On 02/12/2013 12:36 PM, Nicolas Ecarnot wrote:
Le 11/02/2013 11:37, Matt . a écrit :
I'm struggeling setting up my network in oVirt at the moment as I would like to seperate specific VM's from other devices/clients in my network.
I have decent setup switching network using Vlans, this is also the fact for ovirt and the storage nodes where teh ports are seperated between storage and management.
Because I want to manage which client can acces which VM I need Vlan tagging. The question is where are we going to do this, on the VM itself or on the network I attach the VM's Nic to.
Hi,
I have also some related questions about VLAN tagging.
In any linux, I can create some virtual interfaces dedicated to some VLANs, like bond0:50 I was expecting oVirt to allow me to create such virtual interfaces, use them in an oVirt "virtual network". Thus, any VM using this "virtual network" would be insured to stay limited to this vlan.
I know I can create bond0:50 manually in Fedora, but I guess oVirt must be implied in the network setup.
You should follow the next steps: 1. Create a new logical network from the networks main tab: define its data-center and set its vlan-id to 50 (the VM network checkbox should be checked) 2. Click on the created network in the networks main tab ---> Select the 'Clusters' sub-tab and ---> click on 'Assign/Unassign Network' and attach the network to the cluster (which contains the hosts that are expected to run the VMs). 3. Click on 'hosts' sub-tab of the network main tab for the same network. You should be able to see the cluster's hosts. Select a host and click on 'Setup Networks'. 4. In the 'setup networks' dialog you would see the host's interfaces on the left side and the logical networks definition on the right. Drag the network on top of an interface, or first drag a nic on top of another to create a bond and then drag the network to that bond. A command will be sent from the engine to the vdsm on the host to configure the desired network configuration. 5. In order to persist the network configuration on the host you can check the 'save network configuration' from 4. Specifically in the case you've described, few device will be created on the host: 1. bond0 2. bond0.50 - the vlan device 3. 'your-network' - the vm network bridge will be created as a linux bridge on top of bond0.50
I also know I can setup my switches to make them do IP-vlan-tagging, but the solution above looks smarter to me.
How do one usually do in that case?