I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups. My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed. o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided? After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do. The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction. All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs). My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN. Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs. banging head against wall, Ted
On 11/27/2013 09:18 AM, Ted Miller wrote:
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Ted
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Odd, All my VMs/Hosts (They also only have one nic) can talk to each other and I don't see any rules trying to prevent this in iptables. Also, unless there is some feature I don't know about, ovirt doesn't screw with VM internals. My ovirtmgt network is the same as my main network. ¯\(°_°)/¯ - Thomas
----- Original Message -----
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
Yes there is lack of documentation in this area, it's a shame but given it's an open source project with an open wiki, everyone is invited to contribute and improve this. I'll see if I can get a page started..
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
Not sure what you mean by all these "restrictions", from what I know the firewall rules that are set on each host are to allow host to talk to engine (ssh, vdsm, VM consoles traffic, etc) no more no less.. Usually the default behavior of firewall is to block almost all communication so when you add a host and check the "Configure firewall" box it modifies it so that your host can function properly. oVirt has no sense of firewall otherwise. For all it cares you can turn it off completely, or configure it by yourself (manually or via puppet/chef/foreman/etc) and not use the capability of the system to configure it for you. You can also change it so that it uses the rules you want by modifying IPTablesConfig via engine-config tool.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
What slaps did you see? What simple setups don't work?
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Your VMs will be sitting on the ovirtmgmt network, or on a VLAN? If you want to use VLANs for the VM traffic, you can configure the management network to be non-VM thus allowing you to put VLANs on the same NIC this network is occupying (just make sure to sync it first, because changes aren't applied automatically to the hosts, yet). In my small setup, the VMs are not on VLAN and can talk to all other machines on the LAN via SSH and I didn't configure anything special on host level..
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall,
Try not to break the wall (or your head) ;)
Ted
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------050709060602070007060706 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit Thank you for your response, Mike. I am slow answering because of the American Thanksgiving holiday. Answers are below. On 11/28/2013 1:41 AM, Mike Kolesnik wrote:
----- Original Message -----
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided? Yes there is lack of documentation in this area, it's a shame but given it's an open source project with an open wiki, everyone is invited to contribute and improve this.
I'll see if I can get a page started.. Please post a link if you succeed.
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction. Not sure what you mean by all these "restrictions", from what I know the firewall rules that are set on each host are to allow host to talk to engine (ssh, vdsm, VM consoles traffic, etc) no more no less..
Usually the default behavior of firewall is to block almost all communication so when you add a host and check the "Configure firewall" box it modifies it so that your host can function properly.
I need my host to be on my LAN (for multiple reasons). Ovirtmgt "stole" the LAN connection, and cut off the host from the LAN, a connection which worked fine until then.
oVirt has no sense of firewall otherwise. For all it cares you can turn it off completely, or configure it by yourself (manually or via puppet/chef/foreman/etc) and not use the capability of the system to configure it for you.
How do I keep the engine from reconfiguring the firewall again if I change it manually? I saw a blog post that mentioned being able to uncheck a box (on the o-virt web GUI) called "configure IPTables". That /might/ be what I need. I didn't see that box, but I wasn't looking for it (and at the moment I don't have o-virt available to me).
You can also change it so that it uses the rules you want by modifying IPTablesConfig via engine-config tool.
Where can I find documentation on changing firewall rules using engine-config? From what I understand, I want my LAN to be my non-VLAN bridge. Can I move the ovirtmgt functionality to run over the LAN, or can I/will I have to put ovirt-mgt onto a VLAN?
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs). My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN. Your VMs will be sitting on the ovirtmgmt network, or on a VLAN? I want them to sit on the LAN (which may be ovirtmgt, if I can get the IP filtering turned off). If they have to be on something else too, that is OK, as long as it does not interfere with them being on the LAN.
FYI, the LANs on both of my applications are fairly small. One of them less than 10 nodes, the other less than 20 nodes, and all nodes are trusted. One of them is just a small network, the other is a heavily firewalled (only a handful of pinholes) sub-network, separated so that it is a very safe environment for a very HA machine grouping.
If you want to use VLANs for the VM traffic, you can configure the management network to be non-VM thus allowing you to put VLANs on the same NIC this network is occupying (just make sure to sync it first, because changes aren't applied automatically to the hosts, yet).
In my small setup, the VMs are not on VLAN and can talk to all other machines on the LAN via SSH and I didn't configure anything special on host level..
Is there some way to TURN OFF network control in o-virt?
It looks like the "configure IPTables" checkbox may be my answer here, if I can find it (can't see ovirt at this moment).
My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Try not to break the wall (or your head) ;) Neither broken yet. Head sometimes very hard.
Getting a test system up and running is "my next big project". I can't dive into "my next big project" until I hit a major milestone on my "current big project". I am hoping to hit that milestone this week. I will then try to find the "configure IPTables" checkbox. Assuming I am successful, I will reinstall my host and try adding it to o-virt. If o-virt doesn't mess with the firewall, that will be step one. I will try to work through the other networking issues from there. I think my preference would be to have one non-VLAN bridge on the host which includes ovirtmgt and VM networking, all on one bridge. I don't know if that is possible or not, but I'll see how close I can get. If I can get the "configure IPTables" turned off, that will be a huge step. If I can change what o-virt engine tries to impose on networking, it will be even easier. Ted
Ted
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------050709060602070007060706 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> Thank you for your response, Mike. I am slow answering because of the American Thanksgiving holiday. Answers are below.<br> <br> <div class="moz-cite-prefix">On 11/28/2013 1:41 AM, Mike Kolesnik wrote:<br> </div> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap="">----- Original Message ----- </pre> <blockquote type="cite"> <pre wrap="">I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups. My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed. o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided? </pre> </blockquote> <pre wrap=""> Yes there is lack of documentation in this area, it's a shame but given it's an open source project with an open wiki, everyone is invited to contribute and improve this. I'll see if I can get a page started..</pre> </blockquote> Please post a link if you succeed.<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap=""> </pre> <blockquote type="cite"> <pre wrap=""> After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do. The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction. </pre> </blockquote> <pre wrap=""> Not sure what you mean by all these "restrictions", from what I know the firewall rules that are set on each host are to allow host to talk to engine (ssh, vdsm, VM consoles traffic, etc) no more no less.. Usually the default behavior of firewall is to block almost all communication so when you add a host and check the "Configure firewall" box it modifies it so that your host can function properly.</pre> </blockquote> <br> I need my host to be on my LAN (for multiple reasons). Ovirtmgt "stole" the LAN connection, and cut off the host from the LAN, a connection which worked fine until then.<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap=""> oVirt has no sense of firewall otherwise. For all it cares you can turn it off completely, or configure it by yourself (manually or via puppet/chef/foreman/etc) and not use the capability of the system to configure it for you. </pre> </blockquote> How do I keep the engine from reconfiguring the firewall again if I change it manually? I saw a blog post that mentioned being able to uncheck a box (on the o-virt web GUI) called "configure IPTables". That <i>might</i> be what I need. I didn't see that box, but I wasn't looking for it (and at the moment I don't have o-virt available to me).<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap=""> You can also change it so that it uses the rules you want by modifying IPTablesConfig via engine-config tool. </pre> </blockquote> <br> Where can I find documentation on changing firewall rules using engine-config? <br> <br> From what I understand, I want my LAN to be my non-VLAN bridge. Can I move the ovirtmgt functionality to run over the LAN, or can I/will I have to put ovirt-mgt onto a VLAN?<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap=""> </pre> <blockquote type="cite"> <pre wrap=""> All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs). </pre> </blockquote> </blockquote> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <blockquote type="cite"> <pre wrap=""> My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN. </pre> </blockquote> <pre wrap=""> Your VMs will be sitting on the ovirtmgmt network, or on a VLAN?</pre> </blockquote> I want them to sit on the LAN (which may be ovirtmgt, if I can get the IP filtering turned off). If they have to be on something else too, that is OK, as long as it does not interfere with them being on the LAN.<br> <br> FYI, the LANs on both of my applications are fairly small. One of them less than 10 nodes, the other less than 20 nodes, and all nodes are trusted. One of them is just a small network, the other is a heavily firewalled (only a handful of pinholes) sub-network, separated so that it is a very safe environment for a very HA machine grouping.<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <pre wrap=""> If you want to use VLANs for the VM traffic, you can configure the management network to be non-VM thus allowing you to put VLANs on the same NIC this network is occupying (just make sure to sync it first, because changes aren't applied automatically to the hosts, yet). In my small setup, the VMs are not on VLAN and can talk to all other machines on the LAN via SSH and I didn't configure anything special on host level.. </pre> <blockquote type="cite"> <pre wrap=""> Is there some way to TURN OFF network control in o-virt?</pre> </blockquote> </blockquote> It looks like the "configure IPTables" checkbox may be my answer here, if I can find it (can't see ovirt at this moment).<br> <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <blockquote type="cite"> <pre wrap="">My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs. banging head against wall, </pre> </blockquote> <pre wrap=""> Try not to break the wall (or your head) ;)</pre> </blockquote> Neither broken yet. Head sometimes very hard.<br> <br> Getting a test system up and running is "my next big project". I can't dive into "my next big project" until I hit a major milestone on my "current big project". I am hoping to hit that milestone this week. I will then try to find the "configure IPTables" checkbox. Assuming I am successful, I will reinstall my host and try adding it to o-virt. If o-virt doesn't mess with the firewall, that will be step one. I will try to work through the other networking issues from there. I think my preference would be to have one non-VLAN bridge on the host which includes ovirtmgt and VM networking, all on one bridge. I don't know if that is possible or not, but I'll see how close I can get. If I can get the "configure IPTables" turned off, that will be a huge step. If I can change what o-virt engine tries to impose on networking, it will be even easier.<br> <br> Ted <blockquote cite="mid:1865139121.42221961.1385620870171.JavaMail.root@redhat.com" type="cite"> <blockquote type="cite"> <pre wrap="">Ted _______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> </blockquote> <br> <pre class="moz-signature" cols="77"> </pre> </body> </html> --------------050709060602070007060706--
Resend to the list for others to benefit, I hope :-) Joop On 27-11-2013 18:18, Ted Miller wrote:
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. That is a way to use oVirt, but the following simple setup should work and give you a way to check against your setup.
I have two setups, one at home and one at work. The one at home is a setup of 2 hosts and one of those is a hacked up host/engine. engine/host1: standard fedora19 kde install, static ip (192.168.1.11) configured with my NAS (192.168.1.16) as dhcp/dns server and my internet router (192.168.1.254) as gateway Just make sure that NetworkManager is off and that your interfaces are not NM managed, network on. This was a allinone setup but I got a NAS with NFS so I turned my aio setup into a engine/host system. It has problems with that but nothing network related. Host2: same as above but without the engine install, ip:192.168.1.22, gw 192.168.1.254 DNS:192.168.1.16. How does it all come together? Well in your case, and mine if I were to start over, start with a static network which is NOT managed by NetworkManager. Use either Fedora or Centos which ever you more comfortable with and it also depends on whether you want to test/use all the features in oVirt. Currently, there are a few features not available in Centos because the versions of libvirt/kvm/qemu/gluster are too old in Centos. Install ovirt-engine on your first 'server', probably choose NFS as your storage domain, either on your engine server or from somewhere else on your network. Make sure its nfs-v3 and not v4!, local default is v4! Make sure that ip addresses on you network are resolvable, either through /etc/hosts or through DNS! Engine-setup will complain if this doesn't work, using localhost will not work either! On the engine server there will be no bridge and nothing will change the network config. Next the first host. Prepare the host in a similar way you did the engine server. You can choose a minimal install of either Centos or Fedora or install a full desktop but make sure that ips are static and NOT managed by NetworkManager, hostname resolvable, ovirt repo available. From the webui add your prepared host and if everything went OK you'll see that on that host you will now have a bridge, ovirtmgmt, which acts as the primary interface. Create a VMs and choose ovirtmgmt as a network for its nics, can't choose anything else. Either give the VMs a static address or use a dhcp server but the VMs should be able to talk to each other, to the host(s), the engine and to the internet. Every host that you add after the first will also has its network turned into a bridge, ovirtmgmt, and communication/migration/display/etc will take place over this network. One caveat, storage domain mapping is from the host to the storage, the engine, if it is NOT the NFS server, doesn't have to have access to the storage. If you have servers with more that 1 nic then you can create additional networks using the webui of oVirt and assign these to clusters and to VMs. If you need vlans to coexist with ovirtmgmt on the same physical nic, I think that is possible but haven't tried it myself. In theory you need to setup the network first outside of oVirt, including you vlan structure and then install ovirt. Some concepts: oVirt engine: is just the manager, does 'nothing' related to running VMs itself. You can turn it off and all hosts with their VMs will keep running. You just can't start new ones, in short manage them. oVirt host: is the real workhorse and is managed using oVirt-engine. Runs VDSM which communicates with engine and starts/manages the VMs on the host on behalf of engine. oVirt node: is a special slimmed down Fedora distro that includes VDSM and a small setup so that it can be used as a oVirt host People tend to mix and match ovirt-host and ovirt-node which makes for nice communication problems :-) If you haven't done so, there is an irc channel, ovirt, on irc.oftc.net with helpful people, if they are awake. Joop -- #irc jvandewege
________________________________________ From: users-bounces@ovirt.org <users-bounces@ovirt.org> on behalf of Ted Miller <tmiller@hcjb.org> Sent: Wednesday, November 27, 2013 12:18 PM To: users@ovirt.org Subject: [Users] simple networking? I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups. My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed. o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided? After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do. The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction. All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs). My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN. Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs. banging head against wall, Ted ********************************************************* I have spent the last three days getting a Centos 6.5 host running under O-virt. Since the networking was just a small part of this, I am going to open an new thread to discuss the Centos 6.5 host setup process. Look for a thread titled something like "Centos 6.5 host configuration" if you want the gory details, or want to try if for yourself. My biggest problem is that the o-virt GUI is apparently incapable of setting up a bridge in Centos, which turned out to be what I needed. I had to set up the bridge BEFORE adding the host to the ovirt cluster. If the bridge was not set up ahead of time, the whole installation failed completely. The bridge was only one of a list of things that had to be done ahead of time, in order for the process to complete correctly. Ted Miller
On 12/12/2013 11:04 PM, Ted Miller wrote:
________________________________________ From: users-bounces@ovirt.org <users-bounces@ovirt.org> on behalf of Ted Miller <tmiller@hcjb.org> Sent: Wednesday, November 27, 2013 12:18 PM To: users@ovirt.org Subject: [Users] simple networking?
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Ted *********************************************************
I have spent the last three days getting a Centos 6.5 host running under O-virt.
Since the networking was just a small part of this, I am going to open an new thread to discuss the Centos 6.5 host setup process. Look for a thread titled something like "Centos 6.5 host configuration" if you want the gory details, or want to try if for yourself.
My biggest problem is that the o-virt GUI is apparently incapable of setting up a bridge in Centos, which turned out to be what I needed. I had to set up the bridge BEFORE adding the host to the ovirt cluster. If the bridge was not set up ahead of time, the whole installation failed completely.
The bridge was only one of a list of things that had to be done ahead of time, in order for the process to complete correctly.
Ted, I have RHEL 6.5 running in a VM, and it can talk to all my VMs and hosts on my LAN, and I didn't have to do anything special. I didn't define any new networks or bridges or anything of the sort, either in oVirt or on my host or engine. It just worked. I am running RHEL 6.5 on both my engine and my host, as well in this particular VM. -Bob
On 12/13/2013 7:56 AM, Bob Doolittle wrote:
On 12/12/2013 11:04 PM, Ted Miller wrote:
________________________________________ From: users-bounces@ovirt.org <users-bounces@ovirt.org> on behalf of Ted Miller <tmiller@hcjb.org> Sent: Wednesday, November 27, 2013 12:18 PM To: users@ovirt.org Subject: [Users] simple networking?
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Ted *********************************************************
I have spent the last three days getting a Centos 6.5 host running under O-virt.
Since the networking was just a small part of this, I am going to open an new thread to discuss the Centos 6.5 host setup process. Look for a thread titled something like "Centos 6.5 host configuration" if you want the gory details, or want to try if for yourself.
My biggest problem is that the o-virt GUI is apparently incapable of setting up a bridge in Centos, which turned out to be what I needed. I had to set up the bridge BEFORE adding the host to the ovirt cluster. If the bridge was not set up ahead of time, the whole installation failed completely.
The bridge was only one of a list of things that had to be done ahead of time, in order for the process to complete correctly.
Ted, I have RHEL 6.5 running in a VM, and it can talk to all my VMs and hosts on my LAN, and I didn't have to do anything special. I didn't define any new networks or bridges or anything of the sort, either in oVirt or on my host or engine. It just worked.
I am running RHEL 6.5 on both my engine and my host, as well in this particular VM.
-Bob
Do you have the Engine on a separate machine, or did you set up the host as an All-In-One? Did you install 6.5 or upgrade to 6.5? Ted
On 12/13/2013 03:11 PM, Ted Miller wrote:
On 12/13/2013 7:56 AM, Bob Doolittle wrote:
On 12/12/2013 11:04 PM, Ted Miller wrote:
________________________________________ From: users-bounces@ovirt.org <users-bounces@ovirt.org> on behalf of Ted Miller <tmiller@hcjb.org> Sent: Wednesday, November 27, 2013 12:18 PM To: users@ovirt.org Subject: [Users] simple networking?
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Ted *********************************************************
I have spent the last three days getting a Centos 6.5 host running under O-virt.
Since the networking was just a small part of this, I am going to open an new thread to discuss the Centos 6.5 host setup process. Look for a thread titled something like "Centos 6.5 host configuration" if you want the gory details, or want to try if for yourself.
My biggest problem is that the o-virt GUI is apparently incapable of setting up a bridge in Centos, which turned out to be what I needed. I had to set up the bridge BEFORE adding the host to the ovirt cluster. If the bridge was not set up ahead of time, the whole installation failed completely.
The bridge was only one of a list of things that had to be done ahead of time, in order for the process to complete correctly.
Ted, I have RHEL 6.5 running in a VM, and it can talk to all my VMs and hosts on my LAN, and I didn't have to do anything special. I didn't define any new networks or bridges or anything of the sort, either in oVirt or on my host or engine. It just worked.
I am running RHEL 6.5 on both my engine and my host, as well in this particular VM.
-Bob
Do you have the Engine on a separate machine, or did you set up the host as an All-In-One?
Did you install 6.5 or upgrade to 6.5?
I have two machines for oVirt. One (Intel i5) is Fedora 19 running a VM via libvirt (set to come up on boot so I never use libvirt any more directly). In that VM is an RHEL 6.5 guest running Engine (upgraded from 6.4, although I no longer recall if ovirt-engine was installed before or after the upgrade). On a separate machine (Intel i7) is RHEL 6.5, running Host. Again, I don't remember if it was upgraded from 6.4 before or after deploying it as Host. I installed my Engine in a VM to make it easy to scratch and install a new OS in future if necessary. I can't wait for the self-hosting feature, so I can free up a machine! :) HTH, Bob
On 12/13/2013 06:04 AM, Ted Miller wrote:
________________________________________ From: users-bounces@ovirt.org <users-bounces@ovirt.org> on behalf of Ted Miller <tmiller@hcjb.org> Sent: Wednesday, November 27, 2013 12:18 PM To: users@ovirt.org Subject: [Users] simple networking?
I am trying to set up a testing network using o-virt, but the networking is refusing to cooperate. I am testing for possible use in two different production setups.
My previous experience has been with VMWare. I have always set up a single bridged network on each host. All my hosts, VMs, and non-VM computers were peers on the LAN. They could all talk to each other, and things worked very well. There was a firewall/gateway that provided access to the Internet, and hosts, VMs, and could all communicate with the Internet as needed.
o-virt seems to be compartmentalizing things beyond all reason. Is there any way to set up simple networking, so ALL computers can see each other? Is there anywhere that describes the philosophy behind the networking setup? What reason is there that networks are so divided?
After banging my head against the wall trying to configure just one host, I am very frustrated. I have spent several HOURS Googling for a coherent explanation of how/why networking is supposed to work, but only fine obscure references like "letting non-VMs see VM traffic would be a huge security violation". I have no concept of what king of an installation the o-virt designers have in mind, but it is obviously worlds different from what I am trying to do.
The best I can tell, o-virt networking works like this (at least when you have only one NIC): there must be an ovirtmgt network, which cannot be combined with any other network. the ovirtmgt network cannot talk to VMs (unless that VM is running the engine) the ovirtmgt network can only talk to hosts, not to other non-VM computers a VM network can talk only to VMs cannot talk to hosts cannot talk to non-VMs hosts cannot talk to my LAN hosts cannot talk to VMs VMs cannot talk to my LAN All of the above are enforced by a boatload of firewall rules that o-virt puts into every host and VM under its jurisdiction.
All of the above is inferred from things I Googled, because I can't find anywhere that explains what or how things are supposed to work--only things telling people WHAT THEY CANT DO. All I see on the mailing lists is people getting their hands slapped because they are trying to do SIMPLE SETUPS that should work, but don't (due to either design restrictions or software bugs).
My use case A: * My (2 or 3) hosts have only one physical NIC. * My VMs exist to provide services to non-VM computers. * The VMs do not run X-windows, but they provide GUI programs to non-VMs via "ssh -X" connections. * MY VMs need access to storage that is shared with hosts and non-VMs on the LAN.
Is there some way to TURN OFF network control in o-virt? My systems are small and static. I can hand-configure the networking a whole lot easier than I can deal with o-virt (as I have used it so far). Mostly I would need to be able to turn off the firewall rules on both hosts and VMs.
banging head against wall, Ted *********************************************************
I have spent the last three days getting a Centos 6.5 host running under O-virt.
Since the networking was just a small part of this, I am going to open an new thread to discuss the Centos 6.5 host setup process. Look for a thread titled something like "Centos 6.5 host configuration" if you want the gory details, or want to try if for yourself.
My biggest problem is that the o-virt GUI is apparently incapable of setting up a bridge in Centos, which turned out to be what I needed. I had to set up the bridge BEFORE adding the host to the ovirt cluster. If the bridge was not set up ahead of time, the whole installation failed completely.
you shouldn't have to do *anything* from the host. the gui/engine should take care of everything. can you reproduce this from the engine on another host and document the steps for further investigation? thanks, Itamar
The bridge was only one of a list of things that had to be done ahead of time, in order for the process to complete correctly.
Ted Miller _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Is this entirely true? AFAIK you need ovirt.org repos at the host and ssh must be functional (network of course too). at least the ovirt.org repos did not come with EL 6.4 and there were no ovirt packages in the EL 6.4 Repos Did this change in EL 6.5? I did not yet investigate EL 6.5, it would be huge if you can really setup vdsm on a minimal server install without additional repos. Am 16.12.2013 08:27, schrieb Itamar Heim:
you shouldn't have to do *anything* from the host. the gui/engine should take care of everything. can you reproduce this from the engine on another host and document the steps for further investigation?
-- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +49-5772-293-100 F: +49-5772-293-333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
On 12/16/13 07:06, Sven Kieske wrote:
Is this entirely true?
In my experience, yes. The one thing I had to do was to enable the sshd service on the Host (and possibly tweak the firewall to allow sshd service?). When you click "Add Host" on the engine, it uses ssh into the Host to configure the necessary repositories. I may have had to add the "Optional" repository for EL6, but certainly not the oVirt repository - that is handled by the host-deploy code. I have done this with both 6.4 and 6.5. In any case, Ted's issues are not related to repository configuration or package dependencies. -Bob
AFAIK you need ovirt.org repos at the host and ssh must be functional (network of course too). at least the ovirt.org repos did not come with EL 6.4 and there were no ovirt packages in the EL 6.4 Repos
Did this change in EL 6.5? I did not yet investigate EL 6.5, it would be huge if you can really setup vdsm on a minimal server install without additional repos.
Am 16.12.2013 08:27, schrieb Itamar Heim:
you shouldn't have to do *anything* from the host. the gui/engine should take care of everything. can you reproduce this from the engine on another host and document the steps for further investigation?
On 12/16/2013 02:06 PM, Sven Kieske wrote:
Is this entirely true?
AFAIK you need ovirt.org repos at the host and ssh must be functional (network of course too). at least the ovirt.org repos did not come with EL 6.4 and there were no ovirt packages in the EL 6.4 Repos
Did this change in EL 6.5? I did not yet investigate EL 6.5, it would be huge if you can really setup vdsm on a minimal server install without additional repos.
ssh and repos are still needed. nothing fancier should be needed. ssh we cannot solve... repo's maybe worth thinking about as an option
Am 16.12.2013 08:27, schrieb Itamar Heim:
you shouldn't have to do *anything* from the host. the gui/engine should take care of everything. can you reproduce this from the engine on another host and document the steps for further investigation?
Well, you seem to have extreme problems in setting this up, so I write some basic setup which should just work with all vms and all "hosts" on the same network: have 2 physical servers, both in the same network (maybe via dhcp or static, doesn't matter). Setup on both hosts EL6.4 (6.5 should work too, but I haven't tested that). On one host install ovirt-engine the following way: For ovirt to work, the host must resolve his hostname via his IP. if you do this through /etc/hosts or via DNS is up to you :-) #Install the repo: yum -y install http://resources.ovirt.org/releases/ovirt-release-el.noarch.rpm #Install EPEL (we need some packages from here): yum -y install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm #We need these packages from epel: yum install novnc python-ply python-kitchen python-daemon #now deactivate epel, in order to install ovirt-engine! Why deactivate? #EPEL has also some of the ovirt-packages but different versions, so #avoid conflicts by: sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/epel.repo #now install engine: yum install ovirt-engine #and configure it (may start automatically, don't remember that one): engine-setup #pay attention to the firewall settings during engine-setup Now the second host: Install EL 6.4(6.5 should work too? didn't do this one for now). #Install EPEL: yum -y install http://ftp.tu-chemnitz.de/pub/linux/fedora-epel/6/i386/epel-release-6-8.noar... #Install ovirt-repo: yum -y install http://resources.ovirt.org/releases/ovirt-release-el.noarch.rpm depending on where you want your data domain, you may have to create a directory for it and assign the rights for ovirt to it: chown -R 36:36 /path/to/local/storage make sure SSH is setup on both hosts. Now go to your adminportal: Create a new datacenter, and a cluster in it. go to "system"(in the left pane)->"Hosts"(right pane) Click "New" select Datacenter and Cluster, fill in a name, address(IP or Resolvable DNS-Name (maybe even via "/etc/hosts")IPv6 doesn't work afaik), fill in the root password of the remote host. Click on "advanced parameters", for most users "automatically configure host firewall" is the right thing. You can test the connection by clicking "fetch", it should fill in automatically the ssh_host_key, if it does not, check your network setup! Optional you can configure powermanagement (you want that, ovirt complains a lot without, and it's useful!). When you click "Ok" the following happens in the background: engine log ins with root/ssh credentials on the other server, installs vdsm via repo and automatically configures the ovirtmgmt bridge for you. (this takes some time) when this is finished you are ready to deploy vms. the datacenter, cluster and host get automatically the "ovirtmgmt" logical network. if you don't create others by hand, your vms in this dc get the same, if DHCP manages it and you install proper images into the vms all vms and hosts should "see" everyone on this network. HTH -- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +49-5772-293-100 F: +49-5772-293-333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
participants (7)
-
Bob Doolittle -
Itamar Heim -
Mike Kolesnik -
noc -
Sven Kieske -
Ted Miller -
Thomas Suckow