Hi Allan,
On 10/01/14 02:16, Alan Murrell wrote:
Hello Lior,
Thank you for your reply.
Sure, let's try to get that setup of yours working :)
Quoting "Lior Vernia" <lvernia(a)redhat.com>:
> This way the firewall VM will get something like "eth1" for VLAN 1,
> "eth2" for VLAN 200 and so forth, which might be close enough to what
> you described on your previous setup (oVirt currently doesn't allow
> creating VLANs inside VMs). And if I correctly understood your needs it
> will save you the trouble you described below (well, you would need the
> one dummy interface).
That would be doable, except I am not sure if there is a limit to the
number of vNICs a VM could have and/or if there is an OS-level limit to
how many? It is also a bit "messier" IMO, but that is more of a
personal issue than a technical one, and one I could probably get over :-)
oVirt does not enforce any sort of limit on the number of vNICs. I
personally don't know about KVM or your VMs' OS, but this should be
Googleable.
When you say that oVirt currently doesn't allow creating VLANs
inside
VMs, are you referring to the use of VLAN interfaces like I describe
(e.g., "eth1.1", "eth1.2", "eth1.10", etc.)? If so, is
that an oVirt
limitation, or a KVM one?
Yes, sorry, I realise now that my phrasing was only half-understandable.
I indeed meant that oVirt doesn't support attaching more than one
network to the same vNIC (be it VLAN-tagged or not). I doubt that this
is a KVM limitation (but I'm no expert on KVM), I think it's just
something that we haven't yet found a strong case for in oVirt.
I have seen examples where one can create a "Trunk" with
KVM and Open
vSwitch, and I thought for some reason oVirt used Open vSwitch, but none
of the commands I tried from the examples were found. A check of
<
http://www.ovirt.org/Features/Node/OpenVSwitchSupport> shows that
indeed there does not appear to be any integration yet, and it is only
60% done :-(
I actually know nothing of the link you provided, but I can offer
alternatives.
If you REALLY want to use OVS with oVirt NOW, you could take advantage
of its integration with OpenStack Neutron. That would require you to
install another machine (should be possible on an all-in-one setup too)
as a Neutron server. This might go smoothly or it might cause you some
headaches.
http://www.ovirt.org/Features/Detailed_OSN_Integration
It will probably become possible in the future to use OVS with oVirt
directly (although I can't promise or commit on the time frame) by
leveraging a development process that's going on in VDSM networking
right now. In fact, if you're a developer you could help make it happen
and control the time frame yourself by contributing to an OVS backend.
http://www.ovirt.org/Feature/NetworkReloaded
With regards to using the dummy interfaces, I realised I probably do
not
need to add them to a bridge, since they would be physical NICs in
production (this is just for testing). I initially did create the
"ovirtvm" bridge before I realised that, but have made them
"stand-alone" NICs with no IPs attached to them, but they are not
"green" in oVirt when I try to attach my logical networks to them under
"Networks > Hosts > vmhost01 > Setup Host Networks".
When I am in "Setup Host Networks", I see my dummy interfaces, but they
have a red dot instead of a green one (like what "eth0" has). I can my
logical networks to them, but the "Network Device Status" has a red
arrow pointing down. Here are my ifcfg-dummy* files:
I'm not an expert on these things, but this "Down" status is basically
the "administrative" link state on the host. From my experience when
logical networks are attached via the Setup Networks dialog, it does go
up, although I haven't tried without an IP address. Also, it's worth
trying to see if the actual networking works even if the NIC shows as
down, or to ifup the NIC manually if it doesn't.
--- ifcfg-dummy0 ---
DEVICE=dummy0
ONBOOT=yes
TYPE=Ethernet
DELAY=0
BOOTPROTO=none
NM_CONTROLLED=no
STP=no
--- ifcfg-dummy0 ---
My "ifcfg-dummy1" is identical, except of course it has
"DEVICE=dummy1"
in it. The interfaces do come up on the host, but as I said, in "Setup
Host Networks" they have a red dot instead of a green one. Perhaps I do
need to assign an IP? I can maybe assign a "dummy" one (i.e., one that
I would never use)?
-Alan
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users