10 ../neutron-compute-install.rst:23 #: ../neutron-compute-install.rst:40 #: ../neutron-controller-install-option1.rst:7 #: ../neutron-controller-install-option2.rst:7 msgid "Install the components" msgstr "" #: ../neutron-compute-install.rst:52 msgid "Configure the common component" msgstr "" #: ../neutron-compute-install.rst:54 msgid "" "The Networking common component configuration includes the authentication " "mechanism, message queue, and plug-in." msgstr "" #: ../neutron-compute-install.rst:59 #: ../neutron-controller-install-option1.rst:57 #: ../neutron-controller-install-option2.rst:59 msgid "" "Edit the ``/etc/neutron/neutron.conf`` file and complete the following " "actions:" msgstr "" #: ../neutron-compute-install.rst:62 msgid "" "In the ``[database]`` section, comment out any ``connection`` options " "because compute nodes do not directly access the database." msgstr "" #: ../neutron-compute-install.rst:77 #: ../neutron-controller-install-option1.rst:104 #: ../neutron-controller-install-option2.rst:107 msgid "" "Replace ``RABBIT_PASS`` with the password you chose for the ``openstack`` " "account in RabbitMQ." msgstr "" #: ../neutron-compute-install.rst:104 ../neutron-compute-install.rst:167 #: ../neutron-controller-install-option1.rst:131 #: ../neutron-controller-install-option2.rst:134 #: ../neutron-controller-install.rst:274 msgid "" "Replace ``NEUTRON_PASS`` with the password you chose for the ``neutron`` " "user in the Identity service." msgstr "" #: ../neutron-compute-install.rst:129 ../neutron-controller-install.rst:181 msgid "Configure networking options" msgstr "" #: ../neutron-compute-install.rst:131 msgid "" "Choose the same networking option that you chose for the controller node to " "configure services specific to it. Afterwards, return here and proceed to :" "ref:`neutron-compute-compute`." msgstr "" #: ../neutron-compute-install.rst:144 ../neutron-controller-install.rst:248 msgid "Configure the Compute service to use the Networking service" msgstr "" #: ../neutron-compute-install.rst:146 ../nova-compute-install.rst:77 #: ../nova-controller-install.rst:363 msgid "" "Edit the ``/etc/nova/nova.conf`` file and complete the following actions:" msgstr "" #: ../neutron-compute-install.rst:148 msgid "In the ``[neutron]`` section, configure access parameters:" msgstr "" #: ../neutron-compute-install.rst:175 ../neutron-compute-install.rst:209 #: ../neutron-compute-install.rst:231 ../nova-compute-install.rst:417 msgid "Restart the Compute service:" msgstr "" #: ../neutron-compute-install.rst:183 msgid "" "Start the Linux bridge agent and configure it to start when the system boots:" msgstr "" #: ../neutron-compute-install.rst:197 msgid "" "The Networking service initialization scripts expect the variable " "``NEUTRON_PLUGIN_CONF`` in the ``/etc/sysconfig/neutron`` file to reference " "the ML2 plug-in configuration file. Ensure that the ``/etc/sysconfig/" "neutron`` file contains the following:" msgstr "" #: ../neutron-compute-install.rst:217 msgid "" "Start the Linux Bridge agent and configure it to start when the system boots:" msgstr "" #: ../neutron-compute-install.rst:239 msgid "Restart the Linux bridge agent:" msgstr "" #: ../neutron-concepts.rst:2 msgid "Networking (neutron) concepts" msgstr "" #: ../neutron-concepts.rst:4 msgid "" "OpenStack Networking (neutron) manages all networking facets for the Virtual " "Networking Infrastructure (VNI) and the access layer aspects of the Physical " "Networking Infrastructure (PNI) in your OpenStack environment. OpenStack " "Networking enables projects to create advanced virtual network topologies " "which may include services such as a :term:`firewall`, a :term:`load " "balancer`, and a :term:`virtual private network (VPN)`." msgstr "" #: ../neutron-concepts.rst:12 msgid "" "Networking provides networks, subnets, and routers as object abstractions. " "Each abstraction has functionality that mimics its physical counterpart: " "networks contain subnets, and routers route traffic between different " "subnets and networks." msgstr "" #: ../neutron-concepts.rst:17 msgid "" "Any given Networking set up has at least one external network. Unlike the " "other networks, the external network is not merely a virtually defined " "network. Instead, it represents a view into a slice of the physical, " "external network accessible outside the OpenStack installation. IP addresses " "on the external network are accessible by anybody physically on the outside " "network." msgstr "" #: ../neutron-concepts.rst:24 msgid "" "In addition to external networks, any Networking set up has one or more " "internal networks. These software-defined networks connect directly to the " "VMs. Only the VMs on any given internal network, or those on subnets " "connected through interfaces to a similar router, can access VMs connected " "to that network directly." msgstr "" #: ../neutron-concepts.rst:30 msgid "" "For the outside network to access VMs, and vice versa, routers between the " "networks are needed. Each router has one gateway that is connected to an " "external network and one or more interfaces connected to internal networks. " "Like a physical router, subnets can access machines on other subnets that " "are connected to the same router, and machines can access the outside " "network through the gateway for the router." msgstr "" #: ../neutron-concepts.rst:37 msgid "" "Additionally, you can allocate IP addresses on external networks to ports on " "the internal network. Whenever something is connected to a subnet, that " "connection is called a port. You can associate external network IP addresses " "with ports to VMs. This way, entities on the outside network can access VMs." msgstr "" #: ../neutron-concepts.rst:43 msgid "" "Networking also supports *security groups*. Security groups enable " "administrators to define firewall rules in groups. A VM can belong to one or " "more security groups, and Networking applies the rules in those security " "groups to block or unblock ports, port ranges, or traffic types for that VM." msgstr "" #: ../neutron-concepts.rst:49 msgid "" "Each plug-in that Networking uses has its own concepts. While not vital to " "operating the VNI and OpenStack environment, understanding these concepts " "can help you set up Networking. All Networking installations use a core plug-" "in and a security group plug-in (or just the No-Op security group plug-in). " "Additionally, Firewall-as-a-Service (FWaaS) and Load-Balancer-as-a-Service " "(LBaaS) plug-ins are available." msgstr "" #: ../neutron-controller-install-option1.rst:4 #: ../neutron-controller-install-option2.rst:4 msgid "" "Install and configure the Networking components on the *controller* node." msgstr "" #: ../neutron-controller-install-option1.rst:49 #: ../neutron-controller-install-option2.rst:57 msgid "Configure the server component" msgstr "" #: ../neutron-controller-install-option1.rst:51 msgid "" "The Networking server component configuration includes the database, " "authentication mechanism, message queue, topology change notifications, and " "plug-in." msgstr "" #: ../neutron-controller-install-option1.rst:71 #: ../neutron-controller-install-option2.rst:73 msgid "" "Replace ``NEUTRON_DBPASS`` with the password you chose for the database." msgstr "" #: ../neutron-controller-install-option1.rst:79 msgid "" "In the ``[DEFAULT]`` section, enable the Modular Layer 2 (ML2) plug-in and " "disable additional plug-ins:" msgstr "" #: ../neutron-controller-install-option1.rst:139 #: ../neutron-controller-install-option2.rst:142 msgid "" "In the ``[DEFAULT]`` and ``[nova]`` sections, configure Networking to notify " "Compute of network topology changes:" msgstr "" #: ../neutron-controller-install-option1.rst:163 #: ../neutron-controller-install-option2.rst:166 #: ../nova-compute-install.rst:150 ../nova-controller-install.rst:440 msgid "" "Replace ``NOVA_PASS`` with the password you chose for the ``nova`` user in " "the Identity service." msgstr "" #: ../neutron-controller-install-option1.rst:180 #: ../neutron-controller-install-option2.rst:183 msgid "Configure the Modular Layer 2 (ML2) plug-in" msgstr "" #: ../neutron-controller-install-option1.rst:182 #: ../neutron-controller-install-option2.rst:185 msgid "" "The ML2 plug-in uses the Linux bridge mechanism to build layer-2 (bridging " "and switching) virtual networking infrastructure for instances." msgstr "" #: ../neutron-controller-install-option1.rst:185 #: ../neutron-controller-install-option2.rst:188 msgid "" "Edit the ``/etc/neutron/plugins/ml2/ml2_conf.ini`` file and complete the " "following actions:" msgstr "" #: ../neutron-controller-install-option1.rst:188 msgid "In the ``[ml2]`` section, enable flat and VLAN networks:" msgstr "" #: ../neutron-controller-install-option1.rst:199 msgid "In the ``[ml2]`` section, disable self-service networks:" msgstr "" #: ../neutron-controller-install-option1.rst:210 msgid "In the ``[ml2]`` section, enable the Linux bridge mechanism:" msgstr "" #: ../neutron-controller-install-option1.rst:223 #: ../neutron-controller-install-option2.rst:227 msgid "" "After you configure the ML2 plug-in, removing values in the ``type_drivers`` " "option can lead to database inconsistency." msgstr "" #: ../neutron-controller-install-option1.rst:226 #: ../neutron-controller-install-option2.rst:234 msgid "In the ``[ml2]`` section, enable the port security extension driver:" msgstr "" #: ../neutron-controller-install-option1.rst:237 #: ../neutron-controller-install-option2.rst:245 msgid "" "In the ``[ml2_type_flat]`` section, configure the provider virtual network " "as a flat network:" msgstr "" #: ../neutron-controller-install-option1.rst:249 #: ../neutron-controller-install-option2.rst:269 msgid "" "In the ``[securitygroup]`` section, enable :term:`ipset` to increase " "efficiency of security group rules:" msgstr "" #: ../neutron-controller-install-option1.rst:309 #: ../neutron-controller-install-option2.rst:361 msgid "Configure the DHCP agent" msgstr "" #: ../neutron-controller-install-option1.rst:311 #: ../neutron-controller-install-option2.rst:363 msgid "The :term:`DHCP agent` provides DHCP services for virtual networks." msgstr "" #: ../neutron-controller-install-option1.rst:313 #: ../neutron-controller-install-option2.rst:365 msgid "" "Edit the ``/etc/neutron/dhcp_agent.ini`` file and complete the following " "actions:" msgstr "" #: ../neutron-controller-install-option1.rst:316 #: ../neutron-controller-install-option2.rst:368 msgid "" "In the ``[DEFAULT]`` section, configure the Linux bridge interface driver, " "Dnsmasq DHCP driver, and enable isolated metadata so instances on provider " "networks can access metadata over the network:" msgstr "" #: ../neutron-controller-install-option1.rst:331 #: ../neutron-controller-install-option2.rst:383 msgid "" "Return to :ref:`Networking controller node configuration `." msgstr "" #: ../neutron-controller-install-option2.rst:81 msgid "" "In the ``[DEFAULT]`` section, enable the Modular Layer 2 (ML2) plug-in, " "router service, and overlapping IP addresses:" msgstr "" #: ../neutron-controller-install-option2.rst:191 msgid "In the ``[ml2]`` section, enable flat, VLAN, and VXLAN networks:" msgstr "" #: ../neutron-controller-install-option2.rst:202 msgid "In the ``[ml2]`` section, enable VXLAN self-service networks:" msgstr "" #: ../neutron-controller-install-option2.rst:213 msgid "" "In the ``[ml2]`` section, enable the Linux bridge and layer-2 population " "mechanisms:" msgstr "" #: ../neutron-controller-install-option2.rst:232 msgid "The Linux bridge agent only supports VXLAN overlay networks." msgstr "" #: ../neutron-controller-install-option2.rst:257 msgid "" "In the ``[ml2_type_vxlan]`` section, configure the VXLAN network identifier " "range for self-service networks:" msgstr "" #: ../neutron-controller-install-option2.rst:319 msgid "" "Replace ``OVERLAY_INTERFACE_IP_ADDRESS`` with the IP address of the " "underlying physical network interface that handles overlay networks. The " "example architecture uses the management interface to tunnel traffic to the " "other nodes. Therefore, replace ``OVERLAY_INTERFACE_IP_ADDRESS`` with the " "management IP address of the controller node. See :ref:`environment-" "networking` for more information." msgstr "" #: ../neutron-controller-install-option2.rst:340 msgid "Configure the layer-3 agent" msgstr "" #: ../neutron-controller-install-option2.rst:342 msgid "" "The :term:`Layer-3 (L3) agent` provides routing and NAT services for self-" "service virtual networks." msgstr "" #: ../neutron-controller-install-option2.rst:345 msgid "" "Edit the ``/etc/neutron/l3_agent.ini`` file and complete the following " "actions:" msgstr "" #: ../neutron-controller-install-option2.rst:348 msgid "" "In the ``[DEFAULT]`` section, configure the Linux bridge interface driver " "and external network bridge:" msgstr "" #: ../neutron-controller-install.rst:7 msgid "" "Before you configure the OpenStack Networking (neutron) service, you must " "create a database, service credentials, and API endpoints." msgstr "" #: ../neutron-controller-install.rst:38 msgid "Create the ``neutron`` database:" msgstr "" #: ../neutron-controller-install.rst:46 msgid "" "Grant proper access to the ``neutron`` database, replacing " "``NEUTRON_DBPASS`` with a suitable password:" msgstr "" #: ../neutron-controller-install.rst:71 msgid "Create the ``neutron`` user:" msgstr "" #: ../neutron-controller-install.rst:92 msgid "Add the ``admin`` role to the ``neutron`` user:" msgstr "" #: ../neutron-controller-install.rst:104 msgid "Create the ``neutron`` service entity:" msgstr "" #: ../neutron-controller-install.rst:123 msgid "Create the Networking service API endpoints:" msgstr "" #: ../neutron-controller-install.rst:183 msgid "" "You can deploy the Networking service using one of two architectures " "represented by options 1 and 2." msgstr "" #: ../neutron-controller-install.rst:186 msgid "" "Option 1 deploys the simplest possible architecture that only supports " "attaching instances to provider (external) networks. No self-service " "(private) networks, routers, or floating IP addresses. Only the ``admin`` or " "other privileged user can manage provider networks." msgstr "" #: ../neutron-controller-install.rst:191 msgid "" "Option 2 augments option 1 with layer-3 services that support attaching " "instances to self-service networks. The ``demo`` or other unprivileged user " "can manage self-service networks including routers that provide connectivity " "between self-service and provider networks. Additionally, floating IP " "addresses provide connectivity to instances using self-service networks from " "external networks such as the Internet." msgstr "" #: ../neutron-controller-install.rst:198 msgid "" "Self-service networks typically use overlay networks. Overlay network " "protocols such as VXLAN include additional headers that increase overhead " "and decrease space available for the payload or user data. Without knowledge " "of the virtual network infrastructure, instances attempt to send packets " "using the default Ethernet :term:`maximum transmission unit (MTU)` of 1500 " "bytes. The Networking service automatically provides the correct MTU value " "to instances via DHCP. However, some cloud images do not use DHCP or ignore " "the DHCP MTU option and require configuration using metadata or a script." msgstr "" #: ../neutron-controller-install.rst:209 msgid "Option 2 also supports attaching instances to provider networks." msgstr "" #: ../neutron-controller-install.rst:211 msgid "" "Choose one of the following networking options to configure services " "specific to it. Afterwards, return here and proceed to :ref:`neutron-" "controller-metadata-agent`." msgstr "" #: ../neutron-controller-install.rst:224 msgid "Configure the metadata agent" msgstr "" #: ../neutron-controller-install.rst:226 msgid "" "The :term:`metadata agent ` provides configuration " "information such as credentials to instances." msgstr "" #: ../neutron-controller-install.rst:229 msgid "" "Edit the ``/etc/neutron/metadata_agent.ini`` file and complete the following " "actions:" msgstr "" #: ../neutron-controller-install.rst:232 msgid "" "In the ``[DEFAULT]`` section, configure the metadata host and shared secret:" msgstr "" #: ../neutron-controller-install.rst:245 msgid "" "Replace ``METADATA_SECRET`` with a suitable secret for the metadata proxy." msgstr "" #: ../neutron-controller-install.rst:250 msgid "" "Edit the ``/etc/nova/nova.conf`` file and perform the following actions:" msgstr "" #: ../neutron-controller-install.rst:252 msgid "" "In the ``[neutron]`` section, configure access parameters, enable the " "metadata proxy, and configure the secret:" msgstr "" #: ../neutron-controller-install.rst:277 msgid "" "Replace ``METADATA_SECRET`` with the secret you chose for the metadata proxy." msgstr "" #: ../neutron-controller-install.rst:285 msgid "" "The Networking service initialization scripts expect a symbolic link ``/etc/" "neutron/plugin.ini`` pointing to the ML2 plug-in configuration file, ``/etc/" "neutron/plugins/ml2/ml2_conf.ini``. If this symbolic link does not exist, " "create it using the following command:" msgstr "" #: ../neutron-controller-install.rst:296 ../neutron-controller-install.rst:405 msgid "Populate the database:" msgstr "" #: ../neutron-controller-install.rst:307 ../neutron-controller-install.rst:416 msgid "" "Database population occurs later for Networking because the script requires " "complete server and plug-in configuration files." msgstr "" #: ../neutron-controller-install.rst:310 msgid "" "If you receive the following Python exception, ``Could not parse rfc1738 URL " "from string``, move the `connection` option from the ``[default]`` section " "to the ``[database]`` section. Then, remove the single quotes from the value " "in the ``neutron.conf`` file." msgstr "" #: ../neutron-controller-install.rst:324 ../neutron-controller-install.rst:374 msgid "" "Start the Networking services and configure them to start when the system " "boots." msgstr "" #: ../neutron-controller-install.rst:327 ../neutron-controller-install.rst:377 #: ../neutron-controller-install.rst:429 msgid "For both networking options:" msgstr "" #: ../neutron-controller-install.rst:340 ../neutron-controller-install.rst:392 msgid "For networking option 2, also enable and start the layer-3 service:" msgstr "" #: ../neutron-controller-install.rst:355 msgid "" "SLES enables apparmor by default and restricts dnsmasq. You need to either " "completely disable apparmor or disable only the dnsmasq profile:" msgstr "" #: ../neutron-controller-install.rst:427 msgid "Restart the Networking services." msgstr "" #: ../neutron-controller-install.rst:440 msgid "For networking option 2, also restart the layer-3 service:" msgstr "" #: ../neutron-next-steps.rst:5 msgid "" "Your OpenStack environment now includes the core components necessary to " "launch a basic instance. You can :ref:`launch-instance` or add more " "OpenStack services to your environment." msgstr "" #: ../neutron-verify-option1.rst:4 ../neutron-verify-option2.rst:4 msgid "List agents to verify successful launch of the neutron agents:" msgstr "" #: ../neutron-verify-option1.rst:21 msgid "" "The output should indicate three agents on the controller node and one agent " "on each compute node." msgstr "" #: ../neutron-verify-option2.rst:22 msgid "" "The output should indicate four agents on the controller node and one agent " "on each compute node." msgstr "" #: ../neutron-verify.rst:17 msgid "" "List loaded extensions to verify successful launch of the ``neutron-server`` " "process:" msgstr "" #: ../neutron-verify.rst:116 msgid "Actual output may differ slightly from this example." msgstr "" #: ../neutron-verify.rst:118 msgid "" "Use the verification section for the networking option that you chose to " "deploy." msgstr "" #: ../neutron.rst:5 msgid "Networking service" msgstr "" #: ../neutron.rst:17 msgid "" "This chapter explains how to install and configure the Networking service " "(neutron) using the :ref:`provider networks ` or :ref:`self-" "service networks ` option." msgstr "" #: ../neutron.rst:21 msgid "" "For more information about the Networking service including virtual " "networking components, layout, and traffic flows, see the `OpenStack " "Networking Guide `__." msgstr "" #: ../nova-compute-install.rst:2 msgid "Install and configure a compute node" msgstr "" #: ../nova-compute-install.rst:4 msgid "" "This section describes how to install and configure the Compute service on a " "compute node. The service supports several :term:`hypervisors ` " "to deploy :term:`instances ` or :term:`VMs `. For simplicity, this configuration uses the :term:`QEMU ` hypervisor with the :term:`KVM ` " "extension on compute nodes that support hardware acceleration for virtual " "machines. On legacy hardware, this configuration uses the generic QEMU " "hypervisor. You can follow these instructions with minor modifications to " "horizontally scale your environment with additional compute nodes." msgstr "" #: ../nova-compute-install.rst:17 msgid "" "This section assumes that you are following the instructions in this guide " "step-by-step to configure the first compute node. If you want to configure " "additional compute nodes, prepare them in a similar fashion to the first " "compute node in the :ref:`example architectures ` section. Each additional compute node requires a unique IP " "address." msgstr "" #: ../nova-compute-install.rst:82 ../nova-controller-install.rst:368 msgid "" "In the ``[DEFAULT]`` section, enable only the compute and metadata APIs:" msgstr "" #: ../nova-compute-install.rst:98 msgid "In the ``[DEFAULT]`` section, set the ``compute_driver``:" msgstr "" #: ../nova-compute-install.rst:126 ../nova-controller-install.rst:416 msgid "" "In the ``[api]`` and ``[keystone_authtoken]`` sections, configure Identity " "service access:" msgstr "" #: ../nova-compute-install.rst:160 msgid "" "In the ``[DEFAULT]`` section, check that the ``my_ip`` option is correctly " "set (this value is handled by the config and postinst scripts of the ``nova-" "common`` package using debconf):" msgstr "" #: ../nova-compute-install.rst:173 ../nova-compute-install.rst:193 msgid "" "Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the " "management network interface on your compute node, typically 10.0.0.31 for " "the first node in the :ref:`example architecture `." msgstr "" #: ../nova-compute-install.rst:198 ../nova-controller-install.rst:462 msgid "" "In the ``[DEFAULT]`` section, enable support for the Networking service:" msgstr "" #: ../nova-compute-install.rst:212 msgid "" "By default, Compute uses an internal firewall service. Since Networking " "includes a firewall service, you must disable the Compute firewall service " "by using the ``nova.virt.firewall.NoopFirewallDriver`` firewall driver." msgstr "" #: ../nova-compute-install.rst:219 msgid "In the ``[vnc]`` section, enable and configure remote console access:" msgstr "" #: ../nova-compute-install.rst:233 msgid "" "The server component listens on all IP addresses and the proxy component " "only listens on the management interface IP address of the compute node. The " "base URL indicates the location where you can use a web browser to access " "remote consoles of instances on this compute node." msgstr "" #: ../nova-compute-install.rst:241 msgid "" "If the web browser to access remote consoles resides on a host that cannot " "resolve the ``controller`` hostname, you must replace ``controller`` with " "the management interface IP address of the controller node." msgstr "" #: ../nova-compute-install.rst:246 ../nova-controller-install.rst:511 msgid "" "In the ``[glance]`` section, configure the location of the Image service API:" msgstr "" #: ../nova-compute-install.rst:294 ../nova-controller-install.rst:574 msgid "" "Due to a packaging bug, remove the ``log_dir`` option from the ``[DEFAULT]`` " "section." msgstr "" #: ../nova-compute-install.rst:300 ../nova-controller-install.rst:579 msgid "In the ``[placement]`` section, configure the Placement API:" msgstr "" #: ../nova-compute-install.rst:316 ../nova-controller-install.rst:595 msgid "" "Replace ``PLACEMENT_PASS`` with the password you choose for the " "``placement`` user in the Identity service. Comment out any other options in " "the ``[placement]`` section." msgstr "" #: ../nova-compute-install.rst:322 msgid "Ensure the kernel module ``nbd`` is loaded." msgstr "" #: ../nova-compute-install.rst:330 msgid "" "Ensure the module loads on every boot by adding ``nbd`` to the ``/etc/" "modules-load.d/nbd.conf`` file." msgstr "" #: ../nova-compute-install.rst:338 msgid "" "Determine whether your compute node supports hardware acceleration for " "virtual machines:" msgstr "" #: ../nova-compute-install.rst:347 msgid "" "If this command returns a value of ``one or greater``, your compute node " "supports hardware acceleration which typically requires no additional " "configuration." msgstr "" #: ../nova-compute-install.rst:351 msgid "" "If this command returns a value of ``zero``, your compute node does not " "support hardware acceleration and you must configure ``libvirt`` to use QEMU " "instead of KVM." msgstr "" #: ../nova-compute-install.rst:357 msgid "" "Edit the ``[libvirt]`` section in the ``/etc/nova/nova.conf`` file as " "follows:" msgstr "" #: ../nova-compute-install.rst:373 msgid "" "Edit the ``[libvirt]`` section in the ``/etc/nova/nova-compute.conf`` file " "as follows:" msgstr "" #: ../nova-compute-install.rst:389 msgid "" "Replace the ``nova-compute-kvm`` package with ``nova-compute-qemu`` which " "automatically changes the ``/etc/nova/nova-compute.conf`` file and installs " "the necessary dependencies:" msgstr "" #: ../nova-compute-install.rst:403 msgid "" "Start the Compute service including its dependencies and configure them to " "start automatically when the system boots:" msgstr "" #: ../nova-compute-install.rst:429 msgid "" "If the ``nova-compute`` service fails to start, check ``/var/log/nova/nova-" "compute.log``. The error message ``AMQP server on controller:5672 is " "unreachable`` likely indicates that the firewall on the controller node is " "preventing access to port 5672. Configure the firewall to open port 5672 on " "the controller node and restart ``nova-compute`` service on the compute node." msgstr "" #: ../nova-compute-install.rst:437 msgid "Add the compute node to the cell database" msgstr "" #: ../nova-compute-install.rst:441 msgid "Run the following commands on the **controller** node." msgstr "" #: ../nova-compute-install.rst:443 msgid "" "Source the admin credentials to enable admin-only CLI commands, then confirm " "there are compute hosts in the database:" msgstr "" #: ../nova-compute-install.rst:457 msgid "Discover compute hosts:" msgstr "" #: ../nova-compute-install.rst:472 msgid "" "When you add new compute nodes, you must run ``nova-manage cell_v2 " "discover_hosts`` on the controller node to register those new compute nodes. " "Alternatively, you can set an appropriate interval in ``/etc/nova/nova." "conf``:" msgstr "" #: ../nova-controller-install.rst:4 msgid "" "This section describes how to install and configure the Compute service, " "code-named nova, on the controller node." msgstr "" #: ../nova-controller-install.rst:10 msgid "" "Before you install and configure the Compute service, you must create " "databases, service credentials, and API endpoints." msgstr "" #: ../nova-controller-install.rst:13 msgid "To create the databases, complete these steps:" msgstr "" #: ../nova-controller-install.rst:41 msgid "Create the ``nova_api``, ``nova``, and ``nova_cell0`` databases:" msgstr "" #: ../nova-controller-install.rst:51 msgid "Grant proper access to the databases:" msgstr "" #: ../nova-controller-install.rst:72 msgid "Replace ``NOVA_DBPASS`` with a suitable password." msgstr "" #: ../nova-controller-install.rst:85 msgid "Create the Compute service credentials:" msgstr "" #: ../nova-controller-install.rst:87 msgid "Create the ``nova`` user:" msgstr "" #: ../nova-controller-install.rst:108 msgid "Add the ``admin`` role to the ``nova`` user:" msgstr "" #: ../nova-controller-install.rst:120 msgid "Create the ``nova`` service entity:" msgstr "" #: ../nova-controller-install.rst:139 msgid "Create the Compute API service endpoints:" msgstr "" #: ../nova-controller-install.rst:196 msgid "Create a Placement service user using your chosen ``PLACEMENT_PASS``:" msgstr "" #: ../nova-controller-install.rst:215 msgid "Add the Placement user to the service project with the admin role:" msgstr "" #: ../nova-controller-install.rst:225 msgid "Create the Placement API entry in the service catalog:" msgstr "" #: ../nova-controller-install.rst:240 msgid "Create the Placement API service endpoints:" msgstr "" #: ../nova-controller-install.rst:349 msgid "" "``nova-api-metadata`` is included in the ``nova-api`` package, and can be " "selected through debconf." msgstr "" #: ../nova-controller-install.rst:354 msgid "" "A unique ``nova-consoleproxy`` package provides the ``nova-novncproxy``, " "``nova-spicehtml5proxy``, and ``nova-xvpvncproxy`` packages. To select " "packages, edit the ``/etc/default/nova-consoleproxy`` file or use the " "debconf interface. You can also manually edit the ``/etc/default/nova-" "consoleproxy`` file, and stop and start the console daemons." msgstr "" #: ../nova-controller-install.rst:382 msgid "" "In the ``[api_database]`` and ``[database]`` sections, configure database " "access:" msgstr "" #: ../nova-controller-install.rst:398 msgid "" "Replace ``NOVA_DBPASS`` with the password you chose for the Compute " "databases." msgstr "" #: ../nova-controller-install.rst:476 msgid "" "By default, Compute uses an internal firewall driver. Since the Networking " "service includes a firewall driver, you must disable the Compute firewall " "driver by using the ``nova.virt.firewall.NoopFirewallDriver`` firewall " "driver." msgstr "" #: ../nova-controller-install.rst:483 msgid "" "In the ``[vnc]`` section, configure the VNC proxy to use the management " "interface IP address of the controller node:" msgstr "" #: ../nova-controller-install.rst:499 msgid "In the ``[spice]`` section, disable spice:" msgstr "" #: ../nova-controller-install.rst:601 msgid "" "Due to a `packaging bug `_, you must enable access to the Placement API by adding the " "following configuration to ``/etc/httpd/conf.d/00-nova-placement-api.conf``:" msgstr "" #: ../nova-controller-install.rst:619 msgid "Restart the httpd service:" msgstr "" #: ../nova-controller-install.rst:629 msgid "Populate the nova-api database:" msgstr "" #: ../nova-controller-install.rst:641 msgid "Register the ``cell0`` database:" msgstr "" #: ../nova-controller-install.rst:649 msgid "Create the ``cell1`` cell:" msgstr "" #: ../nova-controller-install.rst:658 msgid "Populate the nova database:" msgstr "" #: ../nova-controller-install.rst:664 msgid "Verify nova cell0 and cell1 are registered correctly:" msgstr "" #: ../nova-controller-install.rst:685 msgid "Enable the placement API Apache vhost:" msgstr "" #: ../nova-controller-install.rst:692 ../nova-controller-install.rst:710 msgid "" "Start the Compute services and configure them to start when the system boots:" msgstr "" #: ../nova-controller-install.rst:728 msgid "Shutdown ``nova-spicehtml5proxy``:" msgstr "" #: ../nova-controller-install.rst:736 msgid "Select novnc startup in ``/etc/default/nova-consoleproxy``:" msgstr "" #: ../nova-controller-install.rst:745 msgid "" "Add a systemd service file for nova-novncproxy in ``/lib/systemd/system/nova-" "novncproxy.service``:" msgstr "" #: ../nova-controller-install.rst:776 msgid "Start the noVNC proxy:" msgstr "" #: ../nova-controller-install.rst:786 msgid "Restart the other Compute services:" msgstr "" #: ../nova-controller-install.rst:801 msgid "Restart the Compute services:" msgstr "" #: ../nova-verify.rst:4 msgid "Verify operation of the Compute service." msgstr "" #: ../nova-verify.rst:19 msgid "" "List service components to verify successful launch and registration of each " "process:" msgstr "" #: ../nova-verify.rst:39 msgid "" "This output should indicate three service components enabled on the " "controller node and one service component enabled on the compute node." msgstr "" #: ../nova-verify.rst:43 msgid "" "List API endpoints in the Identity service to verify connectivity with the " "Identity service:" msgstr "" #: ../nova-verify.rst:48 msgid "" "Below endpoints list may differ depending on the installation of OpenStack " "components." msgstr "" #: ../nova-verify.rst:89 msgid "Ignore any warnings in this output." msgstr "" #: ../nova-verify.rst:91 msgid "" "List images in the Image service to verify connectivity with the Image " "service:" msgstr "" #: ../nova-verify.rst:104 msgid "Check the cells and placement API are working successfully:" msgstr "" #: ../nova.rst:3 msgid "Compute service" msgstr "" #: ../overview.rst:3 msgid "Overview" msgstr "" #: ../overview.rst:5 msgid "" "The :term:`OpenStack` project is an open source cloud computing platform " "that supports all types of cloud environments. The project aims for simple " "implementation, massive scalability, and a rich set of features. Cloud " "computing experts from around the world contribute to the project." msgstr "" #: ../overview.rst:10 msgid "" "OpenStack provides an :term:`Infrastructure-as-a-Service (IaaS)` solution " "through a variety of complementary services. Each service offers an :term:" "`Application Programming Interface (API)` that facilitates this integration." msgstr "" #: ../overview.rst:15 msgid "" "This guide covers step-by-step deployment of the major OpenStack services " "using a functional example architecture suitable for new users of OpenStack " "with sufficient Linux experience. This guide is not intended to be used for " "production system installations, but to create a minimum proof-of-concept " "for the purpose of learning about OpenStack." msgstr "" #: ../overview.rst:21 msgid "" "After becoming familiar with basic installation, configuration, operation, " "and troubleshooting of these OpenStack services, you should consider the " "following steps toward deployment using a production architecture:" msgstr "" #: ../overview.rst:25 msgid "" "Determine and implement the necessary core and optional services to meet " "performance and redundancy requirements." msgstr "" #: ../overview.rst:28 msgid "" "Increase security using methods such as firewalls, encryption, and service " "policies." msgstr "" #: ../overview.rst:31 msgid "" "Implement a deployment tool such as Ansible, Chef, Puppet, or Salt to " "automate deployment and management of the production environment." msgstr "" #: ../overview.rst:37 msgid "Example architecture" msgstr "" #: ../overview.rst:39 msgid "" "The example architecture requires at least two nodes (hosts) to launch a " "basic :term:`virtual machine ` or instance. Optional " "services such as Block Storage and Object Storage require additional nodes." msgstr "" #: ../overview.rst:45 msgid "" "The example architecture used in this guide is a minimum configuration, and " "is not intended for production system installations. It is designed to " "provide a minimum proof-of-concept for the purpose of learning about " "OpenStack. For information on creating architectures for specific use cases, " "or how to determine which architecture is required, see the `Architecture " "Design Guide `_." msgstr "" #: ../overview.rst:52 msgid "" "This example architecture differs from a minimal production architecture as " "follows:" msgstr "" #: ../overview.rst:55 msgid "" "Networking agents reside on the controller node instead of one or more " "dedicated network nodes." msgstr "" #: ../overview.rst:58 msgid "" "Overlay (tunnel) traffic for self-service networks traverses the management " "network instead of a dedicated network." msgstr "" #: ../overview.rst:61 msgid "" "For more information on production architectures, see the `Architecture " "Design Guide `_, `OpenStack " "Operations Guide `_, and `OpenStack " "Networking Guide `_." msgstr "" #: ../overview.rst:71 msgid "**Hardware requirements**" msgstr "" #: ../overview.rst:74 msgid "Controller" msgstr "" #: ../overview.rst:76 msgid "" "The controller node runs the Identity service, Image service, management " "portions of Compute, management portion of Networking, various Networking " "agents, and the Dashboard. It also includes supporting services such as an " "SQL database, :term:`message queue`, and :term:`NTP `." msgstr "" #: ../overview.rst:82 msgid "" "Optionally, the controller node runs portions of the Block Storage, Object " "Storage, Orchestration, and Telemetry services." msgstr "" #: ../overview.rst:85 msgid "The controller node requires a minimum of two network interfaces." msgstr "" #: ../overview.rst:88 msgid "Compute" msgstr "" #: ../overview.rst:90 msgid "" "The compute node runs the :term:`hypervisor` portion of Compute that " "operates instances. By default, Compute uses the :term:`KVM ` hypervisor. The compute node also runs a Networking service agent " "that connects instances to virtual networks and provides firewalling " "services to instances via :term:`security groups `." msgstr "" #: ../overview.rst:97 msgid "" "You can deploy more than one compute node. Each node requires a minimum of " "two network interfaces." msgstr "" #: ../overview.rst:103 msgid "" "The optional Block Storage node contains the disks that the Block Storage " "and Shared File System services provision for instances." msgstr "" #: ../overview.rst:106 ../overview.rst:120 msgid "" "For simplicity, service traffic between compute nodes and this node uses the " "management network. Production environments should implement a separate " "storage network to increase performance and security." msgstr "" #: ../overview.rst:110 msgid "" "You can deploy more than one block storage node. Each node requires a " "minimum of one network interface." msgstr "" #: ../overview.rst:114 msgid "Object Storage" msgstr "" #: ../overview.rst:116 msgid "" "The optional Object Storage node contain the disks that the Object Storage " "service uses for storing accounts, containers, and objects." msgstr "" #: ../overview.rst:124 msgid "" "This service requires two nodes. Each node requires a minimum of one network " "interface. You can deploy more than two object storage nodes." msgstr "" #: ../overview.rst:128 msgid "Networking" msgstr "" #: ../overview.rst:130 msgid "Choose one of the following virtual networking options." msgstr "" #: ../overview.rst:137 msgid "" "The provider networks option deploys the OpenStack Networking service in the " "simplest way possible with primarily layer-2 (bridging/switching) services " "and VLAN segmentation of networks. Essentially, it bridges virtual networks " "to physical networks and relies on physical network infrastructure for " "layer-3 (routing) services. Additionally, a :term:`DHCP` service provides IP address information to " "instances." msgstr "" #: ../overview.rst:147 msgid "" "This option lacks support for self-service (private) networks, layer-3 " "(routing) services, and advanced services such as :term:`LBaaS ` and :term:`FWaaS`. Consider the self-service networks option below if you desire " "these features." msgstr "" #: ../overview.rst:163 msgid "" "The self-service networks option augments the provider networks option with " "layer-3 (routing) services that enable :term:`self-service` networks using " "overlay segmentation methods such as :term:`VXLAN `. Essentially, it routes virtual networks to physical networks " "using :term:`NAT`. Additionally, this " "option provides the foundation for advanced services such as LBaaS and FWaaS." msgstr "" #: ../shared/edit_hosts_file.txt:1 msgid "Edit the ``/etc/hosts`` file to contain the following:" msgstr "" #: ../shared/edit_hosts_file.txt:25 msgid "" "Some distributions add an extraneous entry in the ``/etc/hosts`` file that " "resolves the actual hostname to another loopback IP address such as " "``127.0.1.1``. You must comment out or remove this entry to prevent name " "resolution problems. **Do not remove the 127.0.0.1 entry.**" msgstr "" #: ../shared/edit_hosts_file.txt:33 msgid "" "This guide includes host entries for optional services in order to reduce " "complexity should you choose to deploy them." msgstr "" #: ../shared/note_configuration_vary_by_distribution.rst:3 msgid "" "Default configuration files vary by distribution. You might need to add " "these sections and options rather than modifying existing sections and " "options. Also, an ellipsis (``...``) in the configuration snippets indicates " "potential default configuration options that you should retain." msgstr ""