The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
The Neutron command-line interface now accepts a Cisco Nexus 1000V-related attribute extension for the core Neutron resources. Additionally, new commands have been introduced for the Cisco Nexus 1000V Neutron plug-in's extended resources.
This CLI reference document describes the newly added attribute extension and commands and contains examples to demonstrate how they are used. For a complete list and description of network-related commands and arguments, see http://docs.openstack.org/api/openstack-network/2.0/content/.
The network and port objects have been extended to include the n1kv:profile_id attribute extension to enable network and port association with Cisco Nexus 1000V profiles. Use the profile_id extension at network creation to associate a network with a Cisco Nexus 1000V network profile and, at port creation, to associate a port with a Cisco Nexus 1000V policy profile.
Note |
Commands have been added to enable extended Neutron resources; these resources include the network profile, policy profile, profile binding, and credentials.
Note | The Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher does not support the network profile and credential commands. |
Network profile commands enable you to create, update, list, delete, and show Cisco Nexus 1000V network profile details.
Policy profile commands enable you to list and show details of your Cisco Nexus 1000V policy profile.
Profile binding options enable you to associate or disassociate Cisco Nexus 1000V policy and network profiles with tenants.
Credential commands enable you to create, update, delete, and show details of your Cisco Nexus 1000V credentials.
To create a Cisco Nexus 1000V credential, use the neutron cisco-credential-create command.
quantum_cisco-credential-createneutron cisco-credential-create [--help] credential-name credential-type [ --request-format { format} ] [ --tenant-id tenant-id ] [ --user_name username ] [ --password password ]
--help |
(Optional) Specifies the help message |
credential-name |
IP address of the credential. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. The IP address must be in the a.b.c.d format. |
credential-type |
Type of credential. The credential for the Nexus 1000V is n1kv. |
--tenant-id tenant-id |
(Optional) Specifies the owner's tenant ID. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
--user_name username |
(Optional) Specifies the username of the credential. The username is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--request-format format |
(Optional) Specifies the format of the request. Accepted values are json or xml. |
--password password |
(Optional) Specifies the password for the credential. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to create a credential:
$ neutron cisco-credential-create 172.23.181.101 N1KV --user_name admin --password mypwd
To delete a credential, use the neutron cisco-credential-delete command.
neutron cisco-credential-delete credential-id
credential-id |
ID of the credential to be deleted. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to delete a credential:
$ neutron cisco-credential-delete 9fff279d-2f3f-4a9c-b0fe-3a0ae91075c5
To list all available credentials, use the neutron cisco-credential-list command.
neutron cisco-credential-list
This command has no arguments or keywords.
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to list credentials:
$ neutron cisco-credential-list
To display the details for the credentials associated with a credential ID, use the neutron cisco-credential-show command.
neutron cisco-credential-show credential-id
credential-id |
ID of the credential. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to display details about the credential:
$ neutron cisco-credential-show 9fff279d-2f3f-4a9c-b0fe-3a0ae91075c5
To update a credential, use the neutron cisco-credential-update command.
neutron cisco-credential-update credential-id [ --user_name username ] [ --password password ]
credential-id |
ID of the credential. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
--user_name username |
(Optional) Specifies the username of the credential. The username is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--password password |
(Optional) Specifies the password for the credential. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to update a username and password:
$ neutron cisco-credential-update 9fff279d-2f3f-4a9c-b0fe-3a0ae91075c5 --user_name admin --password mypwd
To create a Cisco Nexus 1000V network profile, use the neutron cisco-network-profile-create command.
neutron cisco-network-profile-create [--sub_type{ type} ] [--segment_range segment-range] [--physical_network network] [--multicast_ip_range ip-range] [ (--add-tenant tenant-id)...] netprofileNamename { type}
--sub_type type |
(For Overlay and Trunk only.)Specifies the subtype for a specific type of network profile. The subtype is native_vxlan or enhanced for an overlay type of network profile and vlan for trunk type of network profile. |
--segment_range segment-range |
Specifies the range of the segment for vlan and vxlan types. The range is entered in a lowest to highest hyphen-separated format. The range of valid values for vlan types is 1 to 4095. The range of valid values for vxlan types is 4095 to 16000000. |
--physical_network network |
(For VLAN, only.) Specifies the name of the Layer 2 domain. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--multicast_ip_range ip-range |
Specifies the range of the IP address. This is only applicable for the native_vxlan sub_type. The range is entered in a lowest to highest hyphen-separated format. The range of valid values is from 224.0.1.0 to 239.255.255.255. The range 224.0.0.0 to 224.0.0.255 is reserved on the VSM. |
--add-tenant tenant-id |
Associates a tenant with the network profile. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. Can be repeated any number of times to add multiple tenants. When you add a new list of tenants using this keyword, the new list of tenants overwrites the existing list of tenants. |
netprofName name |
Name of the network profile. |
{type} |
Specifies the type of network profile. The type can be one of the following: vlan, overlay, or trunk. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to create a Cisco Nexus 1000V network profile:
$ neutron cisco-network-profile-create netprof vlan --segment_range 100-200 --physical_network physnet1
To delete a Cisco Nexus 1000V network profile, use the neutron cisco-network-profile-delete command.
neutron cisco-network-profile-delete network-profile
network-profile |
ID or name of the network profile. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters The ID is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to delete a Cisco Nexus 1000V network profile:
$ neutron cisco-network-profile-delete netProf
To list Cisco Nexus 1000V network profiles, use the neutron cisco-network-profile-list command.
neutron cisco-network-profile-list
This command has no arguments or keywords.
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to list Cisco Nexus 1000V network profiles:
$ neutron cisco-network-profile-list
To show Cisco Nexus 1000V network profile details, use the neutron cisco-network-profile-show command.
neutron cisco-network-profile-show network-profile-id
network-profile-id |
ID or name of the network profile. The network profile ID is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. The network profile name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
None
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
This example shows how to view Cisco Nexus 1000V network profile details:
$ neutron cisco-network-profile-show netProfId
To update a Cisco Nexus 1000V network profile information, use the neutron cisco-network-profile-update command.
neutron cisco-network-profile-update network-profile-name [ --request-format format] [ --add-tenant | --remove-tenant ] tenant-id
network-profile-name |
UUID or name of the network profile to update. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--request-format format |
(Optional) Specifies the format of the request. Accepted values are: json or xml. |
--add-tenant |
(Optional) Associates a tenant with a network profile. Can be repeated any number of times to add multiple tenants. When you add a new list of tenants using this keyword, the new list of tenants overwrites the existing list of tenants. |
--remove-tenant |
(Optional) Disassociates a tenant from the network. |
tenant-id |
ID of the tenant being added or removed. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
Release | Modification |
---|---|
OpenStack Juno |
This command has be deprecated and is not supported by Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) software and higher. |
OpenStack Havana |
This command was introduced. |
None
This example shows how to associate a tenant with a network profile:
$ neutron cisco-network-profile-update mynetprofile VLAN --add-tenant 1234-1234-1234-1234
To list available Cisco Nexus 1000V policy profiles, use the neutron cisco-policy-profile-list command.
neutron cisco-policy-profile-list
This command has no arguments or keywords.
None
Release | Modification |
---|---|
OpenStack Havana |
This command was introduced. |
This example shows how to list available Cisco Nexus 1000V policy profiles:
$ neutron policy-profile-list
To show Cisco Nexus 1000V policy profile details, use the neutron cisco-policy-profile-show command.
neutron cisco-policy-profile-show policy-profile-id
policy-profile-id |
UUID of the policy profile. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Havana |
This command was introduced. |
This example shows how to view Cisco Nexus 1000V policy profile details:
$ neutron cisco-policy-profile-show b9b8d5fa-41a3-4e59-bb1e-6a5e296908e1
To update a Cisco Nexus 1000V policy profile and associate or disassociate tenants, use the neutron cisco-policy-profile-update command.
neutron cisco-policy-profile-update policy-profile-id [ --request-format format] [ --add-tenant | --remove-tenant ] tenant-id
policy-profile-id |
ID of the policy profile being updated. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN.This is a UUID or name of the policy profile published in the OpenStack plugin from the VSM. |
--request-format format |
(Optional) Specifies the format of the request. Accepted values are: json or xml. |
--add-tenant |
(Optional) Associates a tenant with a policy profile. Can be repeated any number of times to add multiple tenants. |
--remove-tenant |
(Optional) Disassociates a tenant from the network. |
tenant-id |
ID of the tenant being added or removed. This is a UUID. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Havana |
These arguments were introduced. |
This example shows how to update a policy profile and associate a tenant:
$neutron cisco-policy-profile-update polprofId --add-tenant 1234-1234-1234-1234
To create a network and associate it with a Cisco Nexus 1000V network profile, use the neutron net-create command.
Note | For Cisco Nexus 1000V for KVM Release 5.2(1)SK3(2.2) and higher, --n1kv:profile_id is replaced with --n1kv:profile |
neutron net-create name --n1kv:profile_id profileId
name |
Name of the network. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--n1kv:profile_id |
Associates a network with a Cisco Nexus 1000V network profile. |
profileId |
UUID of the network profile. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Havana |
This attribute extension was introduced. |
This example shows how to create a network and associate the network with a Cisco Nexus 1000V network profile:
$ neutron net-create NetworkOne --n1kv:profile_id b9b8d5fa-41a3-4e59-bb1e-6a5e296908e1 $ neutron subnet-create NetworkOne 172.23.181.0/24 --name SubnetOne
To create a port and associate it with a Cisco Nexus 1000V policy profile, use the neutron port-create command.
neutron port-create name --n1kv:profile_id profile-id
name |
Name of the network. The name is a string with up to 255 characters. Characters can be numbers, upper and lowercase letters, and special characters. |
--n1kv:profile_id |
Associates a network with a Cisco Nexus 1000V policy profile. |
profile-id |
UUID of the policy profile. The value is 36 hexadecimal digits and hyphens in the format NNNNNNNN-NNNN-NNNN-NNNN-NNNNNNNNNNNN. |
None
Release | Modification |
---|---|
OpenStack Havana |
This attribute extension was introduced. |
This example shows how to create a port and associate it with a Cisco Nexus 1000V policy profile:
$ neutron port-create NetworkOne --n1kv:profile_id b9b8d5fa-41a3-4e59-bb1e-6a5e296908e1
The following configuration options appear in the cisco_n1k section in the cisco_plugins.ini file located at /etc/neutron/plugin.ini.
Configuration Option |
Description |
---|---|
integration_bridge = br-int |
Specify the name of the integration bridge to which the VIFs are attached. |
default_policy_profile = For example, default_policy_profile = service_profile |
The name of the policy profile that needs to be associated with a port, when a policy profile is not specified during port creation. |
network_node_policy_profile = For example, network_node_policy_profile = dhcp_pp |
The name of the policy profile that needs to be associated with a port owned by the network node (dhcp, router). |
default_network_profile = For example, default_network_profile = network_pool |
The name of the network profile to be associated with a network, when a network profile is not specified during network creation. The administrator must pre-create a network profile with this name. |
poll_duration = 60 |
The time (in seconds) for which the plug-in polls the VSM for updates in the policy profiles. The default value is 60. |
restrict_policy_profiles = For example, restrict_policy_profiles = False |
Specifies if tenants are restricted from accessing all the policy profiles. The default value is False, indicating that all tenants can access all the policy profiles. |
http_pool_size = 4 |
The number of threads that needs to be used to make HTTP requests to the VSM. |
http_timeout = 30 |
The time (in seconds) for which the plug-in waits for the VSM to respond. |
enable_sync_on_start = False |
Specifies if the plug-in should attempt to synchronize with the VSM when neutron is started. The default value is False, indicating that no full sync will be performed when neutron is started. |
enable_sync_on_error = False |
Specifies if the plug-in should attempt to synchronize with the VSM when there is a connection failure to the VSM. The default value is False, indicating that no full sync will be performed when there is a connection failure to the VSM. |
max_vsm_retries |
Number of VSM request retries the Neutron plug-in attempts before timing out. The default value is 2. |
sync_interval |
Number of seconds between checks of state between the plugin and VSM. The default value is 300 seconds. |
The following configuration options appear in the ml2_cisco_n1kv section in ml2_conf_cisco.ini file located at /etc/neutron/plugins/ml2/ml2_conf_cisco.ini.
Configuration Option |
Description |
---|---|
default_policy_profile |
Name of the policy profile to be associated with a port when a port is created. The default value is default-pp. For example: default_policy_profile = default-pp |
default_vlan_network_profile |
Name of the VLAN network profile to be associated with a network. The default value is default-vlan-np. For example: default_vlan_network_profile = default-vlan-np |
default_vxlan_network_profile |
Name of the VXLAN network profile to be associated with a network. The default value is default-vxlan-np. For example: default_vxlan_network_profile = default-vxlan-np |
poll_duration |
Time in seconds for which the plugin polls the VSM for updates in policy profiles. The default value is 60 seconds. For example: poll_duration = 60 |
http_timeout |
Timeout duration in seconds for the HTTP request. The default value is 15 seconds. For example: http_timeout = 15 |
restrict_policy_profiles |
Specifies whether tenants are restricted from accessing all of the policy profiles. The default value is false, indicating that all tenants can access all policy profiles. For example: restrict_policy_profiles = false |
n1kv_vsm_ips |
Specifies the IP addresses in order for the plugin to connect to the VSM. You can enter multiple IP addresses separated by commas. For example: n1kv_vsm_ips = 192.0.2.1, 192.0.2.2 |
username |
Specifies the username in order for the plugin to log into the VSM. For example: username = user |
password |
Specifies the password in order for the plugin to log into the VSM. For example: password = secret |