As you already know, I use a bunch of Debian + KVM + virsh + virt-install + virt-manager for virtualization. Bundle has already proved its viability. Moreover, it has shown excellent performance and lowest cost resources.
But in the course of the first steps in learning KVM grasped me fail. Such a big fail and bold. I set up the first time in their servers as manuals – http://debian.pro/16 And it was good, fast, fun, except for the network. Network speed was great, but understanding how it works and why it works so strangely there was no. What were the problems …. Well, firstly, FreeBSD in any did not want to go to the network. On FreeBSD guest guru fryashniki able to configure the network …. But the Internet VDSy hit hard. It’s you and duplication of packets and packets redirrekty … Total already do not remember.
Causes everything to break and rebuild was two. First, I needed to understand how it works. Second, after a reboot the host server and does not wish to respond to pings. 7:00 were killed in the attempt to understand what happened and it took 5 minutes to solve the problem. Then came the IP address of the second subnet and surfaced problems with their use …. In general, bring to your attention an example of an organic network settings for virtualization KVM. Features of this method: 1) VDS get ip addresses, prescribed on their internal network and intereysah with these addresses can go online. Just as physical servers. 2) VDS «do not understand” that they are behind the gateway or network capabilities is somehow limited. So, we can raise them pptp / pppoe servers, quietly put ispmanager and more 3) VDSa administrator can change the IP address for your VDS, write it in the / etc / network / interfaces guest. Yes, it’s a minus, it is a problem. We will solve it in the next article in this series. 4) We do not save IP addresses for networking within the framework of this manual. If you do not want to “waste an IP address on what that garbage” – look for another manual. 5) we obtain the most high-performance, transparent solution. 6) each virtual network interface can receive an IP address from one subnet only. But no one bothers to tie Dev second network interface.
Warning! Article outdated and contains inaccuracies. You need to become Debian, KVM, the final article. Set up a network for KVM. KVM and 2/3 + subnet on the same server.
Now in practice. We have a server. Basha such a data center for Cisco. Online data center is no DHCP, but there is a filter MAC addresses on Cisco, which does not allow to obtain an IP address assigned to a different server. Our server allocate an IP address from a common subnet data center and private / 29I subnet. We denote them as follows: 1) a common subnet mask of 255.255.255.192, IP addresses on the same subnet: aaa.bbb.ccc.137, aaa.bbb.ccc.175, aaa.bbb.ccc.176, aaa.bbb.ccc.177 2) personal subnet mask – 255.255.255.248, IP addresses – xxx.yyy.zzz.33, xxx.yyy.zzz.34, xxx.yyy.zzz.35, xxx.yyy.zzz.36, xxx.yyy. zzz.37, xxx.yyy.zzz.38
Total – 10 IP addresses in the two subnets. Unfortunately, virtualke receive only 7 of them. If they were all on the same subnet – would get 8.
Let’s start with the configuration. Be careful, some options are not suitable for you. And do not forget that you can not copy-paste the following, you need to understand what you are doing and to enter all handles. Here is / etc / network / interfaces to the following form:
Debian: ~ # cat / etc / network / interfaces auto lo iface lo inet loopback
auto eth0 iface eth0 inet static address aaa.bbb.ccc..137 broadcast aaa.bbb.ccc..191 netmask 255.255.255.192 gateway aaa.bbb.ccc..129
# Default route to access subnet up route add -net aaa.bbb.ccc.128 netmask 255.255.255.192 gw aaa.bbb.ccc.129 eth0
Be extremely careful, check all the settings. Restart the network daemon: Debian: ~ # cat /etc/init.d/networking restart
Now it’s time to install bridge-utils, if you have not already done (aptitude install all remember how to spell). Now you must activate the core capabilities of the host routing packets: Debian: ~ # echo 1> / proc / sys / net / ipv4 / ip_forward This line can be put in /etc/rc.local. The rest I would not recommend to add there. I designed all of the following in the startup script that is already registered in the rc.local. In which case, I can as quickly as possible to remove this line from a liveCD or LivePXEboot. Begin setting personal server subnet (xxx.yyy.zzz.33-38): Create a virtual interface br0, who will be responsible for routing VDS with IP addresses from the private subnet: Debian: ~ # brctl addbr br0 Assign it an IP address from the private subnet, configure and run it: Debian: ~ # ifconfig br0 xxx.yyy.zzz.33 netmask 255.255.255.248 up And now, in fact, assign routing for virtual machines: Debian: ~ # route add -host xxx.yyy.zzz.34 dev br0 Debian: ~ # route add -host xxx.yyy.zzz.35 dev br0 Debian: ~ # route add -host xxx.yyy.zzz.36 dev br0 Debian: ~ # route add -host xxx.yyy.zzz.37 dev br0 Debian: ~ # route add -host xxx.yyy.zzz.38 dev br0
Now create a virtual interface br1. He will be responsible for routing VDSov of a common subnet: Debian: ~ # brctl addbr br1 Assign it an IP address, configure and run it: Debian: ~ # ifconfig br1 aaa.bbb.ccc.175 up Pay special attention to the fact that we do not specify br1 netmask. This simple truth has cost me 5 hours of active guglezha and inaccessible server. The reason is very simple – if you have a 2 in linux device / interface, IP addresses which belong to the same subnet – subnet mask should be specified for only one of them. Now, tweaking routing for VDS IP from a common subnet: Debian: ~ # route add -host aaa.bbb.ccc.176 dev br1 Debian: ~ # route add -host aaa.bbb.ccc.177 dev br1
All the network is configured. Write your desired script or command throw in rc.local, test, whether the server is available after a reboot … Well, time to install its first VDS (well, or not first, what’s the difference).
Trying to drive the familiar command: Debian: ~ # virt-install -n vm1 -r -f /vms/vm1.img -s 1024 50 -c /iso/debian-cd/5.0.4/amd64/iso-cd/debian-504-amd64-CD -1.iso -accelerate -os-type = linux -os-variant = generic26 -v -vnc -w bridge: brX Pay special attention to the option -w bridge: brX. Instead of X – set number of the desired us br. In principle, you can configure any number of bridge-devices. With the help of wondershaper (see. Article / 43 on this site), you can limit the total rate of all virtual machines on a single bridge device. Importantly, do not forget about the netmask for br1 (well, or an analogue thereof, in your terms).
Well, actually the network settings for one of our KVM virtual ok: IP address – xxx.yyy.zzz.34 Netmask – 255.255.255.248 (the same as that of the brX interface. In the case of br1 – the same as in eth0) Gateway – xxx.yyy.zzz.33 (IP address of the device brX) DNS servers – the same as that of the physical server. Specify these settings in the network of the Debian installer or configuration of any other distro / OS and … and use)
Warning! Article outdated and contains inaccuracies. You need to become Debian, KVM, the final article. Set up a network for KVM. KVM and 2/3 + subnet on the same server.
Leave a Reply