Adding VLANs to a single-host, self-hosted-engine oVirt deployment?
HI, I've got a single oVirt host running a self-contained hosted-engine deployment. When I set it up I did not use VLANs in my network. I am in the process of moving my equipment, and in part of this move I would like to introduce VLANs into my network infrastructure. The documentation seems to imply that to add virtual networks and/or VLANs to a host that I need to put it into maintenance mode, configure it in the engine, and then resync the network. However, I don't think I can do that with a single-host environment. If I put the host into local maint mode, it will try to offload all my VMs, including the engine, which obviously it cannot do because there is no other host to migrate them to. So what's the approach to add VLANs in this situation? I should add that this system started at 4.0, and I'm still only running 4.1 (although I do plan to upgrade to 4.2 as part of this move). I'm hesitant to upgrade further because of the impending removal of SDK-3 -- I am depending on a script that uses ovirt-shell which I keep being told is going away. If ovirt-shell is still in 4.3 then I might consider upgrading to that as well. :) Thanks. -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
Definitely upgrade to 4.3.5, do this first. If you can afford to just image it and start over, do that. As long as your switch ports are configured correctly, adding vlans is simple. I don't put anything in maintenance to do it. Just go to networks -> New [image: image.png] Check the "enable VLAN tagging" and enter your vlan. You don't really need to change anything else. [image: image.png] Now you have a logical network and a Vnic profile for this vlan: [image: image.png] [image: image.png] Now you need to tell Ovirt what physical NIC you want this to operate on. Go to your host and select "Setup Host Networks" Drag the new network onto the NIC or bond you want to use: [image: image.png] [image: image.png] You can click the pencil and have this interface get an IP address if you want, but, you don't need to - your vms will get IPs. So you can leave this all alone in here: [image: image.png] Now when you are creating a VM, you can attach this Vnic profile. You could also add the Vnic to an existing VM. [image: image.png] And that's it. If you have the VM configured to DHCP, and you have a dhcp server listening on that Vlan, it will work. If your VM doesn't get an IP, check your router's DHCP logs to see if it hears anything from the Mac address of your VM's nic. If you also have a DNS resolver that adds DHCP entries, and your VM has a hostname configured in cloud-init, you'll even be able to resolve the FQDN to your VM immediately. Hope this helps! On Fri, Aug 16, 2019 at 3:44 AM Derek Atkins <derek@ihtfp.com> wrote:
HI,
I've got a single oVirt host running a self-contained hosted-engine deployment. When I set it up I did not use VLANs in my network. I am in the process of moving my equipment, and in part of this move I would like to introduce VLANs into my network infrastructure. The documentation seems to imply that to add virtual networks and/or VLANs to a host that I need to put it into maintenance mode, configure it in the engine, and then resync the network. However, I don't think I can do that with a single-host environment. If I put the host into local maint mode, it will try to offload all my VMs, including the engine, which obviously it cannot do because there is no other host to migrate them to. So what's the approach to add VLANs in this situation?
I should add that this system started at 4.0, and I'm still only running 4.1 (although I do plan to upgrade to 4.2 as part of this move). I'm hesitant to upgrade further because of the impending removal of SDK-3 -- I am depending on a script that uses ovirt-shell which I keep being told is going away. If ovirt-shell is still in 4.3 then I might consider upgrading to that as well. :)
Thanks.
-derek
-- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/3KR6PJE2XHNISX...
Hi, On Fri, August 16, 2019 1:49 pm, Vincent Royer wrote:
Definitely upgrade to 4.3.5, do this first. If you can afford to just image it and start over, do that.
Does 4.3 still support ovirt-shell? I cannot re-image, I need to upgrade. That only means I need to do it in two steps, 4.1 -> 4.2 -> 4.3.
As long as your switch ports are configured correctly, adding vlans is simple. I don't put anything in maintenance to do it.
I have a bonded NIC (2x1Gbps); I presume I just need to tell the switch that this is a vlan trunk?
Just go to networks -> New
[image: image.png]
Check the "enable VLAN tagging" and enter your vlan. You don't really need to change anything else.
Do I need to edit ovirtmgmt and enable vlan tagging too?
[image: image.png]
Now you have a logical network and a Vnic profile for this vlan:
[image: image.png]
[image: image.png]
Now you need to tell Ovirt what physical NIC you want this to operate on. Go to your host and select "Setup Host Networks"
Drag the new network onto the NIC or bond you want to use:
So there's nothing special I need to set up on the host? I just need to add the new virtual networks to the existing bond/interface?
[image: image.png]
[image: image.png]
You can click the pencil and have this interface get an IP address if you want, but, you don't need to - your vms will get IPs. So you can leave this all alone in here:
This would be a host address on the VLAN? If so, I agree -- I don't think most VLANs will need that.
[image: image.png]
Now when you are creating a VM, you can attach this Vnic profile. You could also add the Vnic to an existing VM.
[image: image.png]
And that's it. If you have the VM configured to DHCP, and you have a dhcp server listening on that Vlan, it will work. If your VM doesn't get an IP, check your router's DHCP logs to see if it hears anything from the Mac address of your VM's nic. If you also have a DNS resolver that adds DHCP entries, and your VM has a hostname configured in cloud-init, you'll even be able to resolve the FQDN to your VM immediately.
Yeah, pretty much all VMs are DHCP. Thanks. I'll try this out. I still have at least 1-2 months before I can even entertain migrating, and it could be as long as 3-4 months. So I have time to think and plan.
Hope this helps!
Indeed. Major open question right now is ovirt-shell ;) -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
On Fri, Aug 16, 2019 at 11:12 AM Derek Atkins <derek@ihtfp.com> wrote:
Hi,
On Fri, August 16, 2019 1:49 pm, Vincent Royer wrote:
Definitely upgrade to 4.3.5, do this first. If you can afford to just image it and start over, do that.
Does 4.3 still support ovirt-shell?
I cannot re-image, I need to upgrade. That only means I need to do it in two steps, 4.1 -> 4.2 -> 4.3.
As long as your switch ports are configured correctly, adding vlans is simple. I don't put anything in maintenance to do it.
I have a bonded NIC (2x1Gbps); I presume I just need to tell the switch that this is a vlan trunk?
You just need to tag whatever VLANs you want to get through.
Just go to networks -> New
[image: image.png]
Check the "enable VLAN tagging" and enter your vlan. You don't really need to change anything else.
Do I need to edit ovirtmgmt and enable vlan tagging too?
What for?
[image: image.png]
Now you have a logical network and a Vnic profile for this vlan:
[image: image.png]
[image: image.png]
Now you need to tell Ovirt what physical NIC you want this to operate on. Go to your host and select "Setup Host Networks"
Drag the new network onto the NIC or bond you want to use:
So there's nothing special I need to set up on the host? I just need to add the new virtual networks to the existing bond/interface?
That's how it works for me.
[image: image.png]
[image: image.png]
You can click the pencil and have this interface get an IP address if you want, but, you don't need to - your vms will get IPs. So you can leave this all alone in here:
This would be a host address on the VLAN? If so, I agree -- I don't think most VLANs will need that.
I think maybe you need to if you want to be able to access the HE from that vlan? I've never needed to.
[image: image.png]
Now when you are creating a VM, you can attach this Vnic profile. You could also add the Vnic to an existing VM.
[image: image.png]
And that's it. If you have the VM configured to DHCP, and you have a dhcp server listening on that Vlan, it will work. If your VM doesn't get an IP, check your router's DHCP logs to see if it hears anything from the Mac address of your VM's nic. If you also have a DNS resolver that adds DHCP entries, and your VM has a hostname configured in cloud-init, you'll even be able to resolve the FQDN to your VM immediately.
Yeah, pretty much all VMs are DHCP.
What I do is leave them on DHCP, that way they come "UP" right away. Then I can reserve their IP in the router.
Thanks. I'll try this out. I still have at least 1-2 months before I can even entertain migrating, and it could be as long as 3-4 months. So I have time to think and plan.
Hope this helps!
Indeed. Major open question right now is ovirt-shell ;)
-derek
-- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
participants (2)
-
Derek Atkins -
Vincent Royer