Tuesday, August 13th session of the vBrownBag OpenStack Sack Lunch Series: Couch to OpenStack. With Sean Winn's help, we cover Neutron, the OpenStack Networking Service formerly known as Quantum. Neutron configures network access and services for your OpenStack instances. Credit to Ken Pepple for the OpenStack Project Diagram, and to Dan Wendlandt and the VMware Team for the workflow used in the lab

1. Neutron (the project formerly known as Quantum) – Network
Couch To OpenStack

2. - Deploy an additional node
- Modify resource allocations as needed
- … Let’s take a look:
Vagrantfile Review

3. - BEFORE you vagrant up:
- Make sure you have at least 8 GB RAM available just for
the VMs
- You can decrease RAM required by modifying the
Vagrantfile
- git clone https://github.com/bunchc/Couch_to_OpenStack.git
- cd Couch_to_OpenStack
- vagrant up
Build Time!

4. - Subscribe & Recordings: http://bit.ly/BrownbagPodcast
- Sign up for the rest of the series:
http://openstack.prov12n.com/about-couch-to-openstack/
Some Logistics

5. On Twitter: #vBrownBag
Also: @VMTrooper, @Jfrappier, @seanmwinn
Join the conversation

6. - New Edition: http://www.packtpub.com/openstack-cloud-
computing-cookbook-second-edition/book
- Old Edition: http://amzn.to/12eI6rX
Buy the Book

7. 7/2/2013 – Intro to OpenStack
7/9/2013 – Vagrant Primer
7/16/2013 – Identity services (Keystone)
7/23/2013 – Image services (Glance)
7/30/2013 – Compute Services (Nova)
8/6/2013 – Block Storage / Volume Services (Cinder)
8/13/2013 – Networking Services (Neutron fka Quantum) << We Are Here
8/20/2013 – C2OS Office Hours (Review, catch-up, Q&A)
8/27/2013 – VMworld US Break
9/3/2013 – Monitoring & Troubleshooting
9/10/2013 – HA OpenStack
9/17/2013 – DevOps Deployments
Note: Dates are subject to change depending on how far we get in each lesson.
The Rest of the Series

8. Use the automated Cinder Install and manually install
Quantum
Remember we have a G+ Support group here:
http://bit.ly/C2OSGooglePlus
Homework Review

9. - Creates the Controller, Compute, Cinder and Quantum
Nodes
- Sets variables required for Quantum deployment
- Creates a Quantum Service and Endpoint in Keystone
- Updates MySQL
- Creates a Quantum DB
- Assigns the Quantum User to the DB
- Installs Quantum
- Configures Quantum settings
Build – What’s it doing?

10. - Networking Services for Cloud Instances
- Replaces nova-network
- Advanced capabilities such as plugins for managing
network vendor gear and software, load balancing, API
for applications to interact with and respond to network
management
Neutron Intro

11. Cinder Architecture

12. Neutron Components
Component Purpose
neutron-server Allow API access for users and other OpenStack services
neutron-*-plugin-
agent
Allow Neutron to dictate network policy to Open
vSwitch
neutron-l3-agent Provide L3 Services to the OpenStack Instances
neutron-dhcp-agent Provide DHCP addressing to the Instances
ovs-vswitchd* Open vSwitch – provide networking for the Instances

13. Neutron Architecture

14. - http://docs.openstack.org/grizzly/openstack-
network/admin/content/nova_with_quantum.html
- http://docs.openstack.org/trunk/openstack-
network/admin/content/Architecture.html
Concepts – Reference

15. - vagrant ssh controller
- sudo su -
- cat .stackrc
- export OS_TENANT_NAME=cookbook
- export OS_USERNAME=admin
- export OS_PASSWORD=openstack
- export OS_AUTH_URL=http://${MY_IP}:5000/v2.0/
- source /vagrant/.stackrc
Using Quantum!

16. - keystone service-list
+----------------------------------+----------+----------+----------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+----------------------------+
| 685e7a8f4d564565ae9b92aa3acefb11 | ec2 | ec2 | EC2 Service |
| d6389fe30e2e47e38894a7704654c8af | glance | image | OpenStack Image Service |
| e100b742241e4b449426c37310f8dac1 | keystone | identity | OpenStack Identity Service |
| e8d68889d06b4dacb3029b4127b64ff8 | network | network | Quantum Network Service |
| bde08cc22a714a45acadc5f55c469941 | nova | compute | OpenStack Compute Service |
| baabd87fc7f2443388502fed5c02192d | volume | volume | Volume Service |
+----------------------------------+----------+----------+----------------------------+
- keystone service-get <UUID>
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Quantum Network Service |
| id | e8d68889d06b4dacb3029b4127b64ff8 |
| name | network |
| type | network |
+-------------+----------------------------------+
Verify Quantum Service

17. - quantum agent-list
+--------------------------------------+--------------------+--------------+-------+----------------+
| id | agent_type | host | alive | admin_state_up |
+--------------------------------------+--------------------+--------------+-------+----------------+
| 3f83ef61-dc16-48aa-ab88-1d94ab31be64 | L3 agent | quantum.book | :-) | True |
| 9020fe03-ccaf-4450-a734-d01131e3bf38 | Open vSwitch agent | compute.book | :-) | True |
| 9b253d53-ae65-4037-b59d-2f731cfdc221 | Open vSwitch agent | quantum.book | :-) | True |
| de9f06b0-58af-403f-a6bf-99f3d4f3e315 | DHCP agent | quantum.book | :-) | True |
+--------------------------------------+--------------------+--------------+-------+----------------+
Verify Quantum Components

18. - Public Network to access OpenStack Compute instances:
quantum net-create public-net --router:external=True
quantum subnet-create --name public-subnet public-net 192.168.80.32/27
- Private Network for internal communication:
quantum net-create private-net
quantum subnet-create --name private-subnet private-net 10.10.80.32/27
# store the private network’s UUID for future use
quantum net-show private-net
PRIVATE_NET_UUID=<private_net_id>
- Create a Router to allow external access:
quantum router-create router1
quantum router-gateway-set router1 public-net
quantum router-interface-add router1 private-subnet
- Create Access Rules (enable ssh and ICMP):
quantum security-group-create ssh
quantum security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-
range-min 22 --port-range-max 22 ssh
quantum security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp ssh
Configure Quantum Networks

19. - Create a certificate file for communication with your VM
nova keypair-add demo > demo.pem
chmod 0600 *.pem
- Verify your images
nova image-list OR glance image-list
+--------------------------------------+----------------------------+-------------+-----------+
| ID | Name | Disk Format | Size |
+--------------------------------------+----------------------------+-------------+-----------+
| bc670eb3-67dc-42f3-82b2-91e96f5eca52 | Cirros 0.3 | qcow2 | 9761280 |
| 90c17ca9-6447-4d45-b862-86366881c13a | Ubuntu 12.04 x86_64 Server | qcow2 | 252641280 |
+--------------------------------------+----------------------------+-------------+-----------+
- Boot a new instance of an image
nova boot --image <uuid> --flavor 2 --nic net-id=$PRIVATE_NET_UUID --key_name demo --
security_groups ssh myInstance
Create a Nova Instance

20. - Let’s get the port ID of the Instance NIC and store it in a variable
quantum port-list -c id -c fixed_ips -c device_owner
+---------+-----------------------------------------------------+--------------------------+
| id | fixed_ips | device_owner |
+---------+-----------------------------------------------------+--------------------------+
| 30...c3 | {"subnet_id": "...", "ip_address": "10.10.80.35"} | network:dhcp |
| 6c...a7 | {"subnet_id": "...", "ip_address": "10.10.80.34"} | compute:None |
| 7d...51 | {"subnet_id": "...", "ip_address": "10.10.80.33"} | network:router_interface |
| 8c...21 | {"subnet_id": "...", "ip_address": "192.168.80.34"} | network:router_gateway |
+---------+-----------------------------------------------------+--------------------------+
INSTANCUUID=6c4d5102-d72a-4bb0-ad30-934e4830baa7
- Attach the external network to your Instance NIC
quantum floatingip-create --port-id $INSTANCEUUID public-net
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | 10.10.80.34 |
| floating_ip_address | 192.168.80.35 | <--- External IP to use for ssh access
| floating_network_id | 20b71d30-0610-470c-a15d-063c85146aea |
| id | 05887958-1e21-4e96-931c-0217ecdd1618 |
| port_id | 6c4d5102-d72a-4bb0-ad30-934e4830baa7 |
| router_id | 53d2821d-a868-4707-98e5-27c51038f89d |
| tenant_id | 5870b183cef346249511993a96f4e38e |
+---------------------+--------------------------------------+
Enable External Access

21. Thanks Sean Winn for helping out with the Neutron Session tonight. I look forward to him
coming back for a session of his own on a future podcast.
Thank you Dan Wendlandt and your team at VMware for the great workflow that I used in the
Neutron lab. Viewers can see the VMware Team’s OpenStack Summit session on the OpenStack
Foundation YouTube Channel: http://www.youtube.com/watch?v=_pLPtGiGh9M
Acknowledgements

22. For next week’s session, we will be having C2OS Office Hours. This will allow us to review
what we have accomplished up until this point
1. If you have not had a chance to try out the test environments, now is the perfect time to
do so.
2. If you are already caught up with what we’ve done so far, try extending your environment
add another node to the deployment:
1. Additional Nova nodes
2. Additional Cinder nodes
1. Post ideas, questions, comments on the Google Plus Community: http://bit.ly/C2OSGooglePlus
Homework!