Hi, Please check out this deep dive to see how the OVN provider is set up: https://www.youtube.com/watch?v=vGeouWfKJwA&t=10s By adding a subnet to the external network you will get a dhcp server on this network that will use the defined subnet. Try using affinity groups to make our VM come up on a specific groups. To allow to connect your nic with the public IP you can connect it to the vm as a passtrough device. Adding one more NIC connected to an OVN network would give you a VM connected to both. Another (not so clean) possiblity is to create an ovirt network, add it to the host, and connect the VM to it. On the host you will see that a bridge will be created for the network. You could then add your NIC that goes to the remote networks to the bridge created for the network on your host (manual action). This would also be possible using an OVN network with just the single NIC from that VM connected, and the external NIC plugged into the OVS bridge used for OVN (with manual OVN configuration). On Wed, Aug 23, 2017 at 11:32 AM, Mitch <mitchinseattle2014@gmail.com> wrote:
Hi,
I am trying to understand the best way to structure our network with oVirt.
We have a number of servers hosted in a remote datacenter, all with a single NIC with a single public IP.
One server also has a /26 subnet mapped to it which we have to present on a specific MAC address.
What I am trying to do is have all our VMs on a private subnet 10.2.3.0/24 for example, and use OVN to make that subnet available across all oVirt hosts, (PeerVPN and Tinc are also options I’m looking at).
On the single host with the /26 on it, I plan to run an instance of Opnsense or similar as a VM, with two NICs, one bridged to eth0 with the specific MAC required for the public subnet, and one that will connect to the private virtual network, I could then do 1-to-1 NAT for those hosts on the private network that need to be publically accessible.
I know this isn’t the ideal setup, but we have to work with in the constraints required by the datacenter we are using.
Unfortunately I can’t work out how to configure this in oVirt, I assume I need to set up a logical network for the private subnet, using OVN as an external provider, and set up another logical subnet for the public address space and attach that to a specific host in the cluster?
For the public address space, how do I bridge that to eth0 and give it a specific MAC address? Also how can I ensure my Opnsense VM comes up on a specific host?
For the private network, is OVN the best approach, or am I better off looking at other mesh VPN solutions to build an internal network across our oVirt hosts?
Any comments or suggestions will be greatly appreciated.
Thanks :) _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users