Book Image

LEARNING OPENSTACK NETWORKING (NEUTRON)

By : James Denton
Book Image

LEARNING OPENSTACK NETWORKING (NEUTRON)

By: James Denton

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
LEARNING OPENSTACK NETWORKING (NEUTRON)
James Denton
Oct, 2014 | 300 pages
No titles found
Table of Contents (17 chapters)
Learning OpenStack Networking (Neutron)
Learning OpenStack Networking (Neutron)
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Preparing the Network for OpenStack
Preparing the Network for OpenStack
What is OpenStack Networking?
Preparing the physical infrastructure
Physical server connections
Summary
2
Installing OpenStack
Installing OpenStack
System requirements
Before you begin
Installation of OpenStack
Summary
3
Installing Neutron
Installing Neutron
Basic Neutron constructs
Installing and configuring Neutron services
Configuring Neutron services
Summary
4
Building a Virtual Switching Infrastructure
Building a Virtual Switching Infrastructure
Providing layer 2 connectivity to instances
Types of networks in Neutron
Choosing a networking plugin
Configuring a layer 2 networking plugin
Summary
5
Creating Networks with Neutron
Creating Networks with Neutron
Network management
Attaching instances to networks
Exploring how instances get their addresses
Exploring how instances retrieve their metadata
Summary
6
Creating Routers with Neutron
Creating Routers with Neutron
Configuring the Neutron L3 agent
Router management in the CLI
Network Address Translation
Floating IP Management
Demonstrating traffic flow from instance to Internet
Router management in the dashboard
Summary
7
Load Balancing Traffic in Neutron
Load Balancing Traffic in Neutron
Fundamentals of load balancing
Integrating load balancers into the network
Installing LBaaS
Load balancer management in the CLI
Building a load balancer
Load balancer management in the dashboard
Summary
8
Protecting Instances on the Network
Protecting Instances on the Network
Security groups in OpenStack
Firewall-as-a-service
Introducing iptables
Working with security groups
Working with FWaaS
Firewall rules – behind the scenes
Summary
Additional Neutron Commands
Additional Neutron Commands
Neutron extensions
Virtual private networks
Per-tenant quotas
Cisco Nexus 1000V command reference
VMware/Nicera command reference
ML2 Configuration
ML2 Configuration
Installing the ML2 plugin
Configuring the ML2 plugin
Index
Index

Per-tenant quotas

To prevent system resources from being exhausted, Neutron supports per-tenant quota limits via the quotas extension. Every tenant is bound to a default quota that is set by the administrator in the Neutron configuration file:

[quotas]
# resource name(s) that are supported in quota features
# quota_items = network,subnet,port
 
# number of networks allowed per tenant, and minus means unlimited
# quota_network = 10
 
# number of subnets allowed per tenant, and minus means unlimited
# quota_subnet = 10
 
# number of ports allowed per tenant, and minus means unlimited
# quota_port = 50

# number of security groups allowed per tenant, and minus means unlimited
# quota_security_group = 10

# number of security group rules allowed per tenant, and minus means unlimited
# quota_security_group_rule = 100

To change the default settings, change the value and uncomment the line associated with the quota you want to change. Restarting neutron-server is necessary for changes to take effect.

You can also set a quota to limit the number of routers and floating IPs per tenant by adding the following to the [quotas] section:

[quotas]
# number of routers allowed per tenant, and minus means unlimited
quota_router = 10
 
# number of floating IPs allowed per tenant, and minus means unlimited
quota_floatingip = 50

The following Neutron commands can be used to manage per-tenant quotas:

  • quota-delete

  • quota-list

  • quota-show

  • quota-update

Listing the default quotas

To see a list of the default quotas, use the Neutron quota-show command as follows:

Syntax: quota-show

The listed output will contain the default per-tenant Neutron quotas:

Updating tenant quotas

To update a quota for a specified tenant, use the Neutron quota-update command as follows:

Syntax: quota-update --tenant-id <ID of tenant> [--network NUM_OF_NETWORKS] [--port NUM_OF_PORTS] [--subnet NUM_OF_SUBNETS] [--floatingip NUM_OF_FLOATIP] [--security_group NUM_OF_SECGROUPS] [--security_group_rule NUM_OF_SECGRP_RULES] [--router NUM_OF_ROUTERS]

The attributes in brackets are optional and allow you to specify new values for the respective quota. You can update multiple attributes simultaneously, as shown in the following screenshot:

Listing tenant quotas

To list the quotas of a tenant, use the Neutron quota-list command as follows:

Syntax: quota-list --tenant-id <ID of tenant>

If a tenant is using default quotas, no output will be provided. If the quotas have been modified, the output will resemble the following screenshot:

Deleting tenant quotas

To revert tenant quotas to their default values, use the Neutron quota-delete command as follows:

Syntax: quota-delete --tenant-id <ID of tenant>

Note

The quota-delete command results in all per-tenant quotas being reverted to default values. It is not possible to revert a single quota.

Previous Section
End of Section
Next Section