------=_Part_650053_579042154.1413309486419 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Hello all, I've created a self-hosted ovirt engine with two node, but on the last steps the engine-setup could not attach the node to the "default" cluster. I think it was because I have different services on different vlans. I have vlan100 for glusterfs and vlan101 for vdsm hosts with different subnets. Also, I have an another connection (eth1) with different subnet for internet acces and this is the default route. I would like to separate ovirt services, networks and glusterfs to different vlans/subnets by security reasons. But I don't know what services need to be on same vlan/subnets. My questions/goals - which services need to connect to another ? - Is hosted engine's vm need to be on same network with gluster ? - Is hosted engine's vm need to be on same network with vdsm hosts? - I want to separate ovirt/gluster networks from ovirt VM-s/public internet access - I don't want to extra traffic on router Does anyone experience with this way? Thanks in advance Tibor ------=_Part_650053_579042154.1413309486419 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><body><div style=3D"font-family: times new roman, new york, times, se= rif; font-size: 12pt; color: #000000"><div><span style=3D"font-size: 12pt;"=
Hello all,</span></div><div><br></div><div>I've created a self-hosted ovir= t engine with two node, but on the last steps the engine-setup could not at= tach the node to the "default" cluster.</div><div>I think it was because I = have different services on different vlans.</div><div>I have vlan100 = for glusterfs and vlan101 for vdsm hosts with different subnets. Also, I ha= ve an another connection (eth1) with different subnet for internet acces an= d this is the default route.</div><div><br></div><div><span style=3D"font-s= ize: 12pt;"></span><span style=3D"font-size: 12pt;">I would like to separat= e ovirt services, networks and glusterfs to different vlans/subnets by secu= rity reasons.</span></div><div>But I don't know what services need to be on= same vlan/subnets.</div><div><br></div><div>My questions/goals</div><div><= br></div><div>- which services need to connect to another ?</div><div> </di= v><div>- Is hosted engine's vm need to be on same network with gluster ?&nb= sp;</div><div>- Is hosted engine's vm need to be on same network with vdsm = hosts?</div><div>- I want to separate ovirt/gluster networks from ovirt VM-= s/public internet access</div><div>- <span style=3D"font-size: 12pt;">= I don't want to extra traffic on router </span></div><div><br></div><d= iv>Does anyone experience with this way?</div><div><br></div><div>Thanks in= advance</div><div><br></div><div>Tibor </div><div><br></div><div><br>= </div></div></body></html> ------=_Part_650053_579042154.1413309486419--
Hi Demeter, This is an issue others have stumbled onto before, so it probably needs to be fixed; it's sort of a chicken-and-egg problem. For the time being, I think the workaround is to set up your storage network manually on the host as vlan101 (in an oVirt-compatible manner) before running engine-setup. In engine-setup you would then name the vlan102 device for the management network (which is used to communicate with hosts). Setting up the storage network in an oVirt-compatible manner can be performed by pre-installing vdsm (i.e. "yum install vdsm") yourself on your first host, then run something like: vdsClient -s 0 addNetwork bridge=storageNetworkName vlan=101 nic=eth0 \ BOOTPROTO=dhcp I hope I got it approximately right, can't commit that it's accurate :) I've also added specific answers to your questions below, please let us know if this does the trick or if you require more assistance. On 14/10/14 19:58, Demeter Tibor wrote:
Hello all,
I've created a self-hosted ovirt engine with two node, but on the last steps the engine-setup could not attach the node to the "default" cluster. I think it was because I have different services on different vlans. I have vlan100 for glusterfs and vlan101 for vdsm hosts with different subnets. Also, I have an another connection (eth1) with different subnet for internet acces and this is the default route.
I would like to separate ovirt services, networks and glusterfs to different vlans/subnets by security reasons. But I don't know what services need to be on same vlan/subnets.
My questions/goals
- which services need to connect to another ?
Could you be more specific? The management network is used to communicate between the engine and the hosts, the storage network is only used by the hosts (and not the engine) as far as I know.
- Is hosted engine's vm need to be on same network with gluster ?
To my understanding no, see above point.
- Is hosted engine's vm need to be on same network with vdsm hosts?
Yes, see above point :)
- I want to separate ovirt/gluster networks from ovirt VM-s/public internet access
Not sure how much "separation" you're looking to get, but shouldn't be a problem. For example, You can put the additional ("public") networks on different VLANs and make sure to tag/untag packets as they enter/leave your oVirt deployment. Keep in mind to also configure the additional networks on the hosts and VMs.
- I don't want to extra traffic on router
Not sure about your topology, but if your hosts are on the same broadcast domain then there's no reason why this traffic will put unnecessary load on your router.
Does anyone experience with this way?
Thanks in advance
Tibor
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (2)
-
Demeter Tibor -
Lior Vernia