Re: [Users] simple networking? [SOLVED] mostly

On 12/13/2013 7:56 AM, Bob Doolittle wrote: > > On 12/12/2013 11:04 PM, Ted Miller wrote: >> ________________________________________ >> From: users-bounces(a)ovirt.org <users-bounces(a)ovirt.org&gt; on behalf of >> Ted Miller <tmiller(a)hcjb.org&gt; >> Sent: Wednesday, November 27, 2013 12:18 PM >> To: users(a)ovirt.org >> Subject: [Users] simple networking? >> >> I am trying to set up a testing network using o-virt, but the >> networking is >> refusing to cooperate. I am testing for possible use in two different >> production setups. >> >> My previous experience has been with VMWare. I have always set up a >> single >> bridged network on each host. All my hosts, VMs, and non-VM >> computers were >> peers on the LAN. They could all talk to each other, and things >> worked very >> well. There was a firewall/gateway that provided access to the >> Internet, and >> hosts, VMs, and could all communicate with the Internet as needed. >> >> o-virt seems to be compartmentalizing things beyond all reason. >> Is there any way to set up simple networking, so ALL computers can >> see each >> other? >> Is there anywhere that describes the philosophy behind the >> networking setup? >> What reason is there that networks are so divided? >> >> After banging my head against the wall trying to configure just one >> host, I >> am very frustrated. I have spent several HOURS Googling for a coherent >> explanation of how/why networking is supposed to work, but only fine >> obscure >> references like "letting non-VMs see VM traffic would be a huge >> security >> violation". I have no concept of what king of an installation the >> o-virt >> designers have in mind, but it is obviously worlds different from >> what I am >> trying to do. >> >> The best I can tell, o-virt networking works like this (at least >> when you >> have only one NIC): >> there must be an ovirtmgt network, which cannot be combined with any >> other >> network. >> the ovirtmgt network cannot talk to VMs (unless that VM is >> running the >> engine) >> the ovirtmgt network can only talk to hosts, not to other >> non-VM computers >> a VM network can talk only to VMs >> cannot talk to hosts >> cannot talk to non-VMs >> hosts cannot talk to my LAN >> hosts cannot talk to VMs >> VMs cannot talk to my LAN >> All of the above are enforced by a boatload of firewall rules that >> o-virt >> puts into every host and VM under its jurisdiction. >> >> All of the above is inferred from things I Googled, because I can't >> find >> anywhere that explains what or how things are supposed to work--only >> things >> telling people WHAT THEY CANT DO. All I see on the mailing lists is >> people >> getting their hands slapped because they are trying to do SIMPLE >> SETUPS that >> should work, but don't (due to either design restrictions or >> software bugs). >> >> My use case A: >> * My (2 or 3) hosts have only one physical NIC. >> * My VMs exist to provide services to non-VM computers. >> * The VMs do not run X-windows, but they provide GUI programs to >> non-VMs via "ssh -X" connections. >> * MY VMs need access to storage that is shared with hosts and >> non-VMs on >> the LAN. >> >> Is there some way to TURN OFF network control in o-virt? My systems >> are >> small and static. I can hand-configure the networking a whole lot >> easier >> than I can deal with o-virt (as I have used it so far). Mostly I >> would need >> to be able to turn off the firewall rules on both hosts and VMs. >> >> banging head against wall, >> Ted >> ********************************************************* >> >> I have spent the last three days getting a Centos 6.5 host running >> under O-virt. >> >> Since the networking was just a small part of this, I am going to >> open an new thread >> to discuss the Centos 6.5 host setup process. Look for a thread >> titled something like >> "Centos 6.5 host configuration" if you want the gory details, or >> want to try if for yourself. >> >> My biggest problem is that the o-virt GUI is apparently incapable of >> setting >> up a bridge in Centos, which turned out to be what I needed. I had >> to set up the >> bridge BEFORE adding the host to the ovirt cluster. If the bridge >> was not set >> up ahead of time, the whole installation failed completely. >> >> The bridge was only one of a list of things that had to be done >> ahead of time, in order >> for the process to complete correctly. > > Ted, I have RHEL 6.5 running in a VM, and it can talk to all my VMs > and hosts on my LAN, and I didn't have to do anything special. I > didn't define any new networks or bridges or anything of the sort, > either in oVirt or on my host or engine. It just worked. > > I am running RHEL 6.5 on both my engine and my host, as well in this > particular VM. > > -Bob Do you have the Engine on a separate machine, or did you set up the host as an All-In-One? Did you install 6.5 or upgrade to 6.5?