On 12/13/2013 7:56 AM, Bob Doolittle wrote:
On 12/12/2013 11:04 PM, Ted Miller wrote:
> ________________________________________
> From: users-bounces(a)ovirt.org <users-bounces(a)ovirt.org> on behalf of Ted
> Miller <tmiller(a)hcjb.org>
> Sent: Wednesday, November 27, 2013 12:18 PM
> To: users(a)ovirt.org
> Subject: [Users] simple networking?
>
> I am trying to set up a testing network using o-virt, but the networking is
> refusing to cooperate. I am testing for possible use in two different
> production setups.
>
> My previous experience has been with VMWare. I have always set up a single
> bridged network on each host. All my hosts, VMs, and non-VM computers were
> peers on the LAN. They could all talk to each other, and things worked very
> well. There was a firewall/gateway that provided access to the Internet, and
> hosts, VMs, and could all communicate with the Internet as needed.
>
> o-virt seems to be compartmentalizing things beyond all reason.
> Is there any way to set up simple networking, so ALL computers can see each
> other?
> Is there anywhere that describes the philosophy behind the networking setup?
> What reason is there that networks are so divided?
>
> After banging my head against the wall trying to configure just one host, I
> am very frustrated. I have spent several HOURS Googling for a coherent
> explanation of how/why networking is supposed to work, but only fine obscure
> references like "letting non-VMs see VM traffic would be a huge security
> violation". I have no concept of what king of an installation the o-virt
> designers have in mind, but it is obviously worlds different from what I am
> trying to do.
>
> The best I can tell, o-virt networking works like this (at least when you
> have only one NIC):
> there must be an ovirtmgt network, which cannot be combined with any other
> network.
> the ovirtmgt network cannot talk to VMs (unless that VM is running the
> engine)
> the ovirtmgt network can only talk to hosts, not to other non-VM
> computers
> a VM network can talk only to VMs
> cannot talk to hosts
> cannot talk to non-VMs
> hosts cannot talk to my LAN
> hosts cannot talk to VMs
> VMs cannot talk to my LAN
> All of the above are enforced by a boatload of firewall rules that o-virt
> puts into every host and VM under its jurisdiction.
>
> All of the above is inferred from things I Googled, because I can't find
> anywhere that explains what or how things are supposed to work--only things
> telling people WHAT THEY CANT DO. All I see on the mailing lists is people
> getting their hands slapped because they are trying to do SIMPLE SETUPS that
> should work, but don't (due to either design restrictions or software bugs).
>
> My use case A:
> * My (2 or 3) hosts have only one physical NIC.
> * My VMs exist to provide services to non-VM computers.
> * The VMs do not run X-windows, but they provide GUI programs to
> non-VMs via "ssh -X" connections.
> * MY VMs need access to storage that is shared with hosts and non-VMs on
> the LAN.
>
> Is there some way to TURN OFF network control in o-virt? My systems are
> small and static. I can hand-configure the networking a whole lot easier
> than I can deal with o-virt (as I have used it so far). Mostly I would need
> to be able to turn off the firewall rules on both hosts and VMs.
>
> banging head against wall,
> Ted
> *********************************************************
>
> I have spent the last three days getting a Centos 6.5 host running under
> O-virt.
>
> Since the networking was just a small part of this, I am going to open an
> new thread
> to discuss the Centos 6.5 host setup process. Look for a thread titled
> something like
> "Centos 6.5 host configuration" if you want the gory details, or want to
> try if for yourself.
>
> My biggest problem is that the o-virt GUI is apparently incapable of setting
> up a bridge in Centos, which turned out to be what I needed. I had to set
> up the
> bridge BEFORE adding the host to the ovirt cluster. If the bridge was not
> set
> up ahead of time, the whole installation failed completely.
>
> The bridge was only one of a list of things that had to be done ahead of
> time, in order
> for the process to complete correctly.
Ted, I have RHEL 6.5 running in a VM, and it can talk to all my VMs and
hosts on my LAN, and I didn't have to do anything special. I didn't define
any new networks or bridges or anything of the sort, either in oVirt or on
my host or engine. It just worked.
I am running RHEL 6.5 on both my engine and my host, as well in this
particular VM.
-Bob
Do you have the Engine on a separate machine, or did you set up the host as
an All-In-One?
Did you install 6.5 or upgrade to 6.5?
Ted