oVirt 3.5 & NAT - Users - Ovirt List Archives

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

oVirt 3.5 & NAT

all-in-one updated from 3.4.4 to...

Re: [ovirt-users] oVirt Node 3.5...

Phil Daws

Monday, 20 October 2014 Mon, 20 Oct '14

10:02 p.m.

Hello All! Am really enjoying experimenting with oVirt but have come across a question; how does one enable NAT for a VM ? Would like my guests to be able to update their software by bridging the host public IP. I could not see anything in the WUI to allow this ? Thanks, Phil

Reply

Show replies by date

Antoni Segura Puimedon

Wednesday, 22 October Wed, 22 Oct

4:10 p.m.

----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: users(a)ovirt.org Sent: Monday, October 20, 2014 9:02:01 PM Subject: [ovirt-users] oVirt 3.5 & NAT Hello All!

Hi Phil

Am really enjoying experimenting with oVirt but have come across a question; how does one enable NAT for a VM ?

There is no NATting for VMs supported in oVirt. You'd have to define a libvirt network with NATting like the one libvirt ships in its default.xml and then use the vdsm extnet hook to change on vNic creation to which network the vNic connects to. That way it could use the 'default' network and you'd have natting.

Would like my guests to be able to update their software by bridging the host public IP. I could not see anything in the WUI to allow this ? Thanks, Phil _______________________________________________ Users mailing list Users(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/users

Reply

Dan Kenigsberg

4:13 p.m.

On Mon, Oct 20, 2014 at 08:02:01PM +0100, Phil Daws wrote:

Hello All! Am really enjoying experimenting with oVirt but have come across a question; how does one enable NAT for a VM ? Would like my guests to be able to update their software by bridging the host public IP. I could not see anything in the WUI to allow this ?

Unfortunately, this is not yet available "out of the box". You need to create the natted network in libvirt, and then connect your vNic to it via a vdsm hook. This mailing list has seen various suggestions on this subject (such as [1]). While searching for them, I found a recent blog using the extent hook for that[2] (ymmv). [1] http://lists.ovirt.org/pipermail/users/2012-April/001751.html [2] http://blog.lofyer.org/blog/2014/05/04/add-nat-ovirt-vdsm-hooks/ Dan.

Reply

Phil Daws

5:12 p.m.

Thanks Dan & Antoni: I wonder then if I could replace the standard libvirt defined network with an OpenVSwitch one like I have on my dev system? That is just straight KVM with OVS integrated. Maybe a bit more overhead in administration but possibly less than having to spin up a Neutron Appliance. ----- Original Message ----- From: "Dan Kenigsberg" <danken(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: users(a)ovirt.org Sent: Wednesday, 22 October, 2014 2:13:34 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT On Mon, Oct 20, 2014 at 08:02:01PM +0100, Phil Daws wrote:

Hello All! Am really enjoying experimenting with oVirt but have come across a question; how does one enable NAT for a VM ? Would like my guests to be able to update their software by bridging the host public IP. I could not see anything in the WUI to allow this ?

Unfortunately, this is not yet available "out of the box". You need to create the natted network in libvirt, and then connect your vNic to it via a vdsm hook. This mailing list has seen various suggestions on this subject (such as [1]). While searching for them, I found a recent blog using the extent hook for that[2] (ymmv). [1] http://lists.ovirt.org/pipermail/users/2012-April/001751.html [2] http://blog.lofyer.org/blog/2014/05/04/add-nat-ovirt-vdsm-hooks/ Dan.

Reply

Dan Kenigsberg

5:54 p.m.

On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote:

Thanks Dan & Antoni: I wonder then if I could replace the standard libvirt defined network with an OpenVSwitch one like I have on my dev system? That is just straight KVM with OVS integrated. Maybe a bit more overhead in administration but possibly less than having to spin up a Neutron Appliance.

Once you start to use the vdsm-hook-extnet, all that you need to do is to replace the libvirt-side definition of the "external network". This may well be an OpenVSwitch-based network e.g. http://libvirt.org/formatnetwork.html#elementVlanTag

Reply

Phil Daws

Saturday, 25 October Sat, 25 Oct

6:02 p.m.

Hmmm, this is becoming difficult .. I have added into the engine the custom hook and understand how that will work. The issue is how can a single NIC use two different bridges ? Example with OVS would be that one requires: em1 -+ ovirtmgmt (bridge) -> management IP (public) + ovs (bridge) -> firewall IP (public) | + vlan 1 + vlan 2 this works fine when using OVS and KVM, without oVirt, so there must be a way to hook the two together without a Neutron appliance. Any thoughts ? Thanks, Phil. ----- Original Message ----- From: "Dan Kenigsberg" <danken(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: users(a)ovirt.org Sent: Wednesday, 22 October, 2014 3:54:46 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote:

Thanks Dan & Antoni: I wonder then if I could replace the standard libvirt defined network with an OpenVSwitch one like I have on my dev system? That is just straight KVM with OVS integrated. Maybe a bit more overhead in administration but possibly less than having to spin up a Neutron Appliance.

Once you start to use the vdsm-hook-extnet, all that you need to do is to replace the libvirt-side definition of the "external network". This may well be an OpenVSwitch-based network e.g. http://libvirt.org/formatnetwork.html#elementVlanTag

Reply

Antoni Segura Puimedon

Monday, 27 October Mon, 27 Oct

11 a.m.

----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Dan Kenigsberg" <danken(a)redhat.com> Cc: users(a)ovirt.org Sent: Saturday, October 25, 2014 5:02:59 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT Hmmm, this is becoming difficult .. I have added into the engine the custom hook and understand how that will work. The issue is how can a single NIC use two different bridges ? Example with OVS would be that one requires: em1 -+ ovirtmgmt (bridge) -> management IP (public) + ovs (bridge) -> firewall IP (public) | + vlan 1 + vlan 2 this works fine when using OVS and KVM, without oVirt, so there must be a way to hook the two together without a Neutron appliance. Any thoughts ? Thanks, Phil.

I haven't tried this, and it may not work, but what happens if you add the ovirtmgmt bridge as a port of the ovs bridge?

----- Original Message ----- From: "Dan Kenigsberg" <danken(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: users(a)ovirt.org Sent: Wednesday, 22 October, 2014 3:54:46 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > Thanks Dan & Antoni: > > I wonder then if I could replace the standard libvirt defined network with > an OpenVSwitch one like I have on my dev system? That is just straight > KVM with OVS integrated. Maybe a bit more overhead in administration but > possibly less than having to spin up a Neutron Appliance. Once you start to use the vdsm-hook-extnet, all that you need to do is to replace the libvirt-side definition of the "external network". This may well be an OpenVSwitch-based network e.g. http://libvirt.org/formatnetwork.html#elementVlanTag _______________________________________________ Users mailing list Users(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/users

Reply

Phil Daws

12:37 p.m.

That is what I tried but oVirt appears to overwrite the bridge information on boot :( Thanks, Phil ----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 8:00:33 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Dan Kenigsberg" <danken(a)redhat.com> Cc: users(a)ovirt.org Sent: Saturday, October 25, 2014 5:02:59 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT Hmmm, this is becoming difficult .. I have added into the engine the custom hook and understand how that will work. The issue is how can a single NIC use two different bridges ? Example with OVS would be that one requires: em1 -+ ovirtmgmt (bridge) -> management IP (public) + ovs (bridge) -> firewall IP (public) | + vlan 1 + vlan 2 this works fine when using OVS and KVM, without oVirt, so there must be a way to hook the two together without a Neutron appliance. Any thoughts ? Thanks, Phil.

I haven't tried this, and it may not work, but what happens if you add the ovirtmgmt bridge as a port of the ovs bridge?

----- Original Message ----- From: "Dan Kenigsberg" <danken(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: users(a)ovirt.org Sent: Wednesday, 22 October, 2014 3:54:46 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > Thanks Dan & Antoni: > > I wonder then if I could replace the standard libvirt defined network with > an OpenVSwitch one like I have on my dev system? That is just straight > KVM with OVS integrated. Maybe a bit more overhead in administration but > possibly less than having to spin up a Neutron Appliance. Once you start to use the vdsm-hook-extnet, all that you need to do is to replace the libvirt-side definition of the "external network". This may well be an OpenVSwitch-based network e.g. http://libvirt.org/formatnetwork.html#elementVlanTag _______________________________________________ Users mailing list Users(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/users

Reply

Antoni Segura Puimedon

12:56 p.m.

----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, October 27, 2014 10:37:18 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT That is what I tried but oVirt appears to overwrite the bridge information on boot :( Thanks, Phil

But before rebooting, does it work as you intended? If so, you could just make a vdsm hook that adds ovirtmgmt to the ovs bridge after it is set up. (I could give more directions into how to do it).

----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 8:00:33 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message ----- > From: "Phil Daws" <uxbod(a)splatnix.net> > To: "Dan Kenigsberg" <danken(a)redhat.com> > Cc: users(a)ovirt.org > Sent: Saturday, October 25, 2014 5:02:59 PM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > Hmmm, this is becoming difficult .. > > I have added into the engine the custom hook and understand how that will > work. The issue is how can a single NIC use two different bridges ? > Example with OVS would be that one requires: > > em1 -+ ovirtmgmt (bridge) -> management IP (public) > + ovs (bridge) -> firewall IP (public) > | > + vlan 1 > + vlan 2 > > this works fine when using OVS and KVM, without oVirt, so there must be a > way > to hook the two together without a Neutron appliance. > > Any thoughts ? Thanks, Phil. I haven't tried this, and it may not work, but what happens if you add the ovirtmgmt bridge as a port of the ovs bridge? > > > ----- Original Message ----- > From: "Dan Kenigsberg" <danken(a)redhat.com> > To: "Phil Daws" <uxbod(a)splatnix.net> > Cc: users(a)ovirt.org > Sent: Wednesday, 22 October, 2014 3:54:46 PM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > > Thanks Dan & Antoni: > > > > I wonder then if I could replace the standard libvirt defined network > > with > > an OpenVSwitch one like I have on my dev system? That is just straight > > KVM with OVS integrated. Maybe a bit more overhead in administration but > > possibly less than having to spin up a Neutron Appliance. > > Once you start to use the vdsm-hook-extnet, all that you need to do is > to replace the libvirt-side definition of the "external network". This > may well be an OpenVSwitch-based network e.g. > http://libvirt.org/formatnetwork.html#elementVlanTag > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >

Reply

Phil Daws

1:41 p.m.

Hi Antoni: Yes, prior to the reboot it did work okay. This is how it should look I believe: Bridge "ovirtmgmt" Port "mgmt0" Interface "mgmt0" type: internal Port "ovsbr0" Interface "ovsbr0" type: internal So the bridge would be defined by oVirt then I guess with a custom hook that would then be added to the OVS stack ? Thanks, Phil ----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 9:56:38 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, October 27, 2014 10:37:18 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT That is what I tried but oVirt appears to overwrite the bridge information on boot :( Thanks, Phil

But before rebooting, does it work as you intended? If so, you could just make a vdsm hook that adds ovirtmgmt to the ovs bridge after it is set up. (I could give more directions into how to do it).

----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 8:00:33 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message ----- > From: "Phil Daws" <uxbod(a)splatnix.net> > To: "Dan Kenigsberg" <danken(a)redhat.com> > Cc: users(a)ovirt.org > Sent: Saturday, October 25, 2014 5:02:59 PM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > Hmmm, this is becoming difficult .. > > I have added into the engine the custom hook and understand how that will > work. The issue is how can a single NIC use two different bridges ? > Example with OVS would be that one requires: > > em1 -+ ovirtmgmt (bridge) -> management IP (public) > + ovs (bridge) -> firewall IP (public) > | > + vlan 1 > + vlan 2 > > this works fine when using OVS and KVM, without oVirt, so there must be a > way > to hook the two together without a Neutron appliance. > > Any thoughts ? Thanks, Phil. I haven't tried this, and it may not work, but what happens if you add the ovirtmgmt bridge as a port of the ovs bridge? > > > ----- Original Message ----- > From: "Dan Kenigsberg" <danken(a)redhat.com> > To: "Phil Daws" <uxbod(a)splatnix.net> > Cc: users(a)ovirt.org > Sent: Wednesday, 22 October, 2014 3:54:46 PM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > > Thanks Dan & Antoni: > > > > I wonder then if I could replace the standard libvirt defined network > > with > > an OpenVSwitch one like I have on my dev system? That is just straight > > KVM with OVS integrated. Maybe a bit more overhead in administration but > > possibly less than having to spin up a Neutron Appliance. > > Once you start to use the vdsm-hook-extnet, all that you need to do is > to replace the libvirt-side definition of the "external network". This > may well be an OpenVSwitch-based network e.g. > http://libvirt.org/formatnetwork.html#elementVlanTag > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >

Reply

Antoni Segura Puimedon

3:13 p.m.

----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, October 27, 2014 11:41:56 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT Hi Antoni: Yes, prior to the reboot it did work okay. This is how it should look I believe: Bridge "ovirtmgmt" Port "mgmt0" Interface "mgmt0" type: internal Port "ovsbr0" Interface "ovsbr0" type: internal So the bridge would be defined by oVirt then I guess with a custom hook that would then be added to the OVS stack ?

exactly! You could just make a hook script that runs an after_network_setup hook that does the ovs-vsctl for you ;-) Here you can see the presentation I gave last February at devconf about extending with configurators and hooks. http://blog.antoni.me/devconf14/#/8/1 I linked directly to a before_network_setup hook sample, because it works just like the after_network_setup hook. Instead of logging to systemd, just add that if 'remove' is not in data and network == 'ovirtmgmt', it adds the network bridge to the vswitch with python's subprocess.call or subprocess.check_output. You can send it if you want me to take a look ;-) PS: It is possible to write the hooks in bash, c, perl, etc. But we only have the convenience read_json methods and such for python. If you wanted to, you could have a simple bash hook that just checked if there was an ovirtmgmt bridge and it would add it doing ovs-vsctl in the before_vdsm_start hooking point. That would have the drawback that changing the ovirtmgmt bridge with oVirt UI would leave it disconnected again.

Thanks, Phil ----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 9:56:38 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message ----- > From: "Phil Daws" <uxbod(a)splatnix.net> > To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> > Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org > Sent: Monday, October 27, 2014 10:37:18 AM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > That is what I tried but oVirt appears to overwrite the bridge information > on > boot :( Thanks, Phil But before rebooting, does it work as you intended? If so, you could just make a vdsm hook that adds ovirtmgmt to the ovs bridge after it is set up. (I could give more directions into how to do it). > > ----- Original Message ----- > From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> > To: "Phil Daws" <uxbod(a)splatnix.net> > Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org > Sent: Monday, 27 October, 2014 8:00:33 AM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > ----- Original Message ----- > > From: "Phil Daws" <uxbod(a)splatnix.net> > > To: "Dan Kenigsberg" <danken(a)redhat.com> > > Cc: users(a)ovirt.org > > Sent: Saturday, October 25, 2014 5:02:59 PM > > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > Hmmm, this is becoming difficult .. > > > > I have added into the engine the custom hook and understand how that will > > work. The issue is how can a single NIC use two different bridges ? > > Example with OVS would be that one requires: > > > > em1 -+ ovirtmgmt (bridge) -> management IP (public) > > + ovs (bridge) -> firewall IP (public) > > | > > + vlan 1 > > + vlan 2 > > > > this works fine when using OVS and KVM, without oVirt, so there must be a > > way > > to hook the two together without a Neutron appliance. > > > > Any thoughts ? Thanks, Phil. > > I haven't tried this, and it may not work, but what happens if you add the > ovirtmgmt > bridge as a port of the ovs bridge? > > > > > > ----- Original Message ----- > > From: "Dan Kenigsberg" <danken(a)redhat.com> > > To: "Phil Daws" <uxbod(a)splatnix.net> > > Cc: users(a)ovirt.org > > Sent: Wednesday, 22 October, 2014 3:54:46 PM > > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > > > Thanks Dan & Antoni: > > > > > > I wonder then if I could replace the standard libvirt defined network > > > with > > > an OpenVSwitch one like I have on my dev system? That is just straight > > > KVM with OVS integrated. Maybe a bit more overhead in administration > > > but > > > possibly less than having to spin up a Neutron Appliance. > > > > Once you start to use the vdsm-hook-extnet, all that you need to do is > > to replace the libvirt-side definition of the "external network". This > > may well be an OpenVSwitch-based network e.g. > > http://libvirt.org/formatnetwork.html#elementVlanTag > > _______________________________________________ > > Users mailing list > > Users(a)ovirt.org > > http://lists.ovirt.org/mailman/listinfo/users > > >

Reply

Phil Daws

5:10 p.m.

Darn, looks like this will not work :( the problem is that oVirt creates the bridge ovirtmgmt and binds that to your interface eg. em1. So at that point you have network running. If you then try to add that to the OVS stack your networking stop :( I tried to add it as a port using ovs-vsctl add-port ovsbr0 ovirtmgmt which is accepted but then networking stops. As soon as I remove again networking comes back to life. There does not seem to be a way to have two co-existing bridges :( Thanks, Phil ----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 12:13:30 PM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message -----

From: "Phil Daws" <uxbod(a)splatnix.net> To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, October 27, 2014 11:41:56 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT Hi Antoni: Yes, prior to the reboot it did work okay. This is how it should look I believe: Bridge "ovirtmgmt" Port "mgmt0" Interface "mgmt0" type: internal Port "ovsbr0" Interface "ovsbr0" type: internal So the bridge would be defined by oVirt then I guess with a custom hook that would then be added to the OVS stack ?

exactly! You could just make a hook script that runs an after_network_setup hook that does the ovs-vsctl for you ;-) Here you can see the presentation I gave last February at devconf about extending with configurators and hooks. http://blog.antoni.me/devconf14/#/8/1 I linked directly to a before_network_setup hook sample, because it works just like the after_network_setup hook. Instead of logging to systemd, just add that if 'remove' is not in data and network == 'ovirtmgmt', it adds the network bridge to the vswitch with python's subprocess.call or subprocess.check_output. You can send it if you want me to take a look ;-) PS: It is possible to write the hooks in bash, c, perl, etc. But we only have the convenience read_json methods and such for python. If you wanted to, you could have a simple bash hook that just checked if there was an ovirtmgmt bridge and it would add it doing ovs-vsctl in the before_vdsm_start hooking point. That would have the drawback that changing the ovirtmgmt bridge with oVirt UI would leave it disconnected again.

Thanks, Phil ----- Original Message ----- From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> To: "Phil Daws" <uxbod(a)splatnix.net> Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org Sent: Monday, 27 October, 2014 9:56:38 AM Subject: Re: [ovirt-users] oVirt 3.5 & NAT ----- Original Message ----- > From: "Phil Daws" <uxbod(a)splatnix.net> > To: "Antoni Segura Puimedon" <asegurap(a)redhat.com> > Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org > Sent: Monday, October 27, 2014 10:37:18 AM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > That is what I tried but oVirt appears to overwrite the bridge information > on > boot :( Thanks, Phil But before rebooting, does it work as you intended? If so, you could just make a vdsm hook that adds ovirtmgmt to the ovs bridge after it is set up. (I could give more directions into how to do it). > > ----- Original Message ----- > From: "Antoni Segura Puimedon" <asegurap(a)redhat.com> > To: "Phil Daws" <uxbod(a)splatnix.net> > Cc: "Dan Kenigsberg" <danken(a)redhat.com>, users(a)ovirt.org > Sent: Monday, 27 October, 2014 8:00:33 AM > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > ----- Original Message ----- > > From: "Phil Daws" <uxbod(a)splatnix.net> > > To: "Dan Kenigsberg" <danken(a)redhat.com> > > Cc: users(a)ovirt.org > > Sent: Saturday, October 25, 2014 5:02:59 PM > > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > Hmmm, this is becoming difficult .. > > > > I have added into the engine the custom hook and understand how that will > > work. The issue is how can a single NIC use two different bridges ? > > Example with OVS would be that one requires: > > > > em1 -+ ovirtmgmt (bridge) -> management IP (public) > > + ovs (bridge) -> firewall IP (public) > > | > > + vlan 1 > > + vlan 2 > > > > this works fine when using OVS and KVM, without oVirt, so there must be a > > way > > to hook the two together without a Neutron appliance. > > > > Any thoughts ? Thanks, Phil. > > I haven't tried this, and it may not work, but what happens if you add the > ovirtmgmt > bridge as a port of the ovs bridge? > > > > > > ----- Original Message ----- > > From: "Dan Kenigsberg" <danken(a)redhat.com> > > To: "Phil Daws" <uxbod(a)splatnix.net> > > Cc: users(a)ovirt.org > > Sent: Wednesday, 22 October, 2014 3:54:46 PM > > Subject: Re: [ovirt-users] oVirt 3.5 & NAT > > > > On Wed, Oct 22, 2014 at 03:12:09PM +0100, Phil Daws wrote: > > > Thanks Dan & Antoni: > > > > > > I wonder then if I could replace the standard libvirt defined network > > > with > > > an OpenVSwitch one like I have on my dev system? That is just straight > > > KVM with OVS integrated. Maybe a bit more overhead in administration > > > but > > > possibly less than having to spin up a Neutron Appliance. > > > > Once you start to use the vdsm-hook-extnet, all that you need to do is > > to replace the libvirt-side definition of the "external network". This > > may well be an OpenVSwitch-based network e.g. > > http://libvirt.org/formatnetwork.html#elementVlanTag > > _______________________________________________ > > Users mailing list > > Users(a)ovirt.org > > http://lists.ovirt.org/mailman/listinfo/users > > >

Reply

3679

days inactive

3686

days old

users@ovirt.org

Manage subscription

11 comments

3 participants

tags (0)

participants (3)

Antoni Segura Puimedon
Dan Kenigsberg
Phil Daws